Dell Brocade 300 Fabric OS Command Reference v7.1.0 - Page 989
default, authKey, privKey, NoAuth, NoPriv, Access Control Configuration Parameters
View all Dell Brocade 300 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 989 highlights
snmpConfig 2 • User 5: snmpuser2 • User 6: snmpuser3 The --default option sets the user name and password to default. If an FCS policy is enabled, the configuration must be updated on the primary switch and the nonprimary switches; unlike community strings, user names and passwords are not distributed for other switches in the fabric. When new passwords are entered for any user entry, a new authKey and privKey are generated. The new passwords must be updated on the client (e.g., MIB browser) as well. AuthKey and privKey can also be updated with the delta key mechanism provided by the SNMPv3 protocol. The system prompts for password confirmation if a protocol other than NoAuth/NoPriv is selected. Protocol passwords must be between 1 and 20 characters. In order for an SNMP management station to receive SNMPv3 traps generated by the agent, the administrator must configure a trap recipient value to correspond to the IP address of the management station. In addition, the trap recipient must pass the ACL check as described in the Access Control section. The trap recipient must be associated with one of the six users of SNMPv3 and trap severity level. The factory default value for the SNMPv3 trap recipient of each user is 0.0.0.0. Access Control Configuration Parameters The ACL check is as follows: there are six ACLs to restrict SNMP get, set, and trap operations to hosts under an host-subnet-area. The host-subnet-area is defined by comparing nonzero IP octets. For example, an ACL of 192.168.64.0 enables access by any hosts that start with the specified octets. The connecting host is enabled to set each host-subnet-area to be read-write or read-only. The closest match out of six entries is given access. The ACL check is turned off when all six entries contain 0.0.0.0. The default values of all six entries are 0.0.0.0. For IPv6 subnets, the format is specified by an IPv6 address followed by the number of fixed bits in the address. MIB Capability Configuration Parameters The mibCapability option turns certain MIBS and associated SNMP traps on or off. If a specific MIB is disabled, the corresponding traps also are disabled. If any trap group is disabled, the corresponding individual traps are also disabled. In Fabric OS v6.4.0 and later, SNMP Traps are identified by their bit mask and can be read directly from the switch configuration. The MIB and trap status (enabled or disabled) status is recorded in a 64- bit counter. The last bit (bit 0) is reserved for the MIB and the remaining bits are reserved for the traps of that MIB. The trap's position is allocated based on the last ID of the trap OID. For example, the last ID of the swEventTrap is 5 so its position will be 5th from the right. The following is a listing of valid SNMP traps and their bit masks: MIB Trap Name and position Bit mask Default FE-MIB 0x1 Enabled SW-MIB 0x1 Enabled swFault (1) 0x2 Enabled swSensorScn (2) 0x4 Enabled swFCPortScn (3) 0x8 Enabled swEventTrap (4) 0x10 Enabled swFabricWatchTrap (5) 0x20 Enabled swTrackChangeTraps(6) 0x40 Enabled swIPv6ChangeTrap (7) 0x80 Enabled swPmgrEventTrap (8) 0x100 Enabled swFabricSegmentTrap (9) 0x200 Disabled swFabricReconfigTrap (10) 0x400 Disabled swExtTrap (11) 0x800 Disabled swStateChange (12) Disabled swMovePort (13) Disabled swBrcdGenericTrap (15) Disabled Fabric OS Command Reference 961 53-1002746-01