10. Using SNMP. Alcatel-Lucent OmniSwitch 6800 Series, OmniSwitch 9000 Series, OmniSwitch 6850 Series
Add to My manuals292 Pages
advertisement
![10. Using SNMP. Alcatel-Lucent OmniSwitch 6800 Series, OmniSwitch 9000 Series, OmniSwitch 6850 Series | Manualzz 10. Using SNMP. Alcatel-Lucent OmniSwitch 6800 Series, OmniSwitch 9000 Series, OmniSwitch 6850 Series | Manualzz](http://s1.manualzz.com/store/data/007214403_1-07bf536fc733360282ad3d568da31b0f-360x466.png)
10 Using SNMP
The Simple Network Management Protocol (SNMP) is an application-layer protocol that allows communication between SNMP managers and SNMP agents on an IPv4 as well as on an IPv6 network.
Network administrators use SNMP to monitor network performance and to manage network resources.
SNMP functionality over IPv6 environment can be configured only on an OmniSwitch 6850 and 9000.
In This Chapter
This chapter describes SNMP and how to use it through the Command Line Interface (CLI). CLI commands are used in the configuration examples; for more details about the syntax of commands, see the
OmniSwitch CLI Reference Guide.
Configuration procedures described in this chapter include:
•
‘‘Setting Up An SNMP Management Station’’ on page 10-4
•
‘‘Setting Up Trap Filters’’ on page 10-5
•
“Using SNMP For Switch Security” on page 10-27
•
“Working with SNMP Traps” on page 10-30
This chapter also includes lists of Industry Standard and Enterprise (Proprietary) MIBs used to manage the
OmniSwitch.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-1
SNMP Specifications Using SNMP
SNMP Specifications
The following table lists specifications for the SNMP protocol.
RFCs Supported for SNMPv2 1902 through 1907 - SNMPv2c Management Framework
1908 - Coexistence and transitions relating to SNMPv1 and SNMPv2c
RFCs Supported for SNMPv3 2570 – Version 3 of the Internet Standard Network Management
Framework
2571 – Architecture for Describing SNMP Management Frameworks
2572 – Message Processing and Dispatching for SNMP
2573 – SNMPv3 Applications
2574 – User-based Security Model (USM) for version 3 SNMP
2575 – View-based Access Control Model (VACM) for SNMP
2576 – Coexistence between SNMP versions
SNMPv1, SNMPv2, SNMPv3 The SNMPv3 protocol is ascending compatible with SNMPv1 and v2 and supports all the SNMPv1 and SNMPv2 PDUs
SNMPv1 and SNMPv2
Authentication
Community Strings
SNMPv1, SNMPv2 Encryption None
SNMPv1 and SNMPv2 Security requests accepted by the switch
Sets and Gets
SNMPv3 Authentication SHA, MD5
SNMPv3 Encryption
SNMPv3 Security requests accepted by the switch.
SNMP traps
Maximum number of SNMP sessions that can be established on an OmniSwitch.
DES
Non-authenticated Sets, Non-authenticated Gets and Get-Nexts,
Authenticated Sets, Authenticated Gets and Get-Nexts, Encrypted Sets,
Encrypted Gets and Get-Nexts
Refer to the table on
page 10-10 for a complete list of traps and their
definitions.
50
SNMP Defaults
The following table describes the default values of the SNMP protocol parameters.
Parameter Description
SNMP Management Station
Community Strings
SNMP Security setting
Trap filtering
Trap Absorption
Enables the forwarding of traps to
WebView.
Command snmp station snmp community map snmp security snmp trap filter snmp trap absorption snmp trap to webview
Default Value/Comments
UDP port 162, SNMPv3, Enabled
Enabled
Privacy all (highest) security
Disabled
Enabled
Enabled page 10-2 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Defaults
Parameter Description Command Default Value/Comments
Enables or disables SNMP authentication failure trap forwarding.
snmp authentication trap Disabled
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-3
Quick Steps for Setting Up An SNMP Management Station Using SNMP
Quick Steps for Setting Up An SNMP
Management Station
An SNMP Network Management Station (NMS) is a workstation configured to receive SNMP traps from the switch. To set up an SNMP NMS by using the switch’s CLI, proceed as follows:
1 Specify the user account name and the authentication type for that user. For example:
-> user NMSuserV3MD5DES md5+des password ********
2 Specify the UDP destination port number (in this case 8010), the IP address of the management station
(199.199.100.200), a user account name (NMSuserV3MD5DES), and the SNMP version number (v3). For example:
-> snmp station 199.199.100.200 8010 NMSuserV3MD5DES v3 enable
Use the same command as above for specifying the IPv6 address of the management station. For example:
-> snmp station 300::1 enable
Note. Optional. To verify the SNMP Management Station, enter the show snmp station command. The display is similar to the one shown here:
-> show snmp station ipAddress/udpPort status protocol user
---------------------------+---------+--------+-------------------------------
199.199.100.200/8010 enable v3 NMSuserV3MD5DES
199.199.101.201/111 disable v2 NMSuserV3MD5
199.199.102.202/8002 enable v1 NMSuserV3SHADES
-> show snmp station ipAddress/udpPort status protocol user
---------------------------------------------------+---------+--------+------
172.21.160.32/4000 enable v3 abc
172.21.160.12/5000 enable v3 user1
0300:0000:0000:0000:0211:d8ff:fe47:470b/4001 enable v3 user2
0300:0000:0000:0000:0211:d8ff:fe47:470c/5001 enable v2 abc
For more information about this display, see the “SNMP Commands” chapter in the OmniSwitch CLI
Reference Guide.
page 10-4 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP Quick Steps for Setting Up Trap Filters
Quick Steps for Setting Up Trap Filters
You can filter traps by limiting user access to trap command families. You can also filter according to individual traps.
Filtering by Trap Families
The following example will create a new user account. This account will be granted read-only privileges to three CLI command families (snmp, chassis, and interface). Read-only privileges will be withheld from all other command families.
1 Set up a user account named “usermark2” by executing the user CLI command.
-> user usermark2 password ******
2 Remove all read-only privileges from the user account.
-> user usermark2 read-only none
3 Add read-only privileges for the snmp, chassis, and interface command families.
-> user usermark2 read-only snmp chassis interface
Note. Optional. To verify the user account, enter the show user command. A partial display is shown here:
-> show user
User name = usermark2
Read right = 0x0000a200 0x00000000,
Write right = 0x00000000 0x00000000,
Read for domains = ,
Read for families = snmp chassis interface ,
Write for domains = None ,
Snmp authentication = NONE, Snmp encryption = NONE
The usermark2 account has read-only privileges for the snmp, chassis, and interface command families.
4 Set up an SNMP station with the user account “usermark2” defined above.
-> snmp station 210.1.2.1 usermark2 v3 enable
Note. Optional.To verify the SNMP Management Station, enter the show snmp station command. The display is similar to the one shown here:
-> show snmp station ipAddress/udpPort status protocol user
---------------------------+---------+--------+-------------------------------
210.1.2.1/162 enable v3 usermark2
The usermark2 account is established on the SNMP station at IP address 210.1.2.1.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-5
Quick Steps for Setting Up Trap Filters Using SNMP
Filtering by Individual Traps
The following example enables trap filtering for the coldstart, warmstart, linkup, and linkdown traps. The identification numbers for these traps are 0, 1, 2, and 3. When trap filtering is enabled, these traps will be filtered. This means that the switch will not pass them through to the SNMP management station. All other traps will be passed through.
1 Specify the IP address for the SNMP management station and the trap identification numbers.
-> show snmp trap filter 210.1.2.1 0 1 2 3
-> snmp trap filter 300::1 1 3 4
Note. Optional. You can verify which traps will not pass through the filter by entering the snmp trap filter command. The display is similar to the one shown here:
-> show snmp trap filter ipAddress trapId list
-----------------+----------------------------------------
210.1.2.1
0 1 2 3
The SNMP management station with the IP address of 210.1.2.1 will not receive trap numbers 0, 1, 2, and 3.
For trap numbers refer to the
“SNMP Traps Table” on page 10-10 . For more information on the CLI
commands and the displays in these examples, refer to the OmniSwitch CLI Reference Guide. page 10-6 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
SNMP Overview
SNMP provides an industry standard communications model used by network administrators to manage and monitor their network devices. The SNMP model defines two components, the SNMP Manager and the SNMP Agent.
Network Management Station OmniSwitch
OmniSwitch 6648
SNMP Manager SNMP Agent
SNMP Network Model
• The SNMP Manager resides on a workstation hosting the management application. It can query agents by using SNMP operations. An SNMP manager is commonly called a Network Management System
(NMS). NMS refers to a system made up of a network device (such as a workstation) and the NMS software. It provides an interface that allows users to request data or see alarms resulting from traps or informs. It can also store data that can be used for network analysis.
• The SNMP Agent is the software entity that resides within the switch on the network. It maintains the management data about a particular network device and reports this data, as needed, to the managing systems. The agent also responds to requests for data from the SNMP Manager.
Along with the SNMP agent, the switch also contains Management Information Bases (MIBs). MIBs are databases of managed objects, written in the SNMP module language, which can be monitored by the
NMS. The SNMP agent contains MIB variables, which have values the NMS can request or change using
Get, GetNext, GetBulk, or Set operations. The agent can also send unsolicited messages (traps or informs) to the NMS to notify the manager of network conditions.
SNMP Operations
Devices on the network are managed through transactions between the NMS and the SNMP agent residing on the network device (i.e., switch). SNMP provides two kinds of management transactions, managerrequest/agent-response and unsolicited notifications (traps or informs) from the agent to the manager.
In a manager-request/agent-response transaction, the SNMP manager sends a request packet, referred to as a Protocol Data Unit (PDU), to the SNMP agent in the switch. The SNMP agent complies with the request and sends a response PDU to the manager. The types of management requests are Get, GetNext, and
GetBulk requests. These transactions are used to request information from the switch (Get, GetNext, or
GetBulk) or to change the value of an object instance on the switch (Set).
In an unsolicited notification, the SNMP agent in the switch sends a trap PDU to the SNMP manager to inform it that an event has occurred. The SNMP manager normally does not send confirmation to the agent acknowledging receipt of a trap.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-7
SNMP Overview Using SNMP
Using SNMP for Switch Management
The Alcatel-Lucent switch can be configured using the Command Line Interface (CLI), SNMP, or the
WebView device management tool. When configuring the switch by using SNMP, an NMS application
(such as Alcatel-Lucent’s OmniVista or HP OpenView) is used.
Although MIB browsers vary depending on which software package is used, they all have a few things in common. The browser must compile the Alcatel-Lucent switch MIBs before it can be used to manage the switch by issuing requests and reading statistics. Each MIB must be checked for dependencies and the
MIBs must be compiled in the proper order. Once the browser is properly installed and the MIBs are compiled, the browser software can be used to manage the switch. The MIB browser you use depends on the design and management requirements of your network.
Detailed information on working with MIB browsers is beyond the scope of this manual. However, you must know the configuration requirements of your MIB browser or other NMS installation before you can define the system to the switch as an SNMP station.
Setting Up an SNMP Management Station
An SNMP management station is a workstation configured to receive SNMP traps from the switch. You must identify this station to the switch by using the snmp station CLI command.
The following information is needed to define an SNMP management station.
• The IP address of the SNMP management station device.
• The UDP destination port number on the management station. This identifies the port to which the switch will send traps.
• The SNMP version used by the switch to send traps.
• A user account name that the management station will recognize.
