5424 (8-SNMP).pdf

Chapter 8
Configuring SNMP and RMON
This chapter describes how to configure SNMP and RMON on the Corecess 5424.
Configuring SNMP 8 -2
This section introduces some basic information on SNMP and describes how to configure the
SNMP on the Corecess 5424.
Configuring RMON 8-18
This section introduces some basic information on the RMON protocol and describes how to
configure the RMON on the Corecess 5424.
SNMP and RMON Configuration Commands 8-34
This section lists the commands for configuring the SNMP and the RMON.
Configuring SNMP and RMON 8-1

Configuring SNMP
SNMP(Simple Network Management Protocol) Overview
8-2
The Simple Network Management Protocol (SNMP) is an application layer protocol that
facilitates the exchange of management information between network devices. It is part of the
Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables
network administrators to manage network performance, find and solve network problems,
and plan for network growth.
SNMP Basic Components
SNMP consists of the following three key components:
Managed Device
SNMP Agent and Management Information Base (MIB)
SNMP Manager
Managed Device
Managed
Device
SNMP Agent
MIB
A managed device is a network node that contains an SNMP agent and that resides on a
managed network. Managed devices collect and store management information and make this
information available to NMSs using SNMP. Managed devices, sometimes called network
elements, can be routers and access servers, switches and bridges, hubs, computer hosts, or
printers.
Corecess 5424 User’s Guide
SNMP
Manager
Managed
Device
SNMP Agent
MIB
Managed
Device
SNMP Agent
MIB

SNMP Agent and MIB
The SNMP agent is a network management module running in the managed device. The
SNMP agent responds to SNMP manager requests as follows:
Get a MIB variable: The SNMP agent initiates this function in response to a request from
the NMS. The agent retrieves the value of the requested MIB variable and responds to
the NMS with that value.
Set a MIB variable: The SNMP agent initiates this function in response to a message from
the NMS. The SNMP agent changes the value of the MIB variable to the value requested
by the NMS.
The SNMP agent also sends unsolicited trap messages to notify an NMS that a significant
event has occurred on the agent. Examples of traps conditions include, but are not limited to,
when a port or module goes up or down, when spanning-tree topology changes occur, and
when authentication failures occur.
The MIB is the information base, the SNMP agent must keep available for the managers. This
information base contains objects whose values provide information on the status of the
checked system or objects whose values can be modified by a manager to control the system.
Each object is identified by an Object ID (OID). There are two kinds of MIBs, standard MIB
and enterprise-specific MIB.
SNMP Manager
SNMP Manager is an integrated management module which collects information from SNMP
agent and sometimes sends warning messages depending on the each SNMP agent relations.
In other words, the actual data is collected from SNMP agent and this data will be processed
by management module and saved. To request information or configuration changes, respond
to requests, and send unsolicited alerts, the SNMP manger and SNMP agent use the four
messages (Get, GetNext, Set, trap). For more information on these messages, refer to the
following section.
Configuring SNMP and RMON 8-3

8-4
SNMP Messages
The SNMP manger and SNMP agent use the following SNMP messages to request
information or configuration changes, respond to requests, and send unsolicited alerts.
Get-Request / Get-Response Message
GetNext-Request / GetNext-Request Message
Set-Request Message
Trap Message
Get-Request Message
Get-Request Message is the basic SNMP request message. Sent by an SNMP manager, it
requests information about a single MIB entry on an SNMP agent. For example, the amount of
free drive space.
GetNext-Request Message
GetNext-Request Message is an extended type of request message that can be used to browse
the entire tree of management objects. When processing a Get-next request for a particular
object, the agent returns the identity and value of the object which logically follows the object
from the request. The Get-next request is useful for dynamic tables, such as an internal IP
route table.
Set-Request Message
If write access is permitted, Set-Request message can be used to send and assign an updated
MIB value to the agent.
Trap Message
An unsolicited message sent by an SNMP agent to an SNMP manager when the agent detects
that a certain type of event has occurred locally on the managed device. For example, a trap
message might be sent on a system restart event.
Corecess 5424 User’s Guide

