This section describes how to configure and use the Simple Network Management Protocol (SNMP) package to monitor your IMS AAA Server.
SNMP is an IETF standard protocol that lets an administrator set configuration parameters and monitor operating statistics and status for a managed device, such as a server or router, from a remote location.
About the SNMP Package
The IMS AAA Server is shipped with an SNMP agent (daemon) which must be installed on the server host machine if you want the IMS AAA Server to generate alerts to your SNMP network management station.
The IMS AAA Server must be started with the SNMP agent (daemon) enabled in order for the server to send SNMP alerts to the SNMP network management station. The server can be started automatically with SNMP enabled, or it can be started manually.
the server will automatically re-start each time the host machine is booted. The server installation procedure also includes a number of questions related to SNMP operation. See Example Output of pkgadd Command for IMS AAA Server Package-New Installation.
However, if you answered "No" to the above question, you will need to manually start the server and the SNMP agent (daemon) whenever the host machine is booted. See Starting and Stopping the IMS AAA Server.
The first time you start the IMS AAA Server, SNMP alerts are not generated until you configure the SNMP alerts in the server. You then need to re-start the SNMP agent (daemon) using the
# ./S89snmpd startcommand.
SNMP Network Management Architecture
The SNMP network management architecture consists of managed devices, SNMP agents, and network management stations (NMS).
- A managed device is any host or hardware on a network that runs an SNMP agent. The IMS AAA Server is a managed device.
- A network management station (NMS) is an administration workstation that polls management agents for information and provides control information for agents. A network management station can also accept trap messages when an asynchronous event occurs on a managed device.
- An SNMP agent or daemon is a software module running on a managed device that is responsible for recording performance statistics and events in a database called a management information base (MIB) and for communicating with the NMS. When an NMS requests information, the SNMP agent processes the request, acquires information from the management database, and forwards the information to the NMS. The SNMP agent can also accept control information from the NMS.
NOTE: The IMS AAA Server is shipped with an SNMP agent based on net-snmp. This SNMP agent or daemon is responsible for sending the SNMP alerts to the NMS, and it must be loaded on the server host machine.
An SNMP subagent may be responsible for gathering information about network activity relating to a particular service running on the managed device.
Figure 113 illustrates the SNMP management architecture.
The IMS AAA Server supports SNMP version 1 (SNMPv1), SNMP version 2c and SNMP version 3 (SNMPv3).
- SNMPv1 is the original implementation of SNMP, as defined in RFC 1157, "Simple Network Management Protocol (SNMP)."
- SNMPv2c is an enhanced version of the SNMP standard that includes improvements to SNMPv1 in the areas of protocol packet types, transport mappings, and MIB structure elements. SNMPv2c uses the SNMPv1 administration structure ("community based" and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is defined in RFC 1901, "Introduction to Community-based SNMPv2;" RFC 1905, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2);" and RFC 1906, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)."
- SNMPv3 is the current standard version of SNMP and is defined by RFC 3411-RFC 3418. SNMPv3 primarily added security and remote configuration enhancements to SNMPv2c.
A management information base (MIB) is a hierarchical collection of information that resides on a managed device. A MIB defines the types of information (objects) that can be controlled and collected by an NMS and includes thresholds, counters, tables, lists, and values. Managed objects consist of one or more object instances.
MIB objects can be read-only or read-write:
- A read-only object is a variable that can be read but not set from an NMS. For example, an NMS could read (but not increment) the value of a counter showing the number of packets received on the accounting port.
- A read-write object is a variable that can be set from an NMS. For example, an NMS could set the device name or IP address for an SNMP client.
For convenience, all MIBs are stored in the /usr/local/a3s_visited/current/snmp/mib directory. The IMS AAA Server supports the MIBs listed in Table 38 for server authentication and accounting statistics.
SNMP uses different types of messages to send and retrieve information.
- A Get message requests the value of an object from a table or list maintained by a managed device. For example, a Get message might ask for the number of users since a device was restarted or the number of authentication requests that a server has received.
- A GetNext message requests the value of the next object instance from a table or list maintained by a managed device. GetNext messages let the NMS "walk" a list or table to retrieve MIB object values sequentially.
- A Get-Response message returns the information requested by a Get or GetNext message.
- A Set message sets the value of an object instance within a managed device.
- A Trap or alert message notifies the NMS asynchronously when an important event, such as a change in state or a device or component failure, has occurred. For example, a managed device might send an alert message if the amount of space on the IMS AAA Server falls below a specified threshold or if the server cannot access its authentication database.
There are three types of traps or alerts:
- Informational alerts are sent to report important information that is not an error or a warning, such as when the server daemon is loaded or unloaded or when a threshold of some kind has resulted from a previous error or warning condition.
- Warnings alerts are sent to report behavior that indicates a problem has occurred or may occur.
- Error alerts are sent to report problems that have occurred. Most Error alerts indicate that the server failed to start properly for some reason, such as the inability to allocate memory from the system.
Alert event dilution means you can configure IMS AAA Server so that a particular alert is sent to the NMS once for every n occurrences of the condition that generated the alert. This allows for a fine degree of control with respect to alert generation for certain warning and error conditions.
An SNMP community defines an administrative relationship between a managed device and one or more management stations on your network. Each community has a name called the community string. The community string provides access control for SNMP objects. When an NMS sends a Get or Set message to a managed device that belongs to an SNMP community, it must include the appropriate community string in the request. If the community string in the request is correct, the managed device sends back the requested information. If the community string is incorrect, the managed device discards the request without responding.