To specify the recipient of a Simple Network Management Protocol (SNMP) notification operation, use the snmp-server
host command in global configuration mode. To remove the specified host from the configuration, use the no form of this command.
snmp-server host ip-address [vrf vrf-name | informs | traps | version {1 | 2c | 3 [auth | noauth | priv]}] community-string [udp-port port [notification-type] | notification-type]
no snmp-server host {hostname | ip-address} [vrf vrf-name | informs | traps | version {1 | 2c | 3 [auth | noauth | priv]}] community-string [udp-port port [notification-type] | notification-type]
Syntax Description
ip-address
|
IPv4 address or IPv6 address of the SNMP notification host.
|
vrf
|
(Optional) Specifies that a VPN routing and forwarding (VRF) instance should be used to send SNMP notifications.
|
vrf-name
|
(Optional) VPN VRF instance used to send SNMP notifications.
|
informs
|
(Optional) Specifies that notifications should be sent as informs.
|
traps
|
(Optional) Specifies that notifications should be sent as traps. This is the default.
|
version
|
(Optional) Specifies the version of the SNMP that is used to send the traps or informs. The default is 1.
If you use the version keyword, one of the following keywords must be specified:
One of the following three optional security level keywords can follow the 3 keyword:
-
auth —Enables message digest algorithm 5 (MD5) and Secure Hash Algorithm (SHA) packet authentication.
-
noauth —Specifies that the noAuthNoPriv security level applies to this host. This is the default security level for SNMPv3.
-
priv —Enables Data Encryption Standard (DES) packet encryption (also called “privacy”).
|
community-string
|
Password-like community string sent with the notification operation.
Note
|
You can set this string using the snmp-server
host command by itself, but Cisco recommends that you define the string using the snmp-server
community command prior to using the snmp-server
host command.
|
Note
|
The “at” sign (@) is used for delimiting the context information.
|
|
udp-port
|
(Optional) Specifies that SNMP traps or informs are to be sent to an network management system (NMS) host.
|
port
|
(Optional) User Datagram Protocol (UDP) port number of the NMS host. The default is 162.
|
notification-type
|
(Optional) Type of notification to be sent to the host. If no type is specified, all available notifications are sent. See
the “Usage Guidelines” section for more information about the keywords available.
|
Command Default
This command behavior is disabled by default. A recipient is not specified to receive notifications.
Command Modes
Global configuration (config)
Command History
Release
|
Modification
|
Cisco IOS XE Fuji 16.8.1a
|
This command was introduced.
|
Usage Guidelines
If you enter this command with no optional keywords, the default is to send all notification-type traps to the host. No informs
will be sent to the host.
The no
snmp-server
host command with no keywords disables traps, but not informs, to the host. To disable informs, use the no
snmp-server
host
informs command.
Note |
If a community string is not defined using the snmp-server
community command prior to using this command, the default form of the
snmp-server
community command will automatically be inserted into the configuration. The password (community string) used for this automatic configuration
of the snmp-server
community command will be the same as that specified in the snmp-server
host command. This automatic command insertion and use of passwords is the default behavior for Cisco IOS Release 12.0(3) and
later releases. However, in Cisco IOS Release 12.2(33)SRE and later releases, you must manually configure the snmp-server community command. That is, the snmp-server community command will not be seen in the configuration.
|
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments
when it receives traps. The sender cannot determine if the traps were received. However, an SNMP entity that receives an inform
request acknowledges the message with an SNMP response protocol data unit (PDU). If the sender never receives the response,
the inform request can be sent again. Thus, informs are more likely to reach their intended destination than traps.
Compared to traps, informs consume more resources in the agent and in the network. Unlike a trap, which is discarded as soon
as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, traps
are sent only once; an inform may be tried several times. The retries increase traffic and contribute to a higher overhead
on the network.
