This chapter explains the concepts and commands involved with configuring SNMP. The following topics are discussed:
You can configure SNMP through the following methods:
Note: Initially, configuring SNMP through the command line interface (CLI) requires the assistance of an Oracle service representative. |
Simple Network Management Protocol (SNMP) is an application layer protocol that performs network management operations over an Ethernet connection using User Datagram Protocol/Internet Protocol (UDP/IP).
The Simple Network Management Protocol enables:
The library to inform the systems administrator of potential problems.
System administrators to query the library for configuration, operation, and statistical information.
The library to gather information to be sent to the StorageTek Tape Analytics (STA) server, if applicable. For more information, see the STA Configuration Guide.
The StorageTek Modular Libraries support:
SNMPv2c: Read-only support primarily for machine status queries. With this version, any information transmitted is not secure.
SNMPv3: Both read and write support. Transmitted information is secure.
The following are configuration requirements:
Firmware for StorageTek Modular Libraries must be:
SL8500: version FRS_3.12 or higher
SL3000: version FRS_1.7 or higher
SL500: version FRS_1067 or higher
SL150: version FRS_1.0 or higher
The SL Console must be version FRS_4.0 or higher.
By default, the SNMP agent is disabled and must be enabled.
STA has separate firmware requirements. See the STA documentation for more information.
Typically, SNMP uses the following user datagram protocol (UDP) ports:
161 for the agent (the library)
162 for the manager (the host)
The basic protocol for communications between manager and agent is as follows:
The manager can send requests from any available port to the agent at port 161. The agent then responds to that source port, to the requesting manager.
The agent generates traps or notifications and sends them from any available port to the manager at port 162.
See "Enabling and Disabling Ports" for more information.
SNMPv2c community strings are capable of providing a form of access control in SNMP. Because of this, the Oracle StorageTek embedded agent will not allow community strings to make changes to the library's configuration.
Either SNMPv2c or SNMPv3 can retrieve the MIB file. However, because SNMPv3 provides encryption capabilities and a stronger user identification, library properties can be changed only with the SNMPv3 set command.
Using an administrative password also provides access control and authorization for set command operations. Traps, however, can be sent to recipients using either SNMPv2c or SNMPv3 by adding entries to the trap recipient list.
Table 2-1 lists the default SNMP settings for a StorageTek library.
Table 2-1 Default SNMP Settings for a StorageTek Library
Setting | Default | Description |
---|---|---|
Port ID |
Disabled |
Agent trap requests are sent and received over the HBC card port. 2B=standard, public port. 2A=optional, redundant port. |
Socket number |
161 |
Agent requests are sent and received on the enabled port. Socket numbers (ports) must be enabled to pass through a firewall. |
162 |
Traps are sent to this socket on the host port. Socket numbers (ports) must be enabled to pass through a firewall. |
|
SNMP (agent) |
Disabled |
Enabled or disabled through CLI command only. |
SNMPv2c users string |
Public |
Community String Public Agent Community. Use this field (setting) to read-only MIB data. There can be a maximum of 20 SNMP users. This field can be changed or deleted. |
SNMPv3 users string |
Empty |
Community String Public Agent Community. Use this field (setting) to both read and write MIB data. There can be a maximum of 20 SNMP users. This field can be changed or deleted. |
Trap recipients |
Empty |
This list supports up to 20 recipients with no duplicate entries. Users must add themselves to the recipients list for traps to be sent to them. See "Configuring Trap Recipients Tasks"for more information. |
The process of initially configuring SNMP is:
Obtain MIB and trap destination information from the library.
(See "Obtain the Management Information Base" and "Obtain Trap Destination Information".)
Manage SNMP users.
(See "Managing SNMP Users: Tasks".)
Configure trap recipients.
Enable the agent within the library controller card.
(See "Enable a Port ID".)
SNMP traps should now be enabled and the agent should respond to gets from the clients.
Configure SNMP service information.
This section contains information on MIB and trap destination.
Note: You can download the MIB through the SL Console, but you cannot view it directly from the SL Console. However, because the MIB is a plain ASCII text file, you can view it from any text editor. |
At the StorageTek Libary Console, select Tools > Diagnostics.
Click the Library folder on the navigation tree. The Library page appears.
Click the Transfer File tab. The Transfer File page appears. Select SNMP MIB.
Click Transfer File. The Save dialog box appears.
Browse to the directory where you want to save the file, and enter the file name in the File Name field. Be sure to give it a.txt suffix.
Click Save. The data is saved to the specified file, and the Transferred Successful message appears.
Obtain the following information trap from the administrator.