Procedures for configuring a management station can be found in
“Quick Steps for Setting Up An SNMP
Management Station” on page 10-4
SNMP Versions
The SNMP agent in the switch can communicate with multiple managers. You can configure the switch to communicate with different management stations by using different versions of SNMP. The switch supports three versions of SNMP—v1, v2, and v3.
SNMPv1
SNMPv1 is the original implementation of the SNMP protocol and network management model. It is characterized by the Get, Set, GetNext, and Trap protocol operations.
SNMPv1 uses a rudimentary security system where each PDU contains information called a community
string. The community string acts like a combination username and password. When you configure a device for SNMP management you normally specify one community string that provides read-write access to objects within the device and another community string that limits access to read-only. If the community string in a data unit matches one of these strings, the request is granted. If not, the request is denied.
page 10-8 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
The community string security standard offers minimal security and is generally insufficient for networks where the need for security is high. Although SNMPv1 lacks bulk message retrieval capabilities and security features, it is widely used and is a de facto standard in the Internet environment.
SNMPv2
SNMPv2 is a later version of the SNMP protocol. It uses the same Get, Set, GetNext, and Trap operations as SNMPv1 and supports the same community-based security standard. SNMPv1 is incompatible with
SNMPv2 in certain applications due to the following enhancements:
• Management Information Structure
SNMPv2 includes new macros for defining object groups, traps compliance characteristics, and capability characteristics.
• Protocol Operations
SNMPv2 has two new PDUs not supported by SNMPv1. The GetBulkRequest PDU enables the manager to retrieve large blocks of data efficiently. In particular, it is well suited to retrieving multiple rows in a table. The InformRequest PDU enables one manager to send trap information to another manager.
SNMPv3
SNMPv3 supports the View-Based Access Control Model (VACM) and User-Based Security Model
(USM) security models along with these added security features:
• Message integrity—Ensuring that a packet has not been tampered with in transit.
• Time Frame Protection—Limiting requests to specified time frames. The user can specify a time frame so that any PDU bearing an out of date timestamp will be ignored.
• Encryption—Scrambling the contents of a packet to prevent it from being learned by an unauthorized source.
• Authentication—Determining that the message is from a valid source holding the correct privileges.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-9
SNMP Overview Using SNMP
SNMP Traps Table
The following table provides information on all SNMP traps supported by the switch. Each row includes the trap name, its ID number, any objects (if applicable), its command family, and a description of the condition the SNMP agent in the switch is reporting to the SNMP management station. You can generate a list of SNMP traps that are supported on your switch by using the show snmp trap config command.
No. Trap Name Objects Family Description
0
1 coldStart warmStart none none chassis chassis
The SNMP agent in the switch is reinitiating and its configuration may have been altered.
The SNMP agent in the switch is reinitiating itself and its configuration is unaltered.
2 linkDown IfIndex ifAdminStatus ifOperStatus interface
IfIndex—A unique value, greater than zero, for each interface. It is recommended that values are assigned contiguously starting from 1. The value for each interface sub-layer must remain constant at least from one re-initialization of the entity’s network management system to the next re-initialization.
ifAdminStatus—The desired state of the interface. The testing (3) state indicates that no operational packets can be passed. When a managed system initializes, all interfaces start with ifAdminStatus in the down (2) state.
As a result of either explicit management action or per configuration information retained by the managed system, ifAdminStatus is then changed to either the up (1) or testing (3) states (or remains in the down (2) state).
ifOperStatus—The current operational state of the interface. The testing (3) state indicates that no operational packets can be passed. If ifAdminStatus is down (2) then ifOperStatus should be down(2). If ifAdminStatus is changed to up (1) then ifOperStatus should change to up (1) if the interface is ready to transmit and receive network traffic; it should change to dormant (5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection); it should remain in the down (2) state if and only if there is a fault that prevents it from going to the up (1) state; it should remain in the notPresent (6) state if the interface has missing
(typically, hardware) components.
3 linkUp ifIndex ifAdminStatus ifOperStatus interface
The SNMP agent in the switch recognizes a failure in one of the communications links configured for the switch.
The SNMP agent in the switch recognizes that one of the communications links configured for the switch has come up.
IfIndex—A unique value, greater than zero, for each interface. It is recommended that values are assigned contiguously starting from 1. The value for each interface sub-layer must remain constant at least from one re-initialization of the entity's network management system to the next re-initialization.
ifAdminStatus—The desired state of the interface. The testing (3) state indicates that no operational packets can be passed. When a managed system initializes, all interfaces start with ifAdminStatus in the down (2) state.
As a result of either explicit management action or per configuration information retained by the managed system, ifAdminStatus is then changed to either the up (1) or testing (3) states (or remains in the down (2) state).
ifOperStatus—The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed. If ifAdminStatus is down (2) then ifOperStatus should be down (2). If ifAdminStatus is changed to up (1), then ifOperStatus should change to up (1) if the interface is ready to transmit and receive network traffic; it should change to dormant (5) if the interface is waiting for external actions (such as a serial line waiting for an incoming connection); it should remain in the down (2) state if and only if there is a fault that prevents it from going to the up (1) state; it should remain in the notPresent (6) state if the interface has missing
(typically, hardware) components.
4 authenticationFailure none snmp The SNMP agent in the switch has received a protocol message that is not properly authenticated.
page 10-10 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
5
6 entConfigChange aipAMAPStatusTrap none aipAMAPLast-
TrapReason aipAMAPLast-
TrapPort module aip
An entConfigChange notification is generated when a conceptual row is created, modified, or deleted in one of the entity tables.
The status of the Alcatel-Lucent
Mapping Adjacency Protocol
(AMAP) port changed.
aipAMAPLastTrapReason—Reason for last change of port status. Valid reasons are 1 (port added), 2 (change of information on existing port), 3 (port deleted), and 4 (no trap has been sent).
aipAMAPLastTrapPort—The ifindex number of the port that most recently changed.
7 aipGMAPConflictTrap aipGMAPLast-
TrapReason aipGMAPLast-
TrapPort aipGMAPLast-
TrapMac aipGMAPLast-
TrapProtocol aipGMAPLast-
TrapVlan aip Indicates a Group Mobility
Advertisement Protocol (GMAP) port update conflict.
aipGMAPLastTrapReason—Reason for last GMAP update to not be applied. Valid reasons are 1 (Target
VLAN is an authenticated VLAN), 2 (update would conflict with a binding rule), 3 (update would create two different VLAN entries for the same protocol), 4 (update would create two different protocol entries for the same VLAN), 5 (target VLAN is not mobile), and 6 (no trap has been sent).
aipGMAPLastTrapPort—The ifindex number of the last port on which the GMAP was not applied because of a conflict.
aipGMAPLastTrapMac—The last MAC address for which a GMAP change was not applied because of a conflict.
aipGMAPLastTrapProtocol—The protocol identifier of the last GMAP change that was not applied because of a conflict.
aipGMAPLastTrapVlan—The VLAN identifier of the last GMAP change that was not applied because of a conflict.
Note: This trap (GMAP) is not supported on OmniSwitch 6800/6850/9000 switches in the current release.
8 policyEventNotification policyTrapEventDetail-
String policyTrapEventCode qos The switch notifies the NMS when a significant event happens that involves the policy manager.
policyTrapEventDetailString—Details about the event that took place.
policyTrapEventCode—The code of the event.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-11
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
9 chassisTrapsStr chassisTrapsStr-
Level chassis-
TrapsStrAppID chassisTrapsStr-
SnapID chassisTrapsStrfileName chassisTrapsStrfileLineNb chassisTrapsStr-
ErrorNb chassis-
TrapsStrcomments chassisTrapsStrdataInfo chassis A software trouble report (STR) was sent by an application encountering a problem during its execution.
chassisTrapsStrLevel—An enumerated value that provides the urgency level of the STR.
chassisTrapsStrAppID—The application identification number.
chassisTrapsStrSnapID—The subapplication identification number. You can have multiple snapIDs per Subapplication (task) but only one is to be used to send STRs.
chassisTrapsStrfileName—Name of the source file where the fault was detected. This is given by the C ANSI macro __FILE__. The path shouldn’t appear.
chassisTrapsStrfileLineNb—Line number in the source file where the fault was detected. This is given by the
C ANSI macro __LINE__.
chassisTrapsStrErrorNb—The fault identificator. The error number identifies the kind the detected fault and allows a mapping of the data contained in chassisTrapsdataInfo.
chassisTrapsStrcomments—Comment text explaining the fault.
chassisTrapsStrdataInfo—Additional data provided to help to find out the origin of the fault. The contained and the significant portion are varying in accordance with chassisTrapsStrErrorNb. The length of this field is expressed in bytes.
10 chassisTrapsAlert physicalIndex chassisTrapsObjectType chassisTrapsObjectNumber chassisTrapsAlertNumber chassisTrapsAlertDescr chassis A notification that some change has occurred in the chassis.
physicalIndex—The physical index of the involved object.
chassisTrapsObjectType—An enumerated value that provides the object type involved in the alert trap.
chassisTrapsObjectNumber—A number defining the order of the object in the set (e.g., the number of the considered fan or power supply). This is intended to clarify as much as possible the location of the failure or alert. An instance of the appearance of the trap could be “failure on a module. Power supply 3”.
chassisTrapsAlertNumber—This number that identifies the alert among all the possible chassis alert causes.
chassisTrapsAlertDescr— The description of the alert matching ChassisTrapsAlertNumber.
page 10-12 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
11 chassisTrapsStateChange physicalIndex chassisTrapsObjectType chassisTrapsObjectNumber chasEntPhys-
OperStatus chassis An NI status change was detected.
physicalIndex—The physical index of the involved object.
chassisTrapsObjectType—An enumerated value that provides the object type involved in the alert trap.
chassisTrapsObjectNumber—A number defining the order of the object in the set (e.g., the number of the considered fan or power supply). This intends to clarify as much as possible the location of the failure or alert.
An instance of the appearance of the trap could be “failure on a module. Power supply 3”.
chasEntPhysOperStatus—An enumerated value that indicates the operational status of installed modules
(includes empty slots).
12 chassisTrapsMacOverlap physicalIndex chasTrapMac-
RangeIndex module A MAC range overlap was found in the backplane eeprom.
physicalIndex—The physical index of the involved object.
chasTrapMacRangeIndex—The MAC range index of the involved object.
13 vrrpTrapNewMaster vrrpOperMasterIpAddr vrrp
vrrpOperMasterIpAddr—The master router’s real (primary) IP address. This is the IP address listed as the source in the VRRP advertisement last received by this virtual router.
14 vrrpTrapAuthFailure vrrp vrrpTrapPacketSrc vrrpTrapAuth-
ErrorType
A packet was received from the network whose authentication key conflicts with the switch’s authentication key or type.
vrrpTrapPacketSrc—The IP address of an inbound VRRP packet.
vrrpTrapAuthErrorType—Potential types of configuration conflicts.
The SNMP agent has transferred from the backup state to the master state.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-13
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
15 healthMonDeviceTrap healthMonRx-
Status healthMonRx-
TxStatus healthMon-
MemoryStatus healthMonCpuStatus healthMonCmmTempStatus healthMonCmmCpuTemp-
Status health Indicates a device-level threshold was crossed.
healthMonRxStatus—Rx threshold status indicating if threshold was crossed or no change.
healthMonRxTxStatus— RxTx threshold status indicating if threshold was crossed or no change.
healthMonMemoryStatus—Memory threshold status indicating if threshold was crossed or no change.
healthMonCpuStatus—CPU threshold status indicating if threshold was crossed or no change.
healthMonCmmTempStatus—CMM temperature threshold status indicating if threshold was crossed or no change.
healthMonCmmCpuTempStatus—CMM CPU temperature threshold status indicating if threshold was crossed or no change.