If you do not enter an snmp-server
host command, no notifications are sent. To configure the device to send SNMP notifications, you must enter at least one snmp-server
host command. If you enter the command with no optional keywords, all trap types are enabled for the host.
To enable multiple hosts, you must issue a separate snmp-server
host command for each host. You can specify multiple notification types in the command for each host.
When multiple snmp-server
host commands are given for the same host and kind of notification (trap or inform), each succeeding command overwrites the previous
command. Only the last snmp-server
host command will be in effect. For example, if you enter an snmp-server
host
inform command for a host and then enter another snmp-server
host
inform command for the same host, the second command will replace the first.
The snmp-server
host command is used in conjunction with the snmp-server
enable command. Use the snmp-server
enable command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server
enable command and the snmp-server
host command for that host must be enabled.
Some notification types cannot be controlled with the snmp-server
enable command. Some notification types are always enabled, and others are enabled by a different command. For example, the linkUpDown notifications are controlled by the snmp
trap
link-status command. These notification types do not require an snmp-server
enable command.
The availability of notification-type options depends on the device type and the Cisco IOS software features supported on
the device. For example, the envmon notification type is available only if the environmental monitor is part of the system. To see what notification types are
available on your system, use the command help ? at the end of the snmp-server
host command.
The vrf keyword allows you to specify the notifications being sent to a specified IP address over a specific VRF VPN. The VRF defines
a VPN membership of a user so that data is stored using the VPN.
In the case of the NMS sending the query having a correct SNMP community but not having a read or a write view, the SNMP
agent returns the following error values:
-
For a get or a getnext query, returns GEN_ERROR for SNMPv1 and AUTHORIZATION_ERROR for SNMPv2C.
-
For a set query, returns NO_ACCESS_ERROR.
Notification-Type Keywords
The notification type can be one or more of the following keywords.
Note |
The available notification types differ based on the platform and Cisco IOS release. For a complete list of available notification
types, use the question mark (?) online help function.
|
-
aaa
server —Sends SNMP authentication, authorization, and accounting (AAA) traps.
-
adslline —Sends Asymmetric Digital Subscriber Line (ADSL) LINE-MIB traps.
-
atm —Sends ATM notifications.
-
authenticate-fail —Sends an SNMP 802.11 Authentication Fail trap.
-
auth-framework —Sends SNMP CISCO-AUTH-FRAMEWORK-MIB notifications.
-
bgp —Sends Border Gateway Protocol (BGP) state change notifications.
-
bridge —Sends SNMP STP Bridge MIB notifications.
-
bstun —Sends Block Serial Tunneling (BSTUN) event notifications.
-
bulkstat —Sends Data-Collection-MIB notifications.
-
c6kxbar —Sends SNMP crossbar notifications.
-
callhome —Sends Call Home MIB notifications.
-
calltracker —Sends Call Tracker call-start/call-end notifications.
-
casa —Sends Cisco Appliances Services Architecture (CASA) event notifications.
-
ccme —Sends SNMP Cisco netManager Event (CCME) traps.
-
cef —Sends notifications related to Cisco Express Forwarding.
-
chassis —Sends SNMP chassis notifications.
-
cnpd —Sends Cisco Network-based Application Recognition (NBAR) Protocol Discovery (CNPD) traps.
-
config —Sends configuration change notifications.
-
config-copy —Sends SNMP config-copy notifications.
-
config-ctid —Sends SNMP config-ctid notifications.
-
cpu —Sends CPU-related notifications.
-
csg —Sends SNMP Content Services Gateway (CSG) notifications.
-
deauthenticate —Sends an SNMP 802.11 Deauthentication trap.
-
dhcp-snooping —Sends DHCP snooping MIB notifications.
-
director —Sends notifications related to DistributedDirector.
-
disassociate —Sends an SNMP 802.11 Disassociation trap.
-
dlsw —Sends data-link switching (DLSW) notifications.
-
dnis —Sends SNMP Dialed Number Identification Service (DNIS) traps.
