The SNMP port is used in the Abilis CPX unit to implement the homonym TCP/IP network management protocol.
The Simple Network Management Protocol (SNMP) uses the Connection Less transport service provided by the UDP protocol and makes possible the automatic management of some devices by one or more supervisor platforms.
The working principle of the SNMP lies in the exchange of configuration information, statistics, alarms, etc, among suitable devices for network supervision, called SNMP Manager, and processes called SNMP Agent, placed in the devices to be controlled.
The SNMP protocol is like a client/server system: the controlling station (manager) polls, by suitable commands, the server processes (agents), which are the elements to be controlled. They latter answer to the SNMP Manager by back messages.
The protocol also allows the Agent processes to send unsolicited messages, called Traps, to the Manager ones for pointing out particular events such as alarms, exceptions, etc.
An important feature of the SNMP protocol is the MIB (Management Information Base), which contains the description of the configuration/statistics "objects" available in the SNMP Agents and their availability of being controlled by SNMP Managers.
The Abilis CPX SNMP port implements a SNMP Agent process, according to the SNMP Vers.1 (SNMPv1) protocol standard. This makes possible to achieve supervision functions of the Abilis CPX from SNMP Manager made by any producer.
In the implementation, which this manual refers to, the MIBs of the following rules are available:
RFC1213: Management Information Base for Network Management of TCP/IP-based internets: MIB-II. (RFC1213-MIB)
RFC1354: IP Forwarding Table MIB. (RFC1354-MIB)
RFC1612: DNS Resolver MIB Extensions. (DNS-RESOLVER-MIB)
RFC1643: Definitions of Managed Objects for the Ethernet-like Interface Types. (EtherLike-MIB)
RFC1724: RIP Version 2 MIB Extension. (RIPv2-MIB)
RFC1748: IEEE 802.5 MIB using SMIv2. (TOKENRING-MIB)
The Abilis proprietary MIB, ABILIS-CPX-MIB, adds to the above list for a more powerful management of the CPX unit.
The SNMP Agent port is labelled in the Abilis CPX by the "SNMP" abbreviation and it is provided with the parameters described in the following section.
Here is an example of the SNMP port parameters. All of them are DEFAULT values.
[15:43:20] ABILIS_CPX: D P PO:904 PO:904 - SnmpV1_Agent --------------------------------------------------------- SNMP lowpo:902 ACT:YES locport:161 fifo:5 COMMUNITY:public IPSRC:* IPSRCLIST:# TRAP:YES AUTHTRAP:NO TRAPREP:10 TRAPDEST:192.168.000.002 TRAPSRC:R-ID (062.110.059.130)
To activate any change made on the lowercase parameters, the system has to be started again, on the contrary for the uppercase parameters it is enough to submit the initialization command INIT PO:.
lowpo: | Identification of the lower level Abilis CPX port |
NONE | 1 - 999, NONE |
Sets up the lower level CPX port, it can be only an UDP type port.
If the value is set to "NONE" the SNMP port is isolated.
ACT: | Activation of the SNMP functionalities |
NO | NO, YES |
It enables the above mentioned functionalities to be actually activated. If the parameter is set to "NO", although the port is configured and active, it won't carry out any function in the system.
locport: | Identification of the local IP port in use |
161 | 161 |
Sets the local IP port to be used by the SNMP one. The number of the IP port reserved for the SNMP process Agent type is 161.
The parameter is only informative and its value cannot be modified.
fifo: | Receiving FIFO size |
5 | 1 - 50 |
Sets the number of available buffers in the receiving FIFO of the SNMP port. If the queue will be full, the SNMP port won't receive anymore and further datagrams will be discarded by the lower UDP port.
COMMUNITY: | Keyword used for the authenticating procedure |
public | from 1 to 32 alphanumeric characters |
By this parameter it is possible to set the keyword used by the authenticating procedure of those SNMP management systems able to query the SNMP Agent of the Abilis CPX. Only those, which have the same value of the "Community Name" as the local SNMP port, are allowed to supervise.
