Snmp-Server Enable Traps: Notification-Type
Snmp-Server Enable Traps: Notification-Type
Syntax Description
notification-type
(Optional) Type of notification (trap or inform) to enable or disable. If no type is specified, all notifications available on your device are enabled or disabled. The notification type can be one of the following keywords:
configControls configuration notifications, as defined in the CISCO-CONFIG-MAN-MIB (enterprise 1.3.6.1.4.1.9.9.43.2). The notification type is: (1) ciscoConfigManEvent. ds0-busyoutSends notification whenever the busyout of a DS0 interface changes state (Cisco AS5300 platform only). This notification is defined in the CISCO-POP-MGMT-MIB (enterprise 1.3.6.1.4.1.9.10.19.2) and the notification type is:(1) cpmDS0BusyoutNotification ds1-loopbackSends notification whenever the DS1 interface goes into loopback mode (Cisco AS5300 platform only). This notification type is defined in the CISCO-POP-MGMT-MIB (enterprise 1.3.6.1.4.1.9.10.19.2) as: (2) cpmDS1LoopbackNotification. entityControls Entity MIB modification notifications. This notification type is defined in the ENTITY-MIB (enterprise 1.3.6.1.2.1.47.2) as: (1) entConfigChange. hsrpControls Hot Standby Routing Protocol (HSRP) notifications, as defined in the CISCO-HSRP-MIB (enterprise 1.3.6.1.4.1.9.9.106.2). The notification type is: (1) cHsrpStateChange.ipmulticastControls IP Multicast notifications. modem-healthControls modem-health notifications. rsvpControls Resource Reservation Protocol (RSVP) flow change notifications. ttyControls TCP connection notifications. xgcpSends External Media Gateway Control Protocol (XGCP) notifications. This notification is from the XGCP-MIB-V1SMI.my and the notification is enterprise 1.3.6.1.3.90.2 (1) xgcpUpDownNotification For additional notification types, see the Related Commands table.
Note
Defaults
This command is disabled by default. Most notification types are disabled. However, some notification types cannot be controlled with this command. If you enter this command with no notification-type keyword extenstions, the default is to enable (or diable, if the no form is used) all notification types controlled by this command.
CFR-864
Command Modes
Global configuration
Command History
Modification This command was introduced. The rsvp keyword was added. The hsrp keyword was added.
Usage Guidelines
For additional notification types, see the Related Commands table for this command. SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. To specify whether the notifications should be sent as traps or informs, use the snmp-server host [traps | informs] command. If you do not enter an snmp-server enable traps command, no notifications controlled by this command are sent. In order to configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. In order to enable multiple types of notifications, you must issue a separate snmp-server enable traps command for each notification type and notification option. The snmp-server enable traps command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send all traps to the host specified by the name myhost.cisco.com, using the community string defined as public:
Router(config)# snmp-server enable traps Router(config)# snmp-server host myhost.cisco.com public
The following example enables the router to send Frame Relay and environmental monitor traps to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable traps frame-relay Router(config)# snmp-server enable traps envmon temperature Router(config)# snmp-server host myhost.cisco.com public
The following example will not send traps to any host. The BGP traps are enabled for all hosts, but the only traps enabled to be sent to a host are ISDN traps (which are not enabled in this example).
Router(config)# snmp-server enable traps bgp Router(config)# snmp-server host bob public isdn
The following example enables the router to send all inform requests to the host at the address myhost.cisco.com, using the community string defined as public:
Router(config)# snmp-server enable traps Router(config)# snmp-server host myhost.cisco.com informs version 2c public
The following example sends HSRP MIB traps to the host myhost.cisco.com using the community string public.
Router(config)# snmp-server enable traps hsrp Router(config)# snmp-server host myhost.cisco.com traps version 2c public hsrp
CFR-865
Related Commands
Command snmp-server enable traps atm pvc snmp-server enable traps atm pvc extension snmp-server enable traps bgp snmp-server enable traps calltracker snmp-server enable traps envmon
Description Controls (enables or disables) ATM PVC SNMP notifications. Enables the sending of extended ATM permanent virtual circuit (PVC) SNMP notifications. Controls (enables or disables) BGP server state change SNMP notifications. Controls (enables or disables) Call Tracker callSetup and callTerminate SNMP notifications. Controls (enables or disables) environmental monitor SNMP notifications.
snmp-server enable traps frame-relay Controls (enables or disables) Frame Relay DLCI link staus change SNMP notifications. snmp-server enable traps ipsec snmp-server enable traps isakmp Controls (enables or disables) IP Security SNMP notifications. Controls (enables or disables) IPSec Internet Security Association and Key Exchange Protocol (ISAKMP) SNMP notifications. Controls (enables or disables) ISDN SNMP notifications. Controls (enables or disables) MPLS Label Distribution Protocol (LDP) SNMP notifications. Controls (enables or disables) MPLS traffic engineering (TE) tunnel state-change SNMP notifications. Controls (enables or disables) MPLS VPN specific SNMP notifications. Controls (enables or disables) RFC 1516 Hub notifications. Controls (enables or disables) RFC 1157 SNMP notifications. Controls (enables or disables) the sending of system logging messages via SNMP. Specifies whether you want the SNMP notifications sent as traps or informs, the version of SNMP to use, the security level of the notifications (for SNMPv3), and the destination host (recipient) for the notifications. Specifies inform request options. Specifies the interface (and hence the corresponding IP address) that an SNMP trap should originate from. Issues an SNMP trap when a MAC address violation is detected on an Ethernet hub port of a Cisco 2505, Cisco 2507, or Cisco 2516 router.
snmp-server enable traps isdn snmp-server enable traps mpls ldp snmp-server enable traps mpls traffic-eng snmp-server enable traps mpls vpn snmp-server enable traps repeater snmp-server enable traps snmp snmp-server enable traps syslog snmp-server host
CFR-866
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 12.1(3)T
Modification This command was introduced for the Cisco AS5300 and Cisco AS5800.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) AAA Server state change (casServerStateChange) notifications. ServerStateChange notifications, when enabled, will be sent when the server moves from an up to dead state or when a server moves from a dead to up state. The Cisco AAA Server State is defined by the casState object in the Cisco AAA Server MIB. The possible values are as follows:
A server is marked "dead" if it does not respond after maximum retransmissions. A server is marked "up" again either after a waiting period or if some response is received from it. The initial value of casState is "up(1)" at system startup. This will only transition to "dead(2)" if an attempt to communicate fails. For a complete description of this notification and additional MIB functions, see the CISCO-AAA-SERVER-MIB.my file, available on Cisco.com at http://www.cisco.com/public/mibs/v2/. The snmp-server enable traps aaa_sever command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
CFR-867
Examples
The following example enables the router to send AAA server up/down informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps aaa_server Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Allows a remote network management system to perform Set operations and disconnect users on the configured device using SNMP. Displays caller information for async, dialer, and serial interfaces. Displays AAA server MIB statistics for AAA functions. Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-868
Syntax Description
1 2
Specifies the MIB that supports the extended ATM permanent virtual circuit (PVC) SNMP notifications. This is the default. Specifies the MIB that supports ATM OAM F5 CC and ATM OAM F5 AIS/RDI SNMP notifications, in addition to the notifications supported by MIB version 1.
Defaults
MIB version: 1
Command Modes
Global configuration
Command History
Release 12.2(15)T
Usage Guidelines
MIB version 1 specifies the MIB that supports legacy extended ATM PVC traps and is defined in the file CISCO-IETF-ATM2-PVCTRAP-MIB-EXTN.my. MIB version 1 is implemented by default. Use the snmp-server enable traps atm pvc extension mibversion 1 command or the no snmp-server enable traps atm pvc extension mibversion 2 command to reenable this MIB if it was previously disabled with the snmp-server enable traps atm pvc extension mibversion 2 command. Use the snmp-server enable traps atm pvc extension mibversion 2 command to specify the MIB that supports ATM OAM F5 CC and ATM OAM AID/RDI failure notifications. This MIB is defined in the file CISCO-ATM-PVCTRAP-EXTN-MIB.my. To enable the SNMP notifications that support ATM OAM F5 continuity checking, use the snmp-server enable traps atm pvc extension command in global configuration mode. These SNMP notifications are defined in the file CISCO-ATM-PVCTRAP-EXTN-MIB.my, available from the Cisco FTP site at ftp://www.cisco.com/public/mibs/v2/. OAM management and support for OAM F5 continuity checking must be enabled on the PVC by using the oam-pvc manage cc command before you can use the ATM OAM continuity check SNMP notifications.
CFR-869
Examples
In the following example, the MIB that supports the SNMP notifications for ATM OAM continuity checking is implemented, and the ATM OAM continuity checking notifications are enabled. Support for end-to-end OAM F5 continuity checking is enabled on PVC 0/1:
Router(config)# snmp-server enable traps Router(config)# snmp-server enable traps Router(config)# snmp-server enable traps Router(config)# snmp-server enable traps Router(config)# snmp-server enable traps Router(config)# snmp-server enable traps Router(config)# interface atm 0 Router(config-if)# pvc 0/40 Router(config-if-atm-vc)# oam-pvc manage atm atm atm atm atm atm pvc pvc pvc pvc pvc pvc extension extension extension extension extension extension mibversion 2 oam failure aisrdi oam failure endcc oam failure segmentcc oam failure loopback up
cc end
Related Commands
Description Displays ATM OAM F5 CC management activity. Configures ATM OAM F5 CC management.
snmp-server enable traps Enables all available SNMP notifications on your system. snmp-server enable traps Enables the sending of legacy ATM PVC DOWN traps. atm pvc snmp-server enable traps Enables the sending of extended ATM PVC SNMP notifications and atm pvc extension SNMP notifications for ATM OAM F5 CC, ATM OAM F5 AIS/RDI, and loopback failures.
CFR-870
Syntax Description
Enables ATM PVC up traps. These notifications are generated when a PVC changes from the DOWN to the UP state. Enables ATM PVC failure traps. These notifications are generated when a PVC changes from the UP to the DOWN state. Enables ATM PVC OAM failure traps. These notifications are generated when any type of OAM failure occurs on the PVC. (Optional) Enables AIS/RDI OAM failure traps. These notifications are generated when AIS/RDI OAM failure occurs on the PVC. (Optional) Enables end-to-end OAM CC failure traps. These notifications are generated when end-to-end CC failures occur on the PVC. (Optional) Enables OAM failure loopback traps. These notifications are generated when OAM loopback failure occurs on the PVC. (Optional) Enables segment OAM CC failure traps. These notifications are generated when segment CC failures occur on the PVC.
Defaults
SNMP notifications are disabled. The interval between successive traps is 30 seconds.
Command Modes
Global configuration
Command History
Modification This command was introduced for those platforms that support ATM PVC management. This command was modified to configure SNMP notification support for ATM OAM F5 CC and ATM OAM F5 AIS/RDI failures.
CFR-871
Usage Guidelines
For PVCs that are not part of a range, extended ATM PVC traps include virtual path identifier/virtual channel indentifier (VPI/ VCI) information, the number of state transitions a PVC goes through in an interval, and the timestamp for the start and end of the transitions. For PVCs that are part of a range, extended ATM PVC traps include the first and last VPI/VCI of the range and the timestamp for the first failure and the last failure within the same range. Extended ATM PVC and ATM OAM F5 CC traps cannot be used at the same time as the legacy ATM PVC trap. The legacy ATM PVC trap must be disabled by using the no snmp-server enable traps atm pvc command before extended ATM PVC traps can be configured. The extended ATM PVC failure trap (which is is enabled by the snmp-server enable traps atm pvc extension down command) is the same trap as the legacy ATM PVC failure trap (which is enabled by the snmp-server enable traps atm pvc command), but with the the following differences:
The extended ATM PVC failure trap contains information in the form of VPI/VCI ranges. The extended ATM PVC failure trap contains timestamps for when PVCs go down. The legacy ATM PVC failure trap contains only one VPI/VCI per trap.
Note
You must configure the snmp-server enable traps atm pvc extension mibversion 2 command before you can enable the ATM OAM F5 AIS/RDI failure traps, the end-to-end ATM OAM F5 CC failure traps, the OAM failure loopback traps, and the segment ATM OAM F5 CC failure traps. This command enables the MIB that supports these traps. OAM management must be enabled on the PVC before you can use ATM PVC traps. To generate F5 loopback failure traps, enable OAM management using the oam-pvc manage command. To generate segment F5 CC failure traps, enable segment OAM CC management by using the oam-pvc manage cc segment command. To generate end-to-end F5 CC failure traps, enable end-to-end OAM CC management by using the oam-pvc manage cc end command. To generate OAM F5 AIS/RDI failure traps, enable any of the three types of OAM management listed above. SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. The extended ATM PVC notifications for MIB version 1 are defined in the CISCO-IETF-ATM2-PVCTRAP-MIB.my file.The extended ATM PVC notifications for MIB version 2 are defined in the CISCO-ATM-PVCTRAP-EXTN-MIB.my file. Both of these MIB files are available from the Cisco FTP site at ftp://www.cisco.com/public/mibs/v2/. ATM PVC traps are generated at the end of the notification interval. It is possible to generate all three types of ATM PVC traps (the ATM PVC failure trap, ATM PVC up trap, and ATM PVC OAM failure trap) at the end of the same notification interval; however, only one type of trap will be generated for each PVC. The snmp-server enable traps atm pvc extension command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command. When the ATM OAM F5 loopback, AIS/RDI, or CC failure trap is enabled, the PVC remains in the UP state when an OAM loopback, AIS/RDI, or CC failure is detected, so that the flow of data will still be possible. If one of these traps is not enabled, the PVC will be placed in the DOWN state when an OAM loopback, AIS/RDI, or CC failure is detected.
CFR-872
Examples
The following example shows all three of the extended ATM PVC traps enabled on a router. If PVC 0/1 leaves the UP state, leaves the DOWN state, or has an OAM loopback failure, host 172.16.61.90 will receive the SNMP notifications:
! Configure SNMP support and an IP routing protocol on your router: Router(config)# snmp-server community public ro Router(config)# snmp-server host 172.16.61.90 public Router(config)# ip routing Router(config)# router igrp 109 Router(config-router)# network 172.16.0.0 ! ! Enable extended ATM PVC trap support and OAM management: Router(config)# snmp-server enable traps atm pvc extension down Router(config)# snmp-server enable traps atm pvc extension up Router(config)# snmp-server enable traps atm pvc extension oam failure loopback Router(config)# interface atm 1/0.1 Router(config-if)# pvc 0/1 Router(config-if-atm-vc)# oam-pvc manage
The following example shows output for extended ATM PVC failure trap for PVCs 1/100, 1/102, and 1/103. Note that only one trap is generated for all the PVCs associated with the same interface or subinterface (in contrast to the legacy ATM PVC failure trap, which generates a separate trap for each PVC). The VPI/VCI information and timing information are located in the objects associated with the trap.
00:23:56:SNMP:Queuing packet to 1.1.1.1 00:23:56:SNMP:V2 Trap, reqid 2, errstat 0, erridx 0 sysUpTime.0 = 143636 snmpTrapOID.0 = atmIntfPvcFailuresTrap ifEntry.1.19 = 19 atmIntfPvcFailures.2 = 7 atmIntfCurrentlyFailingPVcls.2 = 3 atmPVclLowerRangeValue.19.1.2 = 102 atmPVclHigherRangeValue.19.1.2 = 103 atmPVclRangeStatusChangeStart.19.1.2 = 140643 atmPVclRangeStatusChangeEnd.19.1.2 = 140698 atmPVclStatusTransition.19.1.100 = 1 atmPVclStatusChangeStart.19.1.100 = 140636 atmPVclStatusChangeEnd.19.1.100 = 140636 00:23:56:SNMP:Packet sent via UDP to 1.1.1.1
The following example shows output for the extended ATM PVC up trap for PVCs 1/100, 1/102, and 1/103:
00:31:29:SNMP:Queuing packet to 1.1.1.1 00:31:29:SNMP:V2 Trap, reqid 2, errstat 0, erridx 0 sysUpTime.0 = 188990 snmpTrapOID.0 = atmIntfPvcUpTrap ifEntry.1.19 = 19 atmIntfCurrentlyDownToUpPVcls.2 = 3 atmPVclLowerRangeValue.19.1.2 = 102 atmPVclHigherRangeValue.19.1.2 = 103 atmPVclRangeStatusChangeStart.19.1.2 = 186005 atmPVclRangeStatusChangeEnd.19.1.2 = 186053 atmPVclStatusTransition.19.1.100 = 1 atmPVclStatusChangeStart.19.1.100 = 185990 atmPVclStatusChangeEnd.19.1.100 = 185990 00:31:30:SNMP:Packet sent via UDP to 1.1.1.1
CFR-873
In the following example, the ATM OAM CC notifications and an extended ATM PVC notification are enabled. If connectivity failures are detected on PVC 0/1, host 172.16.61.90 will receive the SNMP notifications:
! Configure SNMP support and an IP routing protocol on your router: Router(config)# snmp-server community public ro Router(config)# snmp-server host 172.16.61.90 public Router(config)# ip routing Router(config)# router igrp 109 Router(config-router)# network 172.16.0.0 ! ! Enable extended ATM PVC trap support and OAM management: Router(config)# snmp-server enable traps atm pvc extension mibversion 2 Router(config)# snmp-server enable traps atm pvc extension oam failure aisrdi Router(config)# snmp-server enable traps atm pvc extension oam failure endcc Router(config)# snmp-server enable traps atm pvc extension oam failure segmentcc Router(config)# snmp-server enable traps atm pvc extension oam failure loopback Router(config)# snmp-server enable traps atm pvc extension up Router(config)# interface atm 0 Router(config-if)# pvc 0/1 Router(config-if-atm-vc)# oam-pvc manage cc end
Related Commands
Command oam-pvc manage oam-pvc manage cc show atm pvc snmp-server enable traps snmp-server enable traps atm pvc snmp-server enable traps atm pvc extension mibversion snmp-server host snmp-server trap-source
Description Enables end-to-end F5 OAM loopback cell generation and OAM management. Configures ATM OAM F5 CC management. Displays all ATM PVCs and traffic information. Enables all available SNMP notifications on your system. Enables the sending of legacy ATM PVC failure traps. Specifies the MIB that supports extended ATM PVC SNMP notifications or the MIB that supports SNMP notifications for ATM OAM F5 CC, F5 AIS/RDI, and F5 loopback failures. Specifies the recipient of an SNMP notification operation. Specifies the interface from which an SNMP trap should originate.
CFR-874
Syntax Description
interval seconds
(Optional) Minimum period between successive traps, in the range from 1 to 3600. Generation of PVC traps is dampened by the notification interval in order to prevent trap storms. No traps are sent until the interval lapses.
fail-interval seconds
(Optional) Minimum period for storing the failed time stamp, in the range from 0 to 3600.
Defaults
SNMP notifications are disabled by default. The default interval is 30. The default fail-interval is 0.
Command Modes
Global configuration
Command History
Release 12.0(1)T
Modification This command was introduced for those platforms that support ATM PVC Management.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. ATM notifications are defined in the CISCO-IETF-ATM2-PVCTRAP-MIB.my file, available from the Cisco FTP site at ftp://www.cisco.com/public/mibs/v2/. ATM PVC failure notification are sent when a PVC on an ATM interface fails or leaves the UP operational state. Only one trap is generated per hardware interface, within the specified interval defined by the interval keyword (stored as the atmIntfPvcNotificationInterval in the MIB). If other PVCs on the same interface go DOWN during this interval, traps are generated and held until the fail-interval has elapsed. Once the interval has elapsed, the traps are sent if the PVCs are still DOWN. No notifications are generated when a PVC returns to the UP state after having been in the DOWN state. If you need to detect the recovery of PVCs, you must use the SNMP management application to regularly poll your router. The snmp-server enable traps atm pvc command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command.
CFR-875
Examples
The following example shows the enabling of ATM PVC traps on a router, so that if PVC 0/1 goes down, host 172.16.61.90 will receive the notifications:
!For ATM PVC Trap Support to work on your router, you must first have SNMP support and !an IP routing protocol configured on your router: Router(config)# snmp-server community public ro Router(config)# snmp-server host 172.16.61.90 public Router(config)# ip routing Router(config)# router igrp 109 Router(config-router)# network 172.16.0.0 ! !Enable ATM PVC Trap Support and OAM management: Router(config)# snmp-server enable traps atm pvc interval 40 fail-interval 10 Router(config)# interface atm 1/0.1 Router(config-if)# pvc 0/1 Router(config-if-atm-vc)# oam-pvc manage
Related Commands
Description Displays all ATM permanent virtual circuits (PVCs) and traffic information. Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
snmp-server enable traps Enables all available SNMP notifications on your system. snmp-server host snmp-server trap-source
CFR-876
Syntax Description
interval seconds
(Optional) Minimum period between successive traps, in the range from 0 to 3600. The default is 10 seconds.
count number-of-traps (Optional) Maximum number of traps that will be sent in the specified interval, in the range from 1 to 1000. The default is 10 traps.
Defaults
ATM subinterface SNMP notifications are disabled by default. Interval: 10 seconds Count: 10 traps
Command Modes
Global configuration
Command History
Release 12.2(13)T
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. ATM subinterface traps are sent to the network management system (NMS) whenever a subinterface enters or leaves the down state. The count and interval parameters can be configured to limit the number of traps sent and the frequency at which they are sent in order to prevent trap storms. Configuring an interval of 0 seconds causes all ATM subinterface traps to be sent. You can disable ATM subinterface traps by using the no snmp-server enable traps atm subif command. When traps are disabled, you can use the SNMP management application to poll your router for subinterface status information. The snmp-server enable traps atm subif command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command.
CFR-877
The snmp-server trap link ietf command must be configured in order to use the snmp-server enable traps atm subif command. The snmp-server trap link ietf command is used to configure your router to use the RFC 2233 IETF standards-based implementation of linkUp/linkDown traps. The default Cisco object definitions do not generate linkUp/linkDown traps correctly for subinterfaces.
Examples
The following example shows how to enable ATM subinterface traps on a router. If an ATM subinterface on this router changes state, host 172.16.61.90 will receive the notifications:
!For ATM subinterface trap to work on your router, you must first have SNMP support and !an IP routing protocol configured on your router: Router(config)# snmp-server community public ro Router(config)# snmp-server host 172.16.61.90 public Router(config)# snmp-server trap link ietf Router(config)# snmp-server enable traps snmp Router(config)# ip routing Router(config)# router igrp 109 Router(config-router)# network 172.16.0.0 !Enable ATM subinterface trap support: Router(config)# snmp-server enable traps atm subif interval 60 count 5
Related Commands
Command snmp-server enable traps snmp-server enable traps atm pvc snmp-server host snmp-server trap link ietf snmp-server trap-source
Description Enables all available SNMP notifications on your system. Enables the sending of ATM PVC SNMP notifications. Specifies the recipient of an SNMP notification operation. Enables linkUp/linkDown SNMP traps that are compliant with RFC 2233. Specifies the interface from which an SNMP trap should originate.
CFR-878
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 12.1(3)T
Modification This command was introduced for the Cisco AS5300 and Cisco AS5800.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) BGP server state change notifications, as defined in the BGP4-MIB (enterprise 1.3.6.1.2.1.15.7). The notifications types are:
bgpEstablished bgpBackwardTransition
CFR-879
For a complete description of these notifications and additional MIB functions, see the BGP4-MIB.my file, available through the Cisco FTP site at ftp://www.cisco.com/public/mibs/v2/.
Note
You may notice incorrect BGP trap OID output when using the SNMP version 1 BGP4-MIB that is available for download at ftp://ftp.cisco.com/pub/mibs/v1/BGP4-MIB-V1SMI.my. When a router sends out BGP traps (notifications) about state changes on an SNMP version 1 monitored BGP peer, the enterprise OID is incorrectly displayed as .1.3.6.1.2.1.15 (bgp) instead of .1.3.6.1.2.1.15.7 (bgpTraps). The problem is not due to any error with Cisco IOS software. This problem occurs because the BGP4-MIB does not follow RFC 1908 rules regarding version 1 and version 2 trap compliance. This MIB is controlled by IANA under the guidance of the IETF, and work is currently in progress by the IETF to replace this MIB with a new version that represents the current state of the BGP protocol. In the meantime, we recommend that you use the SNMP version 2 BGP4-MIB or the CISCO-BGP4-MIB to avoid an incorrect trap OID. The snmp-server enable traps bgp command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send BGP state change informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps bgp Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-880
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 12.1(3)T
Modification This command was introduced for the Cisco AS5300 and Cisco AS580 access servers.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) Call Tracker CallSetup and CallTerminate notifications. CallSetup notifications are generated at the start of each call, when an entry is created in the active table (cctActiveTable), and CallTerminate notifications are generated at the end of each call, when an entry is created in the history table (cctHistoryTable). For a complete description of these notifications and additional MIB functions, refer to the CISCO-CALL-TRACKER-MIB.my file, available on Cisco.com at http://www.cisco.com/public/mibs/v2/. The snmp-server enable traps calltracker command is used in conjunction with the snmp-server host global configuration command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send call-start and call-stop informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps calltracker Router(config)# snmp-server host myhost.cisco.com informs version 2c public calltracker
CFR-881
Related Commands
Description Enables call record SYSLOG generation for the purpose of debugging, monitoring, or externally saving detailed call record information. Enables the Call Tracker feature on an access server. Enables PRI B channels to be busied out via SNMP. Displays Call Tracker activity and configuration information such as the number of active calls and the history table attributes. Displays all of the information stored within the Call Tracker Active or History Database for the latest call assigned to specified modem. Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
calltracker enable isdn snmp busyout b-channel show call calltracker show modem calltracker snmp-server host snmp-server trap-source
CFR-882
Syntax Description
server-up server-down
Enables the DistributedDirector notification that the server has changed to the up state. Enables the DistributedDirector notification that the server has changed to the down state.
Defaults
Command Modes
Global configuration
Command History
Release 12.2(8)T
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) DistributedDirector status notifications for systems. If none of the optional keywords is specified, all available environmental notifications are enabled.
Examples
In the following example, both ciscoDistDirEventServerUp and ciscoDistDirEventServerDown notifications are enabled:
Router(config)# snmp-server enable traps director Router# show running-config ip host myhost 172.2.2.10 172.2.2.20 172.2.2.30 . . . ip director host myhost ip dns primary myhost soa myhost myhost@com ip director host myhost priority boomerang 1 no ip director drp synchronized snmp-server enable traps director server-up server-down
CFR-883
Related Commands
Command snmp-server enable traps snmp-server host snmp-server informs snmp-server trap-source snmp-server trap-timeout snmp trap link-status
Description Enables the router to send SNMP traps. Specifies the recipient of an SNMP notification. Specifies inform request options. Specifies the interface (and hence the corresponding IP address) from which an SNMP trap should originate. Defines how often to try resending trap messages on the retransmission queue. Enables SNMP trap notifications to be generated when a specific port is brought up or down.
CFR-884
Syntax Description
circuit
(5) ciscoDlswTrapCircuitUp (6) ciscoDlswTrapCircuitDown (1) ciscoDlswTrapTConnPartnerReject (2) ciscoDlswTrapTConnProtViolation (3) ciscoDlswTrapTConnUp (4) ciscoDlswTrapTConnDown
tconn
Defaults
SNMP notifications are disabled by default. If the optional keywords are not used, all DLSw notification types are enabled (or disabled, if the no form is used).
Command Modes
Global configuration
Command History
Release 12.1
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. Use this command in conjunction with the snmp-server host command. This command controls (enables or disables) SNMP notifications for Data Link Switch (DLSw) circuit and connection activity. DLSw objects are defined in the Cisco DLSw MIB module (CISCO-DLSW-MIB.my) and the DLSw+ (Cisco Specific Features) MIB module (CISCO-DLSW-EXT-MIB.my), available through Cisco.com at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
CFR-885
Examples
In the following example the device is configured to send DLSw circuit state change informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps dlsw circuit Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-886
Syntax Description
shutdown
(Optional) Controls shutdown notifications. A ciscoEnvMonShutdownNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.13.3.1) is sent if the environmental monitor detects a testpoint reaching a critical state and is about to initiate a shutdown. (Optional) Controls voltage notifications. A ciscoEnvMonVoltageNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.13.3.2) is sent if the voltage measured at a given testpoint is outside the normal range for the testpoint (i.e. is at the warning, critical, or shutdown stage). For access servers, this notification is defined as the caemVoltageNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.61.2.2).
voltage
temperature
(Optional) Controls temperature notifications. A ciscoEnvMonTemperatureNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.13.3.3) is sent if the temperature measured at a given testpoint is outside the normal range for the testpoint (i.e. is at the warning, critical, or shutdown stage). For access servers, this notification is defined as the caemTemperatureNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.61.2.1).
fan
(Optional) Controls fan failure notifications. A ciscoEnvMonFanNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.13.3.4) is sent if any one of the fans in a fan array fails. (Optional) Controls Redundant Power Supply (RPS) failure notifications. A ciscoEnvMonRedundantSupplyNotification (enterprise MIB OID 1.3.6.1.4.1.9.9.13.2.5) is sent if a redundant power supply fails.
supply
Defaults
Command Modes
Global configuration
Command History
Modification This command was introduced. Support for this command was introduced for the Cisco AS5300 access server.
CFR-887
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) Environmental Monitor (EnvMon) status notifications for supported systems. Cisco enterprise EnvMon notifications are triggered when an environmental threshold is exceeded. If none of the optional keywords are specified, all available environmental notifications are enabled. For a complete description of these notifications and additional MIB functions, see the CISCO-ENVMON-MIB.my and CISCO-ACCESS-ENVMON-MIB.my files, available on Cisco.com at http://www.cisco.com/public/mibs/v2/. Status of the Environmental Monitor can be viewed using the show environment command. The snmp-server enable traps envmon command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables a Cisco 12000 GSR to send environmental failure informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps envmon Router(config)# snmp-server host myhost.cisco.com informs version 2c public envmon
Related Commands
Description Displays environmental conditions on the system. Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-888
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Modification This command was introduced. This command was modified to enable Frame Relay subinterface traps in addition to DLCI traps.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) DLCI Frame Relay notifications, as defined in the RFC1315-MIB (enterprise 1.3.6.1.2.1.10.32). This trap indicates that the indicated virtual circuit (VC) or subinterface has changed state, meaning that the VC or subinterface has either been created or invalidated, or has toggled between the active and inactive states. To enable only Frame Relay subinterface traps, use the snmp-server enable traps frame-relay subif command.
Note
For large scale configurations (systems containing hundreds of Frame Relay point-to-point subinterfaces), note that having Frame Relay notifications enabled could potentially have a negative impact on network performance when there are line status changes. For a complete description of this notification and additional MIB functions, see the RFC1315-MIB.my file and the CISCO-FRAME-RELAY-MIB.my file, available in the v1 and v2 directories, respectively, at the Cisco.com MIB web site at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
CFR-889
The snmp-server enable traps frame-relay command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
In the following example, the router is configured to send Frame Relay DLCI and subinterface state change informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps frame-relay Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-890
Syntax Description
interval seconds
(Optional) Minimum period between successive traps, in the range from 0 to 3600. The default is 10 seconds.
count number-of-traps (Optional) Maximum number of traps that will be sent in the specified interval, in the range from 1 to 1000. The default is 10 traps.
Defaults
Frame Relay subinterface SNMP notifications are disabled by default. Interval: 10 seconds Count: 10 traps
Command Modes
Global configuration
Command History
Release 12.2(13)T
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. Frame Relay subinterface traps are sent to the network management system (NMS) whenever a subinterface enters or leaves the down state. The count and interval parameters can be configured to limit the number of traps sent and the frequency at which they are sent in order to prevent trap storms. Configuring an interval of 0 seconds causes all Frame Relay subinterface traps to be sent.
Note
The snmp-server enable traps frame-relay command enables both Frame Relay DLCI and subinterface traps. The snmp-server enable traps frame-relay subif command enables only Frame Relay subinterface traps. You can disable Frame Relay subinterface traps by using the no snmp-server enable traps frame-relay subif command. When traps are disabled, you can use the SNMP management application to poll your router for subinterface status information.
CFR-891
The snmp-server enable traps frame-relay subif command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command. The snmp-server trap link ietf command must be configured in order to use the snmp-server enable traps frame-relay subif command. The snmp-server trap link ietf command is used to configure your router to use the RFC 2233 IETF standards-based implementation of linkUp/linkDown traps. The default Cisco object definitions do not generate linkUp/linkDown traps correctly for subinterfaces.
Examples
The following example shows how to enable Frame Relay subinterface traps on a router. If a Frame Relay subinterface on this router changes state, host 172.16.61.90 will receive the notifications:
! For Frame Relay subinterface traps to work on your router, you must first have SNMP ! support and an IP routing protocol configured on your router: Router(config)# snmp-server community public ro Router(config)# snmp-server host 172.16.61.90 public Router(config)# snmp-server trap link ietf Router(config)# snmp-server enable traps snmp Router(config)# ip routing Router(config)# router igrp 109 Router(config-router)# network 172.16.0.0 !Enable Frame Relay subinterface trap support: Router(config)# snmp-server enable traps frame-relay subif interval 60 count 5
Related Commands
Command snmp-server enable traps frame-relay snmp-server host snmp-server trap link ietf snmp-server trap-source
Description Enables Frame Relay DLCI link status SNMP notifications. Specifies the recipient of an SNMP notification operation. Enables linkUp/linkDown SNMP traps that are compliant with RFC 2233. Specifies the interface from which an SNMP trap should originate.
CFR-892
Syntax Description
call-information
(Optional) Controls SNMP ISDN call information notifications, as defined in the CISCO-ISDN-MIB (enterprise 1.3.6.1.4.1.9.9.26.2). Notification types are:
demandNbrCallInformation (1) This notification is sent to the manager whenever a successful call clears, or a failed call attempt is determined to have ultimately failed. In the event that call retry is active, then this is after all retry attempts have failed. However, only one such notification is sent in between successful call attempts; subsequent call attempts do not generate notifications of this type. demandNbrCallDetails (2) This notification is sent to the manager whenever a call connects, or clears, or a failed call attempt is determined to have ultimately failed. In the event that call retry is active, then this is after all retry attempts have failed. However, only one such notification is sent in between successful call attempts; subsequent call attempts do not generate notifications of this type.
chan-not-avail
(Optional) Controls SNMP ISDN channel-not-available notifications. ISDN PRI channel-not-available traps are generated when a requested DS-0 channel is not available, or when there is no modem available to take the incoming call. These notifications are available only for ISDN PRI interfaces. (Optional) Controls SNMP ISDN U interface notifications. (Optional) Controls SNMP ISDN layer2 transition notifications.
isdnu-interface layer2
Defaults
SNMP notifications are disabled by default. If you enter this command with none of the optional keywords, all available notifications are enabled.
Command Modes
Global configuration
Command History
Modification The snmp-server enable traps isdn command was introduced. The call-information and isdnu-interface keywords were added for the Cisco 1600 series router.
CFR-893
Modification Support for the call-information and isdnu-interface keywords was introduced for most voice platforms. Support for the isdn chan-not-available option was added for the Cisco AS5300, Cisco AS5400, and Cisco AS5800 access servers only.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. ISDN notifications are defined in the CISCO-ISDN-MIB.my and CISCO-ISDNU-IF-MIB.my files, available on Cisco.com at http://www.cisco.com/public/mibs/v2/. Availability of notifications will depend on your platform. To see what notifications are available, use the snmp-server enable traps isdn ? command. If you do not enter an snmp-server enable traps isdn command, no notifications controlled by this command are sent. In order to configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps isdn command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. The snmp-server enable traps snmp command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example shows the checking of what notification types are available on a Cisco AS5300, and the enabling of channel-not-available and layer2 informs:
NAS(config)#snmp-server enable traps call-information Enable SNMP isdn chan-not-avail Enable SNMP isdn layer2 Enable SNMP isdn <cr> isdn ? call information traps channel not avail traps layer2 transition traps
NAS(config)#snmp-server enable traps isdn chan-not-avail layer2 NAS(config)#snmp-server host myhost.cisco.com informs version 2c public isdn
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies inform request options. Specifies the interface that an SNMP trap should originate from.
snmp-server enable traps Enables all available SNMP notifications on your system.
CFR-894
Syntax Description
session-up
(Optional) Controls (enables or disables) LDP session up notifications, defined in the MPLS-LDP-MIB as mplsLdpSessionUp. This notification is generated when the router establishes an LDP session with another LDP entity (an adjacent LDP peer in the network). (Optional) Controls (enables or disables) LDP session down notifications, defined in the MPLS-LDP-MIB as mplsLdpSessionDown. This message is generated when an LDP session between the router and its adjacent LDP peer is terminated. (Optional) Controls (enables or disables) Path-Vector (PV) Limit notifications, defined in the MPLS-LDP-MIB as mplsLdpPVLMismatch. This notification is generated when the router establishes an LDP session with its adjacent peer LSR, but the two LSRs have dissimilar path vector limits. (Optional) Controls (enables or disables) PV Limit notifications, defined in the MPLS-LDP-MIB as mplsLdpInitSesThresholdExceeded. This notification is generated after eight failed attempts to establish an LDP session between the router and an LDP peer, due to any type of incompatibility between the devices.
session-down
pv-limit
threshold
Defaults
The sending of SNMP notifications is disabled by default. If you do not specify any of the optional keywords, all four types of LDP notifications are enabled on the LSR.
Command Modes
Global configuration
Command History
Modification This command was introduced. This command was implemented in Cisco IOS Release 12.2(13)T.
Usage Guidelines
The MPLS LDP pv-limit (mplsLdpPathVectorLimitMismatch) notification object provides a warning message that can be sent to the NMS when two routers engaged in LDP operations have a dissimilar path vector limit. It is recommended that all LDP-enabled routers in the network be configured with the same path vector limit.
CFR-895
The value of the path vector limit can range from 0 through 255; a value of 0 indicates that loop detection is off; any value other than zero up to 255 indicates that loop detection is on and, in addition, specifies the maximum number of hops through which an LDP message can pass before a loop condition in the network is sensed. The MPLS LDP threshold (mplsLdpFailedInitSessionThresholdExceeded) notification object provides a warning message that can be sent to a network management station (NMS) when a local LSR and an adjacent LDP peer attempt to set up an LDP session between them, but fail to do so after a specified number of attempts. The default number of attempts is 8. This default value is implemented in Cisco IOS and cannot be changed using either the CLI or an SNMP agent. In general, Cisco routers support the same features across multiple platforms. Therefore, the most likely incompatibility to occur between Cisco LSRs is a mismatch of their respective ATM VPI/VCI label ranges. For example, if you specify a range of valid labels for an LSR that does not overlap the range of its adjacent LDP peer, the routers will try eight times to create an LDP session between themselves before the mplsLdpFailedInitSessionThresholdExceeded notification is generated. Operationally, the LSRs whose label ranges do not overlap continue their attempt to create an LDP session between themselves after the eight retry threshold is exceeded. In such cases, the LDP threshold exceeded notification alerts the network administrator to the existence of a condition in the network that may warrant attention. RFC 3036, LDP Specification, details the incompatibilities that can exist between Cisco routers and/or other vendor LSRs in an MPLS network. Among such incompatibilities, for example, are the following:
Non-overlapping ATM VPI/VCI ranges (as noted above) or non-overlapping Frame-Relay DLCI ranges between LSRs attempting to set up an LDP session Unsupported label distribution method Dissimilar protocol data unit (PDU) size Dissimilar LDP feature support
The snmp-server enable traps mpls ldp command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
In the following example, LDP-specific informs are enabled and will be sent to the host myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps mpls ldp Router(config)# snmp-server host myhost.cisco.com informs version 2c public mpls-ldp
CFR-896
Syntax Description
up
(Optional) Enables only mplsTunnelUp notifications { mplsTeNotifyPrefix 1 }. MplsTunnelUp notifications are sent to a network management system (NMS) when an MPLS traffic engineering tunnel is configured and the tunnel transitions from an operationally down state to an up state. (Optional) Enables only mplsTunnelDown notifications { mplsTeNotifyPrefix 2 }. MplsTunnelDown notifications are generated and sent to the NMS when an MPLS traffic engineering tunnel transitions from an operationally up state to a down state. (Optional) Controls (enables or disables) only mplsTunnelRerouted notifications { mplsTeNotifyPrefix 3 }. MplsTunnelRerouted notifications are sent to the NMS under the following conditions: 1) The signaling path of an existing MPLS traffic engineering tunnel fails for some reason and a new path option is signaled and placed into effect (that is, the tunnel is rerouted). or 2) The signaling path of an existing MPLS traffic engineering tunnel is fully operational, but a better path option can be signaled and placed into effect (that is, the tunnel can be reoptimized). This reoptimization can be triggered by: a) a timer, b) the issuance of an mpls traffic-eng reoptimize command, or c) a configuration change that requires the resignaling of a tunnel.
down
reroute
Defaults
SNMP notifications are disabled by default. If this command is used without keywords, all available trap types (up, down, reroute) are enabled.
Command Modes
Global configuration
Command History
Modification This command was introduced. This command was integrated into Cisco IOS Release 12.0(17)ST. This command was integrated into Cisco IOS Release 12.2(8)T.
CFR-897
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) MPLS traffic engineering tunnel notifications. MPLS Tunnel StateChange notifications, when enabled, will be sent when the connection moves from an up to down state, when a connection moves from a down to up state, or when a connection is rerouted. If you do not specify a specific argument in conjunction with this command, all three types of MPLS traffic engineering tunnel notifications will be sent. The snmp-server enable traps mpls traffic-eng command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send MPLS notifications to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps mpls traffic-eng Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-898
Syntax Description
(Optional) Enables a notification for the assignment of a VRF to an interface that is operational or for the transition of a VRF interface to the operationally up state. (Optional) Enables a notification for the removal of a VRF from an interface or the transition of an interface to the down state. (Optional) Enables a notification of a warning that the number of routes created has crossed the warning threshold. This warning is sent only at the time the warning threshold is exceeded. The warning threshold value is a percentage of the max-threshold value, and is set using the maximum routes VRF configuration mode command. (Optional) Enables a notification that the maximum route limit (maximum route threshold) has been reached. Another notification is sent when the number of routes falls below the maximum route limit value. The max-threshold value is determined by the maximum routes VRF configuration mode command. (Optional) Enables a notification for any illegal labels received on a VRF interface. Labels are illegal if they are outside the legal range, do not have a Label Forwarding Information Base (LFIB) entry, or do not match table IDs for the label.
max-threshold
illegal-label
Defaults
Command Modes
Global configuration
Command History
Modification This command was introduced. This command was integrated into Cisco IOS Release 12.0(22)S. This command was integrated into Cisco IOS Release 12.2(13)T.
Usage Guidelines
If this command is used without any of the optional keywords, all MPLS VPN notification types are enabled.
CFR-899
For the vrf-up (mplsVrfIfUp) or vrf-down (mplsVrfIfDown) notifications to be issued from an ATM or Frame Relay subinterface, you must first configure the snmp-server traps atm subif command or the snmp-server traps frame-relay subif command on the subinterfaces, respectively. The values for mid-threshold and max-threshold are set using the maximum routes limit {warn-threshold | warning-only} VRF configuration mode command. The maximum routes command gives you two options:
maximum routes limit warning-onlygenerate a warning message when the <limit> is exceeded, or maximum routes limit warn-thresholdgenerate a warning message when the <warn-threshold> is reached.
If you choose maximum routes limit warning-only form of the command, a warning message is generated when the limit is exceeded, and the limit you specify will not be enforced. If you choose maximum routes limit warn-threshold form of the command, a warning message will be generated when the warn-threshold is reached, and the limit will be enforced. If you use the maximum routes limit warning-only command with the snmp-server enable traps mpls vpn command, a mid-threshold SNMP notification will be generated when the is limit value is reached or exceeded. No max-threshold SNMP notification will be generated. If you used the maximum routes limit warn-threshold command with the snmp-server enable traps mpls vpn command, a mid-threshold SNMP notification will be generated when the warn-threshold value is reached, and a max-threshold notification will be generated when the limit value is reached. The notification types described above are defined in the following MIB objects of the PPVPN-MPLS-VPN-MIB as follows:
Examples
In the following example, MPLS VPN trap notifications are sent to the host specified as 172.31.156.34 using the community string named public if a VRF transitions from a down state to an up state or from an up state to a down state:
Router(config)# snmp-server enable traps mpls vpn vrf-up vrf-down Router(config)# snmp-server host 172.31.156.34 traps public mpls-vpn
Related Commands
Description Sets the warning threshold and route maximum for VRFs. Enables ATM Subinterface SNMP notifications.
CFR-900
Description Enables Frame-Relay Subinterface SNMP notifications. Specifies the recipient of SNMP notifications.
CFR-901
Syntax Description
neighbor-change
(Optional) Enables notifications indicating when a routers PIM interface is disabled or enabled, or when a routers PIM neighbor adjacency expires or is established. (Optional) Enables notifications indicating a change in the rendezvous point (RP) mapping information due to either Auto-RP or bootstrap router (BSR) messages. (Optional) Enables notifications for monitoring invalid PIM protocol operations (for example, when a router receives a join or prune message for which the RP specified in the packet is not the RP for the multicast group or when a router receives a register message from a multicast group for which it is not the RP).
rp-mapping-change
invalid-pim-message
Defaults
Command Modes
Global configuration
Command History
Release 12.2(4)T
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. PIM notifications are defined in the CISCO-PIM-MIB.my and PIM-MIB.my files, available from the Cisco MIB web site on Cisco.com at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
Examples
The following example shows how to configure a router to generate notifications indicating that a PIM interface of the router has been enabled:
! Configure PIM traps to be sent as SNMPv2c traps to host with IP address 10.0.0.1. Router(config)# snmp-server host 10.0.0.1 traps version 2c public pim ! Configure router to send the neighbor-change class of notifications to host. Router(config)# snmp-server enable traps pim neighbor-change ! Enable PIM sparse-dense mode on Ethernet interface 0/0.
CFR-902
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface from which an SNMP trap should originate.
snmp-server enable traps Enables all available SNMP notifications on your system.
CFR-903
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Modification This command was introduced. This command was integrated into Cisco IOS Release 12.2(8)T.
Usage Guidelines
This command enables SNMP traps only. It does not support inform requests. To configure the PPPoE session-count thresholds at which SNMP notifications will be sent, use the pppoe limit max-sessions or pppoe max-sessions commands. For a complete description of this notification and additional MIB functions, see the CISCO-PPPOE-MIB.my file, available on Cisco.com at http://www.cisco.com/public/mibs/v2/.
Examples
The following example enables the router to send PPPoE session-count SNMP notifications to the host at the address 10.64.131.20:
snmp-server community public RW snmp-server enable traps pppoe snmp-server host 10.64.131.20 version 2c public udp-port 1717
Related Commands
Description Sets the maximum number of PPPoE sessions that will be permitted on a router, and sets the PPPoE session-count threshold at which an SNMP trap will be generated. Sets the maximum number of PPPoE sessions that will be permitted on an ATM PVC, PVC range, VC class, or VLAN, and sets the PPPoE session-count threshold at which an SNMP trap will be generated.
pppoe max-sessions
CFR-904
Description Specifies the recipient of an SNMP notification operation. Specifies the interface from which an SNMP trap should originate.
CFR-905
Syntax Description
health
(Optional) The rptrHealth trap conveys information related to the operational status of the repeater. This trap is sent either when the value of rptrOperStatus changes, or upon completion of a non-disruptive test. The rptrOperStatus object indicates the operational state of the repeater. Status values are as follows:
other(1)undefined or unknown status ok(2)no known failures rptrFailure(3)repeater-related failure groupFailure(4)group-related failure portFailure(5)port-related failure generalFailure(6)failure, unspecified type
reset
(Optional) The rptrResetEvent trap is sent on completion of a repeater reset action (triggered by the transition to a START state by a manual command). The rptrResetEvent trap is not sent when the agent restarts and sends an SNMP coldStart or warmStart trap.
Defaults
SNMP notifications are disabled by default. If no option keywords are specified when entering this command, all repeater notifications available on your system are enabled or disabled.
Command Modes
Global configuration
Command History
Release 11.1
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) Repeater MIB notifications, as defined in RFC 1516. RFC 1516 defines objects for managing IEEE 802.3 10 Mbps baseband repeaters, also known as hubs.
CFR-906
There are two sets of notifications available for this command. The following notification is defined in the CISCO-REPEATER-MIB (enterprise 1.3.6.1.4.1.9.9.22.3):
For a complete description of the repeater notifications and additional MIB functions, refer to the CISCO-REPEATER-MIB.my and CISCO-REPEATER-MIB-V1SMI.my files, available on Cisco.com at http://www.cisco.com/public/mibs/. The snmp-server enable traps repeater command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send repeater inform notifications to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps repeater Router(config)# snmp-server host myhost.cisco.com informs version 2c public
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-907
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 11.3
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) Cisco Service Assurance Agent notifications, as defined in the Response Time Monitor MIB (CISCO-RTTMON-MIB). The Service Assurance Agent was previously called the Response Time Reporter (RTR); the RTR syntax is retained in this command. This command enables the following notifications:
rttMonConnectionChangeNotification(valid for echo or pathEcho operations only) A rttMonConnectionChangeNotification indicates that a connection to a target (not to a hop along the path to a target) has either failed on establishment or been lost and when reestablished. rttMonTimeoutNotificationA rttMonTimeoutNotification indicates the occurrence of a timeout for a SAA operation. rttMonThresholdNotificationA rttMonThresholdNotification indicates the occurrence of a threshold violation for a SAA operation. rttMonVerifyErrorNotificationA rttMonVerifyErrorNotification indicates the occurrence of data corruption in an SAA operation
For a complete description of these notification types, and for information about the other MIB functions, see the CISCO-RTTMON-MIB.my file, available through the Cisco TAC SNMP Object Navigator tool at http://www.cisco.com/go/mibs . For further information about the SAA, see the Network Monitoring Using the Cisco Service Assurance Agent document at http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/ffun_c/fcfprt3/fcf017.htm.
CFR-908
The snmp-server enable traps syslog command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send SAA related informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps rtr Router(config)# snmp-server host myhost.cisco.com informs version 2c public rtr
Related Commands
Description Assigns an identification number for an SAA operation and enters SAA RTR configuration mode. Specifies the destination NMS and transfer parameters for SNMP notifications. Specifies the interface that an SNMP trap should originate from.
CFR-909
Syntax Description
authentication
(Optional) Controls the sending of SNMP authentication failure notifications. An authenticationFailure(4) trap signifies that the sending device is the addressee of a protocol message that is not properly authenticated. The authentication method depends on the version of SNMP being used. For SNMPv1 or SNMPv2c, authentication failure occurs for packets with an incorrect community string. For SNMPv3, authentication failure occurs for packets with an incorrect SHA/MD5 authentication key or for a packet that is outside of the authoritative SNMP engines window (for example, falls outside of configured access lists or time ranges). (Optional) Controls the sending of SNMP linkUp notifications. A linkUp(3) trap signifies that the sending device recognizes that one of the communication links represented in the agents configuration has come up. (Optional) Controls the sending of SNMP linkDown notifications. A linkDown(2) trap signifies that the sending device recognizes a failure in one of the communication links represented in the agents configuration. (Optional) Controls the sending of SNMP coldStart notifications. A coldStart(0) trap signifies that the sending device is reinitializing itself such that the agents configuration or the protocol entity implementation may be altered. (Optional) Controls the sending of SNMP warmStart notifications. A warmStart(1) trap signifies that the sending device is reinitializing itself such that neither the agent configuration nor the protocol entity implementation is altered.
linkup
linden
coldstart
warmstart
Defaults
SNMP notifications are disabled by default. If you enter this command with none of the optional keywords, all RFC 1157 SNMP notifications are enabled (or disabled, if using the no form).
Command Modes
Global configuration
CFR-910
Command History
Release 11.3
Modification The snmp-server enable traps snmp authentication command was introduced. This command replaced the snmp-server trap-authentication command. The following keywords were added:
12.1(3)T
12.1(5)T
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests for the specified notification types. If you do not enter an snmp-server enable traps snmp command, no notifications controlled by this command are sent. In order to configure the router to send these SNMP notifications, you must enter at least one snmp-server enable traps snmp command. If you enter the command with no keywords, all notification types are enabled. If you enter the command with a keyword, only the notification type related to that keyword is enabled. The snmp-server enable traps snmp command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. In order to send notifications, you must configure at least one snmp-server host command. For a host to receive a notification controlled by this command, both the snmp-server enable traps command and the snmp-server host command for that host must be enabled. If the notification type is not controlled by this command, just the appropriate snmp-server host command must be enabled. The snmp-server enable traps snmp [ linkup] [linkdown] form of this command globally enables or disables SNMP linkUp and linkDown traps. After enabling either of these traps globally, you can disable these traps on specific interfaces using the no snmp trap link-status command in interface configuration mode. Note that on the interface level, linkUp and linkDown traps are enabled by default. This means that you do not have to enable these notifications on a per-interface basis. However, linkUp and linkDown notifications will not be sent unless you enable them globally using the snmp-server enable traps snmp command.
Examples
The following example enables the router to send all traps to the host myhost.cisco.com, using the community string defined as public:
Router(config)# snmp-server enable traps snmp Router(config)# snmp-server host myhost.cisco.com public snmp
The following example enables the router to send all inform notifications to the host myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps snmp Router(config)# snmp-server host myhost.cisco.com informs version 2c public snmp
The following example shows the enabling all SNMP trap types, then the disabling of only the linkUp and linkDown trap:
Router> enable Password: Router# configure terminal
CFR-911
Enter configuration commands, one per line. End with CNTL/Z. Router(config)# snmp-server enable traps snmp Router(config)# end Router# more system:running-config | include traps snmp snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# no snmp-server enable traps snmp linkup linkdown Router(config)# end Router# more system:running-config | include traps snmp snmp-server enable traps snmp authentication coldstart warmstart
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies inform request options. Specifies the interface that an SNMP trap should originate from.
snmp-server enable traps Enables all available SNMP notifications on your system.
CFR-912
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 12.2(13)T
Usage Guidelines
The Cisco SRP MIB module (CISCO-SRP-MIB.my) provides objects for monitoring IP-over-SONET IPS SRP traffic using the SNMP. When IPS is enabled, if a node or fiber facility failure is detected, traffic going toward or coming from the failure direction is wrapped (looped) back to go in opposite direction on the other ring. The snmp-server enable traps srp command enables SRP state change notifications (traps or informs). SRP state change notifications are generated whenever one of the two sides of an SRP interface ring enters or leaves the wrapped state (when a ring wraps, or when a ring is restored). Specifically, the srpMACIpsWrapCounter object in the CISCO-SRP-MIB increments when a Ring wraps, and the value of the rpMACIpsLastUnWrapTimeStamp object changes when a ring unwraps. (An unwrap event happens when the original ring is restored.) The snmp-server enable traps srp command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
In the following example, SRP-specific informs are enabled and will be sent to the host myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps srp Router(config)# snmp-server host myhost.cisco.com informs version 2c public srp
CFR-913
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 11.3
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) system logging message notifications. System logging messages (also called system error messages, or syslog messages) are status notification messages that are generated by the routing device during operation. These messages are typically logged to a destination (such as the terminal screen, to a system buffer, or to a remote syslog host). If your software image supports the Cisco Syslog MIB, these messages can also be sent via SNMP to a network management station (NMS). To determine which software images support the Cisco Syslog MIB, used the Cisco MIB Locator tool at http://www.cisco.com/go/mibs/ .(At the time of writing, the Cisco Syslog MIB is only supported in Enterprise images.) Unlike other logging processes on the system, debug messages (enabled using CLI debug commands) are not included with the logging messages sent via SNMP. To specify the severity level at which notifications should be generated, use the logging history global configuration command. For additional information about the system logging process and severity levels, see the description of the logging commands. The syslog notification is defined by the clogMessageGenerated NOTIFICATION-TYPE object in the Cisco Syslog MIB (CISCO-SYSLOG-MIB.my). When a syslog message is generated by the device a clogMessageGenerated notification is sent to the designated NMS. The clogMessageGenerated notification includes the following objects: clogHistFacility, clogHistSeverity, clogHistMsgName, clogHistMsgText, clogHistTimestamp.
CFR-914
For a complete description of these objects and additional MIB information, see the text of CISCO-SYSLOG-MIB.my, available on Cisco.com using the SNMP Object Navigator tool at http://www.cisco.com/go/mibs . See also the CISCO-SYSLOG-EXT-MIB and the CISCO-SYSLOG-EVENT-EXT-MIB. The snmp-server enable traps syslog command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to send system logging messages at severity levels 0 (emergencies) through 2 (critical) to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps syslog Router(config)# logging history 2 Router(config)# snmp-server host myhost.cisco.com traps version 2c public
Related Commands
Description Limits syslog messages sent to the router's history table and to an SNMP NMS based on severity. Specifies the destination NMS and transfer parameters for SNMP notifications. Specifies the interface that an SNMP trap should originate from.
CFR-915
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 12.1(3)T
Modification This command was introduced for the Cisco AS5300 and Cisco AS5800.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. This command enables both traps and inform requests. This command controls (enables or disables) poor-quality-of-voice notifications. The poor-quality-of-voice notification is defined in CISCO-VOICE-DIAL-CONTROL-MIB as follows: enterprise 1.3.6.1.4.1.9.9.63.2 (1) cvdcPoorQoVNotification For a complete description of this notification and additional MIB functions, see the CISCO-VOICE-DIAL-CONTROL-MIB.my file, available on Cisco.com at http://www.cisco.com/public/mibs/v2/. The snmp-server enable traps voice poor-qov command is used in conjunction with the snmp-server host command. Use the snmp-server host command to specify which host or hosts receive SNMP notifications. To send SNMP notifications, you must configure at least one snmp-server host command.
Examples
The following example enables the router to poor-quality-of-voice informs to the host at the address myhost.cisco.com using the community string defined as public:
Router(config)# snmp-server enable traps voice poor-qov Router(config)# snmp-server host myhost.cisco.com informs version 2c public
CFR-916
Related Commands
Description Specifies the recipient of an SNMP notification operation. Specifies the interface that an SNMP trap should originate from.
CFR-917
Syntax Description
engineid-string
The character string that identifies the engine ID. Consists of up to 24 characters.
Defaults
An SNMP engine ID is generated automatically but is not displayed or stored in the running configuration. You can display the default or configured engine ID by using the show snmp engineID EXEC command.
Command Modes
Global configuration
Command History
Release 12.0(3)T
Usage Guidelines
The SNMP engine ID is a unique string used to identify the device for administration purposes. You do not need to specify an engine ID for the device; a default string is generated using Ciscos enterprise number (1.3.6.1.4.1.9) and the mac address of the first interface on the device. For further details on the SNMP engine ID, see RFC 2571. If you wish to specify your own ID, note that you need not specify the entire 24-character engine ID if it contains trailing zeros. Specify only the portion of the Engine ID up until the point where only zeros remain in the value. For example, to configure an engine ID of 123400000000000000000000, you can specify snmp-server engineID local 1234. Changing the value of snmpEngineID has important side-effects. A user's password (entered on the command line) is converted to an MD5 or SHA security digest. This digest is based on both the password and the local engine ID. The command line password is then destroyed, as required by RFC 2274. Because of this deletion, if the local value of engineID changes, the security digests of SNMPv3 users will be invalid, and the users will have to be reconfigured. Similar restrictions require the reconfiguration of community strings when the engine ID changes. A remote engine ID is required when an SNMPv3 inform is configured. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host.
Related Commands
CFR-918
Description Displays the identification of the local SNMP engine and all remote engines that have been configured on the router. Specifies the recipient (SNMP manager) of an SNMP trap notification.
CFR-919
Syntax Description
The IP address of the device that contains the remote copy of SNMP. (Optional) Specifies a User Datagram Protocol (UDP) port of the host to use. (Optional) The socket number on the remote device that contains the remote copy of SNMP. The default is 161. (Optional) Instance of a routing table. (Optional) Name of the VPN routing/forwarding (VRF) table to use for storing data. The character string that identifies the engine ID. Consists of up to 24 characters.
Defaults
Command Modes
Global configuration
Command History
Modification This command was introduced. The vrf keyword and vrf-name argument were introduced.
Usage Guidelines
You need not specify the entire 24-character engine ID if it contains trailing zeros. Specify only the portion of the engine ID up until the point where only zeros remain in the value. For example, to configure an engine ID of 123400000000000000000000, you can specify the value 1234 as the engineid-string. A remote engine ID is required when an SNMP version 3 inform is configured. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host.
CFR-920
Examples
The following example specifies the SNMP engine ID and configures the VRF name traps-vrf for SNMP communications with the remote device at 172.16.20.3:
Router(config)# snmp-server engineID remote 172.16.20.3 vrf traps-vrf 80000009030000B064EFE100
Related Commands
Description Displays the identification of the local SNMP engine and all remote engines that have been configured on the router. Specifies the recipient (SNMP manager) of an SNMP trap notification.
CFR-921
snmp-server group
snmp-server group
To configure a new Simple Network Management Protocol (SNMP) group, or a table that maps SNMP users to SNMP views, use the snmp-server group command in global configuration mode. To remove a specified SNMP group, use the no form of this command. snmp-server group group-name {v1 | v2c | v3 {auth | noauth | priv}} [read read-view] [write write-view] [notify notify-view ] [access access-list] no snmp-server group
Syntax Description
group-name v1 v2c
The name of the group. The least secure of the possible security models. The second least secure of the possible security models. It allows for the transmission of informs and counter 64, which allows for integers twice the width of what is normally allowed. The most secure of the possible security models. Specifies authentication of a packet without encrypting it. Specifies no authentication of a packet. Specifies authentication of a packet with encryption. (Optional) The option that allows you to specify a read view. A string (not to exceed 64 characters) that is the name of the view that enables you only to view the contents of the agent. (Optional) The option that allows you to specify a write view. A string (not to exceed 64 characters) that is the name of the view that enables you to enter data and configure the contents of the agent. (Optional) The option that allows you to specify a notify view A string (not to exceed 64 characters) that is the name of the view that enables you to specify a notify, inform, or trap. (Optional) The option that enables you to specify an access list. A string (not to exceed 64 characters) that is the name of the access list.
v3 auth noauth priv read read-view write write-view notify notify-view access access-list
Defaults
Default read-view
Definition Assumed to be every object belonging to the Internet (1.3.6.1) OID space, unless the user uses the read option to override this state.
CFR-922
snmp-server group
Table 124
Definition Nothing is defined for the write view (that is, the null OID). You must configure write access. Nothing is defined for the notify view (that is, the null OID). If a view is specified, any notifications in that view that are generated will be sent to all users associated with the group (provided an SNMP server host configuration exists for the user).
Command Modes
Global configuration
Command History
Release 11.(3)T
Usage Guidelines
When a community string is configured internally, two groups with the name public are autogenerated, one for the v1 security model and the other for the v2c security model. Similarly, deleting a community string will delete a v1 group with the name public and a v2c group with the name public.
Configuring Notify Views
Do not specify a notify view when configuring an SNMP group for the following reasons:
The snmp-server host command autogenerates a notify view for the user, and then adds it to the group associated with that user. Modifying the groups notify view will affect all users associated with that group. If a group has a notify view that is set using SNMP, you may need to change the notify view. The snmp-server host command may have been configured before the snmp-server group command. In this case, you must either reconfigure the snmp-server host command, or specify the appropriate notify view.
Instead of specifying the notify view for a group as part of the snmp-server group command, use the following commands in global configuration mode:
Command
Step 1 Step 1 Step 1
Purpose Configures an SNMP user. Configures an SNMP group, without adding a notify view. Autogenerates the notify view by specifying the recipient of a trap operation.
CFR-923
snmp-server group
No default values exist for authentication or privacy algorithms when you configure the command. Also, no default passwords exist. The minimum length for a password is one character, although Cisco recommends using eight characters for security. If you forget a password, you cannot recover it and will need to reconfigure the user. You can specify either a plain-text password or a localized MD5 digest. The following example shows how to enter a plain-text password for the string arizona2 for user John in group Johngroup, type the following command line:
snmp-server user John Johngroup v3 auth md5 arizona2
When you enter a show running-config command, you will not see a line for this user. To see if this user has been added to the configuration, type the show snmp user command. If you have the localized MD5 or SHA digest, you can specify that string instead of the plain-text password. The digest should be formatted as aa:bb:cc:dd where aa, bb, and cc are hex values. Also, the digest should be exactly 16 octets long. The following example shows how to specify the command with a digest name of 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:
Router(config)# snmp-server user John Johngroup v3 encrypted auth md5 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF
Related Commands
Description Displays the names of groups on the router and the security model, the status of the different views, and the storage type of each group.
CFR-924
snmp-server host
snmp-server host
To specify the recipient of a Simple Network Management Protocol (SNMP) notification operation, use the snmp-server host command in global configuration mode. To remove the specified host from the configuration, use the no form of this command. snmp-server host {hostname | ip-address} [vrf vrf-name] [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}] community-string [udp-port port] [notification-type] no snmp-server host {hostname | ip-address} [vrf vrf-name] [traps | informs] [version {1 | 2c | 3 [auth | noauth | priv]}] community-string [udp-port port] [notification-type]
Syntax Description
hostname | ip-address
Name, IP address, or IPv6 address of the SNMP notification host. The ip-address can be an IP or IPv6 address. The SNMP notification host is typically a network management station (NMS or SNMP manager). This host is the recipient of the SNMP traps or informs.
