SNMP over IPv6

Last Updated: July 23, 2012

Simple Network Management Protocol (SNMP) can be configured over IPv6 transport so that an IPv6 host
can perform SNMP queries and receive SNMP notifications from a device running IPv6.

Finding Feature Information, page 1

Information About SNMP over IPv6, page 1
How to Configure SNMP over IPv6, page 2
Configuration Examples for SNMP over IPv6, page 4
Additional References, page 5
Feature Information for SNMP over IPv6, page 6

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats
and feature information, see Bug Search Tool and the release notes for your platform and software release.
To find information about the features documented in this module, and to see a list of the releases in which
each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Information About SNMP over IPv6

SNMP over an IPv6 Transport, page 1

SNMP over an IPv6 Transport

Simple Network Management Protocol (SNMP) can be configured over IPv6 transport so that an IPv6 host
can perform SNMP queries and receive SNMP notifications from a device running IPv6 software. The
SNMP agent and related MIBs have been enhanced to support IPv6 addressing. This feature uses the data
encryption standard (3DES) and advanced encryption standard (AES) message encryption.

Americas Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Configuring an SNMP Notification Server over IPv6

How to Configure SNMP over IPv6

How to Configure SNMP over IPv6

Configuring an SNMP Notification Server over IPv6, page 2

Configuring an SNMP Notification Server over IPv6

Use an SNMP community string to define the relationship between the SNMP manager and the agent. The
community string acts like a password to regulate access to the agent on the device. Optionally, you can
specify one or more of the following characteristics associated with the string:

An access list of IP addresses of the SNMP managers that are permitted to use the community string to
gain access to the agent.
A MIB view, which defines the subset of all MIB objects accessible to the given community.
Read and write or read-only permission for the MIB objects accessible to the community.

You can configure one or more community strings. To remove a specific community string, use the no
snmp-server community command.
The snmp-server host command specifies which hosts will receive SNMP notifications, and whether you
want the notifications sent as traps or inform requests. The snmp-server enable traps command globally
enables the production mechanism for the specified notification types (such as Border Gateway Protocol
[BGP] traps, config traps, entity traps, and Hot Standby Router Protocol [HSRP] traps).

SUMMARY STEPS
1. enable
2. configure terminal
3. snmp-server community string [view view-name] [ro | rw] [ipv6 nacl] [access-list-number]
4. snmp-server engineID remote {ipv4-ip-address | ipv6-address} [udp-port udp-port-number] [vrf vrfname] engineid-string
5. snmp-server group group-name {v1 | v2c | v3 {auth | noauth | priv}} [context context-name] [read
read-view] [write write-view] [notify notify-view] [access [ipv6 named-access-list ] {acl-number | aclname}]
6. snmp-server host {hostname | ip-address} [vrf vrf-name] [traps | informs] [version {1 | 2c | 3 [auth |
noauth | priv]}] community-string [udp-port port] [notification-type]
7. snmp-server user username group-name [remote host [udp-port port]] {v1 | v2c | v3 [encrypted]
[auth {md5 | sha} auth-password]} [access [ipv6 nacl] [priv {des | 3des | aes {128 | 192 | 256}}
privpassword] {acl-number | acl-name} ]
8. snmp-server enable traps [notification-type] [vrrp]

DETAILED STEPS
Command or Action
Step 1 enable

Purpose
Enables privileged EXEC mode.

Example:
Device> enable

Enter your password if prompted.

Configuring an SNMP Notification Server over IPv6

How to Configure SNMP over IPv6

Command or Action
Step 2 configure terminal

Purpose
Enters global configuration mode.

Example:
Device# configure terminal

Step 3 snmp-server community string [view view-name] [ro | rw] [ipv6

nacl] [access-list-number]

Defines the community access string.

Example:
Device(config)# snmp-server community mgr view
restricted rw ipv6 mgr2

Step 4 snmp-server engineID remote {ipv4-ip-address | ipv6-address}

[udp-port udp-port-number] [vrf vrf-name] engineid-string

(Optional) Specifies the name of the remote SNMP

engine (or copy of SNMP).

Example:
Device(config)# snmp-server engineID remote
3ffe:b00:c18:1::3/127 remotev6

Step 5 snmp-server group group-name {v1 | v2c | v3 {auth | noauth |

(Optional) Configures a new SNMP group, or a
priv}} [context context-name] [read read-view] [write write-view] table that maps SNMP users to SNMP views.
[notify notify-view] [access [ipv6 named-access-list ] {acl-number |
acl-name}]

Example:
Device(config)# snmp-server group public v2c access ipv6
public2

Step 6 snmp-server host {hostname | ip-address} [vrf vrf-name] [traps |

informs] [version {1 | 2c | 3 [auth | noauth | priv]}] communitystring [udp-port port] [notification-type]

Example:
Device(config)# snmp-server host host1.com 2c vrf trapvrf

Specifies the recipient of an SNMP notification

operation.

Specifies whether you want the SNMP

notifications sent as traps or informs, the
version of SNMP to use, the security level of
the notifications (for SNMPv3), and the
recipient (host) of the notifications.

Examples: Configuring an SNMP Notification Server over IPv6

Configuration Examples for SNMP over IPv6

Command or Action

Purpose

Step 7 snmp-server user username group-name [remote host [udp-port

port]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} authpassword]} [access [ipv6 nacl] [priv {des | 3des | aes {128 | 192 |
256}} privpassword] {acl-number | acl-name} ]

(Optional) Configures a new user to an existing

SNMP group.
Note You cannot configure a remote user for an

address without first configuring the engine

ID for that remote host. This is a restriction
imposed in the design of these commands; if
you try to configure the user before the host,
you will receive a warning message, and the
command will not be executed.

