Applies To:

Show Versions Show Versions

Archived Manual Chapter: Configuring SNMP
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.

10 
Simple Network Management Protocol (SNMP) is an industry-standard protocol that gives a standard SNMP management system the ability to remotely manage a device on the network. One of the devices that an SNMP management system can manage is a WANJet® appliance. The SNMP versions that the WANJet appliance supports are: SNMP v1, SNMP v2c, and SNMP v3. The WANJet appliance implementation of SNMP is based on Net-SNMP, which was formerly known as UCD-SNMP.
A standard SNMP implementation consists of an SNMP manager, which runs on a management system and makes requests to a device, and an SNMP agent, which runs on the managed device and fulfills those requests. SNMP device management is based on the standard management information base (MIB) known as MIB-II, as well as object IDs and MIB files.
The MIB defines the standard objects that you can manage for a device, presenting those objects in a hierarchical, tree structure.
Each object defined in the MIB has a unique object ID (OID), written as a series of integers. An OID indicates the location of the object within the MIB tree.
A set of MIB files resides on both the SNMP management system and the managed device. MIB files specify values for the data objects defined in the MIB. This set of MIB files consists of standard SNMP MIB files and enterprise MIB files. Enterprise MIB files are those MIB files that pertain to a particular company, such as F5 Networks, Inc.
The WANJet appliance includes a private MIB file that contains data objects for WAN optimization and other features of the WANJet appliance.
Typical SNMP tasks that an SNMP manager performs include polling for data about a device and receiving notifications from a device about specific events.
The enterprise MIB files typically reside on both the WANJet appliance and system running the SNMP manager. You can download the enterprise MIB files to your SNMP manager. The WANJet appliance includes a private MIB file that pertains to WAN optimization.
Before an SNMP management system can manage a WANJet appliance remotely, you must perform a few configuration tasks on the WANJet appliance. Then you can use standard SNMP commands on the remote manager system to manage the WANJet appliance.
Configuring the SNMP agent
You must configure the WANJet appliance so that the SNMP manager can access it. For example, you can allow client access to information that the SNMP agent collects, and you can configure the way the SNMP agent handles SNMP traps.
Downloading MIB files
You can download MIB files to your remote manager system: the standard SNMP MIB files and the enterprise MIB files, including the private MIB file for the WANJet appliance.
Configuring WANJet appliance information
Specify a system contact name, and the location of the WANJet appliance.
Configuring client access to the SNMP agent
Configure the WANJet appliance to allow access to the SNMP agent from an SNMP management system.
Controlling access to SNMP data
Assign access levels to SNMP communities or users, to control access to SNMP data.
Configuring Traps
Enable or disable traps and specify the destination SNMP management system for SNMP traps.
Contact Information
The contact information is a MIB-II simple string variable defined by almost all SNMP boxes. The contact name usually contains a user name, as well as an email address.
Machine Location
The machine location is a MIB-II variable that almost all machines support. It is a simple string that defines the location of the machine.
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
In the Global Setup area, fill in the boxes.
For more information, see the online help.
3.
Click Update.
An SNMP client refers to any system running the SNMP manager software for the purpose of remotely managing the WANJet appliance. To allow client access to the WANJet appliance, you specify the IP or network addresses (with netmask as required) from which the SNMP agent can accept requests. (By default, SNMP is enabled only for the WANJet appliance loopback interface, 127.0.0.1.)
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
In the SNMP Access section, for the Type setting, select Host or Network, depending on whether the IP address you specify is a host system or a subnet.
In the Address box, type an IP address or network address from which the SNMP agent can accept requests.
If you selected Network in step 2, type the netmask in the Mask box.
4.
Click the Add button to add the host or network address to the list of allowed clients.
5.
Click Update.
The default access level for communities is read-only. This means that you cannot write to an individual data object that has a read/write access type until you change the default read-only access level of the community or user.
The way to modify this default access level is by using the Configuration utility to grant read/write access to either a community (for SNMP v1 and v2c) or a user (SNMP v3), for a given OID.
When you set the access level of a community or user to read/write, and an individual data object has a read-only access type, access to the object remains read-only. In short, the access level or type that is the most secure takes precedence when there is a conflict. Table 10.1 illustrates this point.
And you set the access level of a community or user to...
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
On the menu bar, click Access (v1, v2c).
The SNMP Access (v1, v2) screen opens.
3.
In the upper-right corner of the screen, click Create.
The Record Properties screen opens.
4.
In the Community box, type the name of the SNMP community for which you are assigning an access level (in step 7).
5.
In the Source box, type the source IP address.
6.
In the OID box, type the OID for the top-most node of the SNMP tree to which the access applies.
