DXS-3600-32S CLI Reference Guide

DXS-3600-32S 10GbE Layer 2/3 Switch CLI Reference Guide

Simple Network Management Protocol (SNMP)

Commands

49-1 snmp-server

This command is used to enable the Simple Network Management Protocol (SNMP) agent. To stop and shield the

SNMP agent, use the no form of this command.

snmp-server no snmp-server

Parameters

Default

Command Mode

None.

SNMP global state is disabled.

Global Configuration Mode.

Command Default Level

Level: 12

Usage Guideline

The remote SNMP manager sends SNMP requests to agents and receives SNMP responses and notifications from agents. When the SNMP agent is enabled, the remote SNMP manager can query SNMP agents and send SNMP traps. This command will shield the SNMP agent service and related configuration by executing the no snmp-server command.

Example

This example shows how to enable the SNMP global setting.

DXS-3600-32S#configure terminal

DXS-3600-32S(config)#snmp-server

DXS-3600-32S(config)#

Example

This example shows how to disable the SNMP global setting.


DXS-3600-32S(config)#no snmp-server


49-2 no enable service snmp-agent

This command is used to disable the SNMP Agent.

no enable service snmp-agent

Parameters

Default

Command Mode

None.

None.



Level: 12

Usage Guideline

This command will act on all of the SNMP services instead of shielding the configuration information of the SNMP Agent.

Example

This example shows how to disable the SNMP global setting.


DXS-3600-32S(config)#no enable service snmp-agent


448


49-3 snmp-server name

This command is used to configure the system name information in global configuration mode. Use the no form of this command to remove the configuration of system name information.

snmp-server name TEXT

no snmp-server name

Parameters

TEXT

Specifies the string that describes the system name information. The maximum length is 255 characters (please refer to RFC1213 for the maximum length in detail).

The syntax is general string that allows space.

Default

Command Mode

No system name string is set.



Level: 12

Usage Guideline

Configure the system name information on the switch.

Example

This example shows how to set up the system name information with string test.


DXS-3600-32S(config)#snmp-server name test


Example

This example shows how to set system name information to default value.


DXS-3600-32S(config)#no snmp-server name


49-4 snmp-server contact

This command is used to configure the system contact information in global configuration mode. Use the no form of this command to remove the configuration of system contact information.

snmp-server contact TEXT

no snmp-server contact

Parameters

TEXT

Specifies the string that describes the system contact information. The maximum length is 255 characters (please refer to RFC1213 for the maximum length in detail).


Default

Command Mode

No system contact string is set.



Level: 12

Usage Guideline

Configure the system contact information on the switch.

Example

This example shows how to set up the system contact information with string test.


DXS-3600-32S(config)#snmp-server contact test


449


Example

This example shows how to set system contact information to default value.


DXS-3600-32S(config)#no snmp-server contact


49-5 snmp-server location

This command is used to configure the system location information in global configuration mode. Use the no form of this command to remove the configuration of system location information.

snmp-server location TEXT

no snmp-server location

Parameters

TEXT

Specifies the string that describes the system location information. The maximum length is 255 characters (please refer to RFC1213 for the maximum length in detail).


Default

Command Mode

No system location string is set.



Level: 12

Usage Guideline

Configure the system location information on the switch.

Example

This example shows how to set up the system location information with string test.


DXS-3600-32S(config)#snmp-server location test


Example

This example shows how to set system location information to default value.


DXS-3600-32S(config)#no snmp-server location


49-6 snmp-server view

This command is used to create or update a view entry for the SNMP. Use the no form of this command to remove a specified SNMP view entry.

snmp-server view VIEW-NAME OID-TREE {included | excluded}

no snmp-server view VIEW-NAME [OID-TREE]

Parameters

VIEW-NAME

OID-TREE

Specifies the label for the view record that you are updating or creating. The name is used to reference the record. The valid length for VIEW-NAME is 1 to 32 characters.

The syntax is general string that does not allow space.

Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as

1.3.6.2.4. Replace a single subidentifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4.

450

included excluded


(Optional) Specifies to configure the OID (and subtree OIDs) specified in OID-TREE argument to be included in the SNMP view.

(Optional) Specifies to configure the OID (and subtree OIDs) specified in OID-TREE argument to be explicitly excluded from the SNMP view.

There are eight VIEWs in the default as following:

Default

VIEW-NAME restricted restricted restricted restricted restricted

CommunityView

CommunityView

CommunityView

OID-TREE

1.3.6.1.2.1.1

1.3.6.1.2.1.11

1.3.6.1.6.3.10.2.1

1.3.6.1.6.3.11.2.1

1.3.6.1.6.3.15.1.1

1

1.3.6.1.6.3

1.3.6.1.6.3.1

View Type

Included

Included

Included

Included

Included

Included

Excluded

Included

Command Mode



Level: 12

Usage Guideline

You use this command to create a view for the MIB object trees.

The user will need to specify the view when they use the snmp-server group command to define a user group.

Example

This example shows how to set a MIB view to interfacesMibView.


DXS-3600-32S(config)#snmp-server view interfacesMibView 1.3.6.1.2.1.2 included


Example

This example shows how to set a MIB view of interfacesMibView to default value.


DXS-3600-32S(config)#no snmp-server view interfacesMibView


49-7 snmp-server group

This command is used to create a new SNMP group entry that maps SNMP users to SNMP views. Use the no form of this command to remove a specified SNMP group entry.

snmp-server group GROUP-NAME {v1 | v2c | v3 {auth | noauth | priv}} [read READ-VIEW] [write WRITE-

VIEW] [notify NOTIFY-VIEW]

no snmp-server group GROUP-NAME

Parameters

GROUP-NAME

v1 v2c

Specifies the name of the group. The valid length for GROUP-NAME is 1 to 32 characters. The syntax is general string that does not allow space.

Specifies that SNMPv1 (the least secure of the possible SNMP security models) should be used for the group.

Specifies that SNMPv2c should be used for the group. The SNMPv2c security model allows for the transmission of informs, and supports 64 character strings (instead of

32 character strings).

451

v3 auth noauth priv

read READ-VIEW

write WRITE-VIEW

notify NOTIFY-VIEW


Specifies that SNMPv3 should be used for the group. SMNPv3 is the most secure of the supported security models, as it allows you to explicitly configure the authentication characteristics.

Specifies authentication of a packet without encrypting it.

Specifies no authentication of a packet.

Specifies authentication of a packet with encryption.

(Optional) Specifies a read view for the SNMP group. The read-view argument represents a string that is the name of the view that enables you to view only the contents of the agent.

(Optional) Specifies a write view for the SNMP group. The write-view argument represents a string that is the name of the view that enables you to enter data and configure the contents of the agent.

(Optional) Specifies a notify view for the SNMP group. The notify-view argument represents a string that is the name of the view that enables you to specify a notify, inform, or trap.

Default

No default access control list is associated with any group.

The default settings of SNMP group are as following:

Group Name

initial public public private private

Version

SNMPv3

SNMPv1

SNMPv2c

SNMPv1

SNMPv2c

Security Level Read View

Name

noauth noauth noauth noauth noauth

Write View

Name

Notify View

Name

restricted None

CommunityView None restricted

CommunityView

CommunityView None CommunityView

CommunityView CommunityView CommunityView

CommunityView CommunityView CommunityView

Command Mode



Level: 12

Usage Guideline

An SNMP group defines the access method, the read view, the write view, and the notification view.

For the access method, it means that when the user who belongs to this group must use the version, access method (for V3) to access the SNMP agent.

For the read view, it means that the user who belongs to this group can only read objects that fall in this view. For the write view, it means that the user who belongs to this group can only write objects that fall in this view. The access to objects range out of the view will get error messages.

For the notification view, it means that the system will check whether the trap manager owns the view to the binding objects associated with the notification packet. The notification will not sent to a trap manager if it does not own the notification view to the binding objects.

Example

This example shows how to create SNMP group test with SNMPv1.


DXS-3600-32S(config)#snmp-server group test v1


Example

This example shows how to remove snmp group test.


DXS-3600-32S(config)#no snmp-server group test


452


49-8 snmp-server user

This command is used to configure a new user to a Simple Network Management Protocol (SNMP) group. Use the no form of this command to remove a user from an SNMP group.

snmp-server user USER-NAME GROUP-NAME {v1 | v2c | v3 [encrypted] [auth {md5 | sha} AUTH-

PASSWORD] [priv des56 PRIV-PASSWORD]}

no snmp-server user USER-NAME

Parameters

USER-NAME

GROUP-NAME

v1 v2c v3 encrypted auth md5 sha

AUTH-PASSWORD

des56

PRIV-PASSWORD

Specifies the name of the user on the host that connects to the agent. The valid length is 1 to 32 characters. The syntax is general string that does not allow space.

Specifies the name of the group to which the user belongs. The valid length is 1 to 32 characters. The syntax is general string that does not allow space.

Specifies that the SNMPv1 security model should be used.

Specifies that the SNMPv2c security model should be used.

Specifies that the SNMPv3 security model should be used. Allows the use of the encrypted and or auth keywords.

(Optional) Specifies whether the password appears in encrypted format (a series of digits, masking the true characters of the string).

(Optional) Specifies which authentication level should be used.

Specifies the HMAC-MD5-96 authentication level.

Specifies the HMAC-SHA-96 authentication level.

Specifies the password used for authentication.

Specifies the 56-bit DES algorithm for encryption.

Specifies the password used for privacy.

Default

Command Mode

There is one user in default as following:

User Name: initial

Engine ID: 800000ab03000102030400

Storage-Type: nonVolatile

Security Level:

Auth Protocol: None

Priv Protocol: None

Group-Name: initial



Level: 12

Usage Guideline

Use this command to create an SNMP user. The group to which this user belongs must be created first. If this user belongs to a V3 group, then the password used for authentication and encryption needs to be defined.

Example

This example shows how to create an SNMP user called test in the SNMPv1 group public.


DXS-3600-32S(config)#snmp-server user test public v1


Example

This example shows how to remove the SNMP user called test.


DXS-3600-32S(config)#no snmp-server user test


453


49-9 snmp-server community

This command is used to set up the community access string to permit access to the SNMP. Use the no command to remove the specified community string,

snmp-server community COMMUNITY-STRING view VIEW-NAME {ro | rw}

no snmp-server community COMMUNITY-STRING

Parameters

COMMUNITY-STRING

view VIEW-NAME

ro rw

Specifies the community string that consists of from 1 to 32 alphanumeric characters and functions much like a password, permitting access to the SNMP protocol. Blank spaces are not permitted in the community string. The syntax is general string that does not allow space.

(Optional) Specifies the name of a previously defined view. The view defines the objects available to the SNMP community.

(Optional) Specifies read-only access. Authorized management stations are only able to retrieve MIB objects.

(Optional) Specifies read-write access. Authorized management stations are able to both retrieve and modify MIB objects.

Default

There are two communities in the default as following:

Community Name: private

Community Index: private

Community SecurityName: private

Storage-type: nonVolatile active

Command Mode

Community Name: public

Community Index: public

Community SecurityName: public

Storage-type: nonVolatile active



Level: 12

Usage Guideline

This command creates a community name entry in the community name table.

Example

This example shows how to create SNMP community called ‘comaccess’ with view mib2.


DXS-3600-32S(config)#snmp-server community comaccess view mib2 rw


Example

This example shows how to remove the SNMP community called ‘comaccess’.


DXS-3600-32S(config)#no snmp-server community comaccess


49-10 snmp-server enable traps

This command is used to enable all Simple Network Management Protocol (SNMP) notification types that are available on your system, use the snmp-server enable traps command in global configuration mode. To disable all available

SNMP notifications, use the no form of this command.

snmp-server enable traps

454


no snmp-server enable traps

Parameters

Default

None.

Sending SNMP traps is enabled.

Command Mode



Level: 12

Usage Guideline

SNMP notifications can be sent as traps or inform requests. This command enables both traps and informs requests for the specified notification types.

To configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. To enable multiple types of notifications, you must issue a separate snmp-server enable traps command for each notification type and notification option.

Example

This example shows how to enable the SNMP traps.


DXS-3600-32S(config)#snmp-server enable traps


Example

This example shows how to disable the SNMP traps.


DXS-3600-32S(config)#no snmp-server enable traps


49-11 snmp-server host

This command is used to specify the recipient of a SNMP notification operation. Use the no command to remove the recipient.

snmp-server host {IP-ADDRESS} version {1 | 2c | 3 [auth | noauth | priv]} COMMUNITY-STRING

no snmp-server host {IP-ADDRESS}

Parameters

IP-ADDRESS

version

1

2c

3

COMMUNITY-STRING

Specifies the IPv4 address of the SNMP notification host.

(Optional) Specifies the version of the SNMP used to send the traps. The default is

1. If you use the version keyword, one of the following keywords must be specified:

Specifies to use SNMPv1. This option is not available with informs.

Specifies to use SNMPv2C.

Specifies to use SNMPv3. The most secure model, because it allows packet encryption with the priv keyword. One of the following three optional security level keywords can follow the 3 keyword:

auth - Enables Message Digest 5 (MD5) and Secure Hash Algorithm (SHA) packet authentication.

noauth — Specifies that the noAuthNoPriv security level applies to this host. This is the default security level for SNMPv3.

priv — Enables Data Encryption Standard (DES) packet encryption (also called

“privacy”).

Specifies the password-like community string is sent with the notification operation. If the version is 3, the COMMUNITY-STRING is used as the UserName as defined in

snmp-sever user command. The community string that consists of from 1 to 32 characters. The syntax is general string that does not allow space.

455


Default

Command Mode

No host entry exists.



Level: 12

Usage Guideline

SNMP notifications are sent as trap packets. If you do not enter an snmp-server

host command, no notifications are sent. In order to configure the switch to send

SNMP notifications, you must create at least one recipient of a SNMP notification by

snmp-server host command.

To create an SNMP host where the notification will be sent to, the user can specify the version of notification packet. For the V1/V2, the notification will be sent in trap protocol data unit (PDU). For V3, the notification will be sent in the SNMPv2-TRAP-

PDU with the SNMPv3 header.

If the user specifies to send the notification in V3 format, the user can further specify whether do authentication and encryption for the packet. The system will use the community string specified for this command as the user name and look up in the user table to get the password for the authentication and encryption.

For both V1/V2 and V3, the system will find out the notification view for the group associated with this SNMP host. If the binding variables associated with this notification are out of this notification view, then this notification will not send to this host. Even more if the IP access list associated with does not include the IP address of the host, this notification won’t be sent out, either.

For V3 host, the argument of COMMUNITY-STRING refers to a user created by the

snmp-server user command. For V1/V2 host, the community string can either refer to a user created by the snmp-server user command or a community string entry created by the snmp-server community command. To create a SNMP host, the community string (or user) must be created first. An error message will appear to indicate this situation.

If the host version is different from the group version defined for this host (via access control list option in snmp-server group command), it will not work because the version is not matched. If user creates the community, the system will create V1/V2 group implicitly.

Example

This example shows how to set up the trap recipient as 163.10.50.126 by using

SNMP version 1 with community string public.


DXS-3600-32S(config)#snmp-server host 163.10.50.126 version 1 public


Example

This example shows how to remove the trap recipient 163.10.50.126.


DXS-3600-32S(config)#no snmp-server host 163.10.50.126


49-12 show snmp community

This command is used to display information about the configured characteristics of SNMP community.

Parameters

Default

None.

None.

456


Command Mode

Privileged EXEC Mode.


Level: 3

Usage Guideline

Used this command can view the SNMP community configured on the current SNMP agent.

Example

This example shows how to display the SNMP community information.

