Using SNMP with HP X Stations

SNMP is also used to monitor X station parallel ports and report back status and configuration information for locally attached parallel printers.

You can choose to use either SNMP Version 1 or party-based SNMP Version 2. The default is to load the Version 1 downloadable extension. If you plan to use the functionality that is available in Version 2, you must specifically load it.

This chapter provides a brief overview of SNMP (V1 and V2) and how it is used with ENWARE. Topics in this chapter include:

• About SNMP
  • About SNMP Version 1
  • About SNMP Version 2
• Configuring the SNMP Agents
• Limitations of the SNMP Agents
• For More Information.

About SNMP

Simple Network Management Protocol (SNMP) provides a way to monitor and control devices on a network. SNMP does this by providing a mechanism to read and set specific variables in the device. The networked devices (e.g. X stations) run software (known as an SNMP agent) that communicates with network management software using SNMP, and performs the read and set operations.

There are two versions of SNMP available. ENWARE 7.0 includes an agent that supports just SNMP V1 and one that supports both V1 and party-based V2.

Management Information Bases (MIBs)

• MIB-II (RFC 1213)
• Interface MIB (RFC 1573)
• Ethernet-like Interfaces MIB (RFC 1643)
• Character Stream Devices MIB (RFC 1658)
• RS232 Devices MIB (RFC 1659)
• Parallel Port Devices MIB (RFC 1660)

If you have a Token Ring interface installed, then the agents also support:

• 802.5 Interfaces MIB (RFC 1748)
• 802.5 Source Routing MIB (RFC 1749)

If you have a 100VG interface installed, the agents also support an experimental MIB for this interface.

To find out more detailed information on ENWARE 7.0's compliance with these MIBs, refer to basepath/snmp/conformance.mib. This file contains information on the SNMP V2 agent capabilities for the ENWARE 7.0 agents.

HP X stations also support a proprietary MIB which also allows access to many of the X station's configuration parameters. This MIB can be found in basepath/snmp/hpxt.mib (which is in SNMP V2 standard format), or basepath/snmp/hpxtV1.mib (which is in SNMP V1 standard format).

Most of the variables in this MIB are both readable and writable. Included are variables that allow rebooting the X station and resetting the X server. These actions can be performed both immediately and after a specified delay.

For backwards compatibility, ENWARE 7.0 also supports the proprietary MIB supported by older HP X station SNMP agents. This MIB can be found in basepath/snmp/hp700rx.mib. As in the older HP X station agents, the variables in this MIB (excluding the reset variable) are read-only. Corresponding writable variables exist in the new MIB.

SNMP Agents and Traps

Event

Description

Cold start

The X station was just rebooted.

Authentication failure

The SNMP agent couldn't authenticate a message.

Link up

A network interface just went up.

Link down

A network interface just went down.

XDM failure

The X station's XDM software has closed the X session.

Low memory

The X stations' memory pool is (almost) depleted.

Timed reset

The X station is about to execute a time delayed X server reset.

Timed boot

The X station is about to execute a time delayed reboot.

About SNMP Version 1

SNMP V1 is the commonly available version of SNMP. The agents provided with ENWARE 7.0 comply with RFC 1155 and RF 1157 and those parts of RFC 1213 which apply to this type of equipment.

The V1-only agent is basepath/bin/Snmpd. The X station loads this agent by default.

V1 agents use text strings known as "communities" to control access to their MIBs. These communities essentially act as passwords.

About SNMP Version 2

A number of limitations have been recognized in SNMP V1. SNMP V2 is being developed as a replacement for SNMP V1. Ultimately, it will provide a number of enhancements, including:

• Support for better authentication

• Support for better data security using encryption

• Better access to large amounts of data

• A wider range of data types, including 64-bit counters needed for modern high-speed networks

• Better specification of agent and manager capabilities and data objects.

Definition of the security aspects (authentication and encryption) has proven to be difficult. For this reason, the current specification of SNMP V2 addresses only the last three of these enhancements. An earlier version of the specifications dealt with all five enhancements, using a scheme known as "party-based" security. The SNMP V2 agent included with ENWARE 7.0 supports this party-based security scheme.

The SNMP V2 agent included with ENWARE 7.0 conforms to RFCs 1441 to 1449. In addition to the MIBs already listed, party-based SNMP V2 supports:

• SNMP V2 Party MIB (RFC 1447)
• SNMP V2 MIB (RFC 1550).