For SNMPv2c, obtain: IP address of the hosts receiving the traps
For SNMPv3, obtain:
IP address of the hosts receiving the traps
Engine ID of the hosts receiving the traps
Authentication protocol (authPassPhrase) for users and hosts receiving traps (MD5 or SHA)
Authentication privacy protocol (privacy passPhrase) for users and hosts receiving traps (DES or AES)
User names and hosts receiving traps
Table 2-2 lists the variables used in this section.
Table 2-2 SNMP User Variables
Argument | Variable | Description |
---|---|---|
version |
v2c or v3 |
Version of SNMP. |
name |
name |
Name assigned to the SNMP user. All libraries monitored by a single StorageTek Modular Libraries server must have the same v3 user name. It is recommended that you create a new, unique user for this purpose. |
auth |
auth_protocol |
Authentication protocol for users and hosts receiving traps. Either MD5 or SHA. |
authPass |
auth_password |
Authorization password of the user |
priv |
privacy_protocol |
Privacy protocol type, either DES or AES. |
privPass |
priv_password |
Encryption password that is the private key for encryption. |
community |
communitystring |
Agent community string. When set to public, requests coming from any community string will be accepted. |
To list SNMP users, enter the following.
snmp listUsers
The following describe how to add an SNMP user for SNMPv3 and SNMPv2c.
To create a user for SNMPv3, enter the following. See Table 2-2 for possible values of these variables.
snmp addUser version v3 name name auth auth_protocol authPass auth_password priv privacy_protocol privPass priv_password
To create an SNMPv2c user, enter the following. See Table 2-2 for possible values of these variables.
snmp addUser version v2c community communityString
The follow describes how to delete an SNMP user.
To delete an SNMPv3 user, enter the following. See Table 2-2 for possible values of these variables.
snmp deleteUser version v3 name userName
Table 2-3 lists the variables used in this section.
Table 2-3 Trap Recipient Variables
Argument | Variable | Description |
---|---|---|
trapLevel |
trapLevelString |
Trap level (can be single digit or several digits separated by commas). |
host |
name |
IP address of host (hostName is disabled). |
version |
v2 or v3 |
Version of SNMP. |
name |
name |
Name assigned to the SNMP user. All libraries monitored by a single StorageTek Modular Librariesserver must have the same v3 user name. It is recommended that you create a new, unique user for this purpose. |
auth |
auth_protocol |
Authentication protocol for users and hosts receiving traps. Either MD5 or SHA. |
authPass |
auth_password |
Authorization password or pass phrase. |
priv |
privacy_protocol |
Privacy protocol type, either DES or AES. |
privPass |
priv_password |
Encryption password that is the private key for encryption. |
engineID |
engineIDstring |
A string of hexadecimal characters (31 max), preceded with 0x. The authoritative engineId is from the SNMP agent that sends the traps (such as the library). Required on SNMPv3 traps. |
community |
communitystring |
Agent community string. When set to public, requests coming from any community string will be accepted. |
In general, the authoritative engineID is from the SNMP agent that sends the traps (such as the library). To acquire the engineID, use the following command:
snmp engineID print
engineId:0x80001f88043531363030303030343434
Note: For the SL150, the engineID is preloaded as the default value in the engineId text field within the browser user interface. |
To list all trap recipients, enter the following.
snmp listTrapRecipients
The following information describes how to add a trap recipient for SNMPv3 and SNMPv2c.
To add an SNMPv3 trap recipient, enter the following. See Table 2-3 for possible values of these variables.
snmp addTrapRecipient traplevel trapLevelString host name version v3 name name auth auth_protocol authPass authPassPhrase priv privacy_protocol privPass privPassPhrase engineID engineIDstring
To add an SNMPv2c trap recipient, enter the following. See Table 2-3 for possible values of these variables.
snmp addTrapRecipient traplevel trapLevelString host name version v2c community communityString
This section describes how to delete a trap recipient. See Table 2-2 for possible values of these variables.
To delete an SNMPv3 trap recipient, enter the following.
snmp deleteTrapRecipient host name version v3
The following commands are used to either enable or disable port IDs for SNMP.
Service information is entered through the CLI port. To configure the SNMP service information, enter values for any or all of the following variables. See Table 2-4 for possible values of these variables.
snmp config serviceInfo set city cityString contact contactString country countryString zip zipString description descriptionString phone phoneString
Table 2-4 SNMP Service Information Variables
Argument | Variable | Description |
---|---|---|
contact |
contactString |
Name of contact for service |
streetAddr |
streetAddrString |
Street address |
city |
cityString |
City |
state |
stateString |
State |
country |
countryString |
Country |
zip |
zipString |
ZIP |
description |
descriptionString |
Any description you wish to enter |
phone |
phoneString |
Phone number for service |
Note: Each string will be truncated at 80 characters. For the SL8500 and SL3000, strings must be delimited by single quotation marks. |