O'Reilly - Cisco SNMP Cookbook.pdf

(286 KB) Pobierz

Field-Tested Solutions to Cisco Router Problems

Cisco

Cookbook

Kevin Dooley & Ian J. Brown

1330969325.082.png

1330969325.093.png

1330969325.104.png

1330969325.115.png

Cisco Cookbook

1330969325.001.png

1330969325.012.png

1330969325.023.png

1330969325.033.png

1330969325.036.png

1330969325.037.png

1330969325.038.png

1330969325.039.png

1330969325.040.png

1330969325.041.png

1330969325.042.png

1330969325.043.png

1330969325.044.png

1330969325.045.png

1330969325.046.png

1330969325.047.png

1330969325.048.png

1330969325.049.png

1330969325.050.png

1330969325.051.png

1330969325.052.png

1330969325.053.png

1330969325.054.png

1330969325.055.png

1330969325.056.png

1330969325.057.png

1330969325.058.png

1330969325.059.png

1330969325.060.png

1330969325.061.png

1330969325.062.png

1330969325.063.png

1330969325.064.png

1330969325.065.png

1330969325.066.png

1330969325.067.png

1330969325.068.png

1330969325.069.png

1330969325.070.png

1330969325.071.png

1330969325.072.png

1330969325.073.png

1330969325.074.png

1330969325.075.png

1330969325.076.png

1330969325.077.png

1330969325.078.png

1330969325.079.png

1330969325.080.png

1330969325.081.png

1330969325.083.png

1330969325.084.png

1330969325.085.png

1330969325.086.png

1330969325.087.png

1330969325.088.png

1330969325.089.png

Cisco Cookbook

Ian Brown and Kevin Dooley

Beijing

Cambridge

Farnham

Köln

Paris

Sebastopol

Taipei

Tokyo

•

•

•

•

•

•

•

1330969325.090.png

1330969325.091.png

1330969325.092.png

1330969325.094.png

1330969325.095.png

1330969325.096.png

1330969325.097.png

1330969325.098.png

1330969325.099.png

1330969325.100.png

1330969325.101.png

1330969325.102.png

1330969325.103.png

1330969325.105.png

1330969325.106.png

1330969325.107.png

1330969325.108.png

1330969325.109.png

1330969325.110.png

1330969325.111.png

1330969325.112.png

1330969325.113.png

1330969325.114.png

1330969325.116.png

1330969325.117.png

1330969325.118.png

1330969325.119.png

1330969325.120.png

1330969325.121.png

1330969325.122.png

1330969325.123.png

1330969325.124.png

1330969325.125.png

1330969325.002.png

1330969325.003.png

1330969325.004.png

1330969325.005.png

1330969325.006.png

1330969325.007.png

1330969325.008.png

1330969325.009.png

1330969325.010.png

1330969325.011.png

1330969325.013.png

1330969325.014.png

1330969325.015.png

1330969325.016.png

1330969325.017.png

1330969325.018.png

1330969325.019.png

1330969325.020.png

1330969325.021.png

1330969325.022.png

1330969325.024.png

1330969325.025.png

1330969325.026.png

1330969325.027.png

1330969325.028.png

CHAPTER 17

Simple Network Management

Protocol

Chapter 17

17.0 Introduction

Since its introduction in 1988, the Simple Network Management Protocol (SNMP)

has become the most popular network management protocol for TCP/IP based net-

works. The IETF created SNMP to allow remote management of IP based devices

using a standardized set of operations. It is now widely supported by servers, print-

ers, hubs, switches, modems, UPS systems, and (of course) Cisco routers.

The SNMP set of standards define much more than a communication protocol used

for management traffic. The standards also define how management data should be

accessed and stored, as well as the entire distributed framework of SNMP agents and

servers. The IETF has officially recognized SNMP as a fully standard part of the IP

protocol suite. The original SNMP definition is documented in RFC 1157.