7.
For the Access setting, select an access level, either Read Only or Read/Write. (This access level applies to the community name you specified in step 4.)
8.
Click Finished.
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
On the menu bar, click Access (v3).
The SNMP Access (v3) screen opens.
3.
In the upper-right corner of the screen, click Create.
The Record Properties screen opens.
4.
In the User Name box, type the name of the user to whom you are granting access (in step 8).
5.
For the Authentication setting, select the type of authentication to use (MD5, SHA, or None), and then type and confirm the users password.
6.
For the Privacy setting, select the privacy protocol, and then do one of the following:
Click the Use Authentication Password box.
7.
In the OID box, type the object identifier (OID) for the top-most node of the SNMP tree to which the access applies.
8.
For the Access setting, select an access level, either Read Only or Read/Write. (This access level applies to the user name that you specified in step 4.)
9.
Click Finished.
On the WANJet appliance, traps are definitions of unsolicited notification messages that the WANJet alert system and the SNMP agent send to the SNMP manager when certain events occur on the WANJet appliance. Configuring SNMP traps on a WANJet appliance involves configuring the way that the WANJet appliance handles traps, as well as setting the destination for notifications that the alert system and the SNMP agent send to an SNMP manager.
You can configure the SNMP agent on the WANJet appliance to send, or refrain from sending, notifications when the following events occur:
The WANJet appliance receives an authentication warning, generated when a client system attempts to access the SNMP agent. By default, this trap is disabled.
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
On the menu bar, click Trap Configuration.
The SNMP Trap Configuration screen opens.
3.
6.
Click Update.
In addition to enabling certain traps for certain events, you must specify the destination SNMP manager to which the WANJet appliance should send notifications. For SNMP versions 1 and 2c only, you specify a destination system by providing the community name to which the WANJet appliance belongs, the IP address of the SNMP manager, and the target port number of the SNMP manager.
Important: If you are using SNMP v3 and want to configure a trap destination, you do not use the SNMP screens on the WANJet appliance. Instead, you configure the snmpd.conf file at the command line. For more information, see the man page for the snmpd.conf file.
1.
In the navigation pane, expand System, and click SNMP.
The SNMP Agent Configuration screen opens.
2.
On the menu bar, click Trap Destination.
The SNMP Traps (v1, v2c) screen opens.
3.
In the upper-right corner of the screen, click Create.
The Record Properties screen opens.
4.
For the Version setting, select the SNMP version number (v1 or v2c).
5.
In the Community box, type the community name for the SNMP agent running on the WANJet appliance.
6.
In the Destination box, type the IP address of the SNMP management system.
7.
In the Port box, type the port number for the SNMP management system that is to receive the traps.
8.
Click Finished.
As described earlier, MIB files define the SNMP data objects contained in the SNMP MIB. The WANJet appliance includes a private MIB file called WANJet-MIB.txt. Two additional sets of MIB files reside on the WANJet appliance and the SNMP management system: enterprise MIB files (that is, F5-specific MIB files) and standard SNMP MIB files.
The MIB files are already present on the WANJet appliance. However, you still need to download them to your SNMP management system. You can download these MIB files from the Welcome screen. For more information, see Downloading SNMP MIB files, following.
The implementation of the Packet Velocity® ASIC (PVA) feature affects the ability for users to use MIB-II to gather certain kinds of data. For example, with a PVA system, you can use MIB-II to collect statistics on physical system interfaces, but not on logical interfaces (that is, VLANs).
To make MIB-II as clear as possible, we have implemented the SNMP feature so that you use MIB-II for gathering standard operating system data only. You cannot use MIB-II to gather data that is specific to the WANJet appliance and instead must use the F5 enterprise MIB files. OIDS for WANJet appliance data are contained in the F5 enterprise MIB files, including all interface statistics [1.3.6.1.4.1.3375.2.1.2.4 (sysNetwork.sysInterfaces)].
Note: All WANJet appliance statistics are defined by 64-bit counters. Thus, because only SNMP v2c supports 64-bit counters, your management system needs to use SNMP v2c to query WANJet appliance statistics data.
WANJet-MIB.txt
This MIB file contains information about WAN optimization traps. This is the primary MIB file that relates to the WANJet appliance. To see the available MIB objects in this file, refer to Appendix C, WANJet Appliance Private MIB File.
F5-BIGIP-COMMON-MIB.txt
This MIB file contains common information and TMOS notifications (traps). To see the available MIB objects in this file, view the F5-BIG-IP-COMMON-MIB.txt file in the /usr/share/snmp/mibs directory.
F5-BIGIP-LOCAL-MIB.txt
This is an enterprise MIB file that contains specific information related to local traffic management. To see the available MIB objects in this file, view the F5-BIG-IP-LOCAL-MIB.txt file in the /usr/share/snmp/mibs directory.
F5-BIGIP-SYSTEM-MIB.txt.
The F5-BIGIP-SYSTEM-MIB.txt MIB file includes global information on system-specific objects. To see the available MIB objects in this file, view the F5-BIG-IP-SYSTEM-MIB.txt file in the /usr/share/snmp/mibs directory.
1.
In the navigation pane, expand Overview, and click Welcome.
The Welcome screen opens.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)