16 healthMonModuleTrap healthModule-
Slot healthMonRx-
Status healthMonRx-
TxStatus healthMon-
MemoryStatus healthMonCpuStatus health Indicates a module-level threshold was crossed.
healthModuleSlot—The (one-based) front slot number within the chassis.
healthMonRxStatus—Rx threshold status indicating if threshold was crossed or no change.
healthMonRxTxStatus—RxTx threshold status indicating if threshold was crossed or no change.
healthMonMemoryStatus—Memory threshold status indicating if threshold was crossed or no change.
healthMonCpuStatus—CPU threshold status indicating if threshold was crossed or no change.
17 healthMonPortTrap healthPortSlot healthPortIF healthMonRx-
Status healthMonRx-
TxStatus health Indicates a port-level threshold was crossed.
healthPortSlot—The physical slot number for this port.
healthPortIF—The on-board interface number.
healthMonRxStatus—Rx threshold status indicating if threshold was crossed or no change.
healthMonRxTxStatus—RxTx threshold status indicating if threshold was crossed or no change.
page 10-14 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
18 bgpEstablished
19 bgpBackwardTransition bgpPeerLastError bgpPeerState
bgpPeerLastError—The last error code and subcode seen by this peer on this connection. If no error has occurred, this field is zero. Otherwise, the first byte of this two byte OCTET STRING contains the error code, and the second byte contains the subcode.
bgpPeerState—The BGP peer connection state.
bgpPeerLastError bgpPeerState bgp bgp
The BGP routing protocol has entered the established state.
This trap is generated when the
BGP router port has moved from a more active to a less active state.
bgpPeerLastError—The last error code and subcode seen by this peer on this connection. If no error has occurred, this field is zero. Otherwise, the first byte of this two byte OCTET STRING contains the error code, and the second byte contains the subcode.
bgpPeerState—The BGP peer connection state.
20 esmDrvTrapDropsLink esmPortSlot esmPortIF ifInErrors ifOutErrors esmDrvTrap-
Drops interface This trap is sent when the Ethernet code drops the link because of excessive errors.
esmPortSlot—The physical slot number for this Ethernet Port. The slot number has been added to be used by the private trap.
esmPortIF—The on-board interface number for this Ethernet port. The port number has been added to be used by the private trap.
ifInErrors—For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higherlayer protocol. Discontinuities in the value of this counter can occur at re-initialization of the management system and at other times as indicated by the value of ifCounterDiscontinuityTime.
ifOutErrors—For packet-oriented interfaces, the number of outbound packets that could not be transmitted because of errors. For character-oriented or fixed-length interfaces, the number of outbound transmission units that could not be transmitted because of errors. Discontinuities in the value of this counter can occur at re-initialization of the management system and at other times as indicated by the value of ifCounterDiscontinuity-
Time.
esmDrvTrapDrops— Partitioned port (separated due to errors).
21 pimNeighborLoss pimNeighborIfIndex ipmr Signifies the loss of adjacency with a neighbor device. This trap is generated when the neighbor time expires and the switch has no other neighbors on the same interface with a lower IP address than itself.
pimNeighborIfIndex—The value of ifIndex for the interface used to reach this PIM neighbor.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-15
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
22 dvmrpNeighborLoss dvmrpInterface-
LocalAddress dvmrpNeighborState ipmr A 2-way adjacency relationship with a neighbor has been lost.
This trap is generated when the neighbor state changes from
“active” to “one-way,” “ignoring” or “down.” The trap is sent only when the switch has no other neighbors on the same interface with a lower IP address than itself.
dvmrpInterfaceLocalAddress—The IP address this system will use as a source address on this interface. On unnumbered interfaces, it must be the same value as dvmrpInterfaceLocalAddress for some interfaces on the system.
dvmrpNeighborState—State of the neighbor adjacency.
23 dvmrpNeighborNotPruning ipmr dvmrpInterface-
LocalAddress dvmrpNeighborCapabilities
A non-pruning neighbor has been detected in an implementationdependent manner. This trap is generated at most once per generation ID of the neighbor. For example, it should be generated at the time a neighbor is first heard from if the prune bit is not set. It should also be generated if the local system has the ability to tell that a neighbor which sets the prune bit is not pruning any branches over an extended period of time. The trap should be generated if the router has no other neighbors on the same interface with a lower IP address than itself.
dvmrpInterfaceLocalAddress—The IP address this system will use as a source address on this interface. On unnumbered interfaces, it must be the same value as dvmrpInterfaceLocalAddress for some interfaces on the system.
dvmrpNeighborCapabilities—This object describes the neighboring router’s capabilities. The leaf bit indicates that the neighbor has only one interface with neighbors. The prune bit indicates that the neighbor supports pruning. The generationID bit indicates that the neighbor sends its generationID in Probe messages. The mtrace bit indicates that the neighbor can handle mtrace requests.
page 10-16 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
24 risingAlarm alarmIndex alarmVariable alarmSample-
Type alarmValue alarmRisingThreshold rmon
alarmIndex—An index that uniquely identifies an entry in the alarm table. Each such entry defines a diagnostic sample at a particular interval for an object on the device.
alarmVariable—The object identifier of the particular variable to be sampled. Only variables that resolve to an
ASN.1 primitive type of INTEGER (INTEGER, Integer32, Counter32, Counter64, Gauge, or TimeTicks) may be sampled.
alarmSampleType—The method of sampling the selected variable and calculating the value to be compared against the thresholds. If the value of this object is absoluteValue (1), the value of the selected variable will be compared directly with the thresholds at the end of the sampling interval. If the value of this object is deltaValue
(2), the value of the selected variable at the last sample will be subtracted from the current value, and the difference compared with the thresholds.
alarmValue—The value of the statistic during the last sampling period. For example, if the sample type is deltaValue, this value will be the difference between the samples at the beginning and end of the period. If the sample type is absoluteValue, this value will be the sampled value at the end of the period.
alarmRisingThreshold—A threshold for the sampled statistic. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval was less than this threshold, a single event will be generated. A single event will also be generated if the first sample after this entry becomes valid is greater than or equal to this threshold and the associated alarmStartupAlarm is equal to risingAlarm (1) or risingOrFallingAlarm (3).
25 fallingAlarm alarmIndex alarmVariable alarmSample-
Type alarmValue alarmFallingThreshold rmon
An Ethernet statistical variable has exceeded its rising threshold. The variable’s rising threshold and whether it will issue an
SNMP trap for this condition are configured by an NMS station running RMON.
An Ethernet statistical variable has dipped below its falling threshold. The variable’s falling threshold and whether it will issue an SNMP trap for this condition are configured by an NMS station running RMON.
alarmIndex—An index that uniquely identifies an entry in the alarm table. Each such entry defines a diagnostic sample at a particular interval for an object on the device.
alarmVariable—The object identifier of the particular variable to be sampled. Only variables that resolve to an
ASN.1 primitive type of INTEGER (INTEGER, Integer32, Counter32, Counter64, Gauge, or TimeTicks) may be sampled.
alarmSampleType—The method of sampling the selected variable and calculating the value to be compared against the thresholds. If the value of this object is absoluteValue (1), the value of the selected variable will be compared directly with the thresholds at the end of the sampling interval. If the value of this object is deltaValue
(2), the value of the selected variable at the last sample will be subtracted from the current value, and the difference compared with the thresholds.
alarmValue—The value of the statistic during the last sampling period. For example, if the sample type is deltaValue, this value will be the difference between the samples at the beginning and end of the period. If the sample type is absoluteValue, this value will be the sampled value at the end of the period.
alarmFallingThreshold—A threshold for the sampled statistic. When the current sampled value is less than or equal to this threshold, and the value at the last sampling interval was greater than this threshold, a single event will be generated. A single event will also be generated if the first sample after this entry becomes valid is less than or equal to this threshold and the associated alarmStartupAlarm is equal to fallingAlarm (2) or risingOr-
FallingAlarm (3).
26 stpNewRoot vStpNumber stp Sent by a bridge that became the new root of the spanning tree.
vStpNumber—The Spanning Tree number identifying this instance.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-17
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
27 stpRootPortChange vStpNumber vStpRootPort-
Number stp A root port has changed for a spanning tree bridge. The root port is the port that offers the lowest cost path from this bridge to the root bridge.
vStpNumber—The Spanning Tree number identifying this instance.
vStpRootPortNumber—The port ifindex of the port which offers the lowest cost path from this bridge to the root bridge for this spanning tree instance.
28 mirrorConfigError mirmonPrimarySlot mirmonPrimaryPort mirroringSlot mirroringPort mirMonErrorNi mirMonError pmm The mirroring configuration failed on an NI. This trap is sent when any NI fails to configure mirroring. Due to this error, port mirroring session will be terminated.
mirmonPrimarySlot—Slot of mirrored or monitored interface.
mirmonPrimaryPort—Port of mirrored or monitored interface.
mirroringSlot—Slot of mirroring interface.
mirroringPort—Port of mirroring interface.
mirMonErrorNi—The NI slot number.
mirMonError—The Error returned by the NI which failed to configure Mirroring/Monitoring.
29 mirrorUnlikeNi mirmonPrimarySlot mirmonPrimaryPort mirroringSlot mirroringPort mirMonErrorNi pmm The mirroring configuration is deleted due to the swapping of different NI board type. The Port
Mirroring session which was active on a slot cannot continue with the insertion of different NI type in the same slot.
mirmonPrimarySlot—Slot of mirrored or monitored interface.
mirmonPrimaryPort—Port of mirrored or monitored interface.
mirroringSlot—Slot of mirroring interface.
mirroringPort—Port of mirroring interface.
mirMonErrorNi—The NI slot number.
mirMonError—The Error returned by the NI which failed to configure Mirroring/Monitoring.
30 slPCAMStatusTrap slPCAMSlot-
Number slPCAMSlice-
Number slPCAMStatus bridge The trap status of the Layer 2 pesudoCAM for this NI.
slPCAMSlotNumber—The slot number of this Coronado switching/routing ASIC.
slPCAMSliceNumber—The slice number of this Coronado switching/routing ASIC.
slPCAMStatus—The Layer 2 pesudoCAM status of this Coronado switching/routing ASIC.
31 unused N/A N/A
32 unused N/A N/A page 10-18 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
33 slbTrapOperStatus slbTrapInfoEntityGroup slbTrapInfoOperStatus slbTrapInfo-
ClusterName slbTrapInfoServerIpAddr load balancing
A change occurred in the operational status of the server load balancing entity.
slbTrapInfoEntityGroup—The entity group inside SLB management.
slbTrapInfoOperStatus—The operational status of an SLB cluster or server.
slbTrapInfoClusterName—A change occurred in the operational status of an SLB entity.
slbTrapInfoServerIpAddr—The IP address of a server.
Note: This trap is not supported on OmniSwitch 6800/6850/9000 switches in the current release.
34 ifMauJabberTrap ifMauJabber-
State interface This trap is sent whenever a managed interface MAU enters the jabber state.
ifMauJabberState—The value other(1) is returned if the jabber state is not 2, 3, or 4. The agent MUST always return other(1) for MAU type dot3MauTypeAUI. The value unknown(2) is returned when the MAU’s true state is unknown; for example, when it is being initialized. If the MAU is not jabbering the agent returns noJabber(3).
This is the “normal” state. If the MAU is in jabber state the agent returns the jabbering(4) value.
35 sessionAuthenticationTrap sessionAccessType sessionUser-
Name sessionUserIpAddress sessionAuth-
Failure session An authentication failure trap is sent each time a user authentication is refused.
sessionAccessType—The access type of the session.
sessionUserName—The user name of the user logged-in.
sessionUserIpAddress—The IP address of the user logged-in.