SNMP Community Strings
SNMP community strings authenticate access to MIB objects and function as embedded
passwords. In order for the NMS to access the system, the community string definitions on the
NMS must match at least one of the three community string definitions on the system.
A community string can have one of the following attributes:
| Table 8-1 Types of community strings |
Read-only
Read-write
Types Access Right
Read-write-all
Trap
Gives read access to authorized management stations to all objects in the MIB
except the community strings, but does not allow write access
Gives read and write access to authorized management stations to all objects in the
MIB, but does not allow access to the community strings
Gives read and write access to authorized management stations to all objects in the
MIB, including the community strings
Trap is a defined status of event or system. For example, event generated when port
configuration is changed or a host having not-allowed IP address accesses can be defined as a
trap. You can configure the level of trap according to the kind of events. If a trap occurs on the
system, the SNMP agent send SNMP trap message to the registered trap host.
Configuring SNMP and RMON 8-5

Configuring SNMP
8-6
SNMP Default Configuration
The default SNMP configuration of the Corecess 5424 is as follows:
| Table 8-2 Default SNMP configuration |
Corecess 5424 User’s Guide
SNMP Configuration Element Default Setting
Agent contact information (MIB-II System Contact variable) None configured
Agent location information (MIB-II System Location variable) None configured
Community strings None configured
Trap None enabled
Trap Host None configured
RMON Enabled
Setting the System Contact and Location Information
In the system group of MIB-II (Public MIB) supported by the Corecess 5424 has System Contact
variable and System Location variable displaying the system contact information and system
location information.
The values of these variables can be browsed or modified via ViewlinX, NMS of the Corecess
or NMS of other companies. To specify these values, use the following commands:
| Table 8-3 Setting the system contact and location information |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server contact
snmp-server location
end 4. Return to Privileged mode.
2. Set the system contact information.
: String described for system contact information.
3. Set the system location information.
: String described for system location information.
show snmp-server 5. Verify the system contact and location information.

The following is an example of setting the system contact information and system location
information:
Parameter Value
System contact information TEL: +82-2-3016-6900
System location information Daechi-dong Seoul Korea
# configure terminal
(config)# snmp-server contact "TEL:+82-2-3016-6900"
(config)# snmp-server location "Daechi-dong Seoul Korea"
(config)# end
# show snmp-server
RMON: Enabled
Extended RMON: Extended RMON module is not present
sysContact TEL:+82-2-3016-6900
sysLocation Daechi-dong Seoul Korea
...
#
Configuring Community Strings
You use the SNMP community string to define the relationship between the SNMP manager
and the agent. The community string acts like a password to permit access to the agent on the
system. One thing to be aware of is that in case of adding new community string using the
Corecess 5424 CLI command, this community string must be added in NMS in order to
connect to the system using this community string. To define SNMP community strings, use
the following commands in Privileged mode:
| Table 8-4 Configuring SNMP community strings |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server community
end 3. Return to Privileged mode.
show snmp-server
community-list
2. Define the SNMP community strings for each access type.
: The SNMP community name for this system.
Enter an unquoted text string with no space and a maximum length
of 12 characters.
: Access type for this community (read-only, read-write)
4. Verify new community string.
Configuring SNMP and RMON 8-7

8-8
The following example defines new community string:
# configure terminal
(config)# snmp-server community cc5424 rw
(config)# end
# show snmp-server
RMON: Enabled
Extended RMON: Extended RMON module is not present
sysContact Dial System Administrator at phone #2734
sysLocation 1st_floor_lab
Community-Access Community-String
---------------- ----------------
read-write cc5424
...
#
To delete a community string, use the no snmp-server community command in Global
configuration mode as follows:
(config)# no snmp-server community cc5424
(config)# end
# show snmp-server community-list
#
Configuring Trap Host
Trap host is the host to receive traps from an SNMP agent. Trap is message sent by an SNMP
agent to an NMS, a console, or a terminal to indicate the occurrence of a significant event, such
as a specifically defined condition or a threshold that was reached. By default, no trap host is
configured. To receive the trap generated on your managed device using NMS, you must add
the NMS as a trap host. You can specify up to twenty trap hosts on the Corecess 5424.
Corecess 5424 User’s Guide

To add or modify trap hosts, use the following commands in Privileged mode:
| Table 8-5 Configuring a trap host |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server host
port
end 3. Return to Privileged mode.
show snmp-server traphost 4. Verify the trap host entries
The following example shows how to add a trap host:
2. Add a trap host.
: The IP address or host name of an SNMP
host that has been configured to receive traps.
: The community name to use when
sending traps to the specified SNMP host.
: The UDP port number to use when sending
traps to the specified SNMP host (1 ~ 65535, default
setting: 165).
# configure terminal
(config)# snmp-server host 172.168.2.23 cc5424 port default
(config)# end
# show snmp-server
RMON: Enabled
Extended RMON: Extended RMON module is not present
:
Trap-Rec-Address Trap-Rec-Community
------------------------- ------------------
udp:172.168.2.23:162 cc5424
:
#
To delete a trap host, use the no snmp-server host command in Global configuration
mode. The following example deletes a trap host 172.168.2.23:
(config)# no snmp-server host 168.28.1.1
(config)# end
# show snmp-server traphost
#
Configuring SNMP and RMON 8-9

