[Top][Contents][Prev][Next][Last]Search

SNMP Administration

This chapter covers these topics:
Overview
SNMP support
Configuring SNMP access and security
Setting up SNMP traps
Managing SNMP interfaces

Overview

The MAX TNT supports SNMP (Simple Network Management Protocol) on a TCP/IP network. An SNMP management station that uses the Ascend Enterprise MIB can query the MAX TNT, set some parameters, sound alarms when certain conditions appear in the MAX TNT, and so forth. The SNMP manager must be running on a host on the local IP network, and the MAX TNT must be able to find that host, either via static route or RIP. In addition to these restrictions, the MAX TNT has its own SNMP password security (community strings), which you should set up to protect the MAX TNT from being reconfigured from an SNMP station.

The MAX TNT supports profiles that control which classes of events will generate traps to be sent to an SNMP manager, which SNMP managers may access the unit, and community strings to protect that access. This chapter shows you how to set up the unit to work with SNMP.

SNMP support

This section describes the SNMP support on the MAX TNT.

Ascend MIB

Table 8-1 lists the Ascend MIB groups the MAX TNT supports. Entries that are not supported return zero or NO_SUCH_OBJECT.

Table 8-1. Ascend MIB support on the MAX TNT

Ascend MIB group

Comment
Group 1 (Ascend products)

 The Products Group identifier for the MAX TNT is 4.

Group 2 (slot management)

 The MIB currently supports a single-shelf system (16 slots). Where applicable, the slot-Type (slotEntry 3) is the same as the logically corresponding entry for the MAX. For example, the eight-port T1 card is reported as slotT1(4), the 48 modem card is reported as lanModem (18), and so forth.

Note the following:

  • slotItemFirstIf(slotItemEntry 3) is only supported for physical WAN lines and physical Ethernet interfaces (such as the shelf controller and Ethernet card interfaces). It is not supported for modem, Serial WAN, or HDLC interfaces.

  • The slot interface table is not currently supported.

  • The SNMP slotSerialNumber variable is a field in a slotEntry.

Group 8 (Console interfaces)

 This group reports CLI sessions on the shelf-controller. Note the following:

  • consoleIf (consoleEntry 2) is not currently supported.

  • consoleSecurity (consoleEntry 4) is not applicable.

Group 11 (Call Status)

 callStatusIfIndex (callStatusEntry 11) is not currently supported.

Multishelf system reports on slave cards

In a multishelf system, the master shelf-controller keeps status information about all slots in the system. The SNMP agent on the master shelf-controller reports status information on the slots in the Ascend Enterprise MIB Slots group. The slotIndex for the cards in each shelf in a multishelf system is shown below:

Multishelf slots

slotIndex value
Shelf 1 Slots 1 - 18

 1 - 18

Shelf 2 Slots 1 - 18

 19 - 36

Shelf 3 Slots 1 - 18

 37 - 54

Shelf 4 Slots 1 - 18

 55 - 72

Shelf 5 Slots 1 - 18

 73 - 90

Shelf 6 Slots 1 - 18

 91 - 108

Shelf 7 Slots 1 - 18

 109 - 126

Shelf 8 Slots 1 - 18

 127 - 144

Shelf 9 Slots 1 - 18

 145 - 162

Slots 1-16 represent the actual removable slot cards. Slots 17 represents the shelf controller. Slot 18 is reserved for future use.

For example, for a multishelf MAX TNT with master shelf 4 and slave shelves 3 and 7, the slotIndex range would be 37-54 for slave shelf 3, 55-72 for the master shelf, and 109-126 for slave shelf 7.

Ascend Advanced Agent MIB

The MAX TNT supports the Ascend Advanced MIB, previously called the WAN MIB. The Advanced MIB defines objects related to WAN lines, channels, and ports.

Ascend Power Supply MIB

This MIB manages the MAX TNT power supplies.

Ascend Multishelf MIB

This MIB manages multishelf configuration, including whether the shelf is a master or a slave, its shelf number, and multishelf statistics.