36 trapAbsorptionTrap trapAbsorStamp trapAbsor-
TrapId trapAbsor-
Counter trapAbsorTime none
trapAbsorStamp—The time stamp of the absorbed trap.
trapAbsorTrapId—The trap identifier of the absorbed trap.
trapAbsorCounter—The number of the iterations of the absorbed trap.
trapAbsorTime—The time stamp of the last iteration.
37 alaStackMgrDuplicateSlotTrap alaStack-
MgrSlotNI-
Number chassis
The absorption trap is sent when a trap has been absorbed at least once.
Two or more slots claim to have the same slot number.
alaStackMgrSlotNINumber—The numbers allocated for the stack NIs are from 1 to 8.
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-19
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
38 alaStackMgrNeighborChangeTrap alaStack-
MgrStackStatus alaStack-
MgrSlotNI-
Number alaStackMgr-
TrapLinkNumber chassis Indicates whether or not the stack is in loop.
alaStackMgrStackStatus—Indicates whether the stack is or is not in a loop.
alaStackMgrSlotNINumber—The numbers allocated for the stack NIs are from 1to 8.
alaStackMgrTrapLinkNumber—Holds the link number when the stack is not in a loop.
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
39 alaStackMgrRoleChangeTrap alaStackMgrPrimary alaStackMgr-
Secondary chassis Indicates that a new primary or secondary stack is elected.
alaStackMgrPrimary—Holds the number of the stack, which is in Primary role.
alaStackMgrSecondary—Holds the number of the stack, which is in Secondary role.
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
40 lpsViolationTrap lpsTrapSwitch-
Name lpsTrapSwitchIpAddr lpsTrapSwitch-
Slice lpsTrapSwitch-
Port lpsTrapViolatingMac lpsTrapViolationType systemServices-
Date systemServices-
Time bridge A Learned Port Security (LPS) violation has occurred.
lpsTrapSwitchName—The name of the switch.
lpsTrapSwitchIpAddr—The IP address of switch.
lpsTrapSwitchSlice— The physical slice number for the LPS port on which the violation occurred.
lpsTrapSwitchPort—The physical port number on which the violation occurred.
lpsTrapViolatingMac—The violating MAC address.
lpsTrapViolationType—The type of violation that occurred on the LPS port.
systemServicesDate—This object contains the current System Date in the following format: MM/DD/YYYY.
systemServicesTime—This object contains the current System Time in the following format: HH:MM:SS.
41 alaDoSTrap alaDoSType alaDoSDetected ip Indicates that the sending agent has received a Denial of Service
(DoS) attack.
alaDoSType—Index field for the alaDoSTable. Integer indicating the DoS Type: 0=portscan, 1=tcpsyn,
2=pingofdeath, 3=smurf, 3=pepsi, 5=land and 6=teardropBonkBoink.
alaDoSDetected—Number of attacks detected page 10-20 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
42 gmBindRuleViolation gmBindRule-
Type gmBindRuleVlanId gmBindRuleI-
PAddress gmBindRuleMac-
Address gmBindRule-
PortIfIndex gmBindRuleProto-
Class gmBindRuleEthertype gmBindRuleDsapSsap vlan Occurs whenever a binding rule which has been configured gets violated.
gmBindRuleType—Type of binding rule for which trap sent.
gmBindRuleVlanId—Binding Rule VLAN Id.
gmBindRuleIPAddress—Binding Rule IP address.
gmBindRuleMacAddress—Binding Rule Mac Address.
gmBindRulePortIfIndex—The ifIndex corresponding to the mobile port on which the binding rule violation occurred.
gmBindRuleProtoClass—The encoded protocol number used for binding VLAN classification.
gmBindRuleEthertype—Ethertype value for generic Ethertype or snap rule. This value has no meaning for vProtoRuleProtoClass set to values other than 9 or 11.
gmBindRuleDsapSsap— DSAP and SSAP values for generic DSAP/SSAP and SNAP rules. This value has no meaning for vProtoRuleProtoClass set to values other than 10.
43 unused N/A N/A
44 unused
45 unused
N/A
N/A
N/A
N/A
46 unused N/A N/A
47 pethPsePortOnOff pethPsePortDetectionStatus module Indicates if power inline port is or is not delivering power to the a power inline device.
pethPsePortDetectionStatus—Describes the operational status of the port PD detection. A value of disabled
(1)- indicates that the PSE State diagram is in the state IDLE. A value of searching (2)- indicates that the PSE
State diagram is in the state DETECTION, CLASSIFICATION, SIGNATURE_INVALID or BACKOFF. A value of deliveringPower (4) - indicates that the PSE State diagram is in the state POWER_UP, POWER_ON or
POWER_OFF. A value of fault (5) - indicates that the PSE State diagram is in the state TEST_ERROR or the state IDLE due to the variable error condition. Faults detected are vendor-specific. A value of test (7) - indicates that the PSE State diagram is in the state TEST_MODE. A value of denyLowPriority (8) indicates that the port was disabled by the power management system, in order to keep active higher priority ports.
Note: This trap is not supported on OmniSwitch 6800 and 6850 switches in the current release.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-21
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
48 pethPsePortPowerMaintenanceStatus pethPsePort-
PowerMaintenanceStatus module Indicates the status of the power maintenance signature for inline power.
pethPsePortPowerMaintenanceStatus—The value ok (1) indicates the Power Maintenance Signature is present and the overcurrent condition has not been detected. The value overCurrent (2) indicates an overcurrent condition has been detected. The value mPSAbsent (3) indicates that the Power Maintenance Signature is absent.
Note: This trap is not supported only on OmniSwitch 6800 and 6850 switches in the current release.
49 pethMainPowerUsageOn pethMainPseConsumption-
Power module Indicates that the power inline usage is above the threshold.
pethMainPseConsumptionPower—Measured usage power expressed in Watts.
Note: This trap is not supported only on OmniSwitch 6800 and 6850 in the current release.
50 pethMainPowerUsageOff pethMainPseConsumption-
Power module Indicates that the power inline usage is below the threshold.
pethMainPseConsumptionPower—Measured usage power expressed in Watts.
Note: This trap is not supported on OmniSwitch 6800 and 6850 in the current release.
51 ospfNbrStateChange ospfRouterId ospfNbrIpAddr ospfNbrAddressLessIndex ospfNbrRtrId ospfNbrState ospf Indicates a state change of the neighbor relationship.
ospfRouterId—A 32-bit integer uniquely identifying the router in the Autonomous System. By convention, to ensure uniqueness, this should default to the value of one of the router’s IP interface addresses.
ospfNbrIpAddr—The IP address this neighbor is using in its IP Source Address. Note that, on address-less links, this will not be 0.0.0.0, but the address of another of the neighbor’s interfaces.
ospfNbrAddressLessIndex—On an interface having an IP Address, zero. On address-less interfaces, the corresponding value of ifIndex in the Internet Standard MIB. On row creation, this can be derived from the instance.
ospfNbrRtrId—A 32-bit integer (represented as a type IpAddress) uniquely identifying the neighboring router in the Autonomous System.
ospfNbrState—The State of the relationship with this Neighbor.
52 ospfVirtNbrStateChange ospf Indicates a state change of the virtual neighbor relationship.
ospfRouterId ospfVirtNbrArea ospfVirtNbrRtrId ospfVirtNbrState
ospfRouterId—A 32-bit integer uniquely identifying the router in the Autonomous System. By convention, to ensure uniqueness, this should default to the value of one of the router's IP interface addresses.
ospfVirtNbrArea—The Transit Area Identifier.
ospfVirtNbrRtrId—A 32-bit integer uniquely identifying the neighboring router in the Autonomous System.
ospfVirtNbrState—The state of the Virtual Neighbor Relationship.
page 10-22 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name Objects Family Description
53 httpServerDoSAttackTrap httpConnection-
Stats httpsConnectionStats webmgt This trap is sent to management station(s) when the HTTP server is under Denial of Service attack.
The HTTP and HTTPS connections are sampled at a 15 second interval. This trap is sent every 1 minute while the HTTP server detects it is under attack.
httpConnectionStats—The number of HTTP connection attempts over the past 15 seconds.
54 alaStackMgrDuplicateRoleTrap alaStack-
MgrSlotNI-
Number alaStackMgr-
ChasRole chassis The element identified by alaStackMgrSlotNINumber detected the presence of two elements with the same primary or secondary role as specified by alaStackMgrChasRole on the stack.
alaStackMgrSlotNINumber—Numbers allocated for the stack NIs as follows:
- 0: invalid slot number
- 1..8: valid and assigned slot numbers corresponding to values from the entPhysicalTable
- 1001..1008: switches operating in pass through mode
- 255: unassigned slot number.
alaStackMgrChasRole—The current role of the chassis as follows:
- unassigned(0),
- primary(1),
- secondary(2),
- idle(3),
- standalone(4),
- passthrough(5).
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
55 alaStackMgrClearedSlotTrap alaStack-
MgrSlotNI-
Number chassis The element identified by alaStackMgrSlotNINumber will enter the pass through mode because its operational slot was cleared with immediate effect.
alaStackMgrSlotNINumber—Numbers allocated for the stack NIs as follows:
- 0: invalid slot number
- 1..8: valid and assigned slot numbers corresponding to values from the entPhysicalTable
- 1001..1008: switches operating in pass through mode
- 255: unassigned slot number.
Note: This trap is not supported on OmniSwitch 9000 switches.
56 alaStackMgrOutOfSlotsTrap N/A chassis One element of the stack will enter the pass through mode because there are no slot numbers available to be assigned to this element.
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-23
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
57 alaStackMgrOutOfTokensTrap alaStack-
MgrSlotNI-
Number chassis The element identified by alaStackMgrSlotNINumber will enter the pass through mode because there are no tokens available to be assigned to this element.
alaStackMgrSlotNINumber—Numbers allocated for the stack NIs as follows:
- 0: invalid slot number
- 1..8: valid and assigned slot numbers corresponding to values from the entPhysicalTable
- 1001..1008: switches operating in pass through mode
- 255: unassigned slot number.
Note: This trap is not supported on OmniSwitch 9000 switches.
58 alaStackMgrOutOfPassThruSlotsTrap N/A chassis There are no pass through slots available to be assigned to an element that is supposed to enter the pass through mode.
Note: This trap is not supported on OmniSwitch 9000 switches in the current release.
59 gmHwVlanRuleTableOverloadAlert gmOverloadRuleTable gmOverloadRuleType gmOverloadRuleVlanId gmOverloadRuleMacAddress gmOverloadRuleIpAddress gmOverloadRuleProtocol gmOverloadRuleIpxNetwork vlan An overload trap occurs whenever a new entry to the hardware
VLAN rule table gets dropped due to the overload of the table.
gmOverloadRuleTable—Overloaded hardware VLAN rule table.
gmOverloadRuleType—VLAN rule types that are not configured due to the overload of the hardware VLAN rule table.
gmOverloadRuleVlanId—The overloaded VLAN ID.
gmOverloadRuleMacAddress—The overloaded MAC address.
gmOverloadRuleIpAddress—The overloaded IP address.
gmOverloadRuleProtocol—The overloaded protocol type.
gmOverloadRuleIpxNetwork—The overloaded IPX network address.
