Configuring SNMPv2
NOTE:
Once created, the loopback interface will always remain UP. Unlike any VLAN interface which can go down accidentally, the loopback interfaces are more stable and hence a much better choice for the SNMP configuration.
If the Pica8 switch is used as an SNMP Agent device and communicates with the SNMP NMS through the inband port, it is highly recommended to use the IP address of the route reachable loopback interface on the Pica8 switch as the communication address for Snmpwalk, which will ensure that communication is not interrupted and provide stablibility to the SNMP process.
Configuring SNMPv2 Parameters
By default, SNMP is disabled. You can enable SNMP and configure its parameters (e.g. community, contact, location).
You can configure the source interface on the device from which traps are sent. The system specifies the IP address of this interface as the source IP address of traps. In this way, the trap source can be identified on the NMS. To ensure device security, it is recommended that you set the source interface to the loopback interface.
admin@Xorplus# set l3-interface loopback lo address 10.10.1.201 prefix-length 32 admin@XorPlus# set protocols snmp community Pica8-data-center admin@XorPlus# set protocols snmp community Pica8-data-center authorization read-only admin@XorPlus# set protocols snmp contact support@pica8.com admin@XorPlus# set protocols snmp location Beijing admin@XorPlus# set protocols snmp trap-group targets 10.10.1.1 security-name Pica8-data-center admin@XorPlus# set protocols snmp trap-group version v2 admin@Xorplus# set protocols snmp trap-group source-interface loopback admin@XorPlus# commit Waiting for merging configuration. Commit OK. Save done. admin@XorPlus#
In version 2.8.1,security-name has to be configured for trap-group targets whichever the version is .
Configuring an SNMP ACL
By default, all hosts can snmpwalk the information of the switch. Configure an SNMP ACL to control which hosts within the subnetwork can snmpwalk the switch.
admin@XorPlus# set system snmp-acl network 1.1.1.0/24 admin@XorPlus# set system snmp-acl network 2.2.2.0/24 admin@XorPlus# commit Waiting for merging configuration. Commit OK. Save done. admin@XorPlus#
Configuring SNMPset
User can use "snmpset" (OID1.3.6.1.4.1.35098.2.0.0) to load a configuration and can use "snmpset" (OID 1.3.6.1.4.1.35098.2.1.0) to delete or load a configuration. However, only set and delete commands can be included in the command batch (which is OID 1.3.6.1.4.1.35098.2.1.0). Other commands are invalid and ignored. Note that clearing a dependent configuration is not allowed.
admin@XorPlus# set protocols snmp community private authorization read-write admin@XorPlus# commit Waiting for merging configuration. Commit OK. Save done.
Using snmpset to load a filter configuration:
root@dev:~# snmpset -v 2c -c private IP .1.3.6.1.4.1.35098.2.0.0 s "tftp:1.1.5.1:/pica8/acl.conf" iso.3.6.1.4.1.35098.2.0.0 = STRING: "tftp:1.1.5.1:/pica8/acl.conf"
Using snmpset to delete a filter configuration:
root@dev:~# snmpset -v 2c -c private IP .1.3.6.1.4.1.35098.2.1.0 s "tftp:1.1.5.1:/pica8/delete-acl.conf" iso.3.6.1.4.1.35098.2.0.0 = STRING: "tftp:1.1.5.1:/pica8/delete-acl.conf"
Enable or Disable LLDP SNMP Trap
The LLDP SNMP trap is enabled by default. You can use the following command to disable LLDP SNMP trap, then there will be no more LLDP trap message sends to snmp.
admin@Xorplus# set protocols lldp snmp-trap false admin@Xorplus# commit Waiting for merging configuration. Commit OK. Save done.
Copyright © 2024 Pica8 Inc. All Rights Reserved.