8-10
Configuring Trap Type
Traps are system alerts that the Corecess 5424 generates when certain events occur. The
Corecess 5424 supports the following trap types:
| Table 8-6 Types of trap supported by Corecess 5424 |
Trap Types Description
chassis
Corecess 5424 User’s Guide
Sends a trap message when power supply is installed or uninstalled,
temperature limitations are exceeded, or fan errors occur.
module Sends a trap message when a module goes up or down.
port Sends a trap message when a port goes up or down.
bridge
Sends a trap message when there are spanning tree topology
changes.
repeater Sends a trap message when Ethernet hub repeater state is changed.
ip_permit
sysconfig
entity
auth
sysauth
Sends a trap message when there are access attempts with
unauthorized IP address.
Sends a trap message when the system backup configuration is
changed.
Sends a trap message when there is Entity Management Information
Base (MIB) change.
Sends a trap message when there are access attempts with
unauthorized community string.
Sends a trap message when unauthorized user attempts access to the
system.
cpuload Sends a trap message when CPU load limitations are exceeded.
bgp
dhcp
Sends a trap message when Border Gateway Protocol (BGP) state is
changed.
Sends a trap message when Dynamic Host Configuration Protocol
(DHCP) state is changed.
When a trap is enabled, if an error occurs in the device where corresponding trap is enabled or
if problem occurs in the part defined by the trap, such error status (trap message) are
transmitted to the trap receiving host and NMS, the SNMP agent. By default, all trap types are
disabled. To send traps to the trap hosts, the trap types should be enabled.

To enable a trap type, use the following commands in Privileged mode:
| Table 8-7 Enabling a trap type |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server enable traps
2. Enable the specified trap type.
: Trap type to be enabled (all: all trap types).
end 3. Return to Privileged mode.
show snmp-server 4. Check the state of the trap.
The following example enables the port and auth traps:
# configure terminal
(config)# snmp-server enable traps port
(config)# snmp-server enable traps auth
(config)# end
# show snmp-server
RMON: Enabled
Extended RMON: Extended RMON module is not present
:
Trap-Rec-Address Trap-Rec-Community
------------------------- ------------------
Traps Enabled
------------------------- ------------------
chassis disabled
module disabled
port enabled
bridge disabled
repeater disabled
ip_permit disabled
sysconfig disabled
entity disabled
cpuload disabled
auth enabled
sysauth disabled
bgp disabled
dhcp disabled
atm disabled
#
To disable the trap type, use the no snmp-server enable traps command as follows:
(config)# no snmp-server enable traps port
Configuring SNMP and RMON 8-11

8-12
Configuring SNMP Access Groups
You can configure an SNMP access group by using access lists. The hosts that are permitted in
the access lists can access to the system via SNMP.
To configure SNMP access group by using access lists, use the following commands in
Privileged mode:
| Table 8-8 Configuring SNMP acess groups |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server enable traps
Corecess 5424 User’s Guide
2. Configure a new SNMP access group.
: Standard access list number (1 ~ 99, 100 ~ 199)
The following example shows how to configure a SNMP access group:
(config)# access-list 12 permit 192.89.55.0 0.0.0.255
(config)# snmp-server group access 12
(config)#
The hosts that belong to 192.89.55.0 network can access to the system via SNMP.

Displaying SNMP Information
The section describes how to display SNMP configuration information, SNMP community
strings, SNMP trap hosts, and SNMP statistics.
Displying SNMP Configuration Information
To display SNMP configuration information, use the show snmp-server command in
Privileged mode.
The following example is a sample output of the show snmp-server command:
# show snmp-server
RMON: Disabled
Extended RMON: Extended RMON module is not present
sysContact support@corecess.com
sysLocation Unknown
Community-Access Community-String
---------------- ----------------
read-only public
read-write private
read-only corecess
Trap-Rec-Address Trap-Rec-Community
------------------------- ------------------
udp:172.27.2.36:162
Traps Enabled
------------------------- ------------------
chassis disabled
module disabled
port disabled
bridge disabled
repeater disabled
ip_permit disabled
sysconfig disabled
entity disabled
cpuload disabled
auth disabled
sysauth disabled
bgp disabled
dhcp disabled
atm disabled
#
Configuring SNMP and RMON 8-13