The authenticating procedure, as expected by SNMPv1 protocol, simply checks if the content of the "Community Name" in the query frames received is the same as the "COMMUNITY:" of the local port.
If it doesn't match, the query frames are rejected and, if the parameter AUTHTRAP: is set to "YES", a wrong authentication message is sent to the system, whose IP is configured in the parameter TRAPDEST:.
IPSRC: | IP address of the permitted SNMP management station |
* | see table, * |
This parameter makes possible to set the IP address of the SNMP source management from which the SNMP Agent of the Abilis CPX can receive requests.
The allowable values are shown in the following table:
HEX: | 00000000 | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
---|---|---|---|
DDN: | 0.0.0.0 | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
At the moment, D and E IP class addresses are not supported.
The character '*', in this case, means 'any IP source address' and it makes every SNMP management system able to query the local agent.
IPSRCLIST: | IP addresses list of the permitted SNMP management stations |
# | ListName, # |
The parameter makes possible to set a IP addresses list of the SNMP management systems able to query the SNMP Agent of the Abilis CPX.
The shown name of the list must be the same as the one previously defined in the table of the elements lists. The allowed types of lists are: IP addresses (IP); groups of IP addresses (IR); lists of "Rules" (RU); lists of "Master Rules" (MR).
The value '#' is used with the meaning of "no list".
TRAP: | Activating the generation of informative asynchronous signalling |
NO | NO, YES |
This parameter makes possible to activate the generation, by the SNMP port, of informative asynchronous signaling (called "trap") to the SNMP Manager, whose IP address must be declared in the TRAPDEST: parameter.
The traps generated by the SNMP port are, of course, provided by the SNMPv1 protocol, in addition, another set is defined according to the own MIB of Abilis CPX.
If the parameter is set to "NO", the generation is disabled.
If it is set to "YES", the SNMP port will send informative asynchronous signaling to that system whose IP address is declared in the TRAPDEST: parameter, if and only if this one contains a valid IP address.
AUTHTRAP: | Activating the generation of the wrong authentication signalling |
NO | NO, YES |
The parameter makes the SNMP port able to generate informative signalling if it receives requests from not authorized SNMP Manager processes.
The authentication of those management systems, which can query the SNMP Agent of the Abilis CPX, is made by comparing the value of the parameter COMMUNITY: against the content of field "Community Name" contained in the query.
If the parameter is set to "NO", the generation of wrong authentication traps is disabled.
If it is set to "YES", the SNMP port will send traps to the system whose IP address is configured in the parameter TRAPDEST: but only if it contains a valid IP address and the parameter TRAP: is set to "YES" too.
TRAPREP: | Time interval between repetitions of the same trap |
10 | NO, 1 - 255 ( in minutes) |
This parameter sets the time interval which has to pass before sending again the same trap.
Important signals, such as alarms, out of service states, etc. are indeed repeated by the SNMP Agent of the Abilis CPX each "TRAPREP" minutes for all the time they are set. In this way it is possible to avoid such situations where, for any reason, the SNMP Manager devices could not get the trap.
If the value is set to "NO" traps will not be repeated.
TRAPDEST: | IP address of the management station which is recipient for the traps |
# | see table, #, ListName |
This parameter makes possible to set the IP address, or a list of IP addresses, of the management system to which must be sent the informative asynchronous signalling generated by the SNMP Agent of the Abilis CPX.
If the manager device, where traps have to be sent to, is only one, the available values of IP address are shown in the following table:
HEX: | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
---|---|---|
DDN: | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
D and E class of IP addresses are not, at the moment, supported.
The character '#' is used to not send any trap regardless if the parameter TRAP: is set to "YES".
If it is needed to send traps to more than one manager device, the list of their IP addresses must be set in the parameter. The name of this list must be specified in between apexes and it has to be already declared into the elements list.
The allowed types of lists are: IP addresses (IP); groups of IP addresses (IR).
