SNMP Support for VPNs

The Simple Network Management Protocol (SNMP) Support for VPNs feature allows the sending and receiving of SNMP notifications (traps and informs) using VPN routing and forwarding (VRFs) tables. In particular, this feature adds support to Cisco software for the sending and receiving of SNMP notifications (traps and informs) specific to individual VPNs.

The SNMP Support for VPNs feature provides configuration commands that allow users to associate SNMP agents and managers with specific VRFs. The specified VRF is used for the sending of SNMP notifications (traps and informs) and responses between agents and managers. If a VRF is not specified, the default routing table for the VPN is used.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information about SNMP Support for VPNs

SNMP Support for VPNs

The SNMP Support for VPNs feature allows SNMP traps and informs to be sent and received using VPN routing/forwarding (VRF) tables. In particular, this feature adds support to Cisco software for sending and receiving SNMP traps and informs that are specific to individual VPNs.

A VPN is a network that provides high connectivity transfers on a shared system with the same usage guidelines as a private network. A VPN can be built on the Internet over IP, Frame Relay, or ATM networks.

A VRF stores per-VPN routing data. It defines the VPN membership of a customer site attached to the network access server (NAS). A VRF consists of an IP routing table, a derived Cisco Express Forwarding table, and guidelines and routing protocol parameters that control the information that is included in the routing table.

The SNMP Support for VPNs feature provides configuration commands that allow users to associate SNMP agents and managers with specific VRFs. The specified VRF is used for sending SNMP traps and informs and responses between agents and managers. If a VRF is not specified, the default routing table for the VPN is used.

The SNMP Support for VPNs feature allows you to configure an SNMP agent to accept only SNMP requests from a certain set of VPNs. With this configuration, service providers can provide network management services to their customers, so that the customers can manage all user VPN devices.

How to Configure SNMP Support for VPNs

Configuring SNMP Support for VPNs

This section describes how to configure SNMP support for VPNs. The SNMP Support for VPNs feature provides configuration commands that allow users to associate SNMP agents and managers with specific VRFs. The specified VRF is used to send SNMP traps and informs and responses between agents and managers. If a VRF is not specified, the default routing table for the VPN is used.

Support for VPNs allows users to configure an SNMP agent to only accept SNMP requests from a certain set of VPNs. With this configuration, providers can provide network management services to their customers who then can manage all user VPN devices.

Note
  • This feature is not supported on all Cisco platforms. Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
  • Not all MIBs are VPN aware. To list the VPN-aware MIBs, use the show snmp mib context command.

Perform this task to configure SNMP support for a specific VPN.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    snmp-server host host-address [vrf vrf-name] [traps | informs] [version {1| 2c| 3 [auth | noauth | priv]}] community-string [udp-port port] [notification-type]

    4.    snmp-server engineID remote ip-address [udp-port udp-port-number] [vrf vrf-name] engineid-string

    5.    end

    6.    show snmp host


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:

    Perform this task to configure SNMP support for a specific VPN. 

    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 snmp-server host host-address [vrf vrf-name] [traps | informs] [version {1| 2c| 3 [auth | noauth | priv]}] community-string [udp-port port] [notification-type]


    Example:
    Device(config)# snmp-server host example.com vrf trap-vrf public
     

    Specifies the recipient of an SNMP notification operation and specifies the VRF table to be used for the sending of SNMP notifications.

     
    Step 4 snmp-server engineID remote ip-address [udp-port udp-port-number] [vrf vrf-name] engineid-string


    Example:
    Device(config)# snmp-server engineID remote 172.16.20.3 vrf traps-vrf
     

    Configures a name for the remote SNMP engine on a device when configuring SNMP over a specific VPN for a remote SNMP user.

     
    Step 5 end


    Example:
    Device(config)# end
     

    Exits global configuration mode.

     
    Step 6 show snmp host


    Example:
    Device# show snmp host
     

    (Optional) Displays the SNMP configuration and verifies that the SNMP Support for VPNs feature is configured properly.

