snmp-agent target-host trap

Function

The snmp-agent target-host trap command configures the target host for receiving SNMP traps.

The undo snmp-agent target-host command deletes the target host configuration for receiving SNMP traps.

By default, the target host is not set.

Format

snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] ^* params securityname cipher security-name [ [ v1 | v2c ] | private-netmanager | notify-filter-profile profile-name | ext-vb ] ^*

undo snmp-agent target-host ip-address securityname { security-name | cipher security-name } [ vpn-instance vpn-instance-name ]

undo snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] ^* params securityname { security-name | cipher security-name }

Parameters

Parameter	Description	Value
address	Specifies the IP address of a specified target host.	-
udp-domain ip-address	Specifies the IP address of a specified target host, with the transmission domain being based on UDP.	-
udp-port port-number	Specifies the UDP port of the specified target host for receiving Trap messages.	The value is an integer ranging from 0 to 65535. The default value is 162.
source interface-type interface-number	Specifies the source interface of the device for sending Trap messages.	-
public-net	Specifies VPN instance to which the target host belongs.	-
vpn-instance vpn-instance-name	Indicates the target host is on the public network.	The value must be an existing VPN instance name.
params securityname security-name	Specifies the user security name displayed on the NMS. For SNMPv3, securityname must be configured as the user name. securityname configured on the host needs to be the same as that configured on the NMS, or the NMS cannot receive the trap messages sent from the host. Ensure that the security-name value is the same as the created user name; otherwise, the NMS cannot access the device. For SNMPv1 and SNMPv2c, the NMS can receive trap messages from all hosts without having securityname configured. securityname is used to distinguish multiple hosts that generate trap messages.	The value is a string of 1 to 32 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
cipher security-name	Indicates the unencrypted or encrypted string of security name.	The value is a string of 1 to 32 case-sensitive characters or a string of 32, 48, 56, or 68 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. When the community name is a string of 1 to 32 characters, the string is processed as plain text by default and will be encrypted. When the community name is a string of 32 48, 56, or 68 characters, the string is processed as cipher text by default, and the system will determine whether the string can be parsed.
v1 \| v2c \| v3	Indicates the SNMP version. v1: SNMPv1. v2c: SNMPv2c. v3: SNMPv3. If this parameter is not specified, the default version is SNMPv1.	-
authentication \| privacy	Specifies the security mode. authentication: authenticates packets without encryption. privacy: authenticates and encrypts SNMP messages. This parameter takes effect only in SNMPv3.	-
private-netmanager	Indicates the Huawei NMS as the target host receiving a trap. When a Huawei NMS is deployed and this parameter is configured, a trap sent to the NMS contains more information, such as the trap type, sequence of the trap, and sending time.	-
notify-filter-profile profile-name	Specifies the filtering view name. If the trap filtering is not configured using the parameter notify-filter-profile, all traps will be sent to the destination host.	The value is a string of 1 to 32 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
ext-vb	Indicates that traps sent to a target host carry extended bound variables. If a Huawei data communication device extends the trap objects defined in the public MIB, you can configure this parameter to determine whether traps sent to the NMS carry extended bound variables. If this parameter is not configured, the traps sent from the Huawei data communication device do not carry extended bound variables. If you are using a third-party NMS tool, you are not advised to configure this parameter, which ensures that the NMS tool can receive alarms sent from the Huawei device. By default, a trap sent from a Huawei data communication device does not carry extended bound variables. If this parameter is configured, the traps sent from the Huawei data communication device carry extended bound variables. If you are using a Huawei NMS tool, you are advised to configure this parameter, which allows you to view more information carried in a trap.	-

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

SNMP notifications can be classified into traps and inform messages. Trap messages are less reliable than inform messages because the NMS does not send any acknowledgment when it receives a trap. In this case, the sender cannot verify whether the trap has been received. Informs are configured with an acknowledgment mechanism and therefore are reliable.

To configure multiple target hosts, you must run the snmp-agent target-host trap command on each target host. If you run the snmp-agent target-host trap command for multiple times on a host, only the latest configuration takes effect. For example, if you configure the trap function for a host that has been configured with trap, the second configuration takes effect.

The rules for selecting the target host are as follows:

If the public-net parameter is specified, the system accesses the target host on the public network.
If the vpn-instance vpn-instance-name parameter is specified, the system accesses the target host in the specified VPN instance.
If both the public-net and vpn-instance vpn-instance-name parameters are not specified:
1. If the source interface-type interface-number parameter is specified and a VPN instance is bound to the specified interface, the system accesses the target host in the VPN instance. If no VPN instance is bound to the specified interface, the system accesses the target host on the public network.
2. If the snmp-agent trap source command is run to configure a source interface for sending trap packets and a VPN instance is bound to the interface, the system accesses the target host in the VPN instance. If no VPN instance is bound to the interface, the system accesses the target host on the public network.
3. If the set net-manager vpn-instance command is run to configure a network management VPN instance, the system accesses the target host in this VPN instance.
4. If none of the preceding conditions is met, the system accesses the target host on the public network.

Configuration Impact

No matter whether a trap sent from the SNMP agent reaches the NMS, the SNMP agent deletes the trap to reduce the resource consumption.

Precautions

Ensure that the security level of a trap host is not higher than that of the user specified by securityname and not lower than that of the user group. Otherwise, the trap host cannot send trap messages properly. The user security level can be (in descending order):

Level 1: privacy (authentication and encryption)
Level 2: authentication (without encryption)
Level 3: noauthentication (no authentication or encryption)

If the SNMP trap function has been enabled, to ensure that SNMPv3-running devices normally send trap messages, notify-view notify-view must be configured in the snmp-agent group command for the user group to which securityname belongs to allow the devices to have the right to send trap messages.

For SNMPv1 and SNMPv2c, when a user with a level lower than the level configured using this command queries the securityname configured using the display this command, the securityname is displayed as asterisks (******).

Example

# Allow the SNMP agent to send SNMP traps to the target host with the IP address of 10.1.1.1.

<HUAWEI> system-view
[HUAWEI] snmp-agent trap enable
[HUAWEI] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname comaccess

# Allow the SNMP agent to send SNMP traps to the Huawei NMS with the IP address of 10.1.1.1.

<HUAWEI> system-view
[HUAWEI] snmp-agent trap enable
[HUAWEI] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname comaccess private-netmanager