Product Documentation

Configuring SNMP

May 14, 2012

The Simple Network Management Protocol (SNMP) network management application, running on an external computer, queries the SNMP agent on the NetScaler. The agent searches the management information base (MIB) for data requested by the network management application and sends the data to the application.

SNMP monitoring uses traps messages and alarms. SNMP traps messages are asynchronous events that the agent generates to signal abnormal conditions, which are indicated by alarms. For example, if you want to be informed when CPU utilization is above 90 percent, you can set up an alarm for that condition. The following figure shows a network with a NetScaler that has SNMP enabled and configured.

Figure 1. SNMP on the NetScaler
SNMP on the NetScaler

The SNMP agent on a NetScaler supports SNMP version 1 (SNMPv1), SNMP version 2 (SNMPv2), and SNMP version 3 (SNMPv3). Because it operates in bilingual mode, the agent can handle SNMPv2 queries, such as Get-Bulk, and SNMPv1 queries. The SNMP agent also sends traps compliant with SNMPv2 and supports SNMPv2 data types, such as counter64. SNMPv1 managers (programs on other servers that request SNMP information from the NetScaler) use the NS-MIB-smiv1.mib file when processing SNMP queries. SNMPv2 managers use the NS-MIB-smiv2.mib file.

The NetScaler supports the following enterprise-specific MIBs:

A subset of standard MIB-2 groups
Provides MIB-2 groups SYSTEM, IF, ICMP, UDP, and SNMP.
A system enterprise MIB
Provides system-specific configuration and statistics.

To configure SNMP, you specify which managers can query the SNMP agent, add SNMP trap listeners that will receive the SNMP trap messages, and configure SNMP Alarms.

Adding SNMP Managers

You can configure a workstation running a management application that complies with SNMP version 1, 2, or 3 to access an appliance. Such a workstation is called an SNMP manager. If you do not specify an SNMP manager on the appliance, the appliance accepts and responds to SNMP queries from all IP addresses on the network. If you configure one or more SNMP managers, the appliance accepts and responds to SNMP queries from only those specific IP addresses. When specifying the IP address of an SNMP manager, you can use the netmask parameter to grant access from entire subnets. You can add a maximum of 100 SNMP managers or networks.

To add an SNMP manager by using the command line interface

At the command prompt, type the following commands to add an SNMP manager and verify the configuration:

  • add snmp manager <IPAddress> ... [-netmask <netmask>]
  • show snmp manager <IPAddress>

    Example

    > add snmp manager 10.102.29.5 -netmask 255.255.255.255 
     Done 
    > show snmp manager 10.102.29.5 
    1)      10.102.29.5         255.255.255.255 
     Done 
    >

To add an SNMP manager by using the configuration utility

  1. In the navigation pane, expand System, expand SNMP, and then click Managers.
  2. In the details pane, click Add.
  3. In the Add SNMP Manager dialog box, in the IP Address text box, type the IP address of the workstation running the management application (for example, 10.102.29.5).
  4. Click Create, and then click Close.
  5. Verify that the SNMP manager you added appears in the Details section at the bottom of the pane.

Adding SNMP Traps Listeners

Updated: 2013-09-13

After configuring the alarms, you need to specify the trap listener to which the appliance will send the trap messages. Apart from specifying parameters like IP address and the destination port of the trap listener, you can specify the type of trap (either generic or specific) and the SNMP version.

You can configure a maximum of 20 trap listeners for receiving either generic or specific traps.

To add an SNMP trap listener by using the command line interface

At the command prompt, type the following command to add an SNMP trap and verify that it has been added:

  • add snmp trap specific <IP>
  • show snmp trap

    Example

    > add snmp trap specific 10.102.29.3 
     Done 
    > show snmp trap 
    Type     DestinationIP   DestinationPort  Version  SourceIP      Min-Severity  Community 
    ----     -------------   ---------------  -------  --------      ------------  --------- 
    generic  10.102.29.9     162              V2       NetScaler IP  N/A           public 
    generic  10.102.29.5     162              V2       NetScaler IP  N/A           public 
    generic  10.102.120.101  162              V2       NetScaler IP  N/A           public 
    . 
    . 
    . 
    specific 10.102.29.3     162              V2       NetScaler IP   -            public 
     Done 
    >

To add an SNMP trap listener by using the configuration utility

  1. In the navigation pane, expand System, expand SNMP, and then click Traps.
  2. In the details pane, click Add.
  3. In the Create SNMP Trap Destination dialog box, in the Destination IP Address text box, type the IP address (for example, 10.102.29.3).
  4. Click Create and then click Close.
  5. Verify that the SNMP trap you added appears in the Details section at the bottom of the pane.

Configuring SNMP Alarms

Updated: 2013-09-13

You configure alarms so that the appliance generates a trap message when an event corresponding to one of the alarms occurs. Configuring an alarm consists of enabling the alarm and setting the severity level at which a trap is generated. There are five severity levels: Critical, Major, Minor, Warning, and Informational. A trap is sent only when the severity of the alarm matches the severity specified for the trap.

Some alarms are enabled by default. If you disable an SNMP alarm, the appliance will not generate trap messages when corresponding events occur. For example, if you disable the Login-Failure SNMP alarm, the appliance will not generate a trap message when a login failure occurs.

To enable or disable an alarm by using the command line interface

At the command prompt, type the following commands to enable or disable an alarm and verify that it has been enabled or disabled:

  • set snmp alarm <trapName> [-state ENABLED | DISABLED ]
  • show snmp alarm <trapName>

    Example

    > set snmp alarm LOGIN-FAILURE -state ENABLED 
     Done 
    > show snmp alarm LOGIN-FAILURE 
       Alarm           Alarm Threshold  Normal Threshold  Time  State     Severity   Logging 
       -----           ---------------  ----------------  ----  --------  ---------  -------- 
     1) LOGIN-FAILURE  N/A              N/A               N/A   ENABLED   -          ENABLED 
     Done 
    >

To set the severity of the alarm by using the command line interface

At the command prompt, type the following commands to set the severity of the alarm and verify that the severity has been set correctly:

  • set snmp alarm <trapName> [-severity <severity>]
  • show snmp alarm <trapName>

    Example

    > set snmp alarm LOGIN-FAILURE -severity Major 
     Done 
    > show snmp alarm LOGIN-FAILURE 
       Alarm           Alarm Threshold  Normal Threshold  Time  State     Severity   Logging 
       -----           ---------------  ----------------  ----  --------  ---------  -------- 
     1) LOGIN-FAILURE  N/A              N/A               N/A   ENABLED   Major      ENABLED 
     Done 
    >

To configure alarms by using the configuration utility

  1. In the navigation pane, expand System, expand SNMP, and then click Alarms.
  2. In the details pane, select an alarm (for example, LOGIN-FAILURE), and then click Open.
  3. In the Configure SNMP Alarm dialog box, to enable the alarm, select Enabled in the State drop-down list. To disable the alarm, select Disabled.
  4. In the Severity drop-down list, select a severity option (for example, Major).
  5. Click OK, and then click Close.
  6. Verify that the parameters for the SNMP alarm you configured are correctly configured by viewing the Details section at the bottom of the pane.