Shulou(Shulou.com)06/01 Report--

SNMP- Huawei equipment NMS Network Management Station Management example

Introduction to SNMP SNMP (Simple Network Management Protocol, simple Network Management Protocol) is the communication rule between the managed device and the managed device in the network. It defines a series of messages, methods and syntax to realize the access and management of the managed device to the managed device. SNMP has the following advantages:

L automate network management. Network administrators can use the nodes on the SNMP platform to retrieve information, modify information, find faults, complete fault diagnosis, carry out capacity planning and generate reports.

L shielding the physical differences of different devices to realize the automatic management of the products of different manufacturers. SNMP only provides the most basic function set, which makes the management task relatively independent of the physical characteristics of the managed equipment and the underlying networking technology, thus realizing the management of equipment from different manufacturers, which is especially suitable for use in small, fast and low-cost environments.

The working mechanism of SNMP SNMP network elements are divided into NMS and Agent

LNMS (Network Management Station, Network Management Station) is a workstation that runs SNMP client programs, which can provide a very friendly man-machine interface and facilitate network administrators to complete most of the network management work.

LAgent is a process that resides on the device and is responsible for receiving and processing request messages from NMS. In some emergency situations, such as a change in the status of the interface, Agent will also actively notify NMS.

NMS is the manager of SNMP network, and Agent is the manager of SNMP network. NMS and Agent interact and manage information through the SNMP protocol.

SNMP provides four basic operations:

LGet action: NMS uses this operation to query the values of one or more objects in Agent.

LSet action: NMS uses this operation to reset the value of one or more objects in the Agent database (MIB,Management Information Base).

LTrap operation: Agent uses this operation to send alarm messages to NMS.

LInform operation: NMS uses this operation to send alarm messages to other NMS.

At present, the protocol version of SNMP, the SNMP Agent of the device supports SNMP v1, SNMP V2C and SNMP v3.

LSNMP v1 uses group name (Community Name) authentication. The group name is used to define the relationship between SNMP NMS and SNMP Agent. If the group name carried by the SNMP message is not recognized by the device, the message will be discarded. The group name acts like a password to restrict SNMP NMS's access to SNMP Agent.

LSNMP V2C also uses group name authentication. It not only is compatible with SNMP v1, but also expands the functions of SNMP v1: it provides more operation types (GetBulk and InformRequest); it supports more data types (Counter64, etc.); it provides richer error codes and can distinguish errors in more detail.

LSNMP v3 provides a user-based security model (USM,User-Based Security Model) authentication mechanism. Users can set authentication and encryption functions, authentication is used to verify the legitimacy of the message sender to avoid access by illegal users; encryption is to encrypt the transmission messages between NMS and Agent to avoid eavesdropping. Through the combination of authentication and encryption, we can provide higher security for the communication between SNMP NMS and SNMP Agent.

Agent can be configured with multiple versions at the same time, interacting with different NMS using different versions. However, when Agent communicates with a NMS, the configuration of the SNMP version on the Agent and the NMS must be the same (that is, both configured as SNMP v1, both configured as SNMP V2C or both configured as SNMP v3) in order to successfully exchange visits

Example:

The headquarters of a company is 5.0network segment, and the middle wide area network is connected to the branch office 6.0network segment through R1 and R2. The headquarters uses NMS to monitor the branch web and telnet services.

Equipment: two Quidway R2621 routers

One H3C S2000 switch

Three virtual machines: two Win2003 and one centos6 64-bit

Topology Diagram:

Centos6 64-bit, install httpd and SNMP,ip:192.168.6.6:

I. centos configuration

1. Mount CD, query

[root@centos ~] # mount / dev/cdrom / media/cdrom

[root@centos ~] # cd / media/cdrom/Packages/

[root@centos Packages] # ll | grep snmp

/ usr/sbin/snmpd / / agent

/ usr/sbin/snmptrapd / / nms

two。 Install net-snmp, httpd

[root@centos Packages] # yum install net-snmp httpd

[root@centos Packages] # service snmpd start

[root@centos mibs] # chkconfig snmpd on

[root@centos Packages] # netstat-tupln | grep snmp

There is port 161.

II. Server 2003 configuration

Address 192.168.6.100

1. Install snmp and add to the windows component

two。 Open the remote Desktop (right-click my computer) and turn on the telnet service.

3. Open the service SNMP service for configuration

Security:

Trap:

Start configuring the router

R1:

[R1] int s0

[R1-Serial0] ip add 10.1.1.1 24

[R1-Serial0] int e0

[R1-Ethernet0] ip add 192.168.5.1 24

[R1] ip route 192.168.6.0 24 10.1.1.2

[R1] local user admin pass sip admin ser admin creates an administrative account

Start SNMP

[R1] snmp

[R1] snmp community read public\\ read only

[R1] snmp community write private\\ read and write

[R1] snmp sys-info contact user1\\ contact

[R1] snmp sys-info location zhengzhou\\ location

[R1] snmp sys-info version all\\ version

[R1] snmp trap enable\\ start the reporting function

[R1] snmp target trap add 192.168.5.100 securityname public

\\ should report to 192.168.5.100

R2:

[R2] int s0

[R2-Serial0] ip add 10.1.1.2 24

[R2-Serial0] int e0

[R2-Ethernet0] ip add 192.168.6.1 24

[R2] ip route 192.168.5.0 24 10.1.1.1

[R2] local user admin pass sip admin ser admin

Start SNMP

[R2] snmp

[R2] snmp community read public

[R2] snmp community write private

[R2] snmp sys-info contact user1\\ contact

[R2] snmp sys-info location zhengzhou\\ location

[R2] snmp sys-info version all\\ version

[R2] snmp trap enable\\ start the reporting function

[R2] snmp target trap add 192.168.5.100 securityname public

\\ should report to 192.168.5.100

SW:

[sw] int vlan1

[sw-Vlan-interface1] ip add 192.168.6.10 24

[sw] ip route-static 0.0.0.0 0 192.168.6.1

\\ add administrative account

[sw] local-user admin

[sw-luser-admin] password simple admin

[sw-luser-admin] service-type telnet level 3

[sw-luser-admin] quit

[sw] user-interface vty 0 4

[sw-ui-vty0-4] authentication-mode scheme

Start SNMP

[sw] snmp-agent

[sw] snmp-agent sys-info location zhengzhou

[sw] snmp-agent sys-info contact user1

[sw] snmp-agent sys-info version all

[sw] snmp-agent community read public

[sw] snmp-agent community write private

[sw] snmp-agent target-host trap add udp-domain 192.168.5.100 params securityname public

[sw] snmp-agent trap enable

(Win2003) NMS:

Install the windows component snmp

Install whats up

Adjust the topology diagram

After stopping the httpd and win2003 hosts, an exception was found in the icon

We have realized the monitoring of the device through snmp and nms.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.