DSX MIB

The DSX MIB (RFC 1406) allows SNMP Managers to query the state and configuration of T1 lines. The MAX TNT supports the all tables in this MIB except the dsx1FracTable.

Frame Relay MIB for DTEs

The HDLC cards support the Frame Relay MIB (RFC 1315), which specifies SNMP MIB variables for Frame Relay DTEs.

Modem MIB

The Modem MIB (RFC 1696) defines managed objects for modems. The MAX TNT supports all objects in the Modem MIB.

The Modem MIB defines a mdmIndex object whose value is used as an index into the tables defined in the MIB, with each modem in a managed system assigned a unique index value. This object is supported in the MAX TNT as a read-only Modem-Table-Index parameter in the Admin-State profile.

The value of this parameter is allocated by the system when it first detects the presence of a modem card.

The fact that the MAX TNT supports hot-swapable cards requires a relaxation of the MIB definition of the mdmIndex object in the same manner that RFC 1573 relaxes the ifIndex definition. The MIB definition of mdmIndex specifies that

A modem card may be added to or removed from the MAX TNT without reinitializing the SNMP agent, which affects both of these definitions. For example, if a modem card is inserted into slot 1 of a new MAX TNT system, its 48 modems are allocated the index values 1 through 48. If another modem card is inserted into slot 3, its modems are allocated the index values 49 through 96. If the MAX TNT is rebooted, these values remain constant. If the modem card in slot 1 is removed and the MAX TNT is rebooted again, the index values for the modem card in slot 3 still remain constant with the range 49 through 96, even though the value of mdmNumber is now 48.

Configuring SNMP access and security

The SNMP profile contains SNMP-readable information related to the unit itself and its SNMP security. There are two levels of security: community strings, which must be known by a community of SNMP managers to access the box, and address security, which excludes SNMP access unless it is initiated from a specified IP address.

These are the related parameters:

SNMP profile configuration overview

 Table 8-2 provides some background information on tasks you may need to perform to configure SNMP on the MAX TNT. For complete details on each parameter, see the MAX TNT Reference Guide.

Table 8-2. SNMP profile configuration tasks

Task

Description
Enabling SNMP access

 If the enabled parameter in the SNMP profile is set to No (the default), the MAX TNT cannot be accessed by SNMP utilities.

Setting community strings

 The read-community parameter specifies the SNMP community name for read access (up to 32 characters), and the read-write-community parameter specifies SNMP community name for read/write access.

Setting up and enforcing address security

 If the enforce-address-security parameter is set to No (its default value), any SNMP manager that presents the right community name will be allowed access. If it is set to Yes, the MAX TNT checks the source IP address of the SNMP manager and allows access only to those IP addresses listed in the read-access-host and write-access-host arrays. Each array can include up to five host addresses.

Specifying who to contact about problems and the location of the unit

 The contact and location fields are SNMP readable and settable, and should indicate the person to contact about this unit, and its location.

Specifying a queue depth

 The default queue depth for SNMP requests is zero, which means the packets will not be dropped, no matter how busy the SNMP subsystem gets. If the queue were to grow too large in an extremely loaded routing environment, the system could ultimately run out of memory. Valid values for the queue depth are 0-1024.

Sample SNMP profile

This example enables SNMP access, enforces address security, and prevents write access:

Setting up SNMP traps

The MAX TNT can be configured to generate traps for alarm events, security events, and port state-change events. A trap is a mechanism for reporting system change in real time, such as reporting an incoming call. When a trap is generated by some condition, a traps-PDU (protocol data unit) is sent across the Ethernet to the SNMP manager.

The following parameters relate to setting SNMP traps:

For details on the actual events that generate traps in the various classes, see the Ascend Enterprise MIB, or see the MAX TNT Reference Guide.

MAX TNT trap support

The MAX TNT does not suport the systemUseExceeded trap.

