Previous PageNext Page

Appendix A - SNMP Service Configuration Attributes

SNMP Service Configuration Attributes

Party table attribute - Specifies initial party table information for parties associated with the SNMP master agent
View table attribute - Specifies MIB view information for SNMPv1 community strings and SNMPv2 parties
Context table attribute - Specifies context information for SNMPv1 community strings and SNMPv2 parties
ACL table attribute - Specifies access control privileges (ACLs) for SNMPv1 community strings and SNMPv2 parties
SNMP agent attribute - Initializes system variables and defines authentication-failure traps for SNMPv2 parties

Party Table Attribute

Syntax

PartyName PartyDiscriminator

TDomain TAddress Port Lifetime MaxMsgSize

partyIndex partyStorageType partyLocal partyAuthClock

AuthPublicSecret

AuthPrivateSecret

PrivPublicSecret

PrivPrivateSecret

initialPartyId.a.b.c.d.2

1 or 2 defines this party as noauth/nopriv.
3 or 4 defines this party as auth/nopriv.
5 or 6 defines this party as auth/priv.

rfc1157Domain defines this entry in the party table as an SNMPv1 community entry.
snmpUDPDomain defines this entry as an SNMPv2 party entry.

Figure A-1. partyIndex Value Matches the Party's Access Privileges

true - Party is local.
false - Party is not local.

When PartyDiscriminator indicates authentication (PartyDiscriminator = 3, 4, 5, or 6)
TDomain indicates SNMPv1 community (TDomain = rfc1157Domain).

If the party is an auth/nopriv or auth/priv party, the length of AuthPrivateSecret must be 16 bytes (16 hexadecimal numbers in the configuration file). Each number must be entered as a two-digit representation. For example, enter 01 for 1, 02 for 2, and so on.
If the value of TDomain is rfc1157Domain, AuthPrivateSecret contains a community string name as an encoded string of characters of any length. For example, for the community name "public" use the entry "70 75 62 6c 69 63." One way to obtain the correct ASCII encoding is to use the following UNIX command:

echo string | od -x

In most cases, you only need to specify the community string name for the AuthPrivateSecret argument. A special case of the community name is with multiple instances of a service residing on a server. When you are identifying a service that is one of multiple instances of a service residing on the server, append the StreetTalk name of the particular service to the community string. Use the syntax @service-name.

For example, if two print services reside locally on a server, use the community name "public@prntsvc2@sales@WCTUS" to specify both the community name and the particular service.

Example 1 Party Table Entry for SNMPv2 party

initialPartyId.a.b.c.d.2 3
snmpUDPDomain a.b.c.d 162 300 1458
2 nonVolatile false 0
-
74 68 69 73 74 68 69 73 74 68 69 73 74 68 69 34
-
-

74 68 69 73 74 68 69 73 74 68 69 73 74 68 69 34

Example 2 Party Table Entry for SNMPv1 community

# public
initialPartyId.131.100.142.16.31 1
rfc1157Domain 131.100.142.16 162 300 1458
31 nonVolatile true 0
-
70 75 62 6c 69 63
-
-

70 75 62 6c 69 63

Note: The UNIX command od(1) can be used to decode the community name.

View Table Attribute

Syntax

included includes this MIB view in the context's MIB view
excluded excludes this MIB view in the context's MIB view

Figure A-2. contextViewIndex Values in Context Table Match viewIndex Value

Example 1 Simple Subtree Inclusion

1 system included nonVolatile
-

Example 2 Simple Subtree Exclusion

2 interfaces excluded nonVolatile
-

Example 3 Using viewMask to Limit the View

3 ifEntry.0.2 included

1.3.6.1.2.1.2.2.1.0.2

1 1 1 1 1 1 1 1 1 0 1

Figure A-3. Bits of the viewMask mask

ifIndex.2 = 2
ifDescr.2 = lo0
ifType.2 = softwareLoopback(24)
ifMtu.2 = 1536
ifSpeed.2 = 0
ifPhysAddress.2 =
ifAdminStatus.2 = up(1)
ifOperStatus.2 = up(1)
ifLastChange.2 = 0
ifInUcastPkts.2 =
182945 ifInErrors.2 = 0
ifOutUcastPkts.2 = 182949
ifOutErrors.2 = 0
ifOutQLen.2 = 0
ifSpecific.2 = ccitt.0

Context Table Attribute

Syntax

contextId contextIndex contextViewIndex LocalEntity

LocalTime PDst PSrc PContext StorageType Local

initialContextId.a.b.c.d.2

Figure A-4. Privileges Value Matches contextIndex Value in Context Table

Figure A-5. ContextviewIndex Value Matches ViewIndex Value in View Table

A string, indicating that the MIB view contains management information of some other local entity. The string is a StreetTalk name of a service. For Banyan services only, if the service is one of multiple local instances of a service, use this argument to identify the particular service you want.
The value -, representing the empty string. This value indicates that the MIB view contains the entity's own local management information.

currentTime - Refers to management information at the present time.
restartTime - Refers to management information upon the next re-initialization of the managed device.
cacheTime.N - Refers to management information that is in cache and is guaranteed to be no more than N seconds old.

Note: This argument is referred to as contextProxyDstParty in RFC1447.

Note: This argument is referred to as contextProxySrcParty in RFC1447.

Note: This argument is referred to as contextProxyContext in RFC1447.

true - Context is local.
false - Context is not local.

Example Context Table Entry for a Local Entity

initialContextId.a.b.c.d.1 1 1 -

currentTime 0.0 0.0 0.0 nonVolatile true

ACL Table Attribute

Syntax

Note: The target and the subject parties must have equivalent PartyDiscriminator types in the party table configuration attributes.

Figure A-6. Target Value Matches partyIndex Value in Party Table

Note: The target and the subject parties must have equivalent PartyDiscriminator types in the party table configuration records.

Figure A-7. Subject Value Matches partyIndex Value in Party Table

1 defines Get
2 defines GetNext
4 defines Response
8 defines Set
16 defines SNMPv1Trap
32 defines GetBulk
64 defines Inform
128 defines SNMPv2trap

Example ACL Table Entry

SNMP Agent Attribute

Syntax

TAG VALUE

sysDescr is a textual description of the entity. It should include the full name and version identification of the system's hardware type, the software operating system, and the networking software.
sysLocation is a textual description of the physical location of the managed node.
sysContact is a textual description that identifies the contact person for the managed node, as well as how to contact that person.
snmpEnableAuthenTraps specifies whether the SNMP agent is permitted to generate authentication-failure traps.

1 to enable traps
2 to disable traps

Example System Variable Initialization

sysDescr SNMP agent from My Company

sysLocation Anywhere, USA

sysContact George Talley (156) 555-7667

snmpEnableAuthenTraps 1

Previous PageTop Of PageNext Page