Operation and Maintenance
Safety
How to analyze H3C iMC combined with SNMPv3 protocol to manage equipment from different manufacturers
How to analyze H3C iMC combined with SNMPv3 protocol to manage equipment from different manufacturers
Network management software is welcomed by more and more customers, and IT manufacturers are also actively launching their own network management software. As for the use effect and experience, everyone feels it for themselves, and everyone in the IT circle knows it. Based on my recent implementation project, I deployed the iMC operation and maintenance management platform developed by H3C (it is said to be now called "New H3C"), which involves equipment from different manufacturers. I will briefly share it with you.
Most network management software manages network devices through the SNMP protocol. So the question is, is SNMP a weird thing?
SNMPProtocol Introduction
SNMP (Simple Network Management Protocol, Simple Network Management Protocol) is a standard network management protocol in the Internet. It is widely used to enable management devices to access and manage managed devices.
The SNMP network environment contains two elements: NMS and Agent:
NMS (Network Management Station, network management system) is the manager of the SNMP network and can provide a friendly human-computer interaction interface. It is convenient for network administrators to complete network management work.
In an SNMP network environment, Agent serves as a managed object, receiving and processing request messages from the network management system. When the interface status changes or other emergency situations occur, the agent program will automatically send warning information to the network management system.
SNMPProtocol working mechanism
When NMS manages the device, it manages the device through the MIB (Management Information Base). The hierarchical relationship between nodes and the attributes of objects are defined by MIB. These attributes include object names, access rights and data types. Each Agent has its own MIB. The NMS can compile the respective MIB files of the managed devices to generate the MIB of the corresponding device. Through access authorization, NMS manages the Agent and completes the read and write operations of MIB nodes.
SNMP provides the following basic operations to realize the interaction between NMS and Agent:
GET operation: NMS uses this operation to query the value of one or more nodes in the Agent MIB.
SET operation: NMS uses this operation to set the value of one or more nodes in the Agent MIB.
Trap operation: Agent uses this operation to send alarm information to NMS.
SNMPProtocol version
Currently Agent supports three versions of SNMPv1, SNMPv2c and SNMPv3:
Community Name ) authentication mechanism is used for SNMPv1. The community name is similar to a password and is used to restrict NMS's access to the Agent. If the community name carried by NMS when accessing the managed device is different from the community name set on the managed device, the SNMP connection cannot be established, resulting in access failure.
SNMPv2c also uses the community name authentication mechanism. SNMPv2c extends the functions of SNMPv1: providing more operation types; supporting more data types; providing richer error codes to distinguish errors in more detail.
SNMPv3 adopts USM (User-Based Security Model, user-based security model) authentication mechanism. Network administrators can set up authentication and encryption features. Authentication is used to verify the legitimacy of the message sender to avoid access by illegal users; encryption is to encrypt the transmission messages between the NMS and the Agent to avoid eavesdropping. Enabling authentication and encryption functions can enhance the security of communication between NMS and Agent.
The main difference between the three versions is that the V1 and V2C versions only need to configure the read and write community words to achieve device management. The V3 version needs to configure related user, authentication, encryption and other factors, combined with H3C iMC and equipment from different manufacturers. Different configuration examples are given.
H3CDeviceSNMPv3Configuration
# Configure the IP address of the Agent and ensure that the Agent The route to NMS (H3C iMC) is reachable.
[Agent] snmp-agent group v3 h4c */v3 refers to the SNMP version, h4c is the group name and can be changed
# Set the user name used by Agent to h4c, the authentication algorithm to MD5, the authentication password to h4c, the encryption algorithm to DES56, and the encryption password to h4c
[Agent] snmp-agent usm-user v3 h4ch4cauthentication-modemd5 h4c privacy-mode des56 h4c
# Set device contacts
[Agent] snmp-agent sys-info contact h4c
[Agent]snmp-agent sys-infoversion v3
# Set to allow trap messages to be sent to NMS , the username used is h4c.
[Agent] snmp-agent trap enable
[Agent] snmp-agent target-host trap addressudp-domain 1.1.1.2params securitynameh4cv3privacy */The address is the IMC server address
The Huawei configuration is basically the same as the H3C device configuration, with minor differences.
CiscoDevice Configuration
switch(config)#snmp-servercommunity
switch(config)#snmp-serveruser
switch(config)#snmp-servergroup
switch(config)#snmp -serverhost x.x.x.xtraps version 3 priva
switch(config)#snmp-serverenable traps
For the configuration of ZTE, Lenovo, Maipu and other devices, please refer to Cisco. It is recommended to select the private encryption algorithm as des56 during configuration, because Cisco Layer 2 switches do not support the AES128 encryption algorithm.
