Table of Contents

Chapter 1 SNMP Configuration. 1-1

1.1 SNMP Overview. 1-1

1.1.1 SNMP Mechanism.. 1-1

1.1.2 SNMP Protocol Version. 1-2

1.1.3 MIB Overview. 1-2

1.2 SNMP Configuration. 1-2

1.3 Trap Configuration. 1-5

1.3.1 Configuration Prerequisites. 1-5

1.3.2 Configuration Procedure. 1-5

1.4 Displaying and Maintaining SNMP. 1-7

1.5 SNMP Configuration Example. 1-7

Chapter 2 RMON Configuration. 2-1

2.1 RMON Overview. 2-1

2.1.1 Introduction. 2-1

2.1.2 RMON Groups. 2-2

2.2 Configuring RMON. 2-3

2.2.1 Configuration Prerequisites. 2-3

2.2.2 Configuration Procedure. 2-3

2.3 Displaying and Maintaining RMON. 2-4

2.4 RMON Configuration Example. 2-5

 

Chapter 1  SNMP Configuration

1.1  SNMP Overview

Simple Network Management Protocol (SNMP for short) offers a framework to monitor network devices through TCP/IP protocol suite. SNMP provides a set of basic operations in monitoring and maintaining the Internet and has the following characteristics:

l           Automatic network management: SNMP enables network administrators to search information, modify information, find and diagnose network problems, plan for network growth, and generate reports on any network nodes.

l           SNMP shields the physical differences between various devices and thus realizes automatic management of products from different manufacturers. SNMP only offers the basic set of functions. With SNMP enabled, the management tasks and the physical features of the managed devices are not affected by lower layer network protocols. Thus, SNMP achieves effective management of devices from different manufactures, especially so in small, fast and low cost network environments.

1.1.1  SNMP Mechanism

An SNMP enabled network are comprised of Network Management Station (NMS for short) and Agent.

l           NMS is a station that runs the SNMP client software. It offers a user friendly human computer interface, making it easier for network administrators to perform most network management tasks. Currently, the most commonly used NMS include Quidview, Sun NetManager, and IBM NetView.

l           Agent is a program on the device. It receives and handles requests sent from the NMS. Only under certain circumstances, such as interface state change, will the Agent inform the NMS.

l           NMS manages an SNMP enabled network, whereas Agent is the agent of the managed network device. They exchange management information through the SNMP protocol.

SNMP provides the following four basic operations:

l           Get operation: NMS gets the behavior information of Agent through this operation.

l           Set operation: NMS can reconfigure certain values in the Agent MIB (management information base) to make the Agent perform certain tasks by means of this set operation.

l           Trap operation: Agent sends Trap information to the NMS through this operation.

l           Inform operation: NMS sends Trap information to other NMSs through this operation.

1.1.2  SNMP Protocol Version

Currently, SNMP agents support SNMPv3 and are compatible with SNMPv1 and SNMPv2c.

SNMPv1 and SNMPv2c authenticate by means of community name, which defines the relationship between an SNMP NMS and an SNMP Agent. SNMP packets with community names that did not pass the authentication on the device will simply be discarded. A community name performs a similar role as a key word and can be used to regulate access from NMS to Agent.

SNMPv3 offers an authentication that is implemented with a User-Based Security Model (USM for short), which could be authentication with privacy, authentication without privacy, or no authentication no privacy. USM regulates the access from NMS to Agent in a more efficient way.

1.1.3  MIB Overview

Management Information Base (MIB for short) is a collection of all the objects managed by NMS. It defines the set of characteristics associated with the managed objects, such as the object identifier (OID for short), access right and data type of the objects.

MIB stores data using a tree structure. The node of the tree is the managed object and can be uniquely identified by a path starting from the root node. As illustrated in the following figure, the managed object B can be uniquely identified by a string of numbers {1.2.1.1}. This string of numbers is the OID of the managed object B.

Figure 1-1 MIB tree

1.2  SNMP Configuration

As configurations for SNMPv3 differ substantially from those of SNMPv1 and SNMPv2c, their SNMP functionalities will be introduced separately below.