Example:
Device(config)# snmp-server user user1 bldg1 remote
3ffe:b00:c18:1::3/127 v2c access ipv6 public2

Step 8 snmp-server enable traps [notification-type] [vrrp]

Enables sending of traps or informs, and specifies

the type of notifications to be sent.

Example:
Device(config)# snmp-server enable traps bgp

If a value for the notification-type argument is

not specified, all supported notification will be
enabled on the device.
To discover which notifications are available
on your device, enter the snmp-server enable
traps ? command.

Configuration Examples for SNMP over IPv6

Examples: Configuring an SNMP Notification Server over IPv6, page 4

Examples: Configuring an SNMP Notification Server over IPv6

The following example permits any SNMP to access all objects with read-only permission using the
community string named public. The device also will send Border Gateway Protocol (BGP) traps to the
IPv4 host 172.16.1.111 and IPv6 host 3ffe:b00:c18:1::3/127 using SNMPv1 and to the host 172.16.1.27
using SNMPv2c. The community string named public will be sent with the traps.
Device(config)#
Device(config)#
Device(config)#
Device(config)#
Device(config)#

snmp-server
snmp-server
snmp-server
snmp-server
snmp-server

community public
enable traps bgp
host 172.16.1.27 version 2c public
host 172.16.1.111 version 1 public
host 3ffe:b00:c18:1::3/127 public

Example: Associate an SNMP Server Group with Specified Views

In the following example, the SNMP context A is associated with the views in SNMPv2c group GROUP1
and the IPv6 named access list public2:
Device(config)# snmp-server context A
Device(config)# snmp mib community-map commA context A target-list commAVpn
Device(config)# snmp mib target list commAVpn vrf CustomerA
Device(config)# snmp-server view viewA ciscoPingMIB included
Device(config)# snmp-server view viewA ipForward included
Device(config)# snmp-server group GROUP1 v2c context A read viewA write viewA notify
access ipv6 public2

Examples: Configuring an SNMP Notification Server over IPv6

Additional References

Example: Create an SNMP Notification Server

The following example configures the IPv6 host as the notification server:
Device> enable
Device# configure terminal
Device(config)# snmp-server
Device(config)# snmp-server
Device(config)# snmp-server
Device(config)# snmp-server
Device(config)# snmp-server
public2
Device(config)# snmp-server
Device(config)# exit

community mgr view restricted rw ipv6 mgr2

engineID remote 3ffe:b00:c18:1::3/127 remotev6
group public v2c access ipv6 public2
host host1.com 2c vrf trap-vrf
user user1 bldg1 remote 3ffe:b00:c18:1::3/127 v2c access ipv6
enable traps bgp

Additional References
Related Documents
Related Topic

Document Title

IPv6 addressing and connectivity

IPv6 Configuration Guide

Cisco IOS commands

Cisco IOS Master Commands

List, All Releases

IPv6 commands

Cisco IOS IPv6 Command

Reference

Cisco IOS IPv6 features

Cisco IOS IPv6 Feature Mapping

Standards and RFCs

Standard/RFC

Title

RFCs for IPv6

IPv6 RFCs

MIBs
MIB

MIBs Link

No new or modified MIBs are supported by this

feature, and support for existing MIBs has not been
modified by this feature.

To locate and download MIBs for selected

platforms, Cisco IOS releases, and feature sets, use
Cisco MIB Locator found at the following URL:
http://www.cisco.com/go/mibs

Examples: Configuring an SNMP Notification Server over IPv6

Feature Information for SNMP over IPv6

Technical Assistance
Description

Link

The Cisco Support and Documentation website

provides online resources to download
documentation, software, and tools. Use these
resources to install and configure the software and
to troubleshoot and resolve technical issues with
Cisco products and technologies. Access to most
tools on the Cisco Support and Documentation
website requires a Cisco.com user ID and
password.

http://www.cisco.com/cisco/web/support/
index.html

Feature Information for SNMP over IPv6

The following table provides release information about the feature or features described in this module.
This table lists only the software release that introduced support for a given feature in a given software
release train. Unless noted otherwise, subsequent releases of that software release train also support that
feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1

Feature Information for SNMP over IPv6

Feature Name

Releases

Feature Information

SNMP over IPv6

12.2(33)SRB

SNMP can be configured over

IPv6 transport so that an IPv6
host can perform SNMP queries
and receive SNMP notifications
from a device running IPv6.

12.2(33)SXI
12.2(44)SE
12.2(44)SG
12.3(14)T
15.0(2)SG
Cisco IOS XE Release 2.1
3.2SG

The following commands were

introduced or modified: snmpserver community, snmp-server
enable traps, snmp-server
engineID remote, snmp-server
group, snmp-server host, snmpserver user.

Examples: Configuring an SNMP Notification Server over IPv6

Feature Name

Releases

Feature Information

SNMPv3--3DES and AES

Encryption Support

12.2(33)SRB

IPv6 supports the SNMPv3 3DES and AES Encryption

Support feature.

12.2(33)SXI
12.2(50)SG
12.2(52)SE

No commands were introduced or

modified.

12.4(2)T
15.0(2)SG
Cisco IOS XE Release 2.1
3.2SG

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S.
and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks.
Third-party trademarks mentioned are the property of their respective owners. The use of the word partner
does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be
actual addresses and phone numbers. Any examples, command display output, network topology diagrams,
and other figures included in the document are shown for illustrative purposes only. Any use of actual IP
addresses or phone numbers in illustrative content is unintentional and coincidental.
2012 Cisco Systems, Inc. All rights reserved.