To control access to their MIBs, SNMP V2 agents use a concept known as "parties". A party is one side of an SNMP agent exchange (e.g. a network manager would be one party and the agent another party). Both sides maintain information about either party.

Loading the SNMP V2 Agent

The SNMP V2 agent is: basepath/bin/snmpdV2

This agent supports both V1 and party-based V2 SNMP. To load this agent instead of the V1 agent:

1. Edit the file: basepath/bin/modules.ld

   This file contains two lines which cause the X station to load SNMP software.

2. Comment out the following line that loads the V1 agent:

   bin/Snmpd     "Ext autoload" Snmpd      "Snmpd V1 Extension"
   

3. Uncomment the line that loads the V1/V2 agent:

   bin/SnmpdV2   "Ext autoload" Snmpd      "Snmpd V2 Extension"
   

Configuring the SNMP Agents

There are two sources that provide configuration information for the SNMP agents:

• Configuration files on the file server that the agents read
• Configuration information that the agents use by default.

The agents first read the file:

• basepath/etc/snmpdrc

  and then

• basepath/etc/terminal.snmpdrc

The agent can be configured to read a different file by setting the remote configuration parameter SNMP File.

The configuration file format is a superset of the format used by previous HP X station SNMP agents.

The type of configuration information that the agents will use by default is controlled by the SNMP Default remote configuration parameter.

This parameter may have one of 4 possible values:

None

The agent does not create a default configuration.

Read-Only

The agent uses a default configuration that will allow read access to variables.

Read-Write

The agent uses a default configuration that will allow read and write access to variables (with both V1 and V2).

Read-Write(V2)

The agent uses a default configuration that allows read access using V1 protocol and both read and write access using V1 and V2 protocol.

The default value of this parameter is Read-Write.

If, after reading the configuration files and creating any default configuration information, the agents have no V1 communities (both Snmpd and SnmpdV2) and no V2 parties (SnmpdV2 only) then they exit.

This situation would occur if the SNMP default parameter was set to None and the configuration files were not found or had no valid configuration information in them.

The agent uses the following default information:

• SNMP V1 read-only community "public"
  (used for cases 2-4 of SNMP Default)

• V1 read-write community "hpxtPrivate"
  (used for case 3)

• V2 read-only parties are under hpxtInitialParties.1 (agent) and hpxtInitialParties.2 (manager)
  (used for cases 2-4)

• V2 read-write parties are under hpxtInitialParties.3 (agent) and hpxtInitialParties.4 (manager)
  (used for cases 3 and 4)

In all cases the agent does not set sysContact, or sysLocation to any default value and will generate no traps by default.

For more information on the format of the configuration files, refer to: basepath/etc/sample.snmpdrc. This file contains details and examples of configuration records.

To avoid having the user configure V1 community and V2 private key (used by party-based V2 authentication and encryption algorithms) in world readable files on the file server, you can configure two SNMP secrets at the X station. (These fields are found in the [Utilities] configuration screen, under [SNMP Config].) These V2 private keys should be 128 bit hexadecimal numbers with each byte separated by a space (e.g. ab 23 1d bf 8c f6 9b 39).

Limitations of the SNMP Agents

The standard MIBs supported are determined by the X station's system implementation. For information about variables that are supported as read-only rather than read-write, or not supported at all, refer to the file: basepath/snmp/conformance.mib

Almost all variables available with V2 are also available using V1. However, V2 supports some new variable types which are not available with V1. If a group of variables or table includes new V2 variable types, then the entire group or table is not available with the V1-only agent (Snmpd). In particular, this applies to the RFC 1573 augmentation of the interfaces table and the 100VG statistics table.

When configuring V1 traps in the configuration files with previous versions of the HP X station agent, it was possible to specify what traps would be sent to a particular manager. The trap command still allows this parameter, but is now ignored. All traps are sent to all managers specified using the trap command. V2 offers greater control over what managers receive what traps.

For More Information

• SNMP Version 1
  • RFC 1155
  • RFC 1157
  • RFC 1212
  • RFC 1215

• SNMP Version 2
  • RFCs 1441 through 1452.

• Rose, M. The Simple Book: An Introduction to Internet Management (2nd Edition) New Jersey, Prentice-Hall, 1994. (ISBN 0-13-177254-6)