Follow these steps to configure SNMPv3:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Enable SNMP Agent	snmp-agent	Optional Disabled by default You can enable SNMP Agent through this command or any commands that begin with “snmp-agent”.
Configure SNMP Agent system information	snmp-agent sys-info { contact sys-contact | location sys-location | version { all | { v1 | v2c | v3 } *} }	Optional The defaults are as follows: R&D Hangzhou, H3C Technology Co.,Ltd. for contact, Hangzhou China for location, SNMPv3 for the version.
Configure an SNMP agent group	snmp-agent group v3 group-name [ authentication | privacy ] [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]	Required
Add a new user to an SNMP agent group	snmp-agent usm-user v3 user-name group-name [ authentication-mode { md5 | sha } auth-password [ privacy-mode { des56 | aes128 } priv-password ] ] [ acl acl-number ]	Required
Configure the maximum size of an SNMP packet that can be received or sent by an SNMP agent	snmp-agent packet max-size byte-count	Optional 1,500 bytes by default
Configure the engine ID for a local SNMP agent	snmp-agent local-engineid engineid	Optional Company ID and device ID by default
Create or update view information	snmp-agent mib-view { included | excluded } view-name oid-tree [ mask mask-value ]	Optional By default, MIB view name is ViewDefault, OID of which is 1.

 

Follow these steps to configure SNMPv1 and SNMPv2c:

To do…			Use the command…	Remarks
Enter system view			system-view	—
Enable SNMP Agent			snmp-agent	Optional Disabled by default You can enable SNMP Agent through this command or any commands that begin with “snmp-agent”.
Configure SNMP Agent system information			snmp-agent sys-info { contact sys-contact | location sys-location | version { { v1 | v2c | v3 }* | all } }	Optional The defaults are as follows: R&D Hangzhou, H3C Technology Co.,Ltd. for contact, Hangzhou China for location. SNMPv3 for the version.
Configure a community name and SNMP NMS access right	Configure directly	Configure a community name	snmp-agent community { read | write } community-name [ acl acl-number | mib-view view-name ]*	At least one required In the direct configuration, SNMPv1 and SNMPv2c community names are set. In indirect configuration, the commands are consistent with SNMPv3 commands. Users are added to the specific group, which is corresponding to SNMPv1 and SNMPv2c community.
	Configure indirectly	Configure an SNMP group	snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]
		Add a new user to an SNMP group	snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ]
Configure the maximum size of an SNMP packet that can be received or sent by an ANMP agent			snmp-agent packet max-size byte-count	Optional 15,00 bytes be default
Configure the engine ID for a local SNMP agent			snmp-agent local-engineid engineid	Optional Company ID and device ID by default
Create or update view information			snmp-agent mib-view { included | excluded } view-name oid-tree [ mask mask-value ]	Optional By default, MIB view name is ViewDefault, OID of which is 1.

 

 

1.3  Trap Configuration

SNMP Agent sends Trap messages to NMS to alert the latter of critical and important events (such as restart of the managed device).

1.3.1  Configuration Prerequisites

Basic SNMP configurations have been completed (including version configuration: community names must be configured for SNMPv1 and SNMPv2c; user names and MIB view must be configured for SNMPv3.)

1.3.2  Configuration Procedure

I. Enable the sending of Trap messages

Follow these steps to configure Trap:

To do…		Use the command…	Remarks
Enter system view		system-view	—
Enable the sending of Trap messages globally		snmp-agent trap enable [ bgp | configuration | flash | ospf [ process-id ] [ ospf-trap-list ] | standard [ authentication | coldstart | linkdown | linkup | warmstart ]* | system | vrrp [ authfailure | newmaster ] ]	Optional Sending of all types of Trap messages is enabled by default.
Enable the sending of Trap messages about port state changes in Ethernet port view	Enter Ethernet port view	interface interface-type interface-number	Optional The sending of Trap messages about port state changes is enabled by default.
	Enable the sending of Trap messages about port state changes	enable snmp trap updown
	Return to system view	quit