Port-State change events are currently not applicable to the MAX TNT. These include:

In addition, TNT does not support billing features that include these traps:

SNMP trap configuration overview

 Table 8-3 provides some background information on tasks you may need to perform to configure the MAX TNT to send SNMP traps. For complete details on each parameter, see the MAX TNT Reference Guide.

Table 8-3. SNMP trap configuration tasks

Task

Description

Associated parameters
Specifying the host running the SNMP manager

 The Host-Name field is the index for the Trap profile, so it must contain a name. If DNS or YP/NIS is supported, it can contain the hostname of a system running an SNMP manager. If the host-address field contains an IP address, the specified name is not used to actually locate the host.

The host-address can specify an IP address of the destination host. If DNS or YP/NIS is not supported, it must contain the host's address.

 Host-Name

The community string for communicating with the SNMP manager

 The community name field must contain the community name associated with the SNMP PDU.

 Community-Name

Classes of traps to be sent to the specified host

 The next three fields specify whether the MAX TNT traps alarm events, security events, and port events and sends a trap-PDU to the SNMP manager. For a description of the events that generate these traps, see the MAX TNT Reference Guide.

 Alarm-Enabled

Security-Enabled

Port-Enabled

Enabling multishelf traps

 Both the master shelf and slave shelf can forward SNMP traps if the multishelf link between them is down. If the link is down because the master shelf is powered down or reset, the slave shelf forwards a trap. If the link is down because the multishelf cables are disconnected, both the master and slave shelves can forward a trap.

Slot-Enabled

Example SNMP trap configuration

In the following example, the host-name is used only as a profile index, not to locate the actual host on the network. A community name is specified, security-class traps are added to the default alarm-class traps, and this host receives a trap if the multishelf link goes down.

Multishelf traps

 By default, the Multishelf MIB generates a trap when a multishelf link is down. If it is set to Disabled (2), the trap is not sent, regardless of Trap profile configurations. Slot-Enabled must be set to Yes in the Trap profile for the specified host to receive multishelf traps.

If traps are enabled on both the master and slave shelf controllers, a trap with the following OID may be generated to indicate multishelf link conditions:

.1.3.6.1.4.1.529.19.5.1.2.X

In this case, X in the OID is the number of the shelf that lost communication, and the trap value is 1 (idle).

A trap is reported by the master shelf-controller when the link is back up again. In this case, X in the OID is the destination shelf number, and the trap value is 4 (up). This trap is reported only by the master shelf to indicate that the entire multishelf system is up.

Managing SNMP interfaces

The If-Admin command is a diagnostic tool for managing SNMP interfaces. To see its usage:

To see a list of available SNMP interface numbers:

To see a list of all SNMP interface numbers assigned by the system:

To bring an SNMP interface up or down:

To bring a downed device back up:

Alternatively, you can modify the desired-state parameter in the object's Admin-State profile. See Using the Admin-State profile.

Initiating interface state changes

To bring an SNMP interface up or down, use the If-Admin command.

To bring an interface down:

interface 2 state change forced
To bring an interface up:

interface 2 state change forced

Resetting SNMP interface table sequentially

 By default, the SNMP interface table is built as slot-cards are installed in the MAX TNT. The If-admin command has a new -r option to enable the administrator to reset the order of the table to be sequential based on slot number.

When you use the If-admin command with the -r option, the order of the SNMP interface table is reset to a deterministic order. The T1 lines will appear in the SNMP interface table before the packet-passing interfaces such as Ethernet, modem, and HDLC cards. The T1 line interfaces will be ordered based on slot number order.

Note: You must reset the MAX TNT for the new order to take effect.

For example:

Note: This command should not fail, but if for some reason it does, attempt it again. If it fails a second time, you should bring down all slot cards (Slot -d), remove all slot cards by using Slot -r, reset the system, and run the If-admin -r command again.


[Top][Contents][Prev][Next][Last]Search

techpubs@eng.ascend.com

Copyright © 1997, Ascend Communications, Inc. All rights reserved.