60 lnkaggAggUp traplnkaggId traplnkaggPortIfIndex linkaggregation
Indicates the link aggregate is active. This trap is sent when any one port of the link aggregate group goes into the attached state.
traplnkaggId— Index value of the Link Aggregate group.
traplnkaggIfIndex —Port of the Link Aggregate group.
page 10-24 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP Overview
No. Trap Name
61 lnkaggAggDown
Objects traplnkaggId traplnkaggPortIfIndex
Family linkaggregation
Description
Indicates the link aggregate is not active. This trap is sent when all ports of the link aggregate group are no longer in the attached state.
traplnkaggId— Index value of the Link Aggregate group.
traplnkaggIfIndex —Port of the Link Aggregate group.
62 lnkaggPortJoin traplnkaggId traplnkaggPortIfIndex traplnkaggId— Index value of the Link Aggregate group.
traplnkaggIfIndex —Port of the Link Aggregate group.
linkaggregation
This trap is sent when any given port of the link aggregate group goes to the attached state.
63 lnkaggPortLeave traplnkaggId traplnkaggPortIfIndex traplnkaggId— Index value of the Link Aggregate group.
traplnkaggIfIndex —Port of the Link Aggregate group.
64 lnkaggPortRemove traplnkaggId traplnkaggPortIfIndex linkaggregation linkaggregation
This trap is sent when any given port detaches from the link aggregate group.
This trap is sent when any given port of the link aggregate group is removed due to an invalid configuration.
traplnkaggId— Index value of the Link Aggregate group.
traplnkaggIfIndex —Port of the Link Aggregate group.
65 pktDrop pktDropType pktDropIfIndex pktDropCount pktDropFrag
IP The pktDrop trap indicates that the sending agent has dropped certain packets (to blocked IP ports, from spoofed addresses, etc.).
pktDropType — Reason index for why the packet was dropped.
pktDropIfIndex pktDropCount
— Interface index (if_index) of the ingress port of the dropped pkt.
— The number of packet drops (within a configured time interval) of the pktDropType that triggered this particular trap instance.
pktDropFrag — Less than or equal to 512 bytes of the dropped packet (dsmac[12], tag[4], etype[2], payload[..512] (0 if DropCount only).
66 monitorFileWritten mirmonPrimarySlot mirmonPrimaryPort monitorFile-
Name monitorFileSize pmm A File Written Trap is sent when the amount of data requested by the user has been written by the port monitoring instance.
mirmonPrimarySlot — Slot of mirrored or monitored interface.
mirmonPrimaryPort — Port of mirrored or monitored interface.
monitorFileName — The name of the file in which the traffic will be stored (the default is
“PMONITOR.ENC”).
monitorFileSize — The number of bytes in 16K (16384) increments allowed for the file (default 16384 bytes).
The file contains only the last monitorFileName bytes of the current port monitoring instance.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-25
SNMP Overview Using SNMP
No. Trap Name Objects Family Description
67 alaVrrp3TrapProtoError alaVrrp3TrapPr otoErrReason vrrp The error trap indicates that the sending agent has encountered the protocol error. alaVrrp3TrapProtoErrReason —This indicates the reason for protocol error trap .
68 alaVrrp3TrapNewMaster alaVrrp3OperM asterlpAddrType alaVrrp3OperM asterlpAddr alaVrrp3TrapNe wMasterReason vrrp The newMaster trap indicates that the sending agent has transitioned to Master state.
alaVrrp3OperMasterlpAddrType —This specifies the type of alaVrrp3OperMasterlpAddr in this row .
alaVrrp3OperMasterlpAddr —The master switch’s real (primary for vrrp over IPv4) IP address. This is the Ip address listed as the source in the advertisement last received by this virtual switch. For IPv6, a link local address.
alaVrrp3TrapNewMasterReason —This indicates the reason for NewMaster trap.
69 gmHwMixModeSubnetRuleTable-
OverloadAlert gmSubnetRule-
Table gmOverloadRuleSlice vlan An subnet overload trap occurs in mixed mode whenever a new entry to the HW subnet rule table gets dropped due to the overload of the table.
gmSubnetRuleTable —Overloaded HW subnet rule table.
gmOverloadRuleSlice —Overloaded slot Id.
Note: This trap is not supported on OmniSwitch 6800/6850/9000 switches in the current release.
page 10-26 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP Using SNMP For Switch Security
Using SNMP For Switch Security
Community Strings (SNMPv1 and SNMPv2)
The switch supports the SNMPv1 and SNMPv2c community strings security standard. When a community string is carried over an incoming SNMP request, the community string must match up with a user account name as listed in the community string database on the switch. Otherwise, the SNMP request will not be processed by the SNMP agent in the switch.
Configuring Community Strings
To use SNMPv1 and v2 community strings, each user account name must be mapped to an SNMP community string. Follow these steps:
1 Create a user account on the switch and define its password. Enter the following CLI syntax to create the account “community_user1”.
-> user community_user1 password ******* no auth
Note. A community string inherits the security privileges of the user account that creates it.
A user account can be created locally on the switch by using CLI commands. For detailed information on setting up user accounts, refer to the “Using Switch Security” chapter of this manual.
2 Map the user account to a community string.
A community string works like a password so it is defined by the user. It can be any text string up to 32 characters in length. If spaces are part of the text, the string must be enclosed in quotation marks (“ ”). The following CLI command maps the username “community_user1” to the community string “comstring2”.
-> snmp community map comstring2 user community_user1 enable
3 Verify that the community string mapping mode is enabled.
By default, the community strings database is enabled. (If community string mapping is not enabled, the community string configuration will not be checked by the switch.) If the community string mapping mode is disabled, use the following command to enable it.
-> snmp community map mode enable
Note. Optional. To verify that the community string is properly mapped to the username, enter the show snmp community map command. The display is similar to the one shown here:
->show snmp community map
Community mode : enabled status community string user name
--------+--------------------------------+-------------------------------enabled comstring2 community_user1
This display also verifies that the community map mode is enabled.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-27
Using SNMP For Switch Security Using SNMP
Encryption and Authentication (SNMPv3)
Two important processes are used to verify that the message contents have not been altered and that the source of the message is authentic. These processes are encryption and authentication.
A typical data encryption process requires an encryption algorithm on both ends of the transmission and a secret key (like a code or a password). The sending device encrypts or “scrambles” the message by running it through an encryption algorithm along with the key. The message is then transmitted over the network in its encrypted state. The receiving device then takes the transmitted message and “un-scrambles” it by running it through a decryption algorithm. The receiving device cannot un-scramble the coded message without the key.
The switch uses the Data Encryption Standard (DES) encryption scheme in its SNMPv3 implementation.
For DES, the data is encrypted in 64-bit blocks by using a 56-bit key. The algorithm transforms a 64-bit input into a 64-bit output. The same steps with the same key are used to reverse the encryption.
The authentication process ensures that the switch receives accurate messages from authorized sources.
Authentication is accomplished between the switch and the SNMP management station through the use of a username and password identified via the snmp station CLI syntax. The username and password are used by the SNMP management station along with an authentication algorithm (SHA or MD5) to compute a hash that is transmitted in the PDU. The switch receives the PDU and computes the hash to verify that the management station knows the password. The switch will also verify the checksum contained in the
PDU.
Authentication and encryption are combined when the PDU is first authenticated by either the SHA or
MD5 method. Then the message is encrypted using the DES encryption scheme. The encryption key is derived from the authentication key, which is used to decrypt the PDU on the switch’s side.
Configuring Encryption and Authentication
Setting Authentication for a User Account
User account names and passwords must be a minimum of 8 characters in length when authentication and encryption are used. The following syntax sets authentication type MD5 with DES encryption for user account “user_auth1”.
-> user user_auth1 password ******** md5+des
SNMP authentication types SHA and MD5 are available with and without type DES encryption. The sha,
md5, sha+des, and md5+des keywords may be used in the command syntax.
Note. Optional. To verify the authentication and encryption type for the user, enter the show user command. The following is a partial display.
-> show user
User name = user_auth1
Read right = 0x0000a200 0x00000000,
Write right = 0x00000000 0x00000000,
Read for domains = ,
Read for families = snmp chassis interface ,
Write for domains = None ,
Snmp authentication = MD5, Snmp encryption = DES
The user’s SNMP authentication is shown as MD5 and SNMP encryption is shown as DES.
page 10-28 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP Using SNMP For Switch Security
Setting SNMP Security
By default, the switch is set to “privacy all”, which means the switch accepts only authenticated and encrypted v3 Sets, Gets, and Get-Nexts. You can configure different levels of SNMP security by entering snmp security followed by the command parameter for the desired security level. For example, the following syntax sets the SNMP security level as “authentication all” as defined in the table below:
-> snmp security authentication all
The command parameters shown in the following table define security from the lowest level (no security) to the highest level (traps only) as shown.
Security Level no security authentication set authentication all privacy set privacy all traps only
SNMP requests accepted by the switch
All SNMP requests are accepted.
SNMPv1, v2 Gets
Non-authenticated v3 Gets and Get-Nexts
Authenticated v3 Sets, Gets, and Get-Nexts
Encrypted v3 Sets, Gets, and Get-Nexts
Authenticated v3 Sets, Gets, and Get-Nexts
Encrypted v3 Sets, Gets, and Get-Nexts
Authenticated v3 Gets and Get-Nexts
Encrypted v3 Sets, Gets, and Get-Nexts
Encrypted v3 Sets, Gets, and Get-Nexts
All SNMP requests are rejected.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-29
Working with SNMP Traps Using SNMP
Working with SNMP Traps
The SNMP agent in the switch has the ability to send traps to the management station. It is not required that the management station request them. Traps are messages alerting the SNMP manager to a condition on the network. A trap message is sent via a PDU issued from the switch’s network management agent. It is sent to alert the management station to some event or condition on the switch.
Traps can indicate improper user authentication, restarts, the loss of a connection, or other significant events. You can configure the switch so that traps are forwarded to or suppressed from transmission to the management station under different circumstances.
Trap Filtering
You can filter SNMP traps in at least two ways. You can filter traps by limiting user access to trap families or you can filter according to individual traps.
Filtering by Trap Families
Access to SNMP traps can be restricted by withholding access privileges for user accounts to certain command families or domains. (Designation of particular command families for user access is sometimes referred to as partition management.)
SNMP traps are divided into functional families as shown in the “SNMP Traps Table” on page 10-10 .
These families correspond to switch CLI command families. When read-only privileges for a user account are restricted for a command family, that user account is also restricted from reading traps associated with that family.
Procedures for filtering traps according to command families can be found in the Quick Steps for
refer to the
“SNMP Traps Table” on page 10-10
.
Filtering By Individual Trap
You can configure the switch to filter out individual traps by using the snmp trap filter command. This command allows you to suppress specified traps from the management station. The following information is needed to suppress specific traps:
• The IP address of the SNMP management station that will receive the traps.
• The ID number of the individual traps to be suppressed.
. For a list of trap names, ID numbers, and their descriptions refer to the table “SNMP
page 10-30 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP Working with SNMP Traps
Authentication Trap
The authentication trap is sent when an SNMP authentication failure is detected. This trap is a signal to the management station that the switch received a message from an unauthorized protocol entity. This normally means that a network entity attempted an operation on the switch for which it had insufficient authorization. When the SNMP authentication trap is enabled, the switch will forward a trap to the management station. The following command will enable the authentication trap:
-> snmp authentication trap enable
The trap will be suppressed if the SNMP authentication trap is disabled.
Trap Management
Several CLI commands allow you to control trap forwarding from the agent in the switch to the SNMP management station.
Replaying Traps
The switch normally stores all traps that have been sent out to the SNMP management stations. You can list the last stored traps by using the show snmp trap replay command. This command lists the traps along with their sequence number. The sequence number is a record of the order in which the traps were previously sent out.
