Snmp Notifications; Snmpv3; Configuring Snmp - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual

Information About SNMP
S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
SNMP is defined in RFCs 3411 to 34180.
Cisco NX-OS does not support SNMP sets for Ethernet MIBs.
Note
The Cisco Nexus 5000 Series switch supports SNMPv1, SNMPv2c and SNMPv3. Both SNMPv1 and
SNMPv2c use a community-based form of security.

SNMP Notifications

A key feature of SNMP is the ability to generate notifications from an SNMP agent. These notifications
do not require that requests be sent from the SNMP manager. Notifications can indicate improper user
authentication, restarts, the closing of a connection, loss of connection to a neighbor router, or other
significant events.
Cisco NX-OS generates SNMP notifications as either traps or informs. Traps are less reliable than
informs because the SNMP manager does not send any acknowledgment when it receives a trap. The
switch cannot determine if the trap was received. An SNMP manager that receives an inform request
acknowledges the message with an SNMP response protocol data unit (PDU). If the Cisco Nexus 5000
Series switch never receives a response, it can send the inform request again.
You can configure Cisco NX-OS to send notifications to multiple host receivers. See the
SNMP Notification Receivers" section on page 27-6

SNMPv3

SNMPv3 provides secure access to devices by a combination of authenticating and encrypting frames
over the network. The security features provided in SNMPv3 are the following:
•
•
•
SNMPv3 provides for both security models and security levels. A security model is an authentication
strategy that is set up for a user and the role in which the user resides. A security level is the permitted
level of security within a security model. A combination of a security model and a security level
determines which security mechanism is employed when handling an SNMP packet.
This section contains the following topics:
•
•
•
•
Security Models and Levels for SNMPv1, v2, v3
The security level determines if an SNMP message needs to be protected from disclosure and if the
message needs to be authenticated. The various security levels that exist within a security model are as
follows:
•
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
27-2
Message integrity—Ensures that a packet has not been tampered with in-transit.
Authentication—Determines the message is from a valid source.
Encryption—Scrambles the packet contents to prevent it from being seen by unauthorized sources.
Security Models and Levels for SNMPv1, v2, v3, page 27-2
User-Based Security Model, page 27-3
CLI and SNMP User Synchronization, page 27-4
Group-Based SNMP Access, page 27-4
noAuthNoPriv—Security level that does not provide authentication or encryption.
Chapter 27
for more information about host receivers.

Configuring SNMP

"Configuring
OL-16597-01