-
dot1x —Sends 802.1X notifications.
-
dot11-mibs —Sends dot11 traps.
-
dot11-qos —Sends SNMP 802.11 QoS Change trap.
-
ds1 —Sends SNMP digital signaling 1 (DS1) notifications.
-
ds1-loopback —Sends ds1-loopback traps.
-
dspu —Sends downstream physical unit (DSPU) notifications.
-
eigrp —Sends Enhanced Interior Gateway Routing Protocol (EIGRP) stuck-in-active (SIA) and neighbor authentication failure notifications.
-
energywise —Sends SNMP energywise notifications.
-
entity —Sends Entity MIB modification notifications.
-
entity-diag —Sends SNMP entity diagnostic MIB notifications.
-
envmon —Sends Cisco enterprise-specific environmental monitor notifications when an environmental threshold is exceeded.
-
errdisable —Sends error disable notifications.
-
ethernet-cfm —Sends SNMP Ethernet Connectivity Fault Management (CFM) notifications.
-
event-manager —Sends SNMP Embedded Event Manager notifications.
-
firewall —Sends SNMP Firewall traps.
-
flash —Sends flash media insertion and removal notifications.
-
flexlinks —Sends FLEX links notifications.
-
flowmon —Sends flow monitoring notifications.
-
frame-relay —Sends Frame Relay notifications.
-
fru-ctrl —Sends entity field-replaceable unit (FRU) control notifications.
-
hsrp —Sends Hot Standby Routing Protocol (HSRP) notifications.
-
icsudsu —Sends SNMP ICSUDSU traps.
-
iplocalpool —Sends IP local pool notifications.
-
ipmobile —Sends Mobile IP notifications.
-
ipmulticast —Sends IP multicast notifications.
-
ipsec —Sends IP Security (IPsec) notifications.
-
isakmp —Sends SNMP ISAKMP notifications.
-
isdn —Sends ISDN notifications.
-
l2tc —Sends SNMP L2 tunnel configuration notifications.
-
l2tun-pseudowire-status —Sends pseudowire state change notifications.
-
l2tun-session —Sends Layer 2 tunneling session notifications.
-
license —Sends licensing notifications as traps or informs.
-
llc2 —Sends Logical Link Control, type 2 (LLC2) notifications.
-
mac-notification —Sends SNMP MAC notifications.
-
memory —Sends memory pool and memory buffer pool notifications.
-
module —Sends SNMP module notifications.
-
module-auto-shutdown —Sends SNMP module autoshutdown MIB notifications.
-
mpls-fast-reroute —Sends SNMP Multiprotocol Label Switching (MPLS) traffic engineering fast reroute notifications.
-
mpls-ldp —Sends MPLS Label Distribution Protocol (LDP) notifications indicating status changes in LDP sessions.
-
mpls-traffic-eng —Sends MPLS traffic engineering notifications, indicating changes in the status of MPLS traffic engineering tunnels.
-
mpls-vpn —Sends MPLS VPN notifications.
-
msdp— Sends SNMP Multicast Source Discovery Protocol (MSDP) notifications.
-
mvpn —Sends multicast VPN notifications.
-
nhrp —Sends Next Hop Resolution Protocol (NHRP) notifications.
-
ospf —Sends Open Shortest Path First (OSPF) sham-link notifications.
-
pim —Sends Protocol Independent Multicast (PIM) notifications.
-
port-security —Sends SNMP port-security notifications.
-
power-ethernet —Sends SNMP power Ethernet notifications.
-
public
storm-control —Sends SNMP public storm-control notifications.
-
pw-vc —Sends SNMP pseudowire virtual circuit (VC) notifications.
-
p2mp-traffic-eng —Sends SNMP MPLS Point to Multi-Point MPLS-TE notifications.
-
repeater —Sends standard repeater (hub) notifications.
-
resource-policy —Sends CISCO-ERM-MIB notifications.