You may want to replay traps that have been stored on the switch for testing or troubleshooting purposes.
This is useful in the event when any traps are lost in the network. To replay stored traps, use the snmp
trap replay command followed by the IP address for an SNMP management station. This command replays (or re-sends) all stored traps from the switch to the specified management station on demand.
If you do not want to replay all of the stored traps, you can specify the sequence number from which the trap replay will start. The switch will start the replay with a trap sequence number greater than or equal to the sequence number given in the CLI command. The number of traps replayed depends on the number of traps stored for this station.
Absorbing Traps
The switch may send the same traps to the management station many, many times. You can suppress the transmission of identical repetitive traps by issuing the snmp trap absorption command. When trap absorption is enabled, traps that are identical to traps previously sent will be suppressed and therefore not forwarded to the SNMP management station. The following command will enable SNMP trap absorption:
-> snmp trap absorption enable
To view or verify the status of the Trap Absorption service, use the show snmp trap config command.
Sending Traps to WebView
When WebView forwarding is enabled, all traps sent by switch applications are also forwarded to
WebView. The following command allows a WebView session to retrieve the trap history log:
-> snmp trap to webview enable
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-31
SNMP MIB Information Using SNMP
SNMP MIB Information
MIB Tables
You can display MIB tables and their corresponding command families by using the show snmp mib family command. The MIB table identifies the MIP identification number, the MIB table name and the command family. If a command family is not valid for the entire MIB table, the command family will be displayed on a per-object basis.
For a list and description of system MIBs, refer to
“Industry Standard MIBs” on page 10-33
The following is a partial display.
-> show snmp mib family
MIP ID MIB TABLE NAME FAMILY
-------+----------------------------------------+---------------------
6145 esmConfTrap NO SNMP ACCESS
6146 alcetherStatsTable interface
6147 dot3ControlTable interface
6148 dot3PauseTable interface
6149 dot3StatsTable interface
6150 esmConfTable interface
...
...
77828 healthModuleTable rmon
77829 healthPortTable rmon
77830 healthThreshInfo rmon
78849 vrrpAssoIpAddrTable vrrp
78850 vrrpOperTable vrrp
78851 vrrpOperations vrrp
78852 vrrpRouterStatsTable vrrp
...
...
87042 vacmContextTable snmp
87043 vacmSecurityToGroupTable snmp
87044 vacmAccessTable snmp
87045 vacmViewTreeFamilyTable snmp
MIB Table Description
If the user account has no restrictions, the display shown by the show snmp mib family command can be very long. For documentation purposes, a partial list is shown above and three entry examples are defined.
• The first entry in the MIB Table shows an MIP identification number of 6145. The MIB table name is esmConfTrap.This table is found in the AlcatelIND1Port MIB, which defines managed objects for the
ESM Driver subsystem.
• For MIP Id number 77828, the MIB table name is healthModuleTable. This table is found in the
AlcatelIND1Health MIB, which defines managed objects for the health monitoring subsystem.
• For MIB Id number 87042, the MIB table name is vacmContextTable. This table is found in the
SNMP-VIEW-BASED-ACM MIB, which serves as the view-based access control model (VACM) for the SNMP.
page 10-32 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP MIB Information
Industry Standard MIBs
The following table lists industry standard MIBs supported by the OmniSwitch 6800/6850/9000 switches.
MIB Name Description Dependencies
BGP4-MIB, RFC 1657 Definitions of Managed Objects for the Fourth Version of the Border Gateway Protocol (BGP-4) by using
SMIv2.
BRIDGE-MIB,
RFC 1493
The Bridge MIB for managing MAC bridges based on the IEEE 802.1D standard between Local Area Network (LAN) segments.
SNMPv2-SMI
SNMPv2-SMI,
RFC1215-MIB
DVMRP-STD-MIB,
Draft 11
The MIB module for management of Distance-Vector
Multicast Routing Protocol (DVMRP) routers.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB,
IF-MIB,
ALCATEL-IND1-
BASE
EE8023-LAG-MIB,
IEEE 802.3ad
Link Aggregation module for managing IEEE
Standard 802.3ad.
ENTITY-MIB, RFC 2737 Entity MIB (Version 2). Standardized set of managed objects representing logical and physical entities and relationships between them.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB,
Q-BRIDGE-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB
EtherLike-MIB,
RFC 2665
Definitions of Managed Objects for the Ethernet-like
Interface Types.
HCNUM-TC, RFC 2856: An MIB module containing textual conventions for high-capacity data types. This module addresses an immediate need for data types not directly supported in the SMIv2. This short-term solution is meant to be deprecated as a long-term solution is deployed.
IANAifType-MIB This MIB module defines the IANAifType Textual
Convention, and thus the enumerated values of the ifType object defined in the MIB-II Table.
SNMPv2-SMI,
SNMPv2-CONF,
IF-MIB
SNMPv2-SMI,
SNMPv2-TC
SNMPv2-SMI,
SNMPv2-TC
IANA-RTPROTO-MIB This MIB module defines the IANAipRouteProtocol and IANAipMRouteProtocol textual conventions for use in MIBs which need to identify unicast or multicast routing mechanisms.
SNMPv2-SMI,
SNMPv2-TC
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-33
SNMP MIB Information Using SNMP
MIB Name
IEEE8021-PAE-MIB
IF-MIB, RFC 2863
IGMP-STD-MIB,
RFC 2933
INET-ADDRESS-MIB,
RFC 2851
IP-BRIDGE-MIB,
RFC 2674
IP-FORWARD-MIB,
RFC 2096
IP-MIB, RFC 2011
IPv6-TC, RFC 2465
IPv6-ICMP-MIB,
RFC 2466
IPv6-TCP-MIB,
RFC 2452
IPv6-UDP-MIB,
RFC 2454
MAU-MIB,
RFC 2668
Description Dependencies
This MIB modules defines 802.1X ports used for portbased access control.
The Interfaces Group MIB. Contains generic information about the physical interfaces of the entity.
Internet Group Management Protocol MIB.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMPv2-MIB,
IANAifType-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB
Textual Conventions for Internet Network Addresses. SNMPv2-SMI,
SNMPv2-TC
The Bridge MIB Extension module for managing
Priority and Multicast Filtering, defined by IEEE
802.1D.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
BRIDGE-MIB
IP Forwarding Table MIB
SNMPv2 Management Information Base for the
Internet Protocol by using SMIv2. Includes Internetwork Control Message Protocol (ICMP).
This MIB defines the management information for
IPv6; Textual conventions and general group
SNMPv2-SMI,
SNMPv2-TC,
IP-MIB,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC
Management Information base for IPv6 Group.
Management Information Base for the Transmission
Control Protocol.
Management Information Base for User Datagram
Protocol
Management Information for IEEE 802.3 Medium
Attachment Units.
SNMPv2-SMI,
SNMPv2-CONF,
IPv6-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-CONF,
IPv6-TC
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF page 10-34 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP MIB Information
MIB Name Description Dependencies
Novell RIPSAP MIB
OSPF-MIB,
RFC 1850
OSPFV3-MIB
This MIB defines the management information for the
Routing Information Protocol (RIP) and Service
Advertising Protocol (SAP) protocols running in a
Novell Internetwork Packet Exchange (IPX) protocol environment. It provides information in addition to that contained in the IPX MIB itself. All tables in this
MIB are linked to an instance of IPX via the system instance identifier as defined in the IPX MIB.
Open Path Shortest First (OSPF) Version 2
Management Information Base.
SNMPv2-SMI
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Open Path Shortest First (OSPF) Version 3
Management Information Base.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB,
INET-ADDRESS-
MIB,
OSPF-MIB
PIM-MIB,
RFC 2934
Q-BRIDGE-MIB,
RFC 2674
RIPv2-MIB,
RFC 1724
RMON-MIB, RFC 2819
Protocol Independent Multicast MIB for IPv4
The Bridge MIB Extension module for managing Priority and Multicast Filtering, defined by IEEE 802.1D.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB,
IPMROUTE-STD-
MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB,
BRIDGE-MIB,
P-BRIDGE-MIB
Routing Information Protocol (RIP) Version 2 MIB
Extension.
Remote Network Monitoring (RMON) Management
Information Base.
RS-232-MIB, RFC 1659 Definitions of Managed Objects for RS-232-like
Hardware Devices by using SMIv2.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-CONF,
IF-MIB
SNMP-COMMUNITY
MIB, RFC 2576
This MIB module defines objects to help support coexistence between SNMPv1, SNMPv2c, and SNMPv3.
SNMPv2-SMI,
SNMP-FRAME-
WORK-MIB,
SNMP-TARGET-
MIB,
SNMPv2-CONF
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-35
SNMP MIB Information Using SNMP
MIB Name Description Dependencies
SNMP-FRAMEWORK
MIB, RFC 2571
SNMP-MPD-MIB,
RFC 2572
SNMP-NOTIFICATION
MIB, RFC 2573
SNMP-PROXY-MIB,
RFC 2573
SNMP-TARGET-MIB,
RFC 2573
SNMP-USER-BASED-
SM-MIB, RFC 2574
SNMPv2-MIB,
RFC 1907
SNMP-VIEW-BASED-
ACM-MIB, RFC 2575
TCP-MIB, RFC 2012
An Architecture for Describing SNMP Management
Frameworks.
Message Processing And Dispatching For The Simple
Network Management Protocol (SNMP).
SNMPv2-SMI,
SNMPv2-CONF
SNMP Applications, Notifications SNMP Entity
Remote Configuration.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB,
SNMP-TARGET-
MIB
SNMP Applications, Proxy SNMP Entity Remote
Configuration.
SNMP Applications, Proxy SNMP Entity Remote
Configuration.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB,
SNMP-TARGET
MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB
User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3).
Management Information Base for Version 2 of the
Simple Network Management Protocol (SNMPv2).
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
View-based Access Control Model (VACM) for the
Simple Network Management Protocol (SNMP).
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB
SNMPv2 Management Information Base for the
Transmission Control Protocol by using SMIv2.
SNMPv2-SMI,
SNMPv2-CONF page 10-36 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP MIB Information
MIB Name Description Dependencies
TUNNEL-MIB,
RFC 2667
IP Tunnel MIB
UDP-MIB, RFC 2013 SNMPv2 Management Information Base for the User
Datagram Protocol by using SMIv2.
VRRP-MIB, RFC 2787 Definitions of Managed Objects for the Virtual Router
Redundancy Protocol (VRRP).
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB
SNMPv2-SMI,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-37
SNMP MIB Information Using SNMP
Enterprise (Proprietary) MIBs
The following table lists the enterprise proprietary MIBs supported by the OmniSwitch 6800/6850/9000.
Note. The ALCATEL-IND1-BASE* MIB is required for all MIBs listed in this table.
MIB Name Description Dependencies*
ALCATEL-IND1-
AAA-MIB
Definitions of managed objects for the Authentication,
Authorization, and Accounting (AAA) subsystem.
ALCATEL-IND1-BASE This module provides base definitions for modules developed to manage Alcatel-Lucent Internetworking networking infrastructure products.
SNMPv2-SMI,
SNMPv2-TC,
SNMP-v2-CONF
SNMPv2-SMI
ALCATEL-IND1-
BGP-MIB
ALCATEL-IND1-
CHASSIS-MIB
ALCATEL-IND1-
CONFG-MGR-MIB
Definitions of managed objects for the Border Gateway Protocol (BGP) subsystem.
Definitions of managed objects for the Chassis Management subsystem.
Definitions of managed objects for the Configuration
Manager subsystem.
Definitions of chassis and modules.
