SNMP Configuration
show snmp-agent trap-target
Section titled “show snmp-agent trap-target”[Command] show snmp-agent trap-target
[Purpose] Display SNMP trap server configuration
[View] System view
[Use Cases]
sonic# show snmp-agent trap-target Version TrapReceiverIP Port VRF Community User--------- ---------------- ------ ----- ----------- ------ 2 1.1.1.1 162 None testa -show snmp-agent source
Section titled “show snmp-agent source”[Command] show snmp-agent source
[Purpose] Display the SNMP source address and port configuration
[View] System view
[Use Cases]
sonic# show snmp-agent sourceListenIP ListenPort ListenVrf---------- ------------ -----------30.11.0.82show snmp-agent user
Section titled “show snmp-agent user”[Command] show snmp-agent user
[Purpose] Display SNMPv3 user configuration
[View] System view
[Use Cases]
sonic# show snmp-agent userUser Type AuthType EncryptionType------ ------------ ---------- ----------------test noAuthNoPrivshow snmp-agent threshold
Section titled “show snmp-agent threshold”[Command] show snmp-agent threshold
[Purpose] Display SNMP alarm threshold configuration
[View] System view
[Use Cases]
sonic# show snmp-agent thresholdThreshold-Type Threshold-Value---------------- -----------------cpu-usage 80%memory-usage 80%snmp-agent enable
Section titled “snmp-agent enable”[Command] snmp-agent enable no snmp-agent enable
[Purpose] Enable SNMP function
[View] System configure view
[Use Cases]
sonic(config)# snmp-agent enablesnmp-agent community
Section titled “snmp-agent community”[Command] snmp-agent community community_name no snme-agent community community_name
[Purpose] Add SNMP community
[Parameter]
| Parameter | Description |
|---|---|
| community_name | community name |
[View] System configuration view
[Usage Scenario] The community name like a password, and devices within the community use this name for authentication during communication. Only devices with the same configured community name can access each other. By default, the community name is set to public.
[Use Cases]
sonic(config)# snmp-agent community snmptestsnmp-agent user
Section titled “snmp-agent user”[Command] snmp-agent user name AuthNoPriv {MD5|SHA} password snmp-agent user name Priv {MD5|SHA} {DES|AES} password snmp-agent user name noAuthNoPriv no snmp-agent user name
[Purpose] Create SNMPv3 users
[Parameter]
| Parameter | Description |
|---|---|
| name | User name |
| AuthNoPriv | Specify the security level as requiring authentication, and specify the authentication method as: MD5/SHA |
| noAuthNoPriv | Specify the security level as no authentication required |
| Priv {MD5|SHA} | Specify the security level as encryption |
| {DES|AES} | Specify the encryption algorithm |
[View] System configuration view
[Usage Scenario] SNMPv3 provides encryption and authentication mechanisms to safeguard the management information of network devices from unauthorized access. Therefore, in high-security network environments, using SNMPv3 can better protect the security of network devices.
[Use Cases]
sonic(config)# snmp-agent user user3 priv md5 12345678 des 87654321sonic(config)# snmp-agent user user4 noauthnoprivsonic(config)# snmp-agent user user5 authnopriv md5 12345678snmp-agent trap-target threshold system-usage
Section titled “snmp-agent trap-target threshold system-usage”[Command] snmp-agent trap-target threshold {reset|system-usage} {cpu-usage|memory-usage} value snmp-agent trap-target threshold reset system-usage
[Purpose] Enable specific utilization alarm switch
[Parameter]
| Parameter | Description |
|---|---|
| cpu-usage | CPU utilization |
| memory-usage | Memory Utilization |
| value | Alarm Threshold |
[View] System configuration view
[Use Cases]
sonic(config)# snmp-agent trap-target threshold system-usage memory-usage 70snmp-agent trap-target {1|2|3}
Section titled “snmp-agent trap-target {1|2|3}”[Command] snmp-agent trap-target {1|2|3} address [udp-port portname ] [vrf vrfname ] [community community_name ] no snmp-agent trap-target {1|2|3}
[Purpose] Configure the server for agent trap
[Parameter]
| Parameter | Description |
|---|---|
| address | IP address |
| portnum | Port number, default 162 |
| vrfname | vrf name |
| name | agent community |
[View] System configuration view
[Usage Scenario] Devices send alarm messages that can be uploaded to a trap server using the trap command. In this case, the SNMP trap server needs to be configured. However, the reliability of trap messages is lower because the sender cannot confirm whether the trap message has been received, as the recipient does not send acknowledgment messages.
[Use Cases]
sonic# configure terminalsonic(config)# snmp-agent trap-target v1 10.250.0.221sonic(config)# snmp-agent trap-target v2c 10.250.0.221 udp-port 163 community comm1snmp-agent source udp-port
Section titled “snmp-agent source udp-port”[Command] snmp-agent source { A.B.C.D/A::B|interface_name|loopback} [udp-port portnum |vrf vrf_name ]
[Purpose] Configure the source IP address of the device to send SNMP protocol packets
[Parameter]
| Parameter | Description |
|---|---|
| A.B.C.D/A::B | IP address |
| Interface_name | interface name ,can only be configured as Loopback0 |
| loopback | Loopback |
| portnum | The port number, default is 161 |
[View] System configuration view
[Use Cases]
sonic# configure terminalsonic(config)# snmp-agent source 10.250.0.221