In 1993, SNMP Version 2 (SNMPv2) was created to address a number of functional

deficiencies that were apparent in the original protocol. The added and improved

features included better error handling, larger data counters (64-bit), improved effi-

ciency (get-bulk transfers), confirmed event notifications (informs), and most nota-

bly, security enhancements. Unfortunately, SNMPv2 did not become widely

accepted because the IETF was unable to come to a consensus on the SNMP secu-

rity features.

So, a revised edition of SNMPv2 was released in 1996, which included all of the pro-

posed enhancements except for the security facility. It is discussed in RFCs 1905,

1906, and 1907. The IETF refers to this new version as SNMPv2c and it uses the

same insecure security model as SNMPv1. This model relies on passwords called

community strings that are sent over the network as clear-text. SNMPv2c never

enjoyed widespread success throughout the IP community. Consequently, most

organizations continue to use SNMPv1 except when they need to access the occa-

sional large counter variable. The IETF recently announced that SNMPv3 would be

the new standard, with SNMPv1, SNMPv2, and SNMPv2c being considered purely

historical.

607

This is the Title of the Book, eMatter Edition

Copyright © 2003 O’Reilly & Associates, Inc. All rights reserved.

1330969325.029.png

1330969325.030.png

1330969325.031.png

Cisco’s IOS supported SNMPv2 until Version 11.2(6)F, when Cisco began support-

ing SNMPv2c. Cisco continues to support SNMPv2c in every IOS version beginning

with 11.2(6)F. In addition, every version of IOS has supported SNMPv1 since the

earliest releases.

The compromise that became SNMPv2c left the management protocol without satis-

factory security features. So, in 1998, the IETF began working on SNMPv3, which is

defined in RFCs 2571–2575. Essentially, SNMPv3 is a set of security enhancements

to be used in conjunction with SNMPv2c. This means that SNMPv3 is not a stand-

alone management protocol and does not replace SNMPv2c or SNMPv1.

SNMPv3 provides a secure method for accessing devices using authentication, mes-

sage integrity, and encryption of SNMP packets throughout the network. We have

included a recipe describing how to use the SNMPv3 security enhancements (see

Recipe 17.21). Table 17-1 lists the three supported versions of SNMP and highlights

their security capabilities.

Table 17-1. SNMP versions supported by Cisco

Version

Authentication

Encryption

Description

v1

Community strings

None

Trivial authentication. Packets sent in clear-text.

v2c

Community strings

None

Trivial authentication. Packets sent in clear-text.

v3(noAuthNoPriv)

Username

None

Trivial authentication. Packets sent in clear-text.

v3(authNoPriv)

SHA or MD5 encrypted

pass phrase

None

Strong authentication. Packets sent in clear-text.

v3(authPriv)

SHA or MD5 encrypted

pass phrase

DES

Strong authentication. Packets are encrypted.

SNMP Management Model

SNMP defines two main types of entities, managers and agents . A manager is a server

that runs network management software that is responsible for a particular network.

These servers are commonly referred to as Network Management Stations (NMS).

There are several excellent commercial NMS platforms on the market. Throughout

this book we will refer to the freely distributed NET-SNMP system as a reference

NMS.

An agent is an embedded piece of software that resides on a remote device that you

wish to manage. In fact, almost every IP-capable device provides some sort of built-in

SNMP agent. The agent has two main functions. First, the agent must listen for

incoming SNMP requests from the NMS and respond appropriately. And second, the

agent must monitor internal events and create SNMP traps to alert the NMS that

something has happened. This chapter will focus mainly on how to configure the

router’s agent.

|

608

Chapter 17:

Simple Network Management Protocol

This is the Title of the Book, eMatter Edition

Copyright © 2003 O’Reilly & Associates, Inc. All rights reserved.

1330969325.032.png

1330969325.034.png

1330969325.035.png

Plik z chomika:

Inne pliki z tego folderu:

O'Reilly - Cisco SNMP Cookbook.pdf (286 KB)
O'Reilly - Essential SNMP.pdf (1561 KB)
Planzet (2010).BDRIP.XVID-LEKTOR IVO-BOGDAN53.avi (515327 KB)
HUTA '99 - Dziewczynka z Zapalnikiem.mp3 (900 KB)
HUTA '99 - Cmentarzysko.mp3 (193 KB)

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin