Nortel 5399 User Manual page 62

Chapter 2 Simple Network Management Protocol (SNMP)
Model 5399 Remote Access Concentrator Network Administrator's Guide for UNIX
A-58
Defining the Community String
When an SNMP request is received by the agent in the 5399 RAC, the
agent performs three tests to authenticate the request. The tests are as
follows:
• Each SNMP message contains a community string in its header.
The receiving SNMP agent tries to match the message's string
with an existing community string list. If there is no match, the
SNMP agent discards the message without responding to the
sender and the MIB-II object snmpInBadCommunityNames is
incremented.)
• When the community string match is found the sender's IP
address is checked against the IP address for the matching
community string(s). If there is no match, the SNMP agent
discards the message without responding to the sender and the
MIB-II object snmpInBadCommunityNames is incremented.
• If the community string and the IP address in the SNMP request
matches one of the configured community strings, the access
mode is checked for that community. If the access is Read-write,
the SNMP request is processed. If the access is Read-only and
the SNMP is a Get or Get next, the request is processed. In all
other cases, (access is None or access is Read-only and request
is a Set), an error noSuchName is returned to the sender and the
MIB-II object snmpBadCommunity uses is incremented.
The keyword community defines an SNMP community name from
which the 5399 RAC responds to requests. At system start-up, the SNMP
agent requires at least one community string to be defined in the
configuration file. If the file does not contain a community string, the
5399 RAC defaults to the community name public (unless SNMP is
disabled in the parameter disabled_modules).
Book A