8-14
The table below describes the fields shown by the show snmp-server command:
| Table 8-9 show snmp-server field descriptions |
RMON
Extended RMON
Corecess 5424 User’s Guide
Field Description Default
Status of whether RMON is enabled or
disabled
Status of whether extended RMON is
enabled or disabled
enabled
not supported
sysContact SNMP system contact string unknown
sysLocation SNMP system location string unknown
community
TrapReceiver
Trap
Community-Access
Community-String
Trap-Rec-Address
Trap-Rec-Community
Traps Trap types
Enabled
Displaying SNMP Community Strings
Configured SNMP communities
- read-only
- read-write
SNMP community strings associated with
each SNMP community
IP address of trap receiver hosts and UDP
port number for sending trap messages.
SNMP community string used for trap
messages to the trap receiver.
Status of whether trap type is enabled or
disabled
none
disabled
To display SNMP community strings, use the show snmp-server community-list
command in Privileged mode.
The following example shows how to display SNMP community strings:
# show snmp-server community-list
community:pubilc access: ro
community:private access: rw
community:corecess access: ro
#
The table below describes the fields shown by the show snmp-server community-list
command output:

| Table 8-10 show snmp-server community-list field descriptions |
Field Description
community SNMP community strings
access
Displaying SNMP Statistics
Access right of the community strings
- ro : Read-only
- rw : Read-write
To display SNMP statistics, use the show snmp-server statistics command in
Privileged mode.
The following is sample output from the show snmp-server statistics command:
# show snmp-server statistics
10090 SNMP packets input
0 Bad SNMP version errors
96 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
28051 Number of requested variables
12 Number of altered variables
9854 Get-request PDUs
83 Get-next PDUs
12 Set-request PDUs
9994 SNMP packet output
0 Too big errors (Maximum packet size 1500)
3 No such name errors
0 Bad values errors
0 General errors
9994 Response PDUs
0 Trap PDUs
#
Configuring SNMP and RMON 8-15

8-16
The table below describes the fields shown by the show snmp-server statistics
command output:
| Table 8-11 show snmp-server statistics field descriptions |
Field Description
SNMP packets input Total number of SNMP packets input.
Bad SNMP version errors Number of packets with an invalid SNMP version.
Unknown community name Number of SNMP packets with an unknown community name.
Illegal operation for
community name supplied
Corecess 5424 User’s Guide
Number of packets requesting an operation not allowed for that
community.
Encoding errors Number of SNMP packets that were improperly encoded.
Number of requested
variables
Number of variables requested by SNMP managers.
Number of altered variables Number of variables altered by SNMP managers.
Get-request PDUs Number of get requests received.
Get-next PDUs Number of get-next requests received.
Set-request PDUs Number of set requests received.
SNMP packet output Total number of SNMP packets sent by the router.
Too big errors
No such name errors
Bad values errors
General errors
Number of SNMP packets which were larger than the maximum
packet size.
Number of SNMP requests that specified an MIB object which does
not exist.
Number of SNMP set requests that specified an invalid value for an
MIB object.
Number of SNMP set requests that failed due to some other error. (It
was not a noSuchName error, badValue error, or any of the other
specific errors.)
Response PDUs Number of responses sent in reply to requests.
Trap PDUs Number of SNMP traps sent.

Displaying SNMP Trap Hosts
To display the list of the trap receiver hosts, use the show snmp-server traphost
command in Privileged mode.
The following example shows how to display the list of the trap receiver hosts:
# show snmp-server traphost
host: udp:172.27.2.36:162 comm: public
host: udp:172.28.3.178:24 comm: corecess
#
The table below describes the fields shown by the show snmp-server traphost
command output:
| Table 8-12 show snmp-server traphost field descriptions |
Field Description
host Protocol : IP address of a trap receiver host: port number.
comm SNMP community strings of the trap receiver host.
Configuring SNMP and RMON 8-17