DXS-3600-32S#show snmp community

Community Name: private

Community Index: private

Community SecurityName: private storage-type: nonVolatile active

Community Name: public

Community Index: public

Community SecurityName: public storage-type: nonVolatile active

DXS-3600-32S#

49-13 show snmp user

This command is used to display information about the configured characteristics of SNMP user.

show snmp user

Parameters

Default

None.

None.

Command Mode



Level: 3

Usage Guideline

This command can view the SNMP users configured on the current SNMP agent.

Example

DXS-3600-32S#show snmp user

This example shows how to display the SNMP user information.

User Name: initial

Engine ID: 800000ab03000102030400

Storage-Type: nonVolatile

Security Level:

Auth Protocol: None

Priv Protocol: None

Group-Name: initial

DXS-3600-32S#

49-14 show snmp group

This command is used to display information about the configured characteristics of SNMP group.

show snmp group

Parameters

Default

Command Mode

None.

None.



Level: 3

457

Usage Guideline


Used this command can view the SNMP groups configured on the current SNMP agent.

Example

This example shows how to display the SNMP group information.

DXS-3600-32S#show snmp group

GroupName: public

SecurityModel: v1

SecurityLevel: NoAuthNoPriv

ReadView: CommunityView

WriteView:

NotifyView: CommunityView

GroupName: public

SecurityModel: v2c



WriteView:


GroupName: initial



ReadView: restricted

WriteView:

NotifyView: restricted

GroupName: private




WriteView: CommunityView


GroupName: private

SecurityModel: v2c



WriteView: CommunityView


DXS-3600-32S#

49-15 show snmp view

This command is used to display information about the configured characteristics of SNMP view.

show snmp view

Parameters

Default

Command Mode

None.

None.



Level: 3

Usage Guideline

This command can view the SNMP views configured on the current SNMP agent.

458


Example

DXS-3600-32S#show snmp view

This example shows how to display the SNMP view information.

restricted(Include) 1.3.6.1.2.1.1

restricted(Include) 1.3.6.1.2.1.11

restricted(Include) 1.3.6.1.6.3.10.2.1



CommunityView(Include) 1

CommunityView(Exclude) 1.3.6.1.6.3

CommunityView(Include) 1.3.6.1.6.3.1

DXS-3600-32S#

49-16 show snmp host

This command is used to display information about the configured characteristics of SNMP host.

show snmp host

Parameters

Default

Command Mode

None.

None.



Level: 3

Usage Guideline

Used this command can view the SNMP host configured on the current SNMP agent.

Example

DXS-3600-32S#show snmp host

This example shows how to display the SNMP host information.

Host IP: 10.90.90.9

SNMP Version: V1

Community Name: public

DXS-3600-32S#

459

DXS-3600-32S CLI Reference Guide

Simple Network Management Protocol (SNMP)

Commands

49-1 snmp-server

49-2 no enable service snmp-agent

49-3 snmp-server name

49-4 snmp-server contact

49-5 snmp-server location

49-6 snmp-server view

49-7 snmp-server group

49-8 snmp-server user

49-9 snmp-server community

49-10 snmp-server enable traps

49-11 snmp-server host

49-12 show snmp community

49-13 show snmp user

49-14 show snmp group

49-15 show snmp view

49-16 show snmp host

Related manuals

Table of contents

DXS-3600-32S CLI Reference Guide

Simple Network Management Protocol (SNMP)

Commands

49-1 snmp-server

49-2 no enable service snmp-agent

49-3 snmp-server name

49-4 snmp-server contact

49-5 snmp-server location

49-6 snmp-server view

49-7 snmp-server group

49-8 snmp-server user

49-9 snmp-server community

49-10 snmp-server enable traps

49-11 snmp-server host

49-12 show snmp community

49-13 show snmp user

49-14 show snmp group

49-15 show snmp view

49-16 show snmp host

Related manuals

D-Link

DXS-3600-16S

D-Link

DXS-3600-16S

D-Link

DXS-3600-16S

D-Link

DXS-3600 Series

D-Link

DXS-3600 Series

D-Link

DXS-3600 Series

D-Link

DXS-1210-10TS

Table of contents