Data Center (SLX)

Expand all | Collapse all

how to configure snmp host when the snmp server is in one VRF?

  • 1.  how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 09:13
    how to configure snmp host when the snmp server address is in one VRF? Is it support? Thank you.


  • 2.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 10:02
    Does the below config work for you:

    rb3(config)# rb 3
    rb3(config-rbridge-id-3)# vrf TEST
    rb3(config-vrf-TEST)# exit
    rb3(config-rbridge-id-3)# exit
    rb3(config)# snmp-server host 10.1.1.1 public use-vrf TEST ?
    Possible completions:
    severity-level Severity level associated with traps
    source-interface Interface IP address to be used as a source address for Traps
    udp-port Port number used to send traps.
    version Version used to send traps.

    rb3(config)# snmp-server host 10.1.1.1 public use-vrf TEST
    rb3(config-host-10.1.1.1/public)#

    The example is for NOS, for SLX-OS VRF will be created globally rather than at RB level. Also "v3host" is used instead of "host", if the server is using SNMP v3 for authorization/encryption.

    Many thanks,
    Sargis


  • 3.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 10:44
    Hi Sargis,
    Sorry I forgot to mention I'm using MLX,Looks like the Netlron OS is different from NOS. But didn't find the command for MLX.

    MLX(config)#snmp-server host 1.1.1.1 ?
    version SNMP version or security model

    MLX(config)#snmp-server host 1.1.1.1 v
    version SNMP version or security model
    MLX(config)#snmp-server host 1.1.1.1 version ?
    v1 SNMP version or security model 1
    v2c SNMP version or security model 2
    v3 SNMP version or security model 3
    MLX(config)#snmp-server host 1.1.1.1 version v3 ?
    auth SNMP v3 security level 2 or authentication
    noauth SNMP v3 security level 1 or none
    priv SNMP v3 security level 3 or authentication & privacy





    MLX(config)#vrf ?
    ASCII string Name of VRF (up to 255 characters)
    MLX(config)#vrf test
    MLX(config-vrf-test)#?
    address-family Enter Address Family command mode
    clear Clear table/statistics/keys
    cls Clear screen
    end End Configuration level and go to Privileged
    level
    exit Exit current level
    exit-address-family Exit Address Family command mode
    exit-vrf Exit IP VRF mode
    ip VRF specific IP commands
    no Undo/disable commands
    quit Exit to User level
    rd Configure Route Distinguisher
    route-target Configure Target VPN Extended Communities
    show Display system information
    write Write running configuration to flash or terminal

    MLX(config-vrf-test)#


  • 4.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 10:53
    I don't think that's supported, but you could configure a specific VRF as management VRF, which will possibly switch SNMP to that VRF (together with some other mgmt services). A sample config for that would be:

    code:
    vrf mgmt-vrf

    code:
     rd 1:1

    code:
     address-family ipv4

    code:
     ip route 0.0.0.0/0 10.1.1.1 

    code:
     exit-address-family


    code:
    management-vrf mgmt-vrf


    code:
    interface management 1

    code:
     vrf for mgmt-vrf

    code:
     ip address 10.1.1.2/24

    code:
     enable


    Many thanks,
    Sargis


  • 5.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 10:55
    Trying a better formatting

    code:
    vrf mgmt-vrf
    rd 1:1
    address-family ipv4
    ip route 0.0.0.0/0 10.1.1.1
    exit-address-family

    management-vrf mgmt-vrf

    interface management 1
    vrf for mgmt-vrf
    ip address 10.1.1.2/24
    enable




    Many thanks,
    Sargis


  • 6.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-17-2018 14:42
    I believe what you are looking for is Context Mapping:

    For V3, you simply map a Context to a VRF:

    code:
    device (Config)# snmp-server context context-name vrf vrf-name


    For V1/V2c, in addition to the Context to VRF association, you create a community map in order to map the Context to a Community name:

    code:
    device (Config)# snmp-server mib community-map community-name context context-name


    Now whenever you create a host using the set context or community name, traps will be sent on that VRF.

    A full explanation can be found in the NI 6.0 Management Guide (starting on page 214)


  • 7.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-18-2018 02:38
    Hi Michael,
    How can the vrf aware the NMS is in global routing table? I never use the snmp context, could you pls explain a little bit more on how it works? Thanks.


  • 8.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-18-2018 08:14
    Thank you Sargis!


  • 9.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-18-2018 14:27
    I think I better understand your issue now.

    My previous post mainly pertains to incoming SNMP managment traffic, which is allowed on any VRF. However outbound management traffic is only sent out via the Default VRF or the configured Mangement VRF as Sargis detailed.

    Your SNMP management device will need to either be on the default VRF or on the configured Management VRF.


  • 10.  RE: how to configure snmp host when the snmp server is in one VRF?

    Posted 12-20-2018 05:56
    I‘m understand that now. Thanks a lot Michael!’