SNMPv2-SMI,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
SNMP-
FRAMEWORK-
MIB,
ENTITY-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMP-SMI ALCATEL-IND1-
DEVICES
ALCATEL-IND1-
DOT1Q-MIB
ALCATEL-IND1-
DOT1X-MIB
ALCATEL-IND1-
DRCTM-MIB
ALCATEL-IND1-
DVMRP-MIB
Definitions of managed objects for the IEEE 802.1Q subsystem.
Definitions of managed objects for the IEEE 802.1X subsystem.
Definitions of managed objects for the Dynamic Routing and Control (DRC) subsystems.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC
SNMPv2-SMI,
SNMPv2-CONF
Definitions of managed objects for the Distance Vector
Multicast Routing Protocol (DVMRP) subsystem.
SNMPv2-SMI,
SNMPv2-CONF
ALCATEL-IND1-
GROUP-MOBILITY-
MIB
ALCATEL-IND1-
HEALTH-MIB
Definitions of managed objects for Group Mobility.
SNMPv2-TC,
SNMPv2-SMI,
SNMPv2-CONF
Definitions of managed objects for the Health Monitoring subsystem.
SNMPv2-SMI,
SNMPv2-CONF page 10-38 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP MIB Information
MIB Name Description Dependencies*
ALCATEL-IND1-IGMP-
MIB
ALCATEL-IND1-
INTERSWITCH-
PROTOCOL-MIB
ALCATEL-IND1-
IP-MIB
ALCATEL-IND1-
IPMRM-MIB
ALCATEL-IND1-
IPMS-MIB
ALCATEL-IND1-
IPRM-MIB
ALCATEL-IND1-
IPv6-MIB
ALCATEL-IND1-IPX-
MIB
ALCATEL-IND1-
LAG-MIB
ALCATEL-IND1-
LPS-MIB
Definitions of managed objects for the IPv4 Multicast
MIB.
Definitions of managed objects for the Interswitch
Protocol (i.e., GMAP, XMAP) subsystem.
Definitions of managed objects for the IP Stack subsystem.
SNMPv2-TC,
SNMPv2-SMI,
SNMPv2-CONF,
INET-ADDRESS-
MIB,
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IP-MIB
Definitions of managed objects for IP Multicast Route
Manager (IPMRM) global configuration parameters
SNMPv2-SMI,
SNMPv2-CONF
Definitions of managed objects for the IP Multicast
Switching (IPMS) subsystem.
Definitions of managed objects for the IP Routing
Manager (IPRM) subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IANA-RTPROTO-
MIB
Definitions of managed objects for the IPv6 subsystem.
Definitions of managed objects for the IPX routing subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IPv7-TC
IPv6-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Definitions of managed objects for the IEEE 802.3ad
Link Aggregation (LAG) subsystem.
Definitions of the MIB module for the address learning
MIB addresses entity.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IEEE8023-LAG-
MIB,
IF-MIB
Q-BRIDGE-MIB
SNMPv2-SMI,
SNMPv2-TC,
IF-MIB,
Q-BRIDGE-MIB,
ALCATEL-IND1-
SYSTEM-MIB,
SNMPv2-CONF
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-39
SNMP MIB Information Using SNMP
MIB Name
ALCATEL-IND1-
MAC-ADDRESS-MIB
ALCATEL-IND1-
MAC-SERVER-MIB
ALCATEL-IND1-
MLD-MIB
ALCATEL-IND1-
NTP-MIB
ALCATEL-IND1-
OSPF-MIB
ALCATEL-IND1-
OSPF3-MIB
ALCATEL-IND1-
PARTITIONED-MGR-
MIB
ALCATEL-IND1-
PCAM-MIB
ALCATEL-IND1-PIM-
MIB
ALCATEL-IND1-
POLICY-MIB
ALCATEL-IND1-
PORT-MIB
Description Dependencies*
Definitions of managed objects for the Source Learning MAC Address subsystem.
Definitions of managed objects for the Chassis Supervision MAC Server subsystem.
Definitions of the Multicast Listener Discovery
(MLD) subsystem.
Definitions of the Network Time Protocol (NTP) subsystem.
Definitions of managed objects for the Open Shortest
Path First (OSPF) subsystem.
Definitions of managed objects for the Open Shortest
Path First 3 (OSPF3) subsystem
Definitions of the user Partitioned Manager subsystem.
Definition of managed objects for the Coronado
Layer3 Hardware Routing Engine (HRE).
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
IF-MIB,
Q-Bridge-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
ENTITY-MIB,
ALCATEL-IND1-
CHASSIS-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
INET-ADDRESS-
MIB,
IF-MIB
SNMPv2-SMI,
SNMPv2-TC
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
Q-BRIDGE-MIB,
SNMP-
FRAMEWORK-
MIB,
SNMPv2-TC
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Definitions of managed objects for the Protocol Independent Multicast Sparse Mode (PIM-SM) and Protocol Independent Multicast Dense Mode (PIM-DM) subsystem.
Definitions of managed objects for the Policy Manager subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
ALCATEL-IND1-
BASE
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Definitions of managed objects for the Port Manager subsystem.
SNMPv2-SMI,
SNMPv2-CONF,
IF-MIB page 10-40 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP SNMP MIB Information
MIB Name
ALCATEL-IND1-
PORT-MIRRORING-
MONITORING-MIB
ALCATEL-IND1-
QOS-MIB
ALCATEL-IND1-
RDP-MIB
ALCATEL-IND1-
RIP-MIB
ALCATEL-IND1-
RIPNG-MIB
ALCATEL-IND1-
SESSION-MGR-MIB
ALCATEL-IND1-
SLB-MIB
ALCATEL-IND1-
SNMP-AGENT-MIB
ALCATEL-IND1-
STACK-MANAGER
ALCATEL-IND1-
SYSTEM-MIB
ALCATEL-IND1-
TP-DEVICES
ALCATEL-IND1-
TRAP-MGR-MIB
ALCATEL-IND1-
UDP-RELAY-MIB
ALCATEL-IND1-
VLAN-MGR-MIB
ALCATEL-IND1-
VLAN-STP-MIB
Description Dependencies*
Definitions of managed objects for the Port Mirroring and Monitoring subsystem.
Definitions of managed objects for the Quality of Service (QoS) subsystem.
Definitions of managed objects for the Router Discovery Protocol (RDP) subsystem.
Definitions of managed objects for the Routing Information Protocol (RIP) subsystem.
Definitions of managed objects for the Routing Information Protocol (RIPng) subsystem.
Definitions of managed objects for the User Session
Manager subsystem.
Definitions of managed objects for the Server Load
Balancing (SLB) subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
IPv6-TC
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Definitions of managed objects for the Simple Network Management Protocol (SNMP) Agent subsystem.
Definitions of the managed objects for Stack Manager
Chassis, Stack Manager Statistics, and Stack Manager
Traps.
Definitions of managed objects for the System Services subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
Definitions of managed objects for the OmniAccess
4000.
Definitions of managed objects for the SNMP Notification (i.e., Trap) Manager subsystem.
SNMPv2-SMI,
ALCATEL-IND1
BASE
SNMPv2-SMI,
SNMP-v2-TC,
SNMPv2-CONF
Definitions of managed objects for the User Datagram
Protocol (UDP) Relay subsystem.
SNMPv2-SMI,
SNMPv2-CONF
Definitions of managed objects for the VLAN Manager subsystem.
Definitions of managed objects for the VLAN Spanning Tree Protocol (STP) subsystem.
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF
SNMPv2-SMI,
SNMPv2-CONF,
BRIDGE-MIB
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-41
SNMP MIB Information Using SNMP
MIB Name
ALCATEL-IND1-VRRP-
MIB
ALCATEL-IND1-
VRRP3-MIB
ALCATEL-IND1-WEB-
MGT-MIB
Description
Definitions of managed objects for the Virtual Router
Redundancy Protocol (VRRP) subsystem.
Definitions of managed objects for the Virtual Router
Redundancy Protocol 3 (VRRP3) subsystem.
Definitions of managed objects for the Web Based
Management subsystem.
Dependencies*
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
INET-ADDRESS-
MIB,
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
INET-ADDRESS-
MIB,
IF-MIB
SNMPv2-SMI,
SNMPv2-TC,
SNMPv2-CONF,
INET-ADDRESS-
MIB page 10-42 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
Using SNMP Verifying the SNMP Configuration
Verifying the SNMP Configuration
To display information about SNMP management stations, trap management, community strings, and security, use the show commands listed in the following table. show snmp station show snmp community map Shows the local community strings database including status, community string text, and user account name.
show snmp security show snmp statistics
Displays current SNMP security status.
show snmp mib family show snmp trap replay
Displays SNMP statistics. Each MIB object is listed along with its status.
Displays SNMP MIB information. Information includes MIP ID number, MIB table name, and command family.
Displays SNMP trap replay information. This includes the IP address of the SNMP station manager that replayed each trap and the number of the oldest replayed trap.
show snmp trap filter
Displays current SNMP station information including IP address, UDP
Port number, Enabled/Disabled status, SNMP version, and user account names.
Displays the current SNMP trap filter status. This includes the IP address of the SNMP station that recorded the traps and the identification list for the traps being filtered.
show snmp authentication trap Displays the current authentication failure trap forwarding status (i.e., enable or disable).
show snmp trap config Displays SNMP trap information including trap ID numbers, trap names, command families, and absorption rate. This command also displays the Enabled/Disabled status of SNMP absorption and the Traps to
WebView service.
For more information about the resulting displays from these commands, see the OmniSwitch CLI Refer-
ence Guide.
OmniSwitch 6800/6850/9000 Switch Management Guide December 2007 page 10-43
Verifying the SNMP Configuration Using SNMP page 10-44 OmniSwitch 6800/6850/9000 Switch Management Guide December 2007
advertisement
Related manuals
advertisement
Table of contents
- 1 (START page)
- 1 Home
- 2 Front Matter
- 2 Copyright Information
- 2 Patents
- 2 Contacting Alcatel
- 3 Contents
- 13 About This Guide
- 13 Supported Platforms
- 14 Who Should Read this Manual?
- 14 When Should I Read this Manual?
- 14 What is in this Manual?
- 14 What is Not in this Manual?
- 15 How is the Information Organized?