(Optional) Specifies that a Virtual Private Network (VPN) routing and forwarding (VRF) instance should be used to send SNMP notifications. (Optional) VPN VRF instance used to send SNMP notifications. (Optional) Specifies that notifications should be sent as traps. This is the default. (Optional) Specifies that notifications should be sent as informs. (Optional) Version of the SNMP used to send the traps. The default is 1. If you use the version keyword, one of the following keywords must be specified:
1SNMPv1. This option is not available with informs. 2cSNMPv2C. 3SNMPv3. The most secure model because it allows packet encryption with the priv keyword. The default is noauth. One of the following three optional security level keywords can follow the 3 keyword:
authEnables Message Digest 5 (MD5) and Secure Hash
CFR-925
snmp-server host
community-string
You can set this string using the snmp-server host command by itself, but Cisco recommends that you define the string using the snmp-server community command prior to using the snmp-server host command. The @ symbol is used for delimiting the context information. Avoid using the @ symbol as part of the SNMP community string when configuring this command.
Note
CFR-926
snmp-server host
notification-type
Optional) Type of notification to be sent to the host. If no type is specified, all available notifications are sent. The notification type can be one or more of the following keywords:
bgpSends Border Gateway Protocol (BGP) state change notifications. calltrackerSends Call Tracker call-start/call-end notifications. configSends configuration change notifications. cpuSends CPU-related notifications. directorSends DistributedDirector-related notifications. dspuSends downstream physical unit (DSPU) notifications. eigrpSends Enhanced Interior Gateway Routing Protocol (EIGRP) stuck-in-active (SIA) and neighbor authentication failure notifications. entitySends Entity MIB modification notifications. envmonSends Cisco enterprise-specific environmental monitor notifications when an environmental threshold is exceeded. flashSends flash media insertion and removal notifications. frame-relaySends Frame Relay notifications. hsrpSends Hot Standby Routing Protocol (HSRP) notifications. iplocalpoolSends IP local pool notifications. ipmobileSends Mobile IP notifications. ipsecSends IP Security (IPsec) notifications. isdnSends ISDN notifications. l2tun-pseudowire-statusSends pseudowire state change notifications. l2tun-sessionSends Layer 2 tunneling session notifications. llc2Sends Logical Link Control, type 2 (LLC2) notifications. memorySends memory pool and memory buffer pool notifications. mpls-ldpSends Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) notifications indicating status changes in LDP sessions. mpls-traffic-engSends MPLS traffic engineering notifications indicating changes in the status of MPLS traffic engineering tunnels. mpls-vpnSends MPLS VPN notifications. ospfSends Open Shortest Path First (OSPF) sham-link notifications. pimSends Protocol Independent Multicast (PIM) notifications. repeaterSends standard repeater (hub) notifications. rsrbSends remote source-route bridging (RSRB) notifications. rsvpSends Resource Reservation Protocol (RSVP) notifications. rtrSends Response Time Reporter (RTR) notifications. sdlcSends Synchronous Data Link Control (SDLC) notifications.
CFR-927
snmp-server host
Note
sdllcSends SDLC Logical Link Control (SDLLC) notifications. snmpSends any enabled RFC 1157 SNMP linkUp, linkDown, authenticationFailure, warmStart, and coldStart notifications. To enable RFC 2233 compliant link up/down notifications, you should use the snmp server link trap command. srpSends Spatial Reuse Protocol (SRP) notifications. stunSends serial tunnel (STUN) notifications. syslogSends error message notifications (Cisco Syslog MIB). Specify the level of messages to be sent with the logging history level command. ttySends Cisco enterprise-specific notifications when a TCP connection closes. voiceSends SNMP poor quality of voice traps, when used with the snmp enable peer-trap poor qov command. vrrpSends Virtual Router Redundancy Protocol (VRRP) notifications. vsimasterSends Virtual Switch Interface (VSI) Master notifications. x25Sends X.25 event notifications.
udp-port port
(Optional) Specifies that SNMP notifications or informs are to be sent to an NMS host. (Optional) UDP port number of the NMS host. The default is 162.
Command Default
This command is disabled. No notifications are sent. If you enter this command with no keywords, the default is to send all trap types to the host. No informs will be sent to the host. The no snmp-server host command with no keywords disables traps, but not informs, to the host. To disable informs, use the no snmp-server host informs command.
Note
If the community-string is not defined using the snmp-server community command prior to using this command, the default form of the snmp-server community command will automatically be inserted into the configuration. The password (community-string) used for this automatic configuration of the snmp-server community will be the same as specified in the snmp-server host command. This automatic command insertion and use of passwords is the default behavior for Cisco IOS Release 12.0(3) and later releases.
Command Modes
Global configuration
CFR-928
snmp-server host
Command History
Cisco IOS Release 12 Mainline/T Train The version 3 [auth | noauth | priv] syntax was added as part of the SNMPv3 Support feature. The hsrp notification-type keyword was added. The voice notification-type keyword was added.
12.1(3)T 12.2(2)T
The calltracker notification-type keyword was added for the Cisco AS5300 and AS5800 platforms.
The vrf vrf-name keyword/argument combination was added. The ipmobile notification-type keyword was added. Support for the vsimaster notification-type keyword was added for the Cisco 7200 and Cisco 7500 series. The pim notification-type keyword was added. The ipsec notification-type keyword was added. The mpls-traffic-eng notification-type keyword was added. The director notification-type keyword was added. The srp notification-type keyword was added. The mpls-ldp notification-type keyword was added. The flash notification-type keyword was added. The l2tun-session notification-type keyword was added. The cpu notification-type keyword was added. The memory notification-type keyword was added. The ospf notification-type keyword was added.
The iplocalpool notification-type keyword was added for the Cisco 7200 and 7301 series routers. The vrrp keyword was added.
Support for SNMP over IPv6 transport was integrated into Cisco IOS Release 12.3(14)T. Either an IP or IPv6 Internet address can be specified as the hostname argument. The eigrp notification-type keyword was added.
Cisco IOS Release 12.0S 12.0(17)ST 12.0(21)ST 12.0(22)S The mpls-traffic-eng notification-type keyword was integrated into Cisco IOS Release 12.0(17)ST. The mpls-ldp notification-type keyword was integrated into Cisco IOS Release 12.0(21)ST.
All features in the Cisco IOS Release 12.0ST train were integrated into Cisco IOS Release 12.0(22)S. The mpls-vpn notification-type keyword was added.
12.0(23)S 12.0(26)S
The l2tun-session notification-type keyword was added. The memory notification-type keyword was added.
CFR-929
snmp-server host
Release 12.0(27)S
Modification
Support for SNMP over IPv6 transport was added. Either an IP or IPv6 Internet address can be specified as the hostname argument. The vrf vrf-name keyword argument pair was integrated into Cisco IOS Release 12.0(27)S to support multiple Lightweight Directory Protocol (LDP) contexts for VPNs.
The l2tun-pseudowire-status notification-type keyword was added. This command was integrated into Cisco IOS Release 12.2(18)S.
The cpu notification-type keyword was added. The memory notification-type keyword was added.
This command was integrated into Cisco IOS Release 12.2(28)SB. This command was integrated into Cisco IOS Release 12.2(33)SRA.
Usage Guidelines
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments when it receives traps. The sender cannot determine if the traps were received. However, a SNMP entity that receives an inform request acknowledges the message with a SNMP response protocol data unit (PDU). If the sender never receives the response, the inform request can be sent again. Thus, informs are more likely to reach their intended destination. Compared to traps, informs consume more resources in the agent and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, traps are sent only once; an inform may be retried several times. The retries increase traffic and contribute to a higher overhead on the network. If you do not enter a snmp-server host command, no notifications are sent. To configure the router to send SNMP notifications, you must enter at least one snmp-server host command. If you enter the command with no keywords, all trap types are enabled for the host. To enable multiple hosts, you must issue a separate snmp-server host command for each host. You can specify multiple notification types in the command for each host. When multiple snmp-server host commands are given for the same host and kind of notification (trap or inform), each succeeding command overwrites the previous command. Only the last snmp-server host command will be in effect. For example, if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host, the second command will replace the first. The snmp-server host command is used in conjunction with the snmp-server enable command. Use the snmp-server enable command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server enable command and the snmp-server host command for that host must be enabled. Some notification types cannot be controlled with the snmp-server enable command. For example, some notification types are always enabled and others are enabled by a different command. For example, the linkUpDown notifications are controlled by the snmp trap link-status command. These notification types do not require an snmp-server enable command. A notification-type options availability depends on the router type and Cisco IOS software features supported on the router. For example, the envmon notification type is available only if the environmental monitor is part of the system. To see what notification types are available on your system, use the command help ? at the end of the snmp-server host command.
CFR-930
snmp-server host
The vrf keyword allows you to specify the notifications being sent to a specified IP address over a specific VRF. The VRF defines a VPN membership of a customer so data is stored using the VPN. The @ symbol is used as a delimiter between the community string and the context in which it is used. For example, specific VLAN information in BRIDGE-MIB may be polled using community@VLAN_ID (for example, public@100) where 100 is the VLAN number. Avoid using the @ symbol as part of the SNMP community string when configuring this command.
Regarding Notification-Type Keywords
The notification-type keywords used in the snmp-server host command do not always match the keywords used in the corresponding snmp-server enable traps command. For example, the notification keyword applicable to Multiprotocol Label Switching Protocol (MPLS) traffic engineering tunnels is specified as mpls-traffic-eng (containing two hyphens and no intervening spaces). The corresponding parameter in the snmp-server enable traps command is specified as mpls-traffic-eng (containing an intervening space and a hyphen). This syntax difference is necessary to ensure that the command-line interface (CLI) interprets the notification-type keyword of the snmp-server host command as a unified, single-word construct, which preserves the capability of the snmp-server host command to accept multiple notification-type keywords in the command line. The snmp-server enable traps commands, however, often use two-word constructs to provide hierarchical configuration options and to maintain consistency with the command syntax of related commands. Table 125 maps some examples of snmp-server enable traps commands to the keywords used in the snmp-server host command.
Table 125 Notication Keywords and Corresponding SNMP Enable Traps Commands
SNMP Enable Traps Command snmp-server enable traps l2tun session snmp-server enable traps mpls ldp snmp-server enable traps mpls traffic-eng snmp-server enable traps mpls vpn
1
1. See the Cisco IOS Multiprotocol Label Switching Command Reference for documentation of this command.
Examples
If you want to configure a unique SNMP community string for traps but prevent SNMP polling access with this string, the configuration should include an access list. The following example shows how to name a community string comaccess and number an access list 10:
Router(config)# snmp-server community comaccess ro 10 Router(config)# snmp-server host 172.20.2.160 comaccess Router(config)# access-list 10 deny any
Note
The sign (@) is used as a delimiter between the community string and the context in which it is used. For example, specific VLAN information in BRIDGE-MIB may be polled using community@VLAN_ID (for example, public@100) where 100 is the VLAN number. The following example shows how to send RFC 1157 SNMP traps to a host specified named myhost.cisco.com. Other traps are enabled, but only SNMP traps are sent because only snmp is specified in the snmp-server host command. The community string is defined as comaccess.
Router(config)# snmp-server enable traps Router(config)# snmp-server host myhost.cisco.com comaccess snmp
CFR-931
snmp-server host
The following example shows how to send the SNMP and Cisco environmental monitor enterprise-specific traps to address 172.30.2.160 using the community string public:
Router(config)# snmp-server enable traps snmp Router(config)# snmp-server enable traps envmon Router(config)# snmp-server host 172.30.2.160 public snmp envmon
The following example shows how to enable the router to send all traps to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable traps Router(config)# snmp-server host myhost.cisco.com public
The following example will not send traps to any host. The BGP traps are enabled for all hosts, but only the ISDN traps are enabled to be sent to a host. The community string is defined as public.
Router(config)# snmp-server enable traps bgp Router(config)# snmp-server host myhost.cisco.com public isdn
The following example shows how to enable the router to send all inform requests to the host myhost.cisco.com using the community string public:
Router(config)# snmp-server enable traps Router(config)# snmp-server host myhost.cisco.com informs version 2c public
The following example shows how to send HSRP MIB informs to the host specified by the name myhost.cisco.com. The community string is defined as public.
Router(config)# snmp-server enable traps hsrp Router(config)# snmp-server host myhost.cisco.com informs version 2c public hsrp
The following example shows how to send all SNMP notifications to company.com over the VRF named trap-vrf using the community string public:
Router(config)# snmp-server host company.com vrf trap-vrf public
The following example shows how to configure an IPv6 SNMP notification server with the IPv6 address 2001:0DB8:0000:ABCD:1 using the community string public:
Router(config)# snmp-server host 2001:0DB8:0000:ABCD:1 version 2c public udp-port 2012
The following example shows how to specify VRRP as the protocol using the community string public:
Router(config)# snmp-server enable traps vrrp Router(config)# snmp-server host myhost.cisco.com traps version 2c public vrrp
Related Commands
Command snmp-server enable peer-trap poor qov snmp-server enable traps snmp-server informs snmp-server link trap snmp-server trap-source snmp-server trap-timeout
Description Enables poor quality of voice notifications for applicable calls associated with a specific voice dial peer. Enables SNMP notifications (traps and informs). Specifies inform request options. Enables linkUp/linkDown SNMP traps, which are compliant with RFC 2233. Specifies the interface (and hence the corresponding IP address) from which a SNMP trap should originate. Defines how often to try resending trap messages on the retransmission queue.
