Network Management Interface Commands

NVIDIA MLNX-GW User Manual for NVIDIA Skyway Appliance v8.2.2200

snmp-server auto-refresh

snmp-server auto-refresh {enable | interval <time>}

no snmp-server auto-refresh enable

Configures SNMPD refresh settings.

The no form of the command disables SNMPD refresh mechanism.

Syntax Description

enable

Enables SNMPD refresh mechanism.

interval

Sets SNMPD refresh interval.

time

Range: 20-500 seconds

Default

Enabled

Interval—60 seconds

Configuration Mode

config

History

3.2.3000

3.4.1100: Added “time” parameter and updated notes

Example

switch (config) # snmp-server auto-refresh interval 120

Related Commands

show snmp

Notes

  • When configuring an interval lower than 60 seconds, the following warning message appears asking for confirmation: “Warning: this configuration may increase CPU utilization, Type 'YES' to confirm: YES

  • When disabling SNMP auto-refresh, information is retrieved no more than once every 60 seconds just like SNMP tables that do not have an auto-refresh mechanism


snmp-server cache enable

snmp-server cache enable

no snmp-server cache enable

Enables SNMP cache if auto-refresh is disabled.

The no form of the command disables SNMP cache if auto-refresh is disabled.

Syntax Description

N/A

Default

Enabled

Configuration Mode

config

History

3.7.0000

Example

switch (config) # snmp-server cache enable

Related Commands

show snmp auto-refresh

snmp-server auto-refresh enable

Notes

  • If SNMP auto-refresh is enabled, the value of cache is meaningless

  • If SNMP cache is disabled, every SNMP request gets updated data


snmp-server community

snmp-server community <community> [ro | rw]

no snmp-server community <community>

Sets a community name for either read-only or read-write SNMP requests.

The no form of the command sets the community string to default.

Syntax Description

community

Community name

ro

Sets the read-only community string

rw

Sets the read-write community string

Default

Read-only community: “public”

Read-write community: “”

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server community private rw

Related Commands

show snmp

Notes

  • If neither the “ro” or the “rw” parameters are specified, the read-only community is set as the default community

  • If the read-only community is specified, only queries can be performed

  • If the read-write community is specified, both queries and sets can be performed


snmp-server contact

snmp-server contact <contact-name>

no snmp-server contact

Sets a value for the sysContact variable in MIB-II.

The no form of the command resets the parameter to its default value.

Syntax Description

contact-name

Contact name

Default

“”

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server contact my-name

Related Commands

show snmp

Notes


snmp-server enable

snmp-server [vrf <vrf-name>] enable [force]

no snmp-server [vrf <vrf-name>] enable

Enables SNMP-related functionality (SNMP engine, and traps).

The no form of the command disables the SNMP server.

Syntax Description

vrf name—Describes VRF name for snmp-server. If "vrf" parameter is not specified, the "default" VRF will be used

force—Restarts SNMP server with previous VRF context even if it was already enabled in using other VRF.

Default

SNMP is enabled by default

Configuration Mode

config

History

3.1.0000

3.9.2000—Added VRF option

Example

switch (config) # snmp-server enable

Related Commands

show snmp

Notes

SNMP server can be enabled only in one VRF at a time.


snmp-server engineID reset

snmp-server engineID reset

Resets the SNMPv3 engine ID to be node unique.

Syntax Description

N/A

Default

Default engineID is unchanged

Configuration Mode

config

History

3.6.6102

Example

switch (config) # snmp-server engienID reset

Related Commands

show snmp engineID

Notes

Changing system profile or performing “reset factory...” causes the engine ID to change to the new node-unique one.


snmp-server enable mult-communities

snmp-server enable mult-communities

no snmp-server enable mult-communities

Enables multiple communities to be configured.

The no form of the command disables multiple communities to be configured.

Syntax Description

N/A

Default

SNMP server multi-communities are disabled by default

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server enable mult-communities

Related Commands

show snmp

Notes


snmp-server enable notify

snmp-server enable notify

no snmp-server enable notify

Enables sending of SNMP traps and informs from this system.

The no form of the command disables sending of SNMP traps and informs from this system.

Syntax Description

N/A

Default

SNMP notifies are enabled by default

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server enable notify

Related Commands

show snmp

Notes

SNMP traps are only sent if there are trap sinks configured with the “snmp-server host...” command, and if these trap sinks are themselves enabled.


snmp-server enable set-permission

snmp-server enable set-permission <MIB-name>

no snmp-server enable set-permission <MIB-name>

Allows SNMP SET requests for items in a specified MIB.

The no form of the command disallows SNMP SET requests for items in a specified MIB.

Syntax Description

N/A

Default

SNMP MIBs are all given permission for SET requests by default

Configuration Mode

config

History

3.6.3004

Example

switch (config) # snmp-server enable set-permission MELLANOX-SW-UPDATE

Related Commands

show snmp set-permission

Notes


snmp-server host disable

snmp-server host <ip-address> disable

no snmp-server host <ip-address> [disable]

Temporarily disables sending of all notifications to this host.

The no form of the commands resumes sending of all notifications to this host.

Syntax Description

ip-address

IPv4 or IPv6 address

Default

N/A

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server host 10.10.10.10 disable

Related Commands

show snmp

snmp-server enable

Notes


snmp-server host informs

snmp-server host [vrf <vrf-name>] <ip-address> informs [<community> | port <port> | version 2c | version 3 {engineID <engineID> | user <name> {auth <hash-type> <auth-

password> [priv <privacy-type> [<priv-password>]] | encrypted auth ... | prompt auth ...}}]

no snmp-server host <ip-address> informs port

Send SNMP v2c informs to this host with the default trap community.

The no form of the commands removes a host from which SNMP traps should be sent.

Syntax Description

vrf-name—Describes the VRF name for NTP daemon. If the VRF parameter is not specified, the "default" VRF will be used implicitly.

IP address

IPv4 or IPv6 address.

community

Specifies trap community string.

port

Overrides default UDP port for this trap sink.

version

Specifies the SNMP version of traps to send to this host.

engineID

Specifies engine ID of this inform sink.

user

Specifies username for this inform sink.

auth

Configures SNMPv3 security parameters, specifying passwords in plaintext on the command line (passwords are always stored encrypted).

hash-type

  • MD5

  • SHA

auth-password

Plaintext password to use for authentication.

If “priv” is not specified the default privacy algorithm is used with the same privacy password as that specified for authentication.

priv

Specifies SNMPv3 privacy settings for this user.

privacy-type

  • aes-128—uses AES-128 encryption for privacy

  • des—uses DES encryption for privacy

priv-password

Plaintext password to use for privacy. If not specified, then auth-password is used.

encrypted

Configure SNMPv3 security parameters specifying passwords in encrypted form.

prompt

Configure SNMPv3 security parameters specifying passwords securely in follow-up prompts rather than on the command line.

Default

community—public

UDP port—162

version—3

Configuration Mode

config

History

3.2.1050

3.9.2000—Added VRF option

Example

switch (config) # snmp-server host 1.1.1.1 informs version 3 engineID 0x800041da04643265363932653432303135 user test auth md5 password priv aes-128 password

Related Commands

show snmp

snmp-server enable

snmp-server host informs version 3

Notes

Multiple snmp-hosts can be configured in different VRF`s at the same time.


snmp-server host traps

snmp-server host [vrf <vrf-name>] <ip-address> traps [<community> | port <port> | version {1 | 2c} | version 3 {user <name> {auth <hash-type> <auth-password> [priv <privacy-type> [<priv-password>]] | encrypted auth ... | prompt auth ...}}]

no snmp-server host <ip-address> traps port

Send SNMP v2c traps to this host with the default trap community.

The no form of the commands removes a host from which SNMP traps should be sent.

Syntax Description

vrf-name—Describes the VRF name for NTP daemon. If the VRF parameter is not specified, the "default" VRF will be used implicitly.

ip-address

IPv4 or IPv6 address.

community

Specifies trap community string.

port

Overrides default UDP port for this trap sink.

version

Specifies the SNMP version of traps to send to this host.

user

Specifies username for this inform sink.

auth

Configures SNMPv3 security parameters, specifying passwords in plaintext on the command line (passwords are always stored encrypted).

hash-type

  • MD5

  • SHA

auth-password

Plaintext password to use for authentication.

If “priv” is not specified the default privacy algorithm is used with the same privacy password as that specified for authentication.

priv

Specifies SNMPv3 privacy settings for this user.

privacy-type

  • aes-128—uses AES-128 encryption for privacy

  • des—uses DES encryption for privacy

priv-password

Plaintext password to use for privacy. If not specified, then auth-password is used.

encrypted

Configure SNMPv3 security parameters, specifying passwords in encrypted form.

prompt

Configure SNMPv3 security parameters, specifying passwords securely in follow-up prompts, rather than on the command line.

vrf-name—Describes VRF name for snmp-server. If "vrf" parameter is not specified, the "default" VRF will be used

Default

community—public

UDP port—162

version—3

Configuration Mode

config

History

3.1.0000

3.9.2000—Added VRF option

Example

switch (config) # snmp-server host 1.1.1.1 informs version 3 user test auth md5 password priv aes-128 password

Related Commands

show snmp

snmp-server enable

snmp-server host informs version 3

Notes

Multiple snmp-hosts can be configured in different VRF`s at the same time.


snmp-server listen

snmp-server listen {enable | interface <ifName>}

no snmp-server listen {enable | interface <ifName>}

Configures SNMP server interface access restrictions.

