C H A P T E R 9 |
Using Simple Network Management Protocol |
This chapter describes how to use Simple Network Management Protocol (SNMP). It includes the following sections:
The Sun server supports the Simple Network Management Protocol (SNMP) interface, versions 1, 2c, and 3. SNMP is an open technology that enables the management of networks and devices, or nodes, connected to the network. SNMP messages are sent over IP using the User Datagram Protocol (UDP). Any management application that supports SNMP can manage your server.
Utilizing SNMP requires two components, a network management station and a managed node (in this case, the ELOM). Network management stations host management applications, which monitor and control managed nodes.
Managed nodes are any number of devices, including servers, routers, and hubs that host SNMP management agents responsible for carrying out the requests from management stations. The management station monitors nodes by polling management agents for the appropriate information using queries. Managed nodes can also provide unsolicited status information to a management station in the form of a trap. SNMP is the protocol used to communicate management information between the management stations and agents.
The SNMP agent is preinstalled and runs on the ELOM, so all SNMP management of the server should occur through the ELOM. To utilize this feature, your operating system must have an SNMP client application. See your operating system vendor for more information.
The SNMP agent on your ELOM provides inventory management and sensor and system state monitoring capabilities.
The base component of an SNMP solution is the management information base (MIB). MIB is a text file that describes a managed node’s available information and where it is stored. When a management station requests information from a managed node, the agent receives the request and retrieves the appropriate information from the MIBs. The Sun server supports the following SNMP classes of management information base (MIB) files. Download and install the product-specific MIB files from your Resource CD or the Tools and Drivers CD for your platform.
Use the MIBs to integrate the management and monitoring of the server into SNMP management consoles. The MIB branch is a private enterprise MIB, located at MIB object iso(1).org (3). dod (6) .internet (1) .private (4) .enterprises (1) .sun (42) .products (2). See FIGURE 9-1. The standard SNMP port, 161, is used by the SNMP agent on the ELOM.
FIGURE 9-1 Sun Server MIB Tree
SNMP is a protocol, not an operating system, so you need an application to use SNMP messages. Your SNMP management software might provide this functionality, or you can use an open-source tool like net-SNMP, which is available at http://net-snmp.sourceforge.net/.
Both management stations and agents use SNMP messages to communicate. Management stations can send and receive information. Agents can respond to requests and send unsolicited messages in the form of a trap. There are five functions that management stations and agent, use:
By default, port 161 is used for SNMP messages, and port 162 is used to listen for SNMP traps.
The ELOM has a preinstalled SNMP agent that supports trap delivery to an SNMP management application.
To use this feature, you must integrate the platform-specific MIBs into your SNMP environment, tell your management station about your server, then configure the specific traps.
To use SNMP on the SP |
This example shows how to use SNMP with a third-party MIB browser.
1. From the Manager Preferences menu, choose Load/Unload MIBS: SNMP.
2. Locate and select the SUN-PLATFORM-MIB.mib file.
The SUN-PLATFORM-MIB file is available on your Resource CD.
4. Specify the directory where server MIBs are placed and click Open.
5. Repeat the above steps to load other MIBs.
6. Exit the Manager Preferences menu.
The SNMP standard tree appears in the MIB browser.
8. Locate the Sun branch located under private\enterprises.
Verify that the SUN-PLATFORM_MIB is integrated.
Add your Sun server as a managed node using your SNMP management application. See your SNMP management application documentation for further details.
Configure a trap in your ELOM. See Managing Alerts, or Configuring Email Notification.
You can create, set permissions, delete, and modify SNMP user accounts from the CLI. By default, SNMP v3 is enabled, and SNMP v1 and v2c are disabled.
To Create an SNMP User Account |
This procedure details the creation of an SNMP user account. TABLE 9-1 shows the both the value and the default values for the user account properties.
1. To navigate to the SNMP user directory, enter the following command:
username The login name of the user account.
The above steps are used to create an SNMP v3 read-only user account. To create an SNMP v1/v2c user account enter:
create /SP/AgentInfo/SNMP/communities/communityname
communityname The name of the SNMP community you are creating.
3. When prompted, supply the values for the following properties:
Applicable values are shown in TABLE 9-1.
AuthProtocol
AuthPassword (the system requires you to confirm the password)
PrivacyProtocol (if you enter the DES protocol, you will be prompted to supply a privacy password)
PrivacyPassword (the system requires you to confirm the password)
Note - If you enter an incorrect value, the create user process will fail, and you will need to start over. |
After supplying values for the above properties a success message appears indicating the end of the create user process.
To Set Permission for a User Account |
This procedure details setting the permission level for an SNMP user account.
1. To navigate to the user directory, enter the following command:
The show command allows you to indentify all users.
3. Navigate to the user’s directory:
username The name of the user identified in Step 2.
4. To change the permission for a user account, use the set command. Enter:
value It is either ro (read-only) or rw (read/write).
To Delete a User Account |
This procedure details deleting an SNMP user account.
1. From the root position, enter the following command at the CLI prompt:
The show command allows you to indentify all users.
3. To delete a user enter the following command:
username The name of the user identified in step 2.
The above steps are used to delete an SNMP v3 read-only user account. To create an SNMP v1/v2c user account enter:
-> delete /SP/AgentInfo/SNMP/communities/communityname
communityname The name of the SNMP community that you want to delete.
Use the set command to configure SNMP user accounts.
set target [propertyname=value]
These targets, properties, and values are valid for SNMP user accounts.
* If the PrivacyProtocol property has a value other than none, then PrivacyPassword must be set. |
When changing the parameters of SNMP user, you must set values for all of the properties, even if you are not changing all of the values. For example, to change a user's PrivacyProtocol property to DES you must enter:
-> set /SP/AgentInfo/SNMP/user/username PrivacyProtocol=DES PrivacyPassword=password AuthProtocol=SHA AuthPassword=password
Your changes would be invalid if you entered only:
-> set /SP/AgentInfo/SNMP/user/al PrivacyProtocol=DES
Note - You can change SNMP user permissions without resetting the privacy and authentication properties. |
To show an SNMP user’s properties, enter this command from the user’s directory at /SP/AgentInfo/SNMP/user/username:
Copyright © 2008, Sun Microsystems, Inc. All Rights Reserved.