CFR-932
snmp-server informs
snmp-server informs
To specify inform request options, use the snmp-server informs command in global configuration mode. To return the settings to the defaults, use the no form of this command. snmp-server informs [retries retries] [timeout seconds] [pending pending] no snmp-server informs [retries retries] [timeout seconds] [pending pending]
Syntax Description
(Optional) Maximum number of times to resend an inform request. The default is 3. (Optional) Number of seconds to wait for an acknowledgment before resending. The default is 30 seconds. (Optional) Maximum number of informs waiting for acknowledgments at any one time. When the maximum is reached, older pending informs are discarded. The default is 25.
Defaults
Inform requests are resent three times. Informs are resent after 30 seconds if no response is received. The maximum number of informs waiting for acknowledgments at any one time is 25.
Command Modes
Global configuration
Command History
Release 11.3 T
Examples
The following example increases the pending queue size if you are seeing a large number of inform drops:
snmp-server informs pending 50
The following example increases the default timeout if you are sending informs over slow network links. Because informs will be sitting in the queue for a longer period of time, you may also need to increase the pending queue size.
snmp-server informs timeout 60 pending 40
The following example decreases the default timeout if you are sending informs over very fast links:
snmp-server informs timeout 5
The following example increases the retry count if you are sending informs over unreliable links. Because informs will be sitting in the queue for a longer period of time, you may need to increase the pending queue size.
snmp-server informs retries 10 pending 45
CFR-933
snmp-server informs
Related Commands
CFR-934
snmp-server location
snmp-server location
To set the system location string, use the snmp-server location command in global configuration mode. To remove the location string, use the no form of this command. snmp-server location text no snmp-server location
Syntax Description
text
Defaults
Command Modes
Global configuration
Command History
Release 10.0
Examples
Related Commands
CFR-935
Syntax Description
seconds
Number of seconds before an idle session is timed out. The default is 600 seconds.
Defaults
Command Modes
Global configuration
Command History
Release 11.3 T
Usage Guidelines
Sessions are created when the SNMP manager in the router sends SNMP requests, such as inform requests, to a host or receives SNMP notifications from a host. One session is created for each destination host. If there is no further communication between the router and host within the session timeout period, the session will be deleted. The router tracks statistics, such as the average round-trip time required to reach the host, for each session. Using the statistics for a session, the SNMP manager in the router can set reasonable timeout periods for future requests, such as informs, for that host. If the session is deleted, all statistics are lost. If another session with the same host is later created, the request timeout value for replies will return to the default value. However, sessions consume memory. A reasonable session timeout value should be large enough such that regularly used sessions are not prematurely deleted, yet small enough such that irregularly used, or one-shot sessions, are purged expeditiously.
Examples
The following example sets the session timeout to a larger value than the default:
snmp-server manager snmp-server manager session-timeout 1000
CFR-936
Related Commands
Description Displays the current set of pending SNMP requests. Displays the current SNMP sessions.
CFR-937
snmp-server manager
snmp-server manager
To start the Simple Network Management Protocol (SNMP) manager process, use the snmp-server manager command in global configuration mode. To stop the SNMP manager process, use the no form of this command. snmp-server manager no snmp-server manager
Syntax Description
Defaults
Disabled
Command Modes
Global configuration
Command History
Release 11.3 T
Usage Guidelines
The SNMP manager process sends SNMP requests to agents and receives SNMP responses and notifications from agents. When the SNMP manager process is enabled, the router can query other SNMP agents and process incoming SNMP traps. Most network security policies assume that routers will be accepting SNMP requests, sending SNMP responses, and sending SNMP notifications. With the SNMP manager functionality enabled, the router may also be sending SNMP requests, receiving SNMP responses, and receiving SNMP notifications. The security policy implementation may need to be updated prior to enabling this functionality. SNMP requests are typically sent to UDP port 161. SNMP responses are typically sent from UDP port 161. SNMP notifications are typically sent to UDP port 162.
Examples
Related Commands
Command show snmp show snmp pending show snmp sessions snmp-server manager session-timeout
Description Checks the status of SNMP communications. Displays the current set of pending SNMP requests. Displays the current SNMP sessions. Sets the amount of time before a nonactive session is destroyed.
CFR-938
snmp-server packetsize
snmp-server packetsize
To establish control over the largest Simple Network Management Protocol (SNMP) packet size permitted when the SNMP server is receiving a request or generating a reply, use the snmp-server packetsize command in global configuration mode. To restore the default value, use the no form of this command. snmp-server packetsize byte-count no snmp-server packetsize
Syntax Description
byte-count
Integer byte count from 484 to 8192. The default is 1500 bytes.
Defaults
1500 bytes
Command Modes
Global configuration
Command History
Release 10.0
Examples
The following example establishes a packet filtering of a maximum size of 1024 bytes:
snmp-server packetsize 1024
Related Commands
Description Establishes the message queue length for each trap host.
CFR-939
snmp-server queue-length
snmp-server queue-length
To establish the message queue length for each trap host, use the snmp-server queue-length command in global configuration mode. snmp-server queue-length length
Syntax Description
length
Integer that specifies the number of trap events that can be held before the queue must be emptied.
Defaults
10 events
Command Modes
Global configuration
Command History
Release 10.0
Usage Guidelines
This command defines the length of the message queue for each trap host. Once a trap message is successfully transmitted, software will continue to empty the queue, but never faster than at a rate of four trap messages per second. During device bootup, there is a possibility that some traps could be dropped because of trap queue overflow on the device. If you suspect this is occurring, you can increase the size of the trap queue (for example, to 100) to determine if traps are then able to be sent during bootup.
Examples
Related Commands
Description Establishes control over the largest SNMP packet size permitted when the SNMP server is receiving a request or generating a reply.
CFR-940
snmp-server system-shutdown
snmp-server system-shutdown
To use the Simple Network Management Protocol (SNMP) message reload feature, the router configuration must include the snmp-server system-shutdown command in global configuration mode. To prevent an SNMP system-shutdown request (from an SNMP manager) from resetting the Cisco agent, use the no form of this command. snmp-server system-shutdown no snmp-server system-shutdown
Syntax Description
Defaults
Command Modes
Global configuration
Command History
Release 10.0
Examples
CFR-941
snmp-server tftp-server-list
snmp-server tftp-server-list
To limit the TFTP servers used via Simple Network Management Protocol (SNMP) controlled TFTP operations (saving and loading configuration files) to the servers specified in an access list, use the snmp-server tftp-server-list command in global configuration mode. To disable this function, use the no form of this command. snmp-server tftp-server-list number no snmp-server tftp-server-list
Syntax Description
number
Defaults
Disabled
Command Modes
Global configuration
Command History
Release 10.2
Examples
The following example limits the TFTP servers that can be used for configuration file copies via SNMP to the servers in access list 44:
snmp-server tftp-server-list 44
CFR-942
Syntax Description
ietf
This required keyword indicates to the command parser that you would like to link functionality of SNMP linkUp/linkDown traps to the Internet Engineering Task Force (IETF) standard (as opposed to the previous Cisco implementation).
Defaults
Command Modes
Global configuration
Command History
Release 12.1(2)T
Usage Guidelines
The snmp-server trap link ietf command is used to configure your router to use the RFC2233 IETF standards-based implementation of linkUp/linkDown traps. This command is disabled by default to allow you to continue using the earlier Cisco implementation of linkUp/linkDown traps if you so choose. However, please note that when using the default Cisco object definitions, linkUp/linkDown traps are not generated correctly for sub-interfaces. In the default implementation an arbitrary value is used for the locIfReason object in linkUp/linkDown traps for sub-interfaces, which may give you unintended results. This is because the locIfReason object is not defined for sub-interfaces in the current Cisco implementation, which uses OLD-CISCO-INTERFACES-MIB.my. If you do not enable this functionality, the link trap varbind list will consist of {ifIndex, ifDescr, ifType, locIfReason}. After you enable this functionality with the snmp-server trap link ietf command, the varbind list will consist of {inIndex, ifAdminStatus,ifOperStatus, if Descr, ifType}. The locIfReason object will also be conditionally included in this list depending on whether meaningful information can be retrieved for that object. A configured sub-interface will generate retrievable information. On non-HWIDB interfaces, there will be no defined value for locIfReason, so it will be omitted from the trap message.
CFR-943
Examples
The following example shows the enabling of the RFC 2233 linkUp/linkDown traps, starting in privileged EXEC mode:
Router# config term Enter configuration commands, one per line. End with CNTL/Z. Router(config)# snmp-server trap link ietf Router(config)# end Router# more system:running config . . . ! snmp-server engineID local 00000009000000A1616C2056 snmp-server community public RO snmp-server community private RW snmp-server trap link ietf ! . . .
Related Commands
Description Displays information about every SNMP packet sent or received by the router for the purposes of troubleshooting.
CFR-944
snmp-server trap-authentication
snmp-server trap-authentication
The snmp-server trap-authentication command has been replaced by the snmp-server enable traps snmp authentication command. See the description of the snmp-server enable traps snmp command in this chapter for more information.
CFR-945
snmp-server trap-source
snmp-server trap-source
To specify the interface (and hence the corresponding IP address) that a Simple Network Management Protocol (SNMP) trap should originate from, use the snmp-server trap-source command in global configuration mode. To remove the source designation, use the no form of the command. snmp-server trap-source interface no snmp-server trap-source
Syntax Description
interface
Interface from which the SNMP trap originates. The argument includes the interface type and number in platform-specific syntax (for example, type/slot/port).
Defaults
No interface is specified.
Command Modes
Global configuration
Command History
Release 10.0
Usage Guidelines
When an SNMP trap or inform is sent from a Cisco SNMP server, it has a notification address of whatever interface it happened to go out of at that time. Use this command to monitor notifications from a particular interface.
Examples
The following example specifies that the IP address for Ethernet interface 0 is the source for all SNMP notifications:
Router(config)# snmp-server trap-source ethernet 0
The following example specifies that the IP address for the Ethernet interface in slot2, port 1 is the source for all SNMP notifications:
Router(config)# snmp-server trap-source ethernet 2/1
Related Commands
Description Enables a router to send SNMP traps and informs. Specifies the recipient of an SNMP notification operation.
CFR-946
snmp-server trap-timeout
snmp-server trap-timeout
To define how often to try resending trap messages on the retransmission queue, use the snmp-server trap-timeout command in global configuration mode. snmp-server trap-timeout seconds
Syntax Description
seconds
Integer that sets the interval (in seconds) for resending the messages. The default is 30 seconds.
Defaults
30 seconds
Command Modes
Global configuration
Command History
Release 10.0
Usage Guidelines
Before the Cisco IOS software tries to send a trap, it looks for a route to the destination address. If there is no known route, the trap is saved in a retransmission queue. The snmp server trap-timeout command determines the number of seconds between retransmission attempts.
Examples
The following example sets an interval of 20 seconds to try resending trap messages on the retransmission queue:
snmp-server trap-timeout 20
Related Commands
Description Specifies the recipient of an SNMP notification operation. Establishes the message queue length for each trap host.
CFR-947
snmp-server user
snmp-server user
To configure a new user to a Simple Network Management Protocol (SNMP) group, use the snmp-server user command in global configuration mode. To remove a user from an SNMP group, use the no form of the command. snmp-server user username group-name [remote host [udp-port port]] {v1 | v2c | v3 [encrypted] [auth {md5 | sha} auth-password]} [access access-list] no snmp-server user
Syntax Description
username group-name remote host udp-port port v1 v2c v3 encrypted auth md5 sha auth-password access access-list
The name of the user on the host that connects to the agent. The name of the group to which the user belongs. (Optional) Specifies a remote SNMP entity to which the user belongs, and the hostname or IP address of that entity. (Optional) Specifies the UDP port number of the remote host. The default is UDP port 162. Specifies that SNMPv1 should be used. Specifies that SNMPv2c should be used. Specifies that the SNMPv3 security model should be used. Allows the use of the encrypted and/or auth keywords. (Optional) Specifies whether the password appears in encrypted format (a series of digits, masking the true characters of the string). (Optional) Specifies which authentication level should be used. The HMAC-MD5-96 authentication level. The HMAC-SHA-96 authentication level. A string (not to exceed 64 characters) that enables the agent to receive packets from the host. (Optional) Specifies an access list to be associated with this SNMP user. The access-list argument represents a value from1 to 99 that is the identifier of the standard IP access list.
Defaults
Table 126 describes default behaviors for encryption, passwords and access lists.
Table 126 snmp-server user Default Descriptions
Characteristic encryption
Default Not present by default. The encrypted keyword is used to specify that the auth and priv passwords are MD5 digests and not text passwords. Assumed to be text strings. Access from all IP access lists is permitted. All users are assumed to be local to this SNMP engine unless you specify they are remote with the remote keyword.
CFR-948
snmp-server user
Command Modes
Global configuration
Command History
Release 12.0(3)T
Usage Guidelines
To configure a remote user, specify the IP address or port number for the remote SNMP agent of the device where the user resides. Also, before you configure remote users for a particular agent, configure the SNMP engine ID, using the command snmp-server engineID with the remote option. The remote agents SNMP engine ID is needed when computing the authentication/privacy digests from the password. If the remote engine ID is not configured first, the configuration command will fail. SNMP passwords are localized using the SNMP engine ID of the authoritative SNMP engine. For informs, the authoritative SNMP agent is the remote agent. You need to configure the remote agents SNMP engine ID in the SNMP database before you can send proxy requests or informs to it.