The no form of the command disables the listen interface restricted list for SNMP server.

Syntax Description

enable

Enables SNMP interface restrictions on access to this system

ifName

Adds an interface to the “listen” list for SNMP server. For example: “mgmt0”, “mgmt1”

Default

N/A

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp listen enable

Related Commands

show snmp

Notes

If enabled, and if at least one of the interfaces listed is eligible to be a listen interface, then SNMP requests will only be accepted on those interfaces. Otherwise, SNMP requests are accepted on any interface.


snmp-server notify

snmp-server notify {community <community> | event <event name> | port <port> | send-test}

no snmp-server notify {community | event <event name> | port}

Configures SNMP notifications (traps and informs).

The no form of the commands negate the SNMP notifications.

Syntax Description

community

Sets the default community for traps sent to hosts which do not have a custom community string set

event

Specifies which events will be sent as traps

port

Sets the default port to which traps are sent

send-test

Sends a test trap

Default

All informs and traps are enabled

community—public

UDP port—162

Configuration Mode

config

History

3.1.0000

3.2.1050: Changed traps to notify

Example

switch (config) # snmp-server community public

Related Commands

show snmp

show snmp events

Notes

  • This setting is only meaningful if traps are enabled, though the list of hosts may still be edited if traps are disabled

  • Refer to Mellanox MIB file for the list of supported traps


snmp-server port

snmp-server port <port>

no snmp-server port

Sets the UDP listening port for the SNMP agent.

The no form of the command resets the parameter to its default value.

Syntax Description

port

UDP port

Default

161

Configuration Mode

config

History

3.1.0000

Example

switch (config) # snmp-server port 1000

Related Commands

show snmp

Notes


snmp-server user

snmp-server user {admin | <username>} v3 {[encrypted] auth <hash-type> <password> [priv <privacy-type> [<password>]] | capability <cap> | enable <sets> | prompt auth <hash-type> [priv <privacy-type>] | require-privacy}

no snmp-server user {admin | <username> } v3 {[encrypted] auth <hash-type> <password> [priv <privacy-type> [<password>]] | capability <cap> | enable <sets> | prompt auth <hash-type> [priv <privacy-type>]}

Specifies an existing username, or a new one to be added.

The no form of the command disables access via SNMP v3 for the specified user.

Syntax Description

v3

Configures SNMPv3 users.

auth

Configures SNMPv3 security parameters, specifying passwords in plaintext on the command line (note: passwords are always stored encrypted).

Available hash-type options are: <md5|sha|sha224|sha256|sha384|sha512>.

capability

Sets capability level for SET requests.

enable

Enables SNMPv3 access for this user.

encrypted

Configures SNMPv3 security parameters, specifying passwords in encrypted form.

prompt

Configures SNMPv3 security parameters, specifying passwords securely in follow-up prompts, rather than on the command line.

require-privacy

Requires privacy (encryption) for requests from this user.

priv

Configures SNMPv3 security parameters, specifying which protocol to use for traffic encryption. Available priv-type options: <des|3des|aes-128|aes-192|aes-256>.

Default

No SNMP v3 users defined

Configuration Mode

config

History

3.1.0000

3.7.0000

3.8.1000: Syntax updated

Example

switch (config) # snmp-server user admin v3 enable

Related Commands

show snmp user

Notes

  • The username chosen here may be anything that is valid as a local UNIX username (alphanumeric, plus '-', '_', and '.'), but these usernames are unrelated to, and independent of, local user accounts. That is, they need not have the same capability level as a local user account of the same name. Note that these usernames should not be longer than 31 characters, or they will not work.

  • The hash algorithm specified is used both to create digests of the authentication and privacy passwords for storage in configuration, and also in HMAC form for the authentication protocol itself

  • There are three variants of the command, which branch out after the “v3” keyword. If “auth” is used next, the passwords are specified in plaintext on the command line. If “encrypted” is used next, the passwords are specified encrypted (hashed) on the command line. If “prompt-pass” is used, the passwords are not specified on the command line the user is prompted for them when the command is executing. If “priv” is not specified, only the auth password is prompted for. If “priv” is specified, the privacy password is prompted for; entering an empty string for this prompt will result in using the same password specified for authentication.

