[Previous]   [Next]   [Contents]   [Index]   

Using SNMP with HP X Stations

Network-management programs on a host computer use Simple Network Management Protocol (SNMP) to communicate with a corresponding program, called an agent, that runs on an X station. By editing an X station's SNMP configuration file, you can cause the X station to report its error conditions.

SNMP is also used to monitor X station parallel ports and report back status and configuration information for locally attached parallel printers.

You can choose to use either SNMP Version 1 or party-based SNMP Version 2. The default is to load the Version 1 downloadable extension. If you plan to use the functionality that is available in Version 2, you must specifically load it.


Note: For low-memory systems, SNMP Version 1 is recommended.

This chapter provides a brief overview of SNMP (V1 and V2) and how it is used with ENWARE. Topics in this chapter include:

About SNMP

Simple Network Management Protocol (SNMP) provides a way to monitor and control devices on a network. SNMP does this by providing a mechanism to read and set specific variables in the device. The networked devices (e.g. X stations) run software (known as an SNMP agent) that communicates with network management software using SNMP, and performs the read and set operations.

There are two versions of SNMP available. ENWARE 7.0 includes an agent that supports just SNMP V1 and one that supports both V1 and party-based V2.

Management Information Bases (MIBs)

In SNMP terminology, a collection of variables that can be read and set is known as a Management Information Base (MIB). Starting in ENWARE 7.0, HP X stations have support for the following MIBs:

If you have a Token Ring interface installed, then the agents also support:

If you have a 100VG interface installed, the agents also support an experimental MIB for this interface.

To find out more detailed information on ENWARE 7.0's compliance with these MIBs, refer to basepath/snmp/conformance.mib. This file contains information on the SNMP V2 agent capabilities for the ENWARE 7.0 agents.

HP X stations also support a proprietary MIB which also allows access to many of the X station's configuration parameters. This MIB can be found in basepath/snmp/hpxt.mib (which is in SNMP V2 standard format), or basepath/snmp/hpxtV1.mib (which is in SNMP V1 standard format).

Most of the variables in this MIB are both readable and writable. Included are variables that allow rebooting the X station and resetting the X server. These actions can be performed both immediately and after a specified delay.

For backwards compatibility, ENWARE 7.0 also supports the proprietary MIB supported by older HP X station SNMP agents. This MIB can be found in basepath/snmp/hp700rx.mib. As in the older HP X station agents, the variables in this MIB (excluding the reset variable) are read-only. Corresponding writable variables exist in the new MIB.

SNMP Agents and Traps

SNMP agents report events that occur to network management systems using messages called traps. ENWARE 7.0 agents can be configured to generate traps for the following events:
Event
Description
Cold start
The X station was just rebooted.
Authentication failure
The SNMP agent couldn't authenticate a message.
Link up
A network interface just went up.
Link down
A network interface just went down.
XDM failure
The X station's XDM software has closed the X session.
Low memory
The X stations' memory pool is (almost) depleted.
Timed reset
The X station is about to execute a time delayed X server reset.
Timed boot
The X station is about to execute a time delayed reboot.

About SNMP Version 1

SNMP V1 is the commonly available version of SNMP. The agents provided with ENWARE 7.0 comply with RFC 1155 and RF 1157 and those parts of RFC 1213 which apply to this type of equipment.

The V1-only agent is basepath/bin/Snmpd. The X station loads this agent by default.

V1 agents use text strings known as "communities" to control access to their MIBs. These communities essentially act as passwords.

About SNMP Version 2

A number of limitations have been recognized in SNMP V1. SNMP V2 is being developed as a replacement for SNMP V1. Ultimately, it will provide a number of enhancements, including:

Definition of the security aspects (authentication and encryption) has proven to be difficult. For this reason, the current specification of SNMP V2 addresses only the last three of these enhancements. An earlier version of the specifications dealt with all five enhancements, using a scheme known as "party-based" security. The SNMP V2 agent included with ENWARE 7.0 supports this party-based security scheme.