-
rf —Sends SNMP RF MIB notifications.
-
rogue-ap —Sends an SNMP 802.11 Rogue AP trap.
-
rsrb —Sends remote source-route bridging (RSRB) notifications.
-
rsvp —Sends Resource Reservation Protocol (RSVP) notifications.
-
rtr —Sends Response Time Reporter (RTR) notifications.
-
sdlc —Sends Synchronous Data Link Control (SDLC) notifications.
-
sdllc —Sends SDLC Logical Link Control (SDLLC) notifications.
-
slb —Sends SNMP server load balancer (SLB) notifications.
-
snmp —Sends any enabled RFC 1157 SNMP linkUp, linkDown, authenticationFailure, warmStart, and coldStart notifications.
Note |
To enable RFC-2233-compliant link up/down notifications, you should use the snmp
server
link
trap command.
|
-
sonet —Sends SNMP SONET notifications.
-
srp —Sends Spatial Reuse Protocol (SRP) notifications.
-
stpx —Sends SNMP STPX MIB notifications.
-
srst —Sends SNMP Survivable Remote Site Telephony (SRST) traps.
-
stun —Sends serial tunnel (STUN) notifications.
-
switch-over —Sends an SNMP 802.11 Standby Switchover trap.
-
syslog —Sends error message notifications (Cisco Syslog MIB). Use the logging
history
level command to specify the level of messages to be sent.
-
syslog —Sends error message notifications (Cisco Syslog MIB). Use the logging
history
level command to specify the level of messages to be sent.
-
tty —Sends Cisco enterprise-specific notifications when a TCP connection closes.
-
udp-port —Sends the notification host’s UDP port number.
-
vlan-mac-limit —Sends SNMP L2 control VLAN MAC limit notifications.
-
vlancreate —Sends SNMP VLAN created notifications.
-
vlandelete —Sends SNMP VLAN deleted notifications.
-
voice —Sends SNMP voice traps.
-
vrrp —Sends Virtual Router Redundancy Protocol (VRRP) notifications.
-
vsimaster —Sends Virtual Switch Interface (VSI) Master notifications.
-
vswitch —Sends SNMP virtual switch notifications.
-
vtp —Sends SNMP VLAN Trunking Protocol (VTP) notifications.
-
wlan-wep —Sends an SNMP 802.11 Wireless LAN (WLAN) Wired Equivalent Privacy (WEP) trap.
-
x25 —Sends X.25 event notifications.
-
xgcp —Sends External Media Gateway Control Protocol (XGCP) traps.
SNMP-Related Notification-Type Keywords
The notification-type argument used in the snmp-server
host command do not always match the keywords used in the corresponding snmp-server
enable
traps command. For example, the notification-type argument applicable to Multiprotocol Label Switching Protocol (MPLS) traffic engineering tunnels is specified as mpls-traffic-eng (containing two hyphens and no embedded spaces). The corresponding parameter in the snmp-server
enable
traps command is specified as mpls
traffic-eng (containing an embedded space and a hyphen).
This syntax difference is necessary to ensure that the CLI interprets the notification-type keyword of the snmp-server
host command as a unified, single-word construct, which preserves the capability of the snmp-server
host command to accept multiple notification-type keywords in the command line. The snmp-server
enable
traps commands, however, often use two-word constructs to provide hierarchical configuration options and to maintain consistency
with the command syntax of related commands. The table below maps some examples of snmp-server
enable
traps commands to the keywords used in the snmp-server
host command.