     

    Configuration Example for SNMP Support for VPNs

    Example: Configuring SNMP Support for VPNs

    In the following example all SNMP notifications are sent to example.com over the VRF named trap-vrf: 

    Device(config)# snmp-server host example.com vrf trap-vrf

    In the following example the VRF named “traps-vrf” is configured for the remote server 172.16.20.3: 

    Device(config)# snmp-server engineID remote 172.16.20.3 vrf traps-vrf 80000009030000B064EFE100

    Additional References

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Cisco IOS Master Command List, All Releases

    SNMP commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

    Cisco IOS SNMP Command Reference

    Cisco implementation of RFC 1724, RIP Version 2 MIB Extensions

    RIPv2 Monitoring with SNMP Using the RFC 1724 MIB Extensions feature module

    DSP Operational State Notifications for notifications to be generated when a digital signaling processor (DSP) is used

    DSP Operational State Notifications feature module

    Standards and RFCs

    Standard/RFC

    Title

    CBC-DES (DES-56) standard

    Symmetric Encryption Protocol

    STD: 58

    Structure of Management Information Version 2 (SMIv2)

    RFC 1067

    A Simple Network Management Protocol

    RFC 1091

    Telnet terminal-type option

    RFC 1098

    Simple Network Management Protocol (SNMP)

    RFC 1157

    Simple Network Management Protocol (SNMP)

    RFC 1213

    Management Information Base for Network Management of TCP/IP-based internets:MIB-II

    RFC 1215

    Convention for defining traps for use with the SNMP

    RFC 1901

    Introduction to Community-based SNMPv2

    RFC 1905

    Common Management Information Services and Protocol over TCP/IP (CMOT)

    RFC 1906

    Telnet X Display Location Option

    RFC 1908

    Simple Network Management Protocol (SNMP)

    RFC 2104

    HMAC: Keyed-Hashing for Message Authentication

    RFC 2206

    RSVP Management Information Base using SMIv2

    RFC 2213

    Integrated Services Management Information Base using SMIv2

    RFC 2214

    Integrated Services Management Information Base Guaranteed Service Extensions using SMIv2

    RFC 2271

    An Architecture for Describing SNMP Management Frameworks

    RFC 2570

    Introduction to Version 3 of the Internet-standard Network Management Framework

    RFC 2578

    Structure of Management Information Version 2 (SMIv2)

    RFC 2579

    Textual Conventions for SMIv2

    RFC 2580

    Conformance Statements for SMIv2

    RFC 2981

    Event MIB

    RFC 2982

    Distributed Management Expression MIB

    RFC 3413

    SNMPv3 Applications

    RFC 3415

    View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)

    RFC 3418

    Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)

    MIBs

    MIB

    MIBs Link

    • Circuit Interface Identification MIB

    • Cisco SNMPv2

    • Ethernet-like Interfaces MIB

    • Event MIB

    • Expression MIB Support for Delta, Wildcarding, and Aggregation

    • Interfaces Group MIB (IF-MIB)

    • Interfaces Group MIB Enhancements

    • MIB Enhancements for Universal Gateways and Access Servers

    • MSDP MIB

    • NTP MIB

    • Response Time Monitor MIB

    • Virtual Switch MIB

    To locate and download MIBs for selected platforms, releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    Technical Assistance

    Description

    Link

    The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for SNMP Support for VPNs

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to . An account on Cisco.com is not required.
    Table 1 Feature Information for SNMP Support for VPNs

    Feature Name

    Releases

    Feature Information

    SNMP Support for VPNs

    12.0(23)S

    12.2(2)T

    12.2(33)SB

    12.2(33)SXH

    15.0(1)S

    Cisco IOS XE Release 3.1.0SG

    The SNMP Support for VPNs feature allows SNMP traps and informs to be sent and received using VRF tables. In particular, this feature adds support to the Cisco software for sending and receiving SNMP traps and informs specific to individual VPNs.