Configuring RMON
RMON (Remote MONitoring) Overview
8-18
The RMON is a standard MIB that defines current and historical MAC-layer statistics and
control objects, allowing you to capture real-time information across the entire network. The
RMON standard is an SNMP MIB definition described in RFC 1757 (formerly 1271) for
Ethernet.
The RMON MIB provides a standard method to monitor the basic operations of the Ethernet,
providing inoperability between SNMP management stations and monitoring agents. The
RMON also provides a powerful alarm and event mechanism for setting thresholds and for
notifying you of changes in network behavior.
You can use the RMON to analyze and monitor network traffic data within remote LAN
segments from a central location. This allows you to detect, isolate, diagnose, and report
potential and actual network problems before they escalate to crisis situations. For example,
the Corecess 5424 can identify the hosts on a network that generate the most traffic or errors.
The RMON allows you to set up automatic histories, which the RMON agent collects over a
period of time, providing trending data on such basic statistics as utilization, collisions, and so
forth.
The RMON monitors nine MIB groups including network statistics. The following table lists
the RMON MIB groups:
| Table 8-13 RMON groups |
Group Description
1. Statistics Collects the network statistics.
2. History Records the network activity in sequence of time.
3. Alarm Defines level of the alarms to be informed to the manager.
4. Host Monitors the hosts in the network.
5. Host Top N Filters and manages the information of N hosts.
6. Matrix Monitors the traffics between network nodes.
7. Filter Monitors the specified packets on the network segment.
8. Packet Capture
Creates capture buffers and controls how the buffers are filled and how
much of each packet is stored.
9. Event Determines the action to take when an event is triggered by an alarm.
Corecess 5424 User’s Guide

The Corecess 5424 supports the following four groups among the nine groups:
1) Statistics (RMON group 1)
Collects the number of packets/bytes, the number of broddcast/multicast packets, the
number of collisions, the number of errors occurred (fragment, CRC, jabber, short-length,
long-length) on an interface.
2) History (RMON group 2)
Collects a history group of statistics on Ethernet, Fast Ethernet, and Gigabit Ethernet
interfaces for a specified polling interval
3) Alarm (RMON group 3)
Monitors a specific management information base (MIB) object for a specified interval,
triggers an alarm at a specified value (rising threshold), and resets the alarm at another
value (falling threshold). Alarms can be used with events; the alarm triggers an event,
which can generate a log entry or an SNMP trap
4) Event (RMON group 9)
Determines the action to take when an event is triggered by an alarm. The action can be to
generate a log entry or an SNMP trap.
Configuring SNMP and RMON 8-19

Configuring RMON
8-20
Enabling RMON
To enable RMON, perform this task in Privileged mode:
| Table 8-14 Enabling RMON |
Command Task
configure terminal 1. Enter Global configuration mode.
snmp-server enable rmon 2. Enable the RMON on the Corecess 5424.
end 3. Return to Privileged mode.
show snmp-server 4. Verify that RMON is enabled.
This example shows how to enable the RMON on the Corecess 5424 and how to verify that
RMON is enabled:
# configure terminal
(config)# snmp-server enable rmon
(config)# end
# show snmp-server
RMON: Enabled
Extended RMON: Extended RMON module is not present
sysContact TEL:+82-2-3016-6900
sysLocation Daechi-dong Seoul Korea
...
Corecess 5424 User’s Guide

Configuring Statistics Groups
The RMON Statistics group records data that the Ethernet DCM measures on network
interfaces. The Ethernet DCM creates one entry for each Ethernet interface it monitors and
places the entry in the EtherStatsTable. The EtherStatsTable also contains control parameters
for this group.
To configure an RMON statistics group, use the following commands in Global configuration
mode:
| Table 8-15 Configuring RMON statistics group |
Command Task
configure terminal 1. Enter Global configuration mode.
rmon etherstats
owner
2. Set a statistics group.
: RMON statistics group number (1 ~ 65535)
: The data source object for the Ethernet port. The port is
identified by an ifIndex data object identifier. To see a list of data
object IDs, use the show interface command.
owner : option for specifying an owner who
defined and is using the statistics resources
end 3. Return to Privileged mode.
show rmon 4. Verify the configuration.
The following is an example of configuring a statistics group:
Parameter Value
Statistics group No. 1
Interface ID 5
Owner 172.1.1.1
# configure terminal
(config)# rmon etherstats 1 5 owner kd_hong
(config)# end
# show rmon
RMON memory: 30%
[statistics]
etherStatsIndex etherStatsOwner etherStatsStatus
------------------- ------------------- --------------------
1 172.1.1.1 valid
. . .
Configuring SNMP and RMON 8-21