  • AES privacy type encryption using the newest algorithm, which means we use aes-blumenthal. For more information see http://www.snmp.com/eso/esoConsortiumMIB.txt.

  • No more than 30 SNMPv3 users are allowed in the database


show snmp

show snmp [events | host]

Displays SNMP-server configuration and status.

Syntax Description

events

SNMP events

host

List of notification sinks

Default

N/A

Configuration Mode

Any command mode

History

3.1.0000

3.6.8008—Updated example

3.9.2000—Updated example, adding VRF option

Example

switch (config) # show snmp 

SNMP enabled : no

SNMP port : 161

System contact : Test

System location: Boston

VRF name       : mgmt
Read-only communities:

public

Read-write communities:

good

Interface listen enabled: yes

Listen Interfaces:

Interface: mgmt0

switch (config) # show snmp host

Notifications enabled : yes

Default notification community: public

Default notification port : 162

Notification sinks:

20.20.20.20:

Enabled : yes

Port : 162 (default)

Notification type: SNMP v2c trap

Community : public (default)

VRF : other

10.10.10.10:

Enabled : yes

Port : 162 (default)

Notification type: SNMP v2c inform

Community : public (default)

VRF : default

Related Commands

show snmp

Notes


show snmp auto-refresh

show snmp auto-refresh

Displays SNMPD refresh mechanism status.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.1.0000

3.6.6000: Updated example

3.7.0000: Updated example

Example

switch (config) # show snmp auto-refresh

SNMP auto refresh:

Auto-refresh enabled: yes

Refresh interval (sec): 60

Cache enabled: yes

Auto-Refreshed tables:

ifTable

ifXTable

mellanoxIfVPITable

Related Commands

snmp-server auto-refresh

Notes


show snmp engineID

show snmp engineID

Displays SNMPv3 engine ID key.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.6.6102

Example

switch (config) # show snmp engineID

Local SNMP engineID: 0x80004f4db1dd435e80accf4a4d4d3031

Related Commands

snmp-server engineID

Notes


show snmp set-permission

show snmp set-permission

Displays SNMP SET permission settings.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.6.3004

Example

switch (config) # show snmp set-permission

---------------------------------------------

MIB Name Set Enable

---------------------------------------------

MELLANOX-CONFIG-DB-MIB yes

MELLANOX-EFM-MIB yes

MELLANOX-POWER-CYCLE yes

MELLANOX-SW-UPDATE no

RFC1213-MIB no

Related Commands

snmp-server enable set-permission

Notes


show snmp user

show snmp user

Displays SNMP user information.

Syntax Description

N/A

Default

N/A

Configuration Mode

config

History

3.1.0000

3.6.8008: Updated example

Example

switch (config) # show snmp user

User name: Hendrix

Enabled overall: yes

Authentication type: sha

Privacy type: des

Authentication password: (set)

Privacy password: (set)

Require privacy: yes

SET access:

Enabled: yes

Capability level: admin

Related Commands

show snmp

Notes


json-gw enable

json-gw enable

no json-gw enable

Enables the JSON API.

The no form of the command disables the JSON API.

Syntax Description

N/A

Default

JSON API is enabled

Configuration Mode

config

History

3.6.3004

Example

switch (config) # json-gw enable

Related Commands

show json-gw

Notes


json-gw synchronous-request-timeout

json-gw synchronous-request-timeout <timeout-value>

no json-gw synchronous-request-timeout

Defines a timeout value for synchronous JSON requests (in seconds).

The no form of the command returns the timeout value to its default.

Syntax Description

timeout-value

Define a timeout value for synchronous JSON requests

Range: 0-4294967295

Default

JSON API is enabled

Configuration Mode

config

History

3.6.3004

Example

switch (config) # json-gw synchronous-request-timeout 100

Related Commands

show json-gw

Notes


show json-gw

show json-gw

Displays the JSON API setting.

Syntax Description

N/A

Default

N/A

Configuration Mode

Any command mode

History

3.6.3004

3.6.4000: Updated example

Example

switch (config) # show json-gw

JSON Gateway enabled: yes

Synchronous request timeout: 30

JSON API version: 1.0

Related Commands

json-gw enable

json-gw synchronous-request-timeout <time out value>

Notes


© Copyright 2023, NVIDIA. Last updated on Nov 15, 2023.