H3C iMCPlatform configuration
It is recommended to configure the SNMPv3 template in the iMC platform. Subsequently, you only need to set the parameters in the SNMPv3 configuration file on the network device. Just set it to match the template:
Configure relevant parameters
Fill in the template name, select "SNMPv3 Priv-DesAuth-Md5" for the parameter type, fill in "h4c" for the user name, and authenticate Fill in "h4c" for the password and encryption password, and click OK.
When adding a device, enter the device management address and select the SNMP template to add the device.
After the addition is completed, you can view and manage the device information
The above is the detailed content of How to analyze H3C iMC combined with SNMPv3 protocol to manage equipment from different manufacturers. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
How to use PHP's SNMP extension?
Jun 02, 2023 am 10:22 AM
The SNMP extension for PHP is an extension that enables PHP to communicate with network devices through the SNMP protocol. Using this extension, you can easily obtain and modify the configuration information of network devices, such as CPU, memory, network interface and other information of routers, switches, etc. You can also perform control operations such as switching device ports. This article will introduce the basic knowledge of the SNMP protocol, how to install the SNMP extension of PHP, and how to use the SNMP extension in PHP to monitor and control network devices. 1. SN
What is the destination port of trap messages in snmp protocol?
Jul 14, 2022 am 11:34 AM
The destination port of the trap message in the snmp protocol is 162; the SNMP agent uses Trap to send unsolicited messages to the SNMP management station. It is generally used to describe the occurrence of a certain event. This event can be an alarm, alarm recovery, notification, etc. SNMP trap is The managed device actively sends device abnormality messages to the management server, which can be viewed as a process in which the management server passively receives them.
Explore the importance and capabilities of Linux SNMP services
Mar 20, 2024 pm 04:48 PM
Title: Exploring the Importance and Functionality of Linux SNMP Service SNMP (Simple Network Management Protocol) is a network management protocol used to monitor and manage network devices. In Linux systems, SNMP services can help administrators monitor the operating status and performance indicators of network devices in real time and provide alarm and reporting functions, thereby improving network management efficiency and reliability. This article will explore the importance and functions of SNMP services in Linux systems
What does linux snmp service refer to?
May 14, 2023 pm 01:49 PM
In Linux, SNMP service refers to Simple Network Management Protocol. It is a network management standard protocol widely used in TCP/IP networks. It provides a way to monitor through a central computer (i.e., network management workstation) running network management software. and a standardized management framework (methodology) for managing computer networks. SNMP services enable network administrators to manage network performance, identify and resolve network problems, and plan for network growth. What is an SNMP service? SNMP (Simple Network Management Protocol) is a network management standard protocol (application layer protocol) widely used in TCP/IP networks. It provides a way to monitor and Standardization for managing computer networks
What are the three authentication mode configurations of H3C switch telnet service?
May 21, 2023 pm 07:40 PM
The following takes an H3C switch as an example to introduce the three authentication methods of telnet service. Configuration steps for None authentication mode: [H3C] telnetserverenable//Enable Telnet service [H3C] user-interfacevty04//Allow remote users 0-4, a total of 5 accounts at the same time Log in [H3C-line-vty0-4] authentication-modenone//Authentication mode is none, no authentication is required [H3C-line-vty0-4] user-rolelevel-3//Set login user permissions Password authentication mode configuration steps: [ H3C]telne
Introduction and usage of Linux SNMP service
Mar 20, 2024 pm 09:24 PM
Introduction and purpose of LinuxSNMP service SNMP (Simple Network Management Protocol) is a protocol used for network management. It can help administrators monitor and manage network devices, operating systems or applications. In Linux systems, by installing and configuring SNMP services, you can monitor and manage network devices such as servers, routers, and switches. This article will introduce the SNMP service in Linux system
How to configure H3C HWTACACS
May 15, 2023 pm 05:07 PM
hwtacacsschemeacsprimaryauthentication10.222.250.13primaryauthorization10.222.250.13primaryaccounting10.222.250.13secondaryauthentication10.222.250.14secondaryauthorization10.222.250.14secondaryaccounting10.222.250.14keyauthenticationsimplenaskeyauth
How to configure and manage SNMP services in Linux
Mar 21, 2024 am 08:06 AM
How to configure and manage the SNMP service in Linux SNMP (Simple Network Management Protocol) is a protocol used to manage network devices. It can help administrators monitor and manage the operating status of network devices. In Linux systems, we can monitor and manage servers by configuring SNMP services. This article will introduce how to configure and manage SNMP services in Linux systems and provide specific code examples. 1.Installation