 

 

II. Configure the parameters for sending Trap messages

Follow these steps to configure parameters for sending Trap messages:

To do…	Use the command…	Remarks
Enter system view	system-view	—
Configure the address of the target host of Trap messages	snmp-agent target-host trap address udp-domain { ip-address | ipv6 ipv6-address } [ udp-port port-number ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ] ]	Required
Configure the source address for Trap messages	snmp-agent trap source interface-type interface-number	Optional
Configure the queue size for sending Trap messages	snmp-agent trap queue-size size	Optional 100 by default
Configure the life for Trap messages	snmp-agent trap life seconds	Optional 120 seconds by default

 

1.4  Displaying and Maintaining SNMP

To do…	Use the command…
Display SNMP-agent system information, including the contact, location, and version of the SNMP	display snmp-agent sys-info [ contact | location | version ]*
Display SNMP agent statistics	display snmp-agent statistics
Display the SNMP agent engine ID	display snmp-agent { local-engineid | remote-engineid }
Display SNMP agent group information	display snmp-agent group [ group-name ]
Display SNMP user information	display snmp-agent usm-user [ engineid engineid | username user-name | group group-name ] *
Display SNMPv1 or SNMPv2 community information	display snmp-agent community [ read | write ]
Display MIB view information for an SNMP agent	display snmp-agent mib-view [ exclude | include | viewname view-name ]

 

1.5  SNMP Configuration Example

I. Network requirements

l           The NMS connects to the agent, a switch, through an Ethernet.

l           The IP address of the NMS is 129.102.140.23/16

l           The IP address of VLAN interface on the switch is 129.102.0.1/16.

l           On the switch, configure the following: community name, access right, administrator ID, contact, location, enabling sending of Trap messages.

II. Network diagram

Figure 1-2 Network diagram for SNMP

III. Configuration procedure

# Configure the community name, the SNMP agent group, and SNMP agent user.

<Sysname> system-view

[Sysname] snmp-agent sys-info version all

[Sysname] snmp-agent community read public

[Sysname] snmp-agent community write private

[Sysname] snmp-agent mib-view included internet 1.3.6.1

[Sysname] snmp-agent group v3 managev3group write-view internet

[Sysname] snmp-agent usm-user v3 managev3user managev3group

# Configure the VLAN interface to be used by the administrator to be VLAN-interface 2. Add the port GigabitEthernet1/1/3 used for network management to VLAN 2. Configure the IP address of VLAN-interface 2 to 129.102.0.1.

[Sysname] vlan 2

[Sysname-vlan2] port GigabitEthernet 1/1/3

[Sysname-vlan2] quit

[Sysname] interface Vlan-interface 2

[Sysname-Vlan-interface2] ip address 129.102.0.1 255.255.0.0

[Sysname-Vlan-interface2] quit

# Configure the ID, contact of the administrator, and the location of the switch.

[Sysname] snmp-agent sys-info contact Mr.Wang-Tel:3306

[Sysname] snmp-agent sys-info location telephone-closet,3rd-floor

# Enable the sending of Trap messages to the NMS with an IP address of 129.102.140.23/16, using public as the community name.

[Sysname] snmp-agent trap enable

[Sysname] snmp-agent target-host trap address udp-domain 129.102.140.23 udp-port 5000 params securityname public

IV. Configuring SNMP NMS

SNMPv3 uses authentication and privacy security model. In NMS, the user needs to specify user name and security level, and based on that level, configure the authentication mode, authentication password, privacy mode, privacy password. In addition, the time-out time and number of retries should also be configured. The user can inquire and configure the switch through NMS. For detailed information, refer to the NMS manuals.

 

 

Chapter 2  RMON Configuration

Remote Monitoring (RMON) is a type of IETF-defined MIB. It is the most important enhancement to the MIB II standard. It allows you to monitor traffic on network segments and even the entire network.