TRAPSRC: | Source IP address for traps |
R-ID | R-ID, OUT-IPP, see table |
It allows to define the source IP address to be used for outgoing traps.
The "R-ID" value makes possible to use the Router-ID IP address.
The "OUT-IPP" value makes possible to use the IP address of the IP port used by the outgoing trap.
The specification of an IP address, in Dotted Decimal Notation, is also allowed. The available values of IP address are shown in the following table:
HEX: | 01000000 - 7EFFFFFF | 80000000 - DFFFFFFF |
---|---|---|
DDN: | 1.0.0.0 - 126.255.255.255 | 128.0.0.0 - 223.255.255.255 |
D and E class of IP addresses are not, at the moment, supported.
Example of how to check the status and the statistics of the SNMP port by the command D S.
[15:43:20] ABILIS_CPX: D S PO:904 . PO:904 ------------------------------------------------------------------------ SNMP STATE:READY -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---| PCK | 23330 | 23415 |GET-REQ | 23308 | 0 | GET-NEXT | 14 | 0 |SET-REQ | 0 | 0 | GET-RESP | 0 | 23308 |TRAP | 0 | 93 | ------------------------------------------------------------------------
Extended statistics are even available for the SNMP ports. The following example shows how to check the extended statistics of the SNMP port, by using the command D SE:
[15:43:20] ABILIS_CPX: D SE PO:904 . PO:904 ------------------------------------------------------------------------ SNMP --- Cleared 040:21:05:21 ago, on 15/02/2002 at 17:45:00 ---------------- -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---| PCK | 23330 | 23415 |GET-REQ | 23308 | 0 | GET-NEXT | 14 | 0 |SET-REQ | 0 | 0 | GET-RESP | 0 | 23308 |TRAP | 0 | 93 | BAD-VER | 0 | |BAD-COM-N | 8 | | BAD-COM-U | 0 | |ASN-ERR | 0 | | TOO-BIG | 0 | 0 |NO-NAME | 14 | 0 | BAD-VAL | 0 | 0 |RONLY | 0 | | GEN_ERR | 0 | 0 |REQ_VAR | 93136 | | SET_VAR | 0 | | ------------------------------------------------------------------------
The information "Cleared DDD:HH:MM:SS ago, at DD/MM/YYYY HH:MM:SS", referred by the extended statistics, shows both the time elapsed since the last reset of the statistics (by the format "days:hours:minutes:seconds") and date/time of its execution recovered from the current date/time set (by the format "day/month/year" and "hours:minutes:seconds").
STATE: | Actual value of the SNMP port driver |
INACTIVE, ACTIVE, READY, DISCONNECTING, HALTED |
It shows the actual state of the driver.
Driver | States | Meaning | Values shown in: | ||
---|---|---|---|---|---|
System Log | Events Log | Display LCD | |||
SNMP | INACTIVE | The configuration parameter ACT: is set to "NO", therefore the driver is active, but idle. By setting the value of the parameter to "YES" and executing the command INIT PO:, actually the driver will be operating. | IN | ||
DOWN | The configuration parameter ACT: is set to "YES", but the driver is not connected with the port UDP or the parameter LOWPO: is set to NONE. | DN | |||
READY | The configuration parameter ACT: is set to "YES", the driver is successfully connected with the port UDP and it is able to manage its functions. | RD | |||
DISCONNECTING | The driver is going to be disconnected by the port UDP. | DG | |||
HALTED | Owing to an error the driver is halted | HL | |||
ERR | Software error. Please contact the ABILIS assistance. | NA |
PCK: | Number of sent/received packets |
0 - 4.294.967.295 |
The counter PCK (INPUT) is incremented every time a SNMP frame is received. Similarly the counter PCK (OUTPUT) every time a SNMP frame is sent.
GET-REQ: | Number of GetRequest frames received |
0 - 4.294.967.295 |
The counter GET-REQ (INPUT) is incremented every time a query frame of GetRequest type is received.