Table 11. snmp-server enable traps Commands and Corresponding Notification Keywords
snmp-server enable traps Command
|
snmp-server host Command Keyword
|
snmp-server
enable
traps
l2tun
session
|
l2tun-session
|
snmp-server
enable
traps
mpls
ldp
|
mpls-ldp
|
snmp-server
enable
traps
mpls
traffic-eng
1
|
mpls-traffic-eng
|
snmp-server
enable
traps
mpls
vpn
|
mpls-vpn
|
snmp-server host
host-address
community-string
udp-port
port
p2mp-traffic-eng
|
snmp-server enable traps mpls p2mp-traffic-eng [down | up]
|
Examples
If you want to configure a unique SNMP community string for traps but prevent SNMP polling access with this string, the configuration
should include an access list. The following example shows how to name a community string comaccess and number an access list
10:
Device(config)# snmp-server community comaccess ro 10
Device(config)# snmp-server host 10.0.0.0 comaccess
Device(config)# access-list 10 deny any
Note |
The “at” sign (@) is used as a delimiter between the community string and the context in which it is used. For example, specific
VLAN information in BRIDGE-MIB may be polled using community @VLAN-ID (for example, public@100), where 100 is the VLAN number.
|
The following example shows how to send RFC 1157 SNMP traps to a specified host named myhost.cisco.com. Other traps are enabled,
but only SNMP traps are sent because only snmp is specified in the snmp-server
host command. The community string is defined as comaccess.
Device(config)# snmp-server enable traps
Device(config)# snmp-server host myhost.cisco.com comaccess snmp
The following example shows how to send the SNMP and Cisco environmental monitor enterprise-specific traps to address 10.0.0.0
using the community string public:
Device(config)# snmp-server enable traps snmp
Device(config)# snmp-server enable traps envmon
Device(config)# snmp-server host 10.0.0.0 public snmp envmon
The following example shows how to enable the device to send all traps to the host myhost.cisco.com using the community string
public:
Device(config)# snmp-server enable traps
Device(config)# snmp-server host myhost.cisco.com public
The following example will not send traps to any host. The BGP traps are enabled for all hosts, but only the ISDN traps are
enabled to be sent to a host. The community string is defined as public.
Device(config)# snmp-server enable traps bgp
Device(config)# snmp-server host myhost.cisco.com public isdn
The following example shows how to enable the device to send all inform requests to the host myhost.cisco.com using the community
string public:
Device(config)# snmp-server enable traps
Device(config)# snmp-server host myhost.cisco.com informs version 2c public
The following example shows how to send HSRP MIB informs to the host specified by the name myhost.cisco.com. The community
string is defined as public.
Device(config)# snmp-server enable traps hsrp
Device(config)# snmp-server host myhost.cisco.com informs version 2c public hsrp
The following example shows how to send all SNMP notifications to example.com over the VRF named trap-vrf using the community
string public:
Device(config)# snmp-server host example.com vrf trap-vrf public
The following example shows how to configure an IPv6 SNMP notification server with the IPv6 address 2001:0DB8:0000:ABCD:1
using the community string public:
Device(config)# snmp-server host 2001:0DB8:0000:ABCD:1 version 2c public udp-port 2012
The following example shows how to specify VRRP as the protocol using the community string public:
Device(config)# snmp-server enable traps vrrp
Device(config)# snmp-server host myhost.cisco.com traps version 2c public vrrp
The following example shows how to send all Cisco Express Forwarding informs to the notification receiver with the IP address
10.0.1.1 using the community string public:
Device(config)# snmp-server enable traps cef
Device(config)# snmp-server host 10.0.1.1 informs version 2c public cef
The following example shows how to enable all NHRP traps, and how to send all NHRP traps to the notification receiver with
the IP address 10.0.0.0 using the community string public:
Device(config)# snmp-server enable traps nhrp
Device(config)# snmp-server host 10.0.0.0 traps version 2c public nhrp
The following example shows how to enable all P2MP MPLS-TE SNMP traps, and send them to the notification receiver with the
IP address 172.20.2.160 using the community string "comp2mppublic":
Device(config)# snmp-server enable traps mpls p2mp-traffic-eng
Device(config)# snmp-server host 172.20.2.160 comp2mppublic udp-port 162 p2mp-traffic-eng