- 15 Documentation Roadmap
- 17 Related Documentation
- 19 User Manual CD
- 19 Technical Support
- 21 1. Managing System Files
- 21 In This Chapter
- 22 File Management Specifications
- 23 Switch Administration Overview
- 23 File Transfer
- 24 Switch Directories
- 25 File and Directory Management
- 27 Using Wildcards
- 27 Multiple Characters
- 27 Single Characters
- 28 Directory Commands
- 28 Determining Your Location in the File Structure
- 29 Changing Directories
- 30 Displaying Directory Contents
- 32 Making a New Directory
- 33 Displaying Directory Contents Including Subdirectories
- 33 Copying an Existing Directory
- 34 Removing a Directory and its Contents
- 35 File Commands
- 35 Creating or Modifying Files
- 35 Copy an Existing File
- 36 Secure Copy an Existing File
- 36 Move an Existing File or Directory
- 38 Change File Attribute and Permissions
- 38 Delete an Existing File
- 39 Managing Files on Switches
- 40 Utility Commands
- 40 Displaying Free Memory Space
- 40 Performing a File System Check
- 40 Deleting the Entire File System
- 41 Loading Software onto the Switch
- 41 Using the Switch as an FTP Server
- 43 Using the Switch as an FTP Client
- 45 Using Secure Shell FTP
- 46 Closing a Secure Shell FTP Session
- 47 Using Zmodem
- 48 Registering Software Image Files
- 48 Directories on the Switch
- 49 Available Image Files
- 50 Application Examples for File Management
- 50 Transferring a File to the Switch Using FTP
- 51 Creating a File Directory on the Switch
- 52 FTP Client Application Example
- 54 Creating a File Directory Using Secure Shell FTP
- 56 Transfer a File Using Secure Shell FTP
- 56 Closing a Secure Shell FTP Session
- 56 Verifying Directory Contents
- 57 Setting the System Clock
- 57 Setting Date and Time
- 57 Date
- 57 Time Zone
- 58 Time
- 59 Daylight Savings Time Configuration
- 60 Enabling DST
- 63 2. Logging Into the Switch
- 63 In This Chapter
- 65 Login Specifications
- 65 Login Defaults
- 67 Quick Steps for Logging Into the Switch
- 68 Overview of Switch Login Components
- 68 Management Interfaces
- 68 Logging Into the CLI
- 69 Using the WebView Management Tool
- 69 Using SNMP to Manage the Switch
- 69 User Accounts
- 70 Using Telnet
- 70 Logging Into the Switch Via Telnet
- 70 Starting a Telnet Session from the Switch
- 72 Using FTP
- 72 Using FTP to Log Into the Switch
- 74 Using Secure Shell
- 74 Secure Shell Components
- 74 Secure Shell Interface
- 74 Secure Shell File Transfer Protocol
- 75 Secure Shell Application Overview
- 76 Secure Shell Authentication
- 76 Protocol Identification
- 76 Algorithm and Key Exchange
- 76 Authentication Phase
- 77 Connection Phase
- 77 Using Secure Shell DSA Public Key Authentication
- 77 Starting a Secure Shell Session
- 79 Closing a Secure Shell Session
- 79 Log Into the Switch with Secure Shell FTP
- 81 Closing a Secure Shell FTP Session
- 82 Modifying the Login Banner
- 83 Modifying the Text Display Before Login
- 84 Configuring Login Parameters
- 84 Configuring the Inactivity Timer
- 85 Enabling the DNS Resolver
- 86 Verifying Login Settings
- 87 3. Configuring Network Time Protocol (NTP)
- 87 In This Chapter
- 88 NTP Specifications
- 88 NTP Defaults Table
- 89 NTP Quick Steps
- 91 NTP Overview
- 92 Stratum
- 92 Using NTP in a Network
- 94 Authentication
- 95 Configuring NTP
- 95 Configuring the OmniSwitch as a Client
- 96 NTP Servers
- 98 Using Authentication
- 99 Verifying NTP Configuration
- 101 4. Managing CMM Directory Content
- 101 In This Chapter
- 102 CMM Specifications
- 103 CMM Files
- 103 CMM Software Directory Structure
- 104 Where is the Switch Running From?
- 104 Software Rollback Feature
- 105 Software Rollback Configuration Scenarios for a Single Switch
- 109 Redundancy
- 109 Redundancy Scenarios
- 113 Managing the Directory Structure (Non-Redundant)
- 113 Rebooting the Switch
- 116 Copying the Running Configuration to the Working Directory
- 118 Rebooting from the Working Directory
- 121 Copying the Working Directory to the Certified Directory
- 122 Copying the Certified Directory to the Working Directory
- 123 Show Currently Used Configuration
- 124 Show Switch Files
- 125 Managing Redundancy in a Stack and CMM
- 125 Rebooting the Switch
- 126 Copying the Working Directory to the Certified Directory
- 127 Synchronizing the Primary and Secondary CMMs
- 128 CMM Switching Fabric
- 129 Swapping the Primary CMM for the Secondary CMM
- 130 Show Currently Used Configuration
- 131 NI Module Behavior During Takeover
- 132 Emergency Restore of the boot.cfg File
- 132 Can I Restore the boot.file While Running from Certified?
- 133 Displaying CMM Conditions
- 135 5. Using the CLI
- 136 CLI Specifications
- 136 CLI Overview
- 136 Online Configuration
- 137 Offline Configuration Using Configuration Files
- 137 Command Entry Rules and Syntax
- 137 Text Conventions
- 138 Using “Show” Commands
- 138 Using the “No” Form
- 138 Using “Alias” Commands
- 139 Partial Keyword Completion
- 139 Command Help
- 141 Tutorial for Building a Command Using Help
- 143 CLI Services
- 143 Command Line Editing
- 143 Deleting Characters
- 144 Recalling the Previous Command Line
- 144 Inserting Characters
- 145 Syntax Checking
- 145 Prefix Recognition
- 146 Example for Using Prefix Recognition
- 147 Prefix Prompt
- 147 Command History
- 149 Logging CLI Commands and Entry Results
- 149 Enabling Command Logging
- 149 Disabling Command Logging
- 150 Viewing the Current Command Logging Status
- 150 Viewing Logged CLI Commands and Command Entry Results
- 151 Customizing the Screen Display
- 151 Changing the Screen Size
- 151 Changing the CLI Prompt
- 152 Displaying Table Information
- 153 Filtering Table Information
- 154 Multiple User Sessions
- 154 Listing Other User Sessions
- 155 Listing Your Current Login Session
- 156 Terminating Another Session
- 157 Application Example
- 157 Using a Wildcard to Filter Table Information
- 158 Verifying CLI Usage
- 159 6. Working With Configuration Files
- 159 In This Chapter
- 160 Configuration File Specifications
- 160 Tutorial for Creating a Configuration File
- 162 Quick Steps for Applying Configuration Files
- 162 Setting a File for Immediate Application
- 162 Setting an Application Session for a Date and Time
- 163 Setting an Application Session for a Specified Time Period
- 164 Configuration Files Overview
- 164 Applying Configuration Files to the Switch
- 164 Verifying a Timed Session
- 165 Cancelling a Timed Session
- 165 Configuration File Error Reporting
- 166 Setting the Error File Limit
- 166 Syntax Checking
- 167 Displaying a Text File
- 167 Text Editing on the Switch
- 167 Invoke the “Vi” Editor
- 168 Creating Snapshot Configuration Files
- 168 Snapshot Feature List
- 169 User-Defined Naming Options
- 169 Editing Snapshot Files
- 172 Verifying File Configuration
- 173 7. Managing Switch User Accounts
- 173 In This Chapter
- 174 User Database Specifications
- 174 User Account Defaults
- 176 Overview of User Accounts
- 177 Startup Defaults
- 178 Quick Steps for Network Administrator User Accounts
- 179 Quick Steps for Creating Customer Login User Accounts
- 180 Default User Settings
- 180 Account and Password Policy Settings
- 181 How User Settings Are Saved
- 182 Creating a User
- 182 Removing a User
- 182 User-Configured Password
- 184 Configuring Password Policy Settings
- 184 Setting a Minimum Password Size
- 184 Configuring the Username Password Exception
- 185 Configuring Password Character Requirements
- 185 Configuring Password Expiration
- 185 Default Password Expiration
- 186 Specific User Password Expiration
- 186 Configuring the Password History
- 186 Configuring the Minimum Age for a Password
- 187 Configuring Global User Lockout Settings
- 187 Configuring the User Lockout Window
- 187 Configuring the User Lockout Threshold Number
- 188 Configuring the User Lockout Duration Time
- 188 Manually Locking and Unlocking User Accounts
- 189 Configuring Privileges for a User
- 190 Setting Up SNMP Access for a User Account
- 190 SNMP Access Without Authentication/Encryption
- 191 SNMP Access With Authentication/Encryption
- 191 Removing SNMP Access From a User
- 192 Setting Up End-User Profiles
- 193 Creating End-User Profiles
- 193 Setting Up Port Ranges in a Profile
- 193 Setting Up VLAN Ranges in a Profile
- 194 Associating a Profile With a User
- 194 Removing a Profile From the Configuration
- 195 Verifying the User Configuration
- 197 8. Managing Switch Security
- 197 In This Chapter
- 198 Switch Security Specifications
- 198 Switch Security Defaults
- 199 Switch Security Overview
- 200 Authenticated Switch Access
- 200 AAA Servers-RADIUS or LDAP
- 200 Authentication-only-ACE/Server
- 201 Interaction With the User Database
- 201 ASA and Authenticated VLANs
- 202 Configuring Authenticated Switch Access
- 203 Quick Steps for Setting Up ASA
- 205 Setting Up Management Interfaces for ASA
- 206 Enabling Switch Access
- 206 Configuring the Default Setting
- 207 Using Secure Shell
- 208 Configuring Accounting for ASA
- 209 Verifying the ASA Configuration
- 211 9. Using WebView
- 211 In This Chapter
- 212 WebView CLI Defaults
- 212 Browser Setup
- 213 WebView CLI Commands
- 213 Enabling/Disabling WebView
- 213 Changing the HTTP Port
- 213 Enabling/Disabling SSL
- 214 Changing the HTTPS Port
- 215 Quick Steps for Setting Up WebView
- 215 WebView Overview
- 215 WebView Page Layout
- 216 Banner
- 216 Toolbar
- 217 Feature Options
- 217 View/Configuration Area
- 218 Configuring the Switch With WebView
- 218 Accessing WebView
- 219 Accessing WebView with Internet Explorer Version 7
- 220 Home Page
- 221 Configuration Page
- 221 Global Configuration Page
- 222 Table Configuration Page
- 224 Table Features
- 228 Adjacencies
- 229 WebView Help
- 229 General WebView Help
- 229 Specific-page Help
- 231 10. Using SNMP
- 231 In This Chapter
- 232 SNMP Specifications
- 232 SNMP Defaults
- 234 Quick Steps for Setting Up An SNMP Management Station
- 235 Quick Steps for Setting Up Trap Filters
- 235 Filtering by Trap Families
- 236 Filtering by Individual Traps
- 237 SNMP Overview
- 237 SNMP Operations
- 238 Using SNMP for Switch Management
- 238 Setting Up an SNMP Management Station
- 238 SNMP Versions
- 238 SNMPv1
- 239 SNMPv2
- 239 SNMPv3
- 240 SNMP Traps Table
- 257 Using SNMP For Switch Security
- 257 Community Strings (SNMPv1 and SNMPv2)
- 257 Configuring Community Strings
- 258 Encryption and Authentication (SNMPv3)
- 258 Configuring Encryption and Authentication
- 259 Setting SNMP Security
- 260 Working with SNMP Traps
- 260 Trap Filtering
- 260 Filtering by Trap Families
- 260 Filtering By Individual Trap
- 261 Authentication Trap
- 261 Trap Management
- 261 Replaying Traps
- 261 Absorbing Traps
- 261 Sending Traps to WebView
- 262 SNMP MIB Information
- 262 MIB Tables
- 262 MIB Table Description
- 263 Industry Standard MIBs
- 268 Enterprise (Proprietary) MIBs
- 273 Verifying the SNMP Configuration
- 275 A. Software License and Copyright Statements
- 275 Alcatel-Lucent License Agreement
- 275 ALCATEL-LUCENT SOFTWARE LICENSE AGREEMENT
- 278 Third Party Licenses and Notices
- 278 A. Booting and Debugging Non-Proprietary Software
- 278 B. The OpenLDAP Public License: Version 2.4, 8 December 2000
- 279 C. Linux
- 279 D. GNU GENERAL PUBLIC LICENSE: Version 2, June 1991
- 284 E. University of California
- 284 F. Carnegie-Mellon University
- 284 G. Random.c
- 285 H. Apptitude, Inc.
- 285 I. Agranat
- 285 J. RSA Security Inc.
- 285 K. Sun Microsystems, Inc.
- 286 L. Wind River Systems, Inc.
- 286 M. Network Time Protocol Version 4
- 287 Index