8-22
Configuring History Groups
The RMON History group contains a control and data collection function. The control
function manages the periodic statistical sampling of data from networks and specifies control
parameters, such as the frequency of data sampling, in the historyControlTable. The history
function records periodic statistical samples from Ethernet networks, for example, interval
start time and number of packets. This function places the statistical samples in the
etherHistoryTable.
You can configure the operation of the RMON history that periodically samples any Ethernet
port for statistical data. All ports are preconfigured with histories for 30-second and 30-minute
intervals, and 50 buckets with one sample per bucket. However, you can create additional
histories for a specific port. This allows you to configure the time interval to take the sample
and the number of samples you want to save.
To configure an RMON history group, use the following commands in Global configuration
mode:
| Table 8-16 Configuring RMON history group |
Command Task
configure terminal 1. Enter Global configuration mode.
rmon historycontrol
{ |
/} owner
end 3. Return to Privileged mode.
show rmon 4. Verify the configuration.
Corecess 5424 User’s Guide
2. Set a history group.
: RMON history number (1 ~ 65535)
: Interface number (1 ~ 2147483647)
: Port type (fastethernet, gigabitethern)
/ : Slot number/port number
: MIB object monitoring interval (1-2147483647 seconds)
: The data source object for the Ethernet port. The port is
identified by an ifIndex data object identifier. To see a list of data
object IDs, use the show interface command.
owner : option for specifying an owner who defined
and is using the history resources
: The bucket count for the interval (1 ~ 65535)
: The time interval for the history (1 ~ 3600
seconds)

The following is an example of configuring a history group:
# configure terminal
(config)# rmon historycontrol 1 gigabitethernet 1/1 owner aaa 50 30
(config)# end
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
[history]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
.
.
#
To display the detail information on a history group, enter the show rmon history
command with the history number:
# show rmon history 1
Entry 1 is valid, and owned by aaa
Monitors ifEntry.ifIndex.1 every 10 seconds
Requested # of time intervals, is buckets, is 10
Granted # of time intervals, is buckets, is 10
Sample # 6878 began measuring at 1days 18h:5m:52s:44th(15155244)
Received 0 octets, 0 packets,
0 broadcast and 0 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 0
.
.
.
Sample # 6887 began measuring at 1days 18h:7m:22s:44th(15164244)
Configuring SNMP and RMON 8-23

8-24
#
Received 0 octets, 0 packets,
0 broadcast and 0 multicast packets,
0 undersized and 0 oversized packets,
0 fragments and 0 jabbers,
0 CRC alignment errors and 0 collisions.
# of dropped packet events is 0
Network utilization is estimated at 0
To delete a history group, enter the no rmon historycontrol command in Global
configuration mode:
(config)# no rmon historycontrol 1
(config)#
Corecess 5424 User’s Guide

Configuring Alarm Groups
The RMON Alarm group allows you to set an alarm threshold and a sampling interval to
enable the RMON agent to generate alarms on any network segment it monitors. Alarm
thresholds can be based on ‘absolute’ or ‘delta’ values so that you can be notified of rapid
spikes or drops in a monitored value.
Each alarm is linked to an event in the event group. An event defines an action that will be
triggered when the alarm threshold is exceeded.
The alarm group periodically takes statistical samples from variables and compares them to
previously configured thresholds. The Alarm Table stores configuration entries that define a
variable, a polling period, and threshold parameters. If the RMON agents determines that a
sample crosses the threshold values, it generates an event. You can specify rising or falling
thresholds, indicating network faults such as slow throughput or other network-related
performance problems. You specify rising thresholds when you want to be notified that an
alarm has risen above the threshold you specified. You specify falling thresholds when you
want to be notified that the network is behaving normally again. For example, you might
specify a falling threshold of 30 collisions per second to indicate a return to acceptable
behavior.
When you configure an alarm condition, you must define the following values:
The monitoring interval over which data is sampled.
The variable to be sampled.
Rising and falling thresholds used to detect when network trouble starts and when it ends.
The event that takes place when a rising threshold is crossed.
The event that takes place when a falling threshold is crossed.
An RMON event is the action that occurs when an associated RMON alarm is triggered. When
an alarm event occurs, it can be configured to generate a log event, a trap to an SNMP network
management station, or both. For information on viewing alarm events in log files.
An RMON alarm allows you to monitor a MIB object for a desired transitory state. An alarm
periodically takes samples of the object's value and compares them to the configured
thresholds.
Configuring SNMP and RMON 8-25