When configuring RMON, go to these sections for information you are interested in:

l           RMON Overview

l           Configuring RMON

l           Displaying and Maintaining RMON

l           RMON Configuration Example (on a Switch)

2.1  RMON Overview

This section covers these topics:

l           Introduction

l           RMON Groups

2.1.1  Introduction

RMON is implemented based on the simple network management protocol (SNMP) and is fully compatible with the existing SNMP framework.

RMON provides an efficient means of monitoring subnets and allows SNMP to monitor remote network devices in a more proactive and effective way. It reduces traffic between network management station (NMS) and agent, facilitating large network management.

RMON comprises two parts: NMSs and agents running on network devices.

l           Each RMON NMS administers the agents within its administrative domain.

l           An RMON agent resides on a network monitor or probe for an interface. It monitors and gathers information about traffic over the network segment connected to the interface to provide statistics about packets over a specified period and good packets sent to a host for example.

RMON allows multiple monitors. A monitor provides two ways of data gathering:

l           Using RMON probes. NMSs can obtain management information from RMON probes directly and control network resources. In this approach, RMON NMSs can obtain all RMON MIB information.

l           Embedding RMON agents in network devices such as routers, switches, and hubs to provide the RMON probe function. RMON NMSs exchange data with RMON agents with basic SNMP commands to gather network management information, which, due to system resources limitation, may not cover all MIB information but four groups of information, alarm, event, history, and statistics, in most cases.

The device adopts the second way. By using RMON enabled RMON agents on network monitors, an NMS can obtain information about traffic size, error statistics, and performance statistics for network management.

2.1.2  RMON Groups

RMON categorizes objects into groups. This section describes only the major implemented groups.

I. Event group

The event group defines event indexes and controls the generation and notifications of the events triggered by the alarms defined in the alarm group and the private alarm group. The events can be handled in one of the following ways:

l           Logging events in the event log table

l           Sending traps to NMSs

l           Both logging and sending traps

l           No action

II. Alarm group

The RMON alarm group monitors specified alarm variables, such as statistics on a port. If the monitored variable exceeds or equals to the rising threshold, a rising alarm event is triggered. If the monitored variable is lower than or equals to the falling threshold, a falling alarm event is triggered. The event is then handled as defined in the event group.

The following is how the system handles entries in the RMON alarm table:

1)         Sample the alarm variables at the specified interval.

2)         Compare the sampled values with the predefined threshold and trigger events if all triggering conditions are met.

 

 

III. Private alarm group

The private alarm group calculates the sampled values of alarm variables and compares the result with the defined threshold, thereby realizing a more comprehensive alarming function.

System handles the prialarm alarm table entry (as defined by the user) in the following ways:

l           Periodically takes statistical samples on the defined prialarm alarm variables as defined in the prialarm formula.

l           Calculate the sampled values based on the prialarm formula.

l           Compare the result with the defined threshold and generate an appropriate event.

IV. History control group

The history control group controls the periodic statistical sampling of data, such as bandwidth utilization, number of errors, and total number of packets.

Note that each value provided by the group is a cumulative sum during a sampling period.

V. Ethernet statistics group

The statistics group monitors port utilization and records errors. It provides statistics about network collisions, CRC alignment errors, undersize/oversize packets, broadcasts, multicasts, bytes received, packets received, and so on.

Unlike values provided by the history control group, each value provided in this group is a cumulative sum counted starting from the creation of a valid event entry.

2.2  Configuring RMON

2.2.1  Configuration Prerequisites

Before configuring RMON, configure the SNMP agent as described in Chapter 1  SNMP Configuration.

2.2.2  Configuration Procedure

Follow these steps to configure RMON:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Create an event entry in the event table	rmon event event-entry [ description string ] { log | trap trap-community | log-trap log-trapcommunity | none } [ owner text ]	Optional
Enter Ethernet port view	interface interface-type interface-number	––
Create an entry in the history table	rmon history entry-number buckets number interval sampling-interval [ owner text ]	Optional
Create an entry in the statistics table	rmon statistics entry-number [ owner text ]	Optional
Exit Ethernet port view	quit	—
Create an entry in the alarm table	rmon alarm entry-number alarm-variable sampling-time { absolute | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 [ owner text ]	Optional Before creating an entry, you must use the rmon event command to define the events referenced in the entry.
Create an entry in the private alarm table	rmon prialarm entry-number prialarm-formula prialarm-des sampling-timer { absolute | changeratio | delta } rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 entrytype { forever | cycle cycle-period } [ owner text ]	Optional Before creating an entry, you must use the rmon event command to define the events referenced in the entry.