GET-NEXT: | Number of GetNext frames received |
0 - 4.294.967.295 |
The counter GET-NEXT (INPUT) is incremented every time a query frame of GetNext type is received.
SET-REQ: | Number of SetRequest frames received |
0 - 4.294.967.295 |
The counter SET-REQ (INPUT) is incremented every time a query frame of SetRequest type is received.
GET-RESP: | Number of GetResponse frames sent |
0 - 4.294.967.295 |
The counter GET-RESP (OUTPUT) is incremented every time a response frame of GetResponse type is sent.
TRAP: | Number of asynchronous messages (Traps) sent |
0 - 4.294.967.295 |
The counter TRAP (OUTPUT) is incremented every time an informative asynchronous message (Traps) is sent.
BAD-VER: | Number of messages with a bad Version field |
0 - 4.294.967.295 |
The counter BAD-VER (INPUT) is incremented every time a query frame, whose "Version" field is different from SNMPv1, is received. it is wasted owing to the protocol incompatibility.
BAD-COM-N: | Number of messages with a bad Community Name field |
0 - 4.294.967.295 |
The counter BAD-COM-N (INPUT) is incremented every time a query frame, whose "Community Name" field is different from the one configured in the parameter COMMUNITY:, is received.
BAD-COM-U: | Number of messages with an inadequate "Community Name" field |
0 - 4.294.967.295 |
The counter BAD-COM-U (INPUT) is incremented every time a query frame, whose "Community Name" field is not suitable for the command, is received.
ASN-ERR: | Number of wrongly coded messages received |
0 - 4.294.967.295 |
The SNMP protocol requires the content of the frames to be coded according to the rules fixed by ASN1-BER (Abstract Syntax Notation 1 - Basic Encoding Rules). The counter ASN-ERR (INPUT) is incremented every time the content of the received frame does not match the standard; the frame is deleted.
TOO-BIG: | Number of messages with "TooBig" error code generated |
0 - 4.294.967.295 |
The SNMP protocol expects that, if a frame bigger than 1500 bytes is asked to be generated, the SNMP Agent should reply to this request with a message, whose error code is "TooBig". The counter TOO-BIG (OUTPUT) is incremented every time, the above mentioned message is generated.
NO-NAME: | Number of messages with "NoSuchName" error code generated |
0 - 4.294.967.295 |
The counter NO-NAME (OUTPUT) is incremented every time a response frame, whose error code is "NoSuchName", is generated. Such a code means that the received request asked for a parameter or a configuration variable that is unknown or inaccessible by the SNMP Agent. The SNMP protocol version 1 expects the same error message, instead of using the "ReadOnly" error code, to be generated even if the received frames ask to set the value of a "read only" variable.
BAD-VAL: | Number of messages with "BadValue" error code generated |
0 - 4.294.967.295 |
The counter BAD-VAL (OUTPUT) is incremented every time a response frame, whose error code is "BadValue", is generated. Such code means that the received request asked the Agent to set a parameter or a configuration variable to a not allowed value.
RONLY: | Number of messages with "ReadOnly" error code generated |
0 - 4.294.967.295 |
The counter BAD-VAL (OUTPUT) is incremented every time a response frame, whose error code is "BadValue", is generated. Such code means that the received request asked the Agent to set a parameter or a "read only" configuration variable.
GEN-ERR: | Number of messages with "GenErr" error code generated |
0 - 4.294.967.295 |
The counter GEN-ERR (OUTPUT) is incremented every time a response frame, whose error code is not referable to the already defined ones, is generated.
REQ-VAR: | Number of all the variables which have been asked for their value |
0 - 4.294.967.295 |
The counter REQ-VAR (INPUT) reports the number of all the variables or parameters which the Agent received a "READ" request for (GetRequest o GetNext).
SET-VAR: | Number of all the variables asked to be set |
0 - 4.294.967.295 |
The counter SET-VAR (INPUT) reports the number of all the variables or parameters which the Agent received a "WRITE" request for (SetRequest).