The snmp-agent target-host trap command sets the destination IP address of a trap message.
The undo snmp-agent target-host command deletes the current setting.
snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] * params securityname security-string [ { v3 [ authentication | privacy ] | v2c | v1 } | notify-filter-profile profile-name | private-netmanager | ext-vb ] *
snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] * params securityname cipher security-string [ { v2c | v1 } | notify-filter-profile profile-name | private-netmanager | ext-vb ] *
undo snmp-agent target-host ip-address securityname [ cipher ] security-string [ vpn-instance vpn-instance-name ]
undo snmp-agent target-host trap address udp-domain ip-address [ udp-port port-number | source interface-type interface-number | [ public-net | vpn-instance vpn-instance-name ] ] * params securityname [ cipher ] security-string
| Parameter | Description | Value |
|---|---|---|
| address udp-domain ip-address | Specifies the IP address of a target host that uses UDP for transmission. |
- |
| udp-port port-number | Specifies the port number of a target host for receiving
trap messages. If the value is set to 0, the default port number 162 is used. |
It is an integer ranging from 0 to 65535. The default value is 162. |
| source interface-type interface-number | Specifies the source interface for sending a trap message. If the source interface for sending trap messages is not specified, the system randomly selects a routable interface to send trap messages. |
- |
| public-net | Accesses a target host on the public network. |
- |
| vpn-instance vpn-instance-name | Specifies the VPN instance name. When public-net and vpn-instance vpn-instance-name are not configured, if a network management VPN instance has been configured using the set net-manager vpn-instance command, the system accesses the target host in the network management VPN instance; if the set net-manager vpn-instance has not been run, the system accesses the target host on the public network. |
The vpn-instance parameter is optional. If vpn-instance is configured, the VPN instance specified by vpn-instance vpn-instance-name, IP address, and security name specified by securityname security-string form a 3-tuple to identify a host on a VPN. |
| params | Indicates parameters of the target host. |
- |
| securityname security-string | Specifies the user name that is displayed on the NMS. For SNMPv3, securityname must be configured as the user name. securityname configured on the host needs to be the same as that configured on the NMS, or the NMS cannot receive the trap messages sent from the host. For SNMPv2c, securityname must be configured as a community. the NMS can receive trap messages from all hosts without having securityname configured. securityname is used to distinguish multiple hosts that generate trap messages. |
The value is a string of 1 to 32 simple text characters or 48 or 68 ciphertext characters, spaces not supported. A string of 32 or 56 ciphertext characters are also supported. NOTE:
The security names must be unique on a device for differentiation. When double quotation marks are used around the string, spaces are allowed in the string. |
| cipher | Indicates that the security name is displayed in ciphertext. You can enter a simple text or ciphertext password, but the password is displayed in ciphertext in the configuration file. This parameter applies only to SNMPv2c. In SNMPv3, you must enter a user name in simple text. If cipher is not configured, only user names in simple text can be entered. |
- |
| v2c | Indicates SNMPv2c. |
- |
| v3 | Indicates SNMPv3. |
- |
| authentication | Authenticates but does not encrypt the packet. |
- |
| privacy | Authenticates and encrypts the packet. |
- |
| private-netmanager | Indicates the Huawei NMS as the target host receiving a trap message. When a Huawei NMS is deployed and this parameter is configured, a trap message sent to the NMS contains more information, such as the trap type, sequence of the trap, and sending time. |
- |
| notify-filter-profile profile-name | Specifies the filter profile name. If this parameter is configured, a target host filters received trap messages against the filter profile specified by profile-name. If this parameter is not configured, all trap messages are sent to a target host. |
It is a string of 1 to 32 characters without spaces. The filter profile must be configured using the snmp-agent notify-filter-profile command. NOTE:
When double quotation marks are used around the string, spaces are allowed in the string. |
| ext-vb | Indicates that trap messages sent to a target host carry extended bound variables. If alarm objects
defined in public MIBs are extended on a Huawei data communication
device, you can use ext-vb to determine
whether the corresponding trap messages sent from the device to an
NMS carry extended bound variables.
|
- |
Usage Scenario
By default, the destination IP address of trap messages is not configured.
To help the NMS manage devices and to ensure that information about a device operating status can be sent to the NMS in a timely manner, run the snmp-agent target-host trap command to configure the destination IP address of the trap alarm and to filter the alarm message.
By default, port 162 receives trap messages, and port 161 sends trap messages.
Precautions
Ensure that the user security level of a trap host is not lower than the security level of the user specified by securityname. Otherwise, the trap host cannot send trap messages normally.
If the security level of the user group is privacy, the security levels of the trap host and user must also be privacy.
If the security level of the user group is authentication, the security level of the trap host must also be authentication, and the security level of the user can be authentication or privacy.
If the security levels of the user group and trap host are authentication and privacy, respectively, the security level of the user must be privacy.
If the security levels of the user group and trap host are both noauthentication, the security level of the user can be noauthentication, authentication, or privacy.
If the security levels of the user group and trap host are noauthentication and authentication, respectively, the security level of the user can be authentication or privacy.
If the security levels of the user group and trap host are noauthentication and privacy, respectively, the security level of the user must be privacy.
For SNMPv2c, when a user with a level lower than the level configured using this command queries the securityname configured using the display this or display current-configuration command, the securityname is displayed as asterisks (******).
<sysname> system-view [sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname comaccess
<sysname> system-view [sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname comaccess v2c private-netmanager
<sysname> system-view [sysname] snmp-agent target-host trap address udp-domain 1.1.1.1 params securityname 123 v3 notify-filter-profile abc