 

 

2.3  Displaying and Maintaining RMON

To do…	Use the command…
Display RMON statistics	display rmon statistics [ interface-type interface-number ]
Display RMON history information and the latest history sampling information	display rmon history [interface-type interface-number ]
Display RMON alarm information	display rmon alarm [ entry -number ]
Display RMON prialarm information	display rmon prialarm [ entry -number ]
Display RMON events	display rmon event [ entry -number ]
Display RMON event logs	display rmon eventlog [ event-number ]

 

2.4  RMON Configuration Example

I. Network requirements

Agent is connected to a configuration terminal through its console port and to a remote NMS across the Internet.

Create an entry in the RMON Ethernet statistics table to gather statistics on Ethernet ports for NMS to retrieve.

II. Network diagram

Figure 2-1 Network diagram for RMON

III. Configuration procedure

# Configure RMON to gather statistics on the running status of GigabitEthernet 1/1/1.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/1/1

[Sysname-GigabitEthernet 1/1/1] rmon statistics 1 owner user1-rmon

[Sysname-GigabitEthernet 1/1/1] quit

# Display RMON statistics for GigabitEthernet 1/1/1.

[Sysname] display rmon statistics

Statistics entry 1 owned by user-rmon is VALID.

  Interface : GigabitEthernet1/1/1<ifIndex.49>

  etherStatsOctets         : 24432     , etherStatsPkts          : 172

  etherStatsBroadcastPkts  : 89        , etherStatsMulticastPkts : 19

  etherStatsUndersizePkts  : 0         , etherStatsOversizePkts  : 0

  etherStatsFragments      : 0         , etherStatsJabbers       : 0

  etherStatsCRCAlignErrors : 0         , etherStatsCollisions    : 0

  etherStatsDropEvents (insufficient resources): 0

  Packets received according to length:

  64     : 146       ,  65-127  : 16        ,  128-255  : 1

  256-511: 0         ,  512-1023: 0         ,  1024-1518: 0

# Add the event entries numbered 1 and 2 to the event table, which will be triggered by the following extended alarm.

[Sysname] rmon event 1 log

[Sysname] rmon event 2 trap 10.21.30.55

# Add an entry numbered 2 to the extended alarm table to allow the system to calculate the alarm variables with the (.1.3.6.1.2.1.16.1.1.1.9.1+.1.3.6.1.2.1.16.1.1.1.10.1) formula to get the numbers of all the oversize and undersize packets received by Ethernet 1/1/1 that are in correct data format and sample it in every 10 seconds. When the change ratio between samples reached the rising threshold of 50, trigger event 1; when the change ratio drops under the falling threshold, trigger event 2.

[Sysname] rmon prialarm 2 (.1.3.6.1.2.1.16.1.1.1.9.1+.1.3.6.1.2.1.16.1.1.1.10.1) test 10 changeratio rising-threshold 50 1 falling-threshold 5 2 entrytype forever owner user1

# Display the RMON extended alarm entry numbered 2.

[Sysname] display rmon prialarm 2

Prialarm table 2 owned by user1 is VALID.

  Samples type            : changeratio

  Variable formula : (.1.3.6.1.2.1.16.1.1.1.9.1+.1.3.6.1.2.1.16.1.1.1.10.1)

  Description             : test

  Sampling interval      : 10(sec)

  Rising threshold       : 100(linked with event 1)

  Falling threshold      : 10(linked with event 2)

  When startup enables  : risingOrFallingAlarm

  This entry will exist : forever.

  Latest value            : 0