Infinet Wireless: Technical Documentation
Page tree

Versions Compared

Old Version 1

changes.mady.by.user Olga Kosareva

Saved on

compared with

New Version 2

changes.mady.by.user Tatyana Drazhnikova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Hide_comments

SNMP protocol version 1 and 3 daemon

Syntax:

...

Scroll Ignore

Table of Contents

Description

This command enables/disables the SNMP daemon (Simple Network Management Protocol) version 1, 2c and 3.

SNMP protocol support is an important feature of all communication devices, it allows system administrator to use a uniform mechanism to manage the operation of a whole network and it's components separately.

Although versions 1 and 2c of the SNMP protocol lack security in the operation of the protocol itself, which hinders it's use for network management, it is widely used to monitor and analyze network operation.

Support of SNMP V3 with USM (User-based Security Model), MD5 authentication and confidentiality mode are also available. For access granting, a user account with username, access passwords and access rights (with or without authentication and confidentiality) is created.

SNMP daemon implementation supports MIB-II, as well as private MIBs. 

Syntax:

Code Block
languagetext
themeEmacs
user NAME (add|set) [pass PASSWORD] [sec[urity] (noAuthNoPriv|authNoPriv|authPriv)]
             [acc[essRights] (readOnly|readWrite)] [cla[ss] (guest|admin)]
             [privpass PRIVPASS]

...


user NAME del[ete]

...


comm[unity] NAME

...


(nodebug|debug  [prox] [trap] [stat] [mibs] [user] [cryp] [

...

time] [flow])

...


(v1disable|v1enable)

...

 # SNMPv1 and SNMPv2c disable/enable
(start|stop)

...

snmpd clear

This command enables/disables the SNMP (Simple Network Management Protocol) Version 1 and 3 daemon.

SNMP protocol support is an important feature of all communication devices because it allows the system administrator to use a uniform mechanism to manage the operation of a network as a whole and of every its component individually.

Although the first version of the SNMP protocol lacks security in the operation of the protocol itself, which hinders its use for network management, it is widely used to monitor and analyze network operation. MIB variables changing are turned off for the first version; it works only in read-only mode. "v1disable" option disables 1st version support completely and slightly fastens incoming SNMP-requests processing.

Support of SNMP-V3 with USM (User-based Security Model), MD5 authentication and encoding are also available. For access granting, a user with username, access passwords and access rights (with or without authentication and encoding) is created.

In “snmpd” command "accessRights" can be set to provide access management of the recourses. "ReadOnly|readWrite" parameters allow only reading or also changing some variables. "Class guest/admin" allows providing limited or full access to the variables.

...


clear

Parameters

Center
ParametersDescription
user NAME (add|set)Add/set a username to which parameters are referred

[pass PASSWORD]

Set a password of SNMP user account.

[privpass PRIVPASS]Set a "privacy" password if a confidentiality mode is required.
[sec[urity] (noAuthNoPriv|authNoPriv|authPriv)]

Set the level of security:

  • "noAuthNoPriv" – SNMP messages are sent unauthenticated and without confidentiality, only username needs to be specified.
  • "authNoPriv" – SNMP messages are sent authenticated but without confidentiality, username and password need to be specified.
  • "authPriv" –  SNMP messages are sent authenticated and confidential, username, password and password "privacy" need to be specified.

[acc[essRights] (readOnly|readWrite)]

Provides access management of the resources:

  • "readOnly" – only reading.

  • "readWrite" – reading and changing some variables, set by default.

[cla[ss] (guest|admin)]

Set an access level to the variables:

  • "guest" – limited access, set by default.
  • "admin" – full access.

user NAME del[ete]

Deletes a user account.
comm[unity] NAMEAllows changing the default community name. The default SNMP v1 and 2c community name for read operations is "public".

...

Code Block
languagejava
themeDJango
snmpd comm secret

The present implementation supports MIB II (Management Information Base, Version II) and MIB Enterprise and is very easy to configure.

The following SNMP security options can be used by setting the “sec[urity]” parameter:

  • "noAuthNoPriv" – SNMP messages are sent unauthenticated and unencoded.
  • "authNoPriv" – SNMP messages are sent authenticated and unencoded.
  • "authPriv" – SNMP messages are sent authenticated and encoded. The passphrase for the encoding is set by the “privpass PRIVPASS” parameter. The protocol is set by the “proto (<privacy protocol>)” parameter.

The “nodebug/debug” options disables/enables printing of SNMP service information into the system log.

The “snmpd clear” command deletes SNMP configuration on the unit.

Example,

(v1disable|v1enable)

Enables / disables support of SNMPv1 and SNMPv2c. Disabling as a result fastens incoming SNMP-requests processing.

(nodebug|debug [prox] [trap] [stat] [mibs] [user] [pack] [time] [flow])

Disables/enables printing of SNMP service information into the system log. Allows to filter records out by the following parameters:

  • "[prox]"  redirecting SNMP-requests from an IP-network to a MINT network and SNMP-responses in the opposite direction (R5000 devices have own SNMP-proxy function).
  • "[trap]"  redirecting of traps (subset of the "flow" function).
  • "[stat]"  statistics of the processing time of SNMP-requests (the response time for this request, the longest response time and the average response time).
  • "[mibs]"  detection of SNMP-values in the MIB of the device and insertion values in the response datagram.
  • "[user]" authentication and reasons for not responding to incorrect SNMP-requests in the protocol version 3.
  • "[time]"  recording the exact time of receiving and sending SNMP-packets.
  • "[flow]" logging information about receiving, confirming and analysing of received SNMP-requests, about forming and sending SNMP-responses, redirecting of traps.
(start|stop)Disables/enables SNMP daemon.
clearResets the SNMP configuration.

Examples

Set the password "mypassword" for user "john" and select second level of security with authentication but without confidentiality.

Code Block
languagetext
themeEmacs
snmpd user john add pass mypassword security authNoPriv

...