Note: U.S. export regulations prohibit inclusion of DES support in ENWARE 7.0. The SNMP V2 agent provided in ENWARE 7.0 does not support data encryption.

The SNMP V2 agent included with ENWARE 7.0 conforms to RFCs 1441 to 1449. In addition to the MIBs already listed, party-based SNMP V2 supports:

To control access to their MIBs, SNMP V2 agents use a concept known as "parties". A party is one side of an SNMP agent exchange (e.g. a network manager would be one party and the agent another party). Both sides maintain information about either party.

Loading the SNMP V2 Agent

The SNMP V2 agent is: basepath/bin/snmpdV2

This agent supports both V1 and party-based V2 SNMP. To load this agent instead of the V1 agent:

  1. Edit the file: basepath/bin/modules.ld

    This file contains two lines which cause the X station to load SNMP software.

  2. Comment out the following line that loads the V1 agent:
    bin/Snmpd     "Ext autoload" Snmpd      "Snmpd V1 Extension"
    

  3. Uncomment the line that loads the V1/V2 agent:
    bin/SnmpdV2   "Ext autoload" Snmpd      "Snmpd V2 Extension"
    

Configuring the SNMP Agents

There are two sources that provide configuration information for the SNMP agents:

The agents first read the file:

The agent can be configured to read a different file by setting the remote configuration parameter SNMP File.

The configuration file format is a superset of the format used by previous HP X station SNMP agents.

The type of configuration information that the agents will use by default is controlled by the SNMP Default remote configuration parameter.

This parameter may have one of 4 possible values:

None
The agent does not create a default configuration.
Read-Only
The agent uses a default configuration that will allow read access to variables.
Read-Write
The agent uses a default configuration that will allow read and write access to variables (with both V1 and V2).
Read-Write(V2)
The agent uses a default configuration that allows read access using V1 protocol and both read and write access using V1 and V2 protocol.

The default value of this parameter is Read-Write.

If, after reading the configuration files and creating any default configuration information, the agents have no V1 communities (both Snmpd and SnmpdV2) and no V2 parties (SnmpdV2 only) then they exit.

This situation would occur if the SNMP default parameter was set to None and the configuration files were not found or had no valid configuration information in them.

The agent uses the following default information:

In all cases the agent does not set sysContact, or sysLocation to any default value and will generate no traps by default.

For more information on the format of the configuration files, refer to: basepath/etc/sample.snmpdrc. This file contains details and examples of configuration records.

To avoid having the user configure V1 community and V2 private key (used by party-based V2 authentication and encryption algorithms) in world readable files on the file server, you can configure two SNMP secrets at the X station. (These fields are found in the [Utilities] configuration screen, under [SNMP Config].) These V2 private keys should be 128 bit hexadecimal numbers with each byte separated by a space (e.g. ab 23 1d bf 8c f6 9b 39).


Note: ASCII text can be used if they are to be V1 communities. sample.snmpdrc has more information on using these values in agent configuration.

Limitations of the SNMP Agents

The standard MIBs supported are determined by the X station's system implementation. For information about variables that are supported as read-only rather than read-write, or not supported at all, refer to the file: basepath/snmp/conformance.mib

Almost all variables available with V2 are also available using V1. However, V2 supports some new variable types which are not available with V1. If a group of variables or table includes new V2 variable types, then the entire group or table is not available with the V1-only agent (Snmpd). In particular, this applies to the RFC 1573 augmentation of the interfaces table and the 100VG statistics table.

When configuring V1 traps in the configuration files with previous versions of the HP X station agent, it was possible to specify what traps would be sent to a particular manager. The trap command still allows this parameter, but is now ignored. All traps are sent to all managers specified using the trap command. V2 offers greater control over what managers receive what traps.

For More Information

The following documents define the Simple Network Management Protocols as implemented by ENWARE: In addition, there are several excellent books which cover SNMP Version 1 and 2 in great detail. For example:
[Previous]   [Next]   [Contents]   [Index]