8-26
RMON allows you to configure two types of sampling, absolute and delta:
Absolute sampling compares the sample value directly to the threshold. This sampling is
similar to a gauge, recording values that go up or down.
Delta sampling subtracts the current sample value from the last sample taken, and then
compares the difference to the threshold. This sampling is similar to a counter, recording a
value that is constantly increasing.
To set an RMON alarm, use the following commands in Privileged mode:
|Table 8-12 Configuring RMON alarm group |
Command Task
configure terminal 1. Enter Global configuration mode.
rmon alarm
{
|}
{delta | absolute}
{rising | falling |
both} threshold
event-index owner
Corecess 5424 User’s Guide
2. Set an alarm on a MIB object.
: Alarm number (1 ~ 65535)
: MIB object monitoring interval (1-2147483647 seconds)
: Value to monitor. Select one of the following values:
- multicastPkts: The number of incoming multicast packets.
- cRCAlignErrors: The number of incoming packets with CRC errors.
- collisions: The number of times a collision occurs while the packet is
received.
- octets: The total number of incoming octets.
- pkts: The total number of incoming packets.
- broadcastPkts: The number of incoming broadcast packets
- pkts256to511: The number of incoming packets 256 to 511 bytes in
length.
- pkts512to1023: The number of incoming packets 512 to 1023 bytes in
length.
- pkts1024to1518: The number of incoming packets 1024 to 1518 bytes
in length.
- pkts64: The number of incoming packets 64 bytes in length
- pkts65to127: The number of incoming packets 65 to 127 bytes in
length.
- pkts128to255: The number of incoming packets 128 to 255 bytes in
length.
: The number of statistics group to get the
selected value from option (0 ~ 65535).
: OID number of the MIB object to monitor.
absolute: Option for testing each MIB variable directly.
delta: Option for testing the change between MIB variables
rising: Option for triggering alarm when the monitored value
exceeds the rising threshold
falling: Option for triggering alarm when the monitored value
exceeds the falling threshold
rising_or_falling: Option for triggering alarm when the monitored
value exceeds the rising or falling threshol

(Continued)
Command Task
end 2. Return to Privileged mode.
show rmon 3. Verify the configuration.
rising-threshold : Value at which the alarm is triggered (0
~ 2147483647)
falling-threshold : Value at which the alarm is reset (0 ~
2147483647)
rising-event-index : Event number to trigger
when the rising threshold exceeds its limit. (0 ~ 65535)
falling-event-index : Event number to trigger
when the falling threshold exceeds its limit. (0 ~ 65535)
owner : option for specifying an owner for the
alarm.
The following example shows how to configure RMON alarm group and check the result:
# configure terminal
(config)# rmon alarm 1 10 pkts 1 absolute both threshold 1000 100 event-index
1 1 owner aaa
(config)# end
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
[history]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
[alarm]
index status sample
----- -------------- -----------------------------
1 valid etherStatsPkts.1
[event]
index status type
----- -------------- ---------------
10 valid logandtrap
Configuring SNMP and RMON 8-27

8-28
.
.
#
Before configure RMON alarm group, you should verify that the statistics group
() is defined. If you specify undefined statistics group, the ‘Can't fetch
the MIB values’ message will be displayed:
(config)# rmon alarm 2 20 pkts 10 absolute rising threshold 1000 100 eventindex
1 1 owner kimka
Can't fetch the MIB values
(config)#
To display the detail information on an alarm group, enter the show rmon alarm command
with the alarm number:
# show rmon alarm 1
Alarm 1 is valid, owned by aaa
Monitors etherStatsEntry.etherStatsPkts.1 every 10 seconds
Taking absolute samples, last value was 0
Rising threshold is 1000, assigned to event 1
Falling threshold is 100, assigned to event 1
On startup enable rising or falling alarm
#
To delete a RMON alarm group, enter the no rmon alarm command in Global configuration
mode:
(config)# no rmon alarm 1
(config)#
Corecess 5424 User’s Guide

Configuring Event Groups
The RMON Event group allows for the generation of an SNMP trap, the generation of a log entry,
or both, for any event you choose. An event can occur when the sample variable exceeds the
alarm threshold or a channel match event generated. Traps can be delivered by the RMON
agent to multiple management stations.
In order for RMON to generate trap events, you must set up the SNMP managers table based
on the SNMP community strings (for example, public) you are using with the network
management application and the hosts on which you are running applications. If you fail to
make these changes, the system will be unable to send trap events to the network
management station.
When you set up the SNMP managers table, you can use the SNMP community strings that
the network management application uses and modify the trap receiving tables on the router
to use these names. Or, you can configure the router to use specific SNMP community strings
and modify the network management software to use these strings.
To set an RMON event, use the following commands in Privileged mode:
| Table 8-13 Configuring RMON event group |
Command Task
configure terminal 1. Enter Global configuration mode.
rmon event
description
{trap |
log } owner
end 3. Return to Privileged mode.
show rmon 4. Verify the configuration.
2 Add or remove an event in the RMON event table.
: Assigned event number (1 ~ 65535).
description : A description of the event.
log: Option for generating an RMON log entry when the event is
triggered
trap : Option for generating SNMP trap with the
community string when the event occurs.
owner : Option for specifying an owner for the event.
Configuring SNMP and RMON 8-29