Related Commands
Description Displays information on each SNMP username in the group username table.
CFR-949
snmp-server view
snmp-server view
To create or update a view entry, use the snmp-server view command in global configuration mode. To remove the specified Simple Network Management Protocol (SNMP) server view entry, use the no form of this command. snmp-server view view-name oid-tree {included | excluded} no snmp-server view view-name
Syntax Description
view-name oid-tree
Label for the view record that you are updating or creating. The name is used to reference the record. Object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system. Replace a single subidentifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4. Type of view. You must specify either included or excluded.
included | excluded
Defaults
Command Modes
Global configuration
Command History
Release 10.0
Usage Guidelines
Other SNMP commands require a view as an argument. You use this command to create a view to be used as arguments for other commands that create records including a view. Two standard predefined views can be used when a view is required, instead of defining a view. One is everything, which indicates that the user can see all objects. The other is restricted, which indicates that the user can see three groups: system, snmpStats, and snmpParties. The predefined views are described in RFC 1447. The first snmp-server command that you enter enables both versions of SNMP.
Examples
The following example creates a view that includes all objects in the MIB-II subtree:
snmp-server view mib2 mib-2 included
The following example creates a view that includes all objects in the MIB-II system group and all objects in the Cisco enterprise MIB:
snmp-server view phred system included snmp-server view phred cisco included
CFR-950
snmp-server view
The following example creates a view that includes all objects in the MIB-II system group except for sysServices (System 7) and all objects for interface 1 in the MIB-II interfaces group:
snmp-server view agon system included snmp-server view agon system.7 excluded snmp-server view agon ifEntry.*.1 included
Related Commands
Description Sets up the community access string to permit access to the SNMP protocol.
CFR-951
Syntax Description
Defaults
The router does not accept SNTP traffic from broadcast servers.
Command Modes
Global configuration
Command History
Release 11.2
Usage Guidelines
SNTP is a compact, client-only version of the NTP. SNMP can only receive the time from NTP servers; it cannot be used to provide time services to other systems. SNTP typically provides time within 100 milliseconds of the accurate time, but it does not provide the complex filtering and statistical mechanisms of NTP. In addition, SNTP does not authenticate traffic, although you can configure extended access lists to provide some protection. You must configure the router with either this command or the sntp server global configuration command to enable SNTP.
Examples
The following example enables the router to accept broadcast NTP packets and shows sample show sntp command output:
Router(config)# sntp broadcast client Router(config)# end Router# %SYS-5-CONFIG: Configured from console by console Router# show sntp SNTP server 172.21.28.34 Stratum 4 Version 3 Last Receive 00:00:36 Synced
Bcast
CFR-952
Related Commands
Description Displays information about SNTP on a Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router. Configures a Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router to use SNTP to request and accept NTP traffic from a time server.
CFR-953
sntp server
sntp server
To configure a Cisco 800, Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router to use the Simple Network Time Protocol (SNTP) to request and accept Network Time Protocol (NTP) traffic from a stratum 1 time server, use the sntp server command in global configuration mode. To remove a server from the list of NTP servers, use the no form of this command. sntp server {address | hostname} [version number] no sntp server {address | hostname}
Syntax Description
IP address of the time server. Host name of the time server. (Optional) Version of NTP to use. The default is 1.
Defaults
The router does not accept SNTP traffic from a time server.
Command Modes
Global configuration
Command History
Release 11.2
Usage Guidelines
SNTP is a compact, client-only version of the NTP. SNMP can only receive the time from NTP servers; it cannot be used to provide time services to other systems. SNTP typically provides time within 100 milliseconds of the accurate time, but it does not provide the complex filtering and statistical mechanisms of NTP. In addition, SNTP does not authenticate traffic, although you can configure extended access lists to provide some protection. Enter this command once for each NTP server. You must configure the router with either this command or the sntp broadcast client global configuration command in order to enable SNTP. SNTP time servers should operate only at the root (stratum 1) of the subnet, and then only in configurations where no other source of synchronization other than a reliable radio or modem time service is available. A stratum 2 server cannot be used as an SNTP time server. The use of SNTP rather than NTP in primary servers should be carefully considered.
Examples
The following example enables the router to request and accept NTP packets from the server at 172.21.118.9 and displays sample show sntp command output:
Router(config)# sntp server 172.21.118.9 Router(config)# end Router# %SYS-5-CONFIG: Configured from console by console
CFR-954
sntp server
Router# show sntp SNTP server 172.21.118.9 Stratum 5 Version 3 Last Receive 00:01:02 Synced
Related Commands
Description Displays information about SNTP on a Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router. Configures a Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router to use SNTP to accept NTP traffic from any broadcast server.
CFR-955
special-character-bits
special-character-bits
To configure the number of data bits per character for special characters such as software flow control characters and escape characters, use the special-character-bits command in line configuration mode. To restore the default value, use the no form of this command. special-character-bits {7 | 8} no special-character-bits
Syntax Description
7 8
Selects the 7-bit ASCII character set. This is the default. Selects the full 8-bit character set for special characters.
Defaults
Command Modes
Line configuration
Command History
Release 10.0
Usage Guidelines
Setting the special character bits to 8 allows you to use twice as many special characters as with the 7-bit ASCII character set. The special characters affected by this setting are the escape, hold, stop, start, disconnect, and activation characters.
Examples
The following example allows the full 8-bit international character set for special characters on line 5:
Router(config)# line 5 Router(config-line)# special-character-bits 8
Related Commands
Command default-value exec-character-bits default-value special-character-bits exec-character-bits terminal exec-character-bits terminal special-character-bits
Description Defines the EXEC character width for either 7 bits or 8 bits. Configures the flow control default value from a 7-bit width to an 8-bit width. Configures the character widths of EXEC and configuration command characters. Locally changes the ASCII character set used in EXEC and configuration command characters for the current session. Changes the ASCII character widths to accept special characters for the current terminal line and session.
CFR-956
squeeze
squeeze
To permanently erase files tagged as deleted or error on Class A Flash file systems, use the squeeze command in EXEC mode. squeeze [/nolog] [/quiet] filesystem:
Syntax Description
(Optional) Disables the squeeze log (recovery data) and accelerates the squeeze process. (Optional) Disables status messages during the squeeze process. The Flash file system, followed by a colon.
Command Modes
EXEC
Command History
Release 11.1 12.2(1) 12.2(4)XL 12.1(9), 12.0(17)S 12.0(17)ST, 12.2(2), 12.2(2)T, 12.2(2)B, 12.1(9)E
Modification This command was introduced. This command was implemented on the Cisco 2600 and Cisco 3600 series routers. This command was implemented on the Cisco 1700 series routers. The /nolog and /quiet keywords were added.
Usage Guidelines
When Flash memory is full, you might need to rearrange the files so that the space used by the files marked deleted can be reclaimed. (This squeeze process is required for linear Flash memory cards to make sectors contiguous; the free memory must be in a block to be usable.) When you enter the squeeze command, the router copies all valid files to the beginning of Flash memory and erases all files marked deleted. After the squeeze process is completed, you can write to the reclaimed Flash memory space.
Caution
After performing the squeeze process you cannot recover deleted files using the undelete EXEC mode command. In addition to removing deleted files, the squeeze command removes any files that the system has marked as error. An error file is created when a file write fails (for example, the device is full). To remove error files, you must use the squeeze command. Rewriting Flash memory space during the squeeze operation may take several minutes. Using the /nolog keyword disables the log for the squeeze process. In most cases this will speed up the squeeze process. However, if power is lost or the Flash card is removed during the squeeze process, all the data on the Flash card will be lost, and the device will have to be reformatted.
CFR-957
squeeze
Note
Using the /nolog keyword makes the squeeze process uninterruptible. Using the /quiet keyword disables the output of status messages to the console during the squeeze process. If the optional keywords are not used, the progress of squeeze process will be displayed to the console, a log for the process will be maintained, and the squeeze process is interruptible. On Cisco 2600 or Cisco 3600 series routers, the entire file system needs to be erased once before the squeeze command can be used. After being erased once, the squeeze command should operate properly on the Flash file system for the rest of the Flash file systems history. To erase an entire flash file system on a Cisco 2600 or 3600 series router, perform the following steps:
Step 1
If the Flash file system has multiple partitions, enter the no partition command to remove the partitions. The reason for removing partitions is to ensure that the entire Flash file system is erased. The squeeze command can be used in a Flash file system with partitions after the Flash file system is erased once. Enter the erase command to erase the Flash file system.
Step 2
Examples
In the following example, the file named config1 is deleted, and then the squeeze command is used to reclaim the space used by that file. The /nolog option is used to speed up the squeeze process.
Router# delete config1 Delete filename [config1]? Delete slot0:conf? [confirm] Router# dir slot0: ! Note that the deleted file name appears in square brackets Directory of slot0:/ 1 -rw4300244 Apr 02 2001 03:18:07 c7200-boot-mz.122-0.14 2 -rw2199 Apr 02 2001 04:45:15 [config1] 3 -rw4300244 Apr 02 2001 04:45:23 image 20578304 bytes total (11975232 bytes free) !20,578,304 - 4,300,244 - 4,300,244 - 2,199 - 385 = 11975232
Router# squeeze /nolog slot0: %Warning: Using /nolog option would render squeeze operation uninterruptible. All deleted files will be removed. Continue? [confirm] Squeeze operation may take a while. Continue? [confirm] Squeeze of slot0 completed in 291.832 secs . Router# dir slot0: Directory of slot0:/ 1 2 -rw-rw4300244 4300244 Apr 02 2001 03:18:07 Apr 02 2001 04:45:23 c7200-boot-mz.122-0.14 image
20578304 bytes total (11977560 bytes free) !20,578,304 - 4,300,244 - 4,300,244 - 256 = 11977560
CFR-958
squeeze
Related Commands
Description Deletes a file on a Flash memory device. Displays a list of files on a file system. Recovers a file marked deleted on a Class A or Class B Flash file system.
CFR-959
state-machine
state-machine
To specify the transition criteria for the state of a particular state machine, use the state-machine command in global configuration mode. To remove a particular state machine from the configuration, use the no form of this command. state-machine name state first-character last-character [next-state | transmit] no state-machine name
Syntax Description
name
Name for the state machine (used in the dispatch-machine line configuration command). The user can specify any number of state machines, but each line can have only one state machine associated with it. State being modified. There are a maximum of eight states per state machine. Lines are initialized to state 0 and return to state 0 after a packet is transmitted. Specifies a range of characters. Use ASCII numerical values. If the state machine is in the indicated state, and the next character input is within this range, the process goes to the specified next state. Full 8-bit character comparisons are done, so the maximum value is 255. Ensure that the line is configured to strip parity bits (or not generate them), or duplicate the low characters in the upper half of the space. (Optional) State to enter if the character is in the specified range. (Optional) Causes the packet to be transmitted and the state machine to be reset to state 0. Recurring characters that have not been explicitly defined to have a particular action return the state machine to state 0.
next-state transmit
Defaults
Command Modes
Global configuration
Command History
Release 10.0
Usage Guidelines
This command is paired with the dispatch-machine line configuration command, which defines the line on which the state machine is effective.
CFR-960
state-machine
Examples
In the following example a dispatch machine named function is configured to ensure that the function key characters on an ANSI terminal are kept in one packet. Because the default in the example is to remain in state 0 without sending anything, normal key signals are sent immediately.
Router(config)# line 1 20 Router(config-line)# dispatch-machine function Router(config-line)# exit Router(config)# state-machine function 0 0 255 transmit
Related Commands
Description Defines a character that causes a packet to be sent. Specifies an identifier for a TCP packet dispatch state machine on a particular line. Sets the character dispatch timer.
CFR-961
statistics-distribution-interval
statistics-distribution-interval
To set the time interval for each statistics distribution kept for the Service Assurance Agent (SAA), use the statistics-distribution-interval command in SAA RTR configuration mode. To return to the default value, use the no form of this command. statistics-distribution-interval milliseconds no statistics-distribution-interval
Syntax Description
milliseconds
Number of milliseconds (ms) used for each statistics distribution kept. The default is 20 ms.
Defaults
20 ms
Command Modes
Command History
Release 11.2
Usage Guidelines
In most situations, you do not need to change the statistical distribution interval or size. Only change the interval or size when distributions are needed, for example, when performing statistical modeling of your network. To set the statistical distributions size, use the distributions-of-statistics-kept SAA RTR configuration command.
Examples
In the following example, the distribution is set to five and the distribution interval is set to 10 ms. This means that the first distribution will contain statistics from 0 to 9 ms, the second distribution will contain statistics from 10 to 19 ms, the third distribution will contain statistics from 20 to 29 ms, the fourth distribution will contain statistics from 30 to 39 ms, and the fifth distribution will contain statistics from 40 ms to infinity.
Router(config)# rtr Router(config-rtr)# Router(config-rtr)# Router(config-rtr)# 1 type echo protocol ipIcmpEcho 172.28.161.21 distribution-of-statistics-kept 5 statistics-distribution-interval 10
Related Commands
Description Sets the number of statistic distributions kept per hop during the SAA operations lifetime. Set the number of hops for which statistics are maintained per path for the SAA operation.
CFR-962
statistics-distribution-interval
Description Sets the number of hours for which statistics are maintained for the SAA operation. Sets the number of paths for which statistics are maintained per hour for the SAA operation. Specifies an SAA operation and enters SAA RTR configuration mode.
CFR-963