SNMP Configuration
show snmp-agent trap-target
Section titled “show snmp-agent trap-target”[Command] show snmp-agent trap-target
[Purpose] Display SNMP trap server configuration
[View] System view
[Use Cases]
sonic# show snmp-agent trap-targetVersion TrapReceiverIP Port VRF Community User--------- ---------------- ------ ----- ----------- ------2 1.1.1.1 162 None testa -show snmp-agent source
Section titled “show snmp-agent source”[Command] show snmp-agent source
[Purpose] Display the SNMP source address and port configuration
[View] System view
[Use Cases]
sonic# show snmp-agent sourceListenIP ListenPort ListenVrf---------- ------------ -----------30.11.0.82show snmp-agent user
Section titled “show snmp-agent user”[Command] show snmp-agent user
[Purpose] Display SNMPv3 user configuration
[View] System view
[Use Cases]
sonic# show snmp-agent userUser Type AuthType EncryptionType------ ------------ ---------- ----------------test noAuthNoPrivshow snmp-agent threshold
Section titled “show snmp-agent threshold”[Command] show snmp-agent threshold
[Purpose] Display SNMP alarm threshold configuration
[View] System view
[Use Cases]
sonic# show snmp-agent thresholdThreshold-Type Threshold-Value---------------- -----------------cpu-usage 80%memory-usage 80%snmp-agent enable
Section titled “snmp-agent enable”[Command] snmp-agent enable no snmp-agent enable
[Purpose] Enable SNMP function
[View] System configure view
[Use Cases]
sonic(config)# snmp-agent enablesnmp-agent community community_name {RO|RW}
Section titled “snmp-agent community community_name {RO|RW}”[Command] snmp-agent communitycommunity_name**{RO|RW}** no snme-agent communitycommunity_name
[Purpose] Add SNMP community
[Parameter]
| Parameter | Description |
|---|---|
| community_name | community name |
[View] System configuration view
[Usage Scenario] The community name like a password, and devices within the community use this name for authentication during communication. Only devices with the same configured community name can access each other.
By default, the community name is set to public.
[Use Cases]
sonic(config)# snmp-agent community snmptest RWsnmp-agent user
Section titled “snmp-agent user”[Command] snmp-agent usernameAuthNoPriv {RO|RW} {MD5|SHA}password snmp-agent user*namePriv {RO|RW} {MD5|SHA}password{DES|AES}password snmp-agent usernamenoAuthNoPriv {RO|RW} no snmp-agent username*
[Purpose] Create SNMPv3 users
[Parameter]
| Parameter | Description |
|---|---|
| name | User name |
| AuthNoPriv | Specify the security level as requiring authentication, and specify the |
| authentication method as: MD5/SHA | |
| noAuthNoPriv | Specify the security level as no authentication required |
| Priv | Specify the security level as encryption |
| {RW|RO} | Specify the user rights |
| {DES|AES} | Specify the encryption algorithm |
[View] System configuration view
[Usage Scenario] SNMPv3 provides encryption and authentication mechanisms to safeguard the management information of network devices from unauthorized access. Therefore, in high-security network environments, using SNMPv3 can better protect the security of network devices.
[Use Cases]
sonic(config)# snmp-agent user user3 priv md5 12345678 des 87654321sonic(config)# snmp-agent user user4 noauthnoprivsonic(config)# snmp-agent user user5 authnopriv md5 12345678snmp-agent trap-target threshold system-usage
Section titled “snmp-agent trap-target threshold system-usage”[Command] **snmp-agent trap-target threshold system-usage {cpu-usage|memory-usage}**value snmp-agent trap-target threshold reset system-usage
[Purpose] Enable specific utilization alarm switch
[Parameter]
| Parameter | Description |
|---|---|
| cpu-usage | CPU utilization |
| memory-usage | Memory Utilization |
| value | Alarm Threshold |
[View] System configuration view
[Use Cases]
sonic(config)# snmp-agent trap-target threshold system-usage memory-usage 70snmp-agent trap-target {1|2|3}
Section titled “snmp-agent trap-target {1|2|3}”[Command] snmp-agent trap-target {1|2|3} {address}[udp-portportnum**] [vrfvrfname] [communitycommunity_name]** no snmp-agent trap-target {1|2|3}
[Purpose] Configure the server for agent trap
[Parameter]
| Parameter | Description |
|---|---|
| address | IP address |
| portnum | Port number, default 162 |
| vrfname | vrf name |
| community_name | agent community |
[View] System configuration view
[Usage Scenario] Devices send alarm messages that can be uploaded to a trap server using the trap command. In this case, the SNMP trap server needs to be configured. However, the reliability of trap messages is lower because the sender cannot confirm whether the trap message has been received, as the recipient does not send acknowledgment messages.
[Use Cases]
sonic# configure terminalsonic(config)# snmp-agent trap-target 1 10.250.0.221sonic(config)# snmp-agent trap-target 2 10.250.0.221 udp-port 163 community comm1snmp-agent source
Section titled “snmp-agent source”[Command] snmp-agent sourceA.B.C.D/A::B|Loopback**[udp-portportnum] [vrfvrfname]**
[Purpose] Configure the source IP address of the device to send SNMP protocol packets
[Parameter]
| Parameter | Description |
|---|---|
| A.B.C.D/A::B | IP address |
| nterface_name | interface name ,can only be configured as Loopback0 |
| Loopback | Loopback |
| portnum | The port number, default is 161 |
| vrfname | vrf name |
[View] System configuration view
[Use Cases]
sonic# configure terminalsonic(config)# snmp-agent source 10.250.0.221