8-30
This example shows how to configure an event group on the Corecess 5424 and how to verify
that they are configured:
Parameter Value
Event index 10
Event description Event to create log entry and SNMP notification
Event type log, trap
Community public
Owner help_desk
# configure terminal
(config)# rmon event 10 description “Event to create log entry and SNMP
notification” log trap public owner help_desk
(config)# end
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
2 valid ifIndex.3 (Fa 3/1)
[history]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
[alarm]
index status sample
----- -------------- -----------------------------
[event]
index status type
----- -------------- ---------------
10
.
.
#
valid logandtrap
Corecess 5424 User’s Guide

To display the detail information on an event group, enter the show rmon events
command with the event number:
# show rmon events 1
# show rmon events 10
Event 10 is valid, owned by help_desk
Description is Event to create log entry and SNMP notification
Event firing causes log and trap to community public
last fired 0days 00:00:00:00
Event 2 is valid, owned by 172.1.1.1
Description is High_trap
Event firing causes trap to community corecess
last fired 0days 0h:0m:30s:73th(3073)
Event 10 is valid, owned by help_desk
Description is Event to create log entry and SNMP notification
Event firing causes log and trap to community public
last fired 0days 00:00:00:00
#
To delete an event group, enter the no rmon event command in Global configuration mode:
(config)# no rmon event 10
(config)#
Configuring SNMP and RMON 8-31

Displaying RMON Information
8-32
To display the current RMON configuration, enter the show rmon command in Privileged
mode. You can execute the show rmon command with the following options:
alarm Displays the RMON alarm table.
events Displays the RMON event table.
history Displays the RMON history table.
statistics Displays the RMON statistics table.
If you do not specify any option, the contents of the RMON alarm table, event table, history table, and
statistics table are displayed. The following is a sample output of the show rmon command:
# show rmon
RMON: Enabled
Extended RMON: Extended RMON module is not present
[statistics]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
[history]
index status dataSource
----- -------------- -----------------------------
1 valid ifIndex.1 (Gi 1/1)
[alarm]
index status sample
----- -------------- -----------------------------
1 valid etherStatsPkts.1
[event]
index status type
----- -------------- ---------------
10
#
valid logandtrap
Corecess 5424 User’s Guide

The table below describes the fields in the show rmon command output:
| Table 8-18 show rmon field descriptions |
Field Description
RMON Running status of the RMON.
statistics
history
alarm
event
Index Index of the RMON statistics entry into the statisticsTable.
Status Status of the RMON statistics entry.
dataSource Data source of the RMON statistics entry.
Index Index of the RMON history entry into the historyTable.
Status Status of the RMON history entry.
dataSource Data source of the RMON history entry.
Index Index of the RMON alarm entry into the alarmTable.
Status The owner of the RMON alarm entry.
Sample Data source of the RMON alarm entry.
Index Index of the RMON event entry into the eventTable.
Status Status of the RMON event entry.
Type Type of event.
Configuring SNMP and RMON 8-33

SNMP and RMON Configuration Commands
8-34
The table below shows the list of SNMP and RMON configuration commands and their
functions.
| Table 8-14 SNMP & RMON Configuration Commands |
Command Function
show snmp-server Displays SNMP parameters.
show snmp-server community-list Displays SNMP community configuration.
show snmp-server statistics Displays SNMP statistics.
show snmp-server traphost Displays the list of the trap receiver hosts.
show rmon
Corecess 5424 User’s Guide
Displays the contents of the RMON alarm table, event table,
history table, and statistics table.
snmp-server community Configures the SNMP community strings.
snmp-server contact Specifies the system contact information.
snmp-server enable rmon Enables the RMON.
snmp-server enable traps Enables a SNMP trap.
snmp-server group access
Limits hosts which can access to the system through SNMP based
on the access list.
snmp-server host Specifies hosts to receive SNMP notifications.
snmp-server location Specifies the system location information..
rmon alarm Configure an RMON alarm group.
rmon etherstats Configures an RMON statistics group.
rmon event Configures an RMON event group.
rmon historycontrol Configures an RMON history group.