 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
A Simple Network Management Protocol (SNMP) remote operation is any process on the router that can be controlled remotely using SNMP. The JUNOS software currently provides support for two SNMP remote operations: the Ping Management Information Base (MIB) and Traceroute MIB, defined in RFC 2925. Using these MIBs, an SNMP client in the network management system (NMS) can:
The JUNOS software also provides extended functionality to these MIBs in the Juniper Networks enterprise-specific extensions jnxPingMIB and jnxTraceRouteMIB. For more information about jnxPingMIB and jnxTraceRouteMIB, see Juniper Networks Enterprise-Specific MIBs.
This topic covers the following sections:
To use SNMP remote operations, you should be experienced with SNMP conventions. You must also configure the JUNOS software to allow the use of the remote operation MIBs.
All remote operation MIBs supported by the JUNOS software require that the SNMP clients have read-write privileges. The default SNMP configuration of the JUNOS software does not provide clients with a community string with such privileges.
To set read-write privileges for an SNMP community string, include the following statements at the [edit snmp] hierarchy level:
- snmp {
-
view view-name;
-
oid object-identifier (include | exclude);
- }
-
community community-name {
-
authorization authorization;
-
view view-name;
- }
To create a community named remote-community that grants SNMP clients read-write access to the Ping MIB, jnxPing MIB, Traceroute MIB, and jnxTraceRoute MIB, include the following statements at the [edit snmp] hierarchy level:
- snmp {
-
- view remote-view {
- oid 1.3.6.1.2.1.80 include; # pingMIB
- oid 1.3.6.1.4.1.2636.3.7 include; # jnxPingMIB
- oid 1.3.6.1.2.1.81 include; # traceRouteMIB
- oid 1.3.6.1.4.1.2636.3.8 include; # jnxTraceRouteMIB
- }
-
- community remote-community {
- view remote-view;
- authorization read-write;
- }
- }
For more information on the community statement, see Configuring the SNMP Community String and community.
For more information on the view statement, see Configuring MIB Views and view.
In addition to configuring the remote operations MIB for trap notification, you must also configure the JUNOS software. You must specify a target host for remote operations traps.
To configure trap notification for SNMP remote operations, include the categories and targets statements at the [edit snmp trap-group group-name] hierarchy level:
- [edit snmp trap-group group-name]
-
-
categories {
-
category;
- }
-
-
targets {
-
address;
- }
- }
Specify 172.17.12.213 as a target host for all remote operation traps:
- snmp {
-
- trap-group remote-traps {
- categories remote-operations;
-
- targets {
- 172.17.12.213;
- }
- }
- }
For more information on trap groups, see Configuring SNMP Trap Groups.
All tabular objects in the remote operations MIBs supported by JUNOS are indexed by two variables of type SnmpAdminString. For more information on SnmpAdminString, see RFC 2571.
JUNOS does not handle SnmpAdminString any differently from the octet string variable type. However, the indexes are defined as variable length. When a variable length string is used as an index, the length of the string must be included as part of the OID.
To reference the pingCtlTargetAddress variable of a row in pingCtlTable where pingCtlOwnerIndex is bob and pingCtlTestName is test, use the following OID:
pingMIB.pingObjects.pingCtlTable.pingCtlEntry.pingCtlTargetAddress."bob"."test" 1.3.6.1.2.1.80.1.2.1.4.3.98.111.98.4.116.101.115.116
For more information on the definition of the Ping MIB, see RFC 2925.
The SNMP error code returned in response to SNMP requests can only provide a generic description of the problem. The error descriptions logged by the remote operations process can often provide more detailed information on the problem and help you to solve the problem faster. This logging is not enabled by default. To enable logging, include the flag general statement at the [edit snmp traceoptions] hierarchy level:
- snmp {
-
-
traceoptions {
- flag general;
- }
- }
For more information on traceoptions, see Tracing SNMP Activity on a JUNOS Device.
If the remote operations process receives an SNMP request that it cannot accommodate, the error is logged in the /var/log/rmopd file. To monitor this log file, issue the monitor start rmopd command in operational mode of the command-line interface (CLI).
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |