Knowledge Search


×
 

[Junos] How to pull SNMPv3 information from non-default routing-instance

  [KB27284] Show Article Properties


Summary:

This article provides a solution on how to poll information from a SNMPv3 server which is located in a non-default routing-instance.

Solution:

Topology:

DUT(RI:test1)--------SNMP server

  • DUT (router) is connecting to the SNMP server via a routing-instance named test.
  • SNMPv3 is configured on the DUT.
  • SNMP server is using snmpwalk -v3 command to poll information from the DUT.

In addition to the normal SNMPv3 configuration,, another context-prefix in [snmp v3 access group] hierarchy must be added:

access {
    group snmpgroup {
        context-prefix test1 { >>> set context-prefix to RI’s name
            security-model usm {
                security-level authentication {
                    read-view allmibs;
                }
            }
        }
    }
}

Example - SNMP server polling command:

When polling from the SNMPv3 server, the add -n option must be added.with the context of routing-instance's name:

snmpwalk -v3 -u nnmsnmpuser -l AuthNoPriv -a MD5 -A herndon1 -n test1 15.15.15.1 system


Example - Full Configuration and Output:

SNMPv3 Router configuration:

[edit]
user@north-re0# show snmp
v3 {
    usm {
        local-engine {
            user nnmsnmpuser {
                authentication-md5 {
                    authentication-key "$9$juqTzCtuOIEu0X7Vb2gUjHkfT369AuOaZ/CpuEhKM8LVwJGDqP5GUuOIEeKxNdsoJDikTFnwYJDkqf569Ap1RSyKMLxCt8XxNbw4aZD.P369BRh0Odb24ZGk.PTQn9ApB1htp0IRhKvZUDHkP/Ct01RjHApB1hc24oaikqmf3nC4aApu0IRdbwYZU"; ## SECRET-DATA
                }
            }
        }
    }
    vacm {
        security-to-group {
            security-model usm {
                security-name nnmsnmpuser {
                    group snmpgroup;
                }
            }
        }
        access {
            group snmpgroup {
                context-prefix test1 {  
                    security-model usm {
                        security-level authentication {
                            read-view allmibs;
                        }
                    }
                }
            }
        }
    }
}
engine-id {
    use-default-ip-address;
}
view allmibs {
    oid .1.3.6.1 include;
}
routing-instance-access;


Example - SNMP server polling command:

user$ snmpwalk -v3 -u nnmsnmpuser -l AuthNoPriv -a MD5 -A herndon1 -n test1 15.15.15.1 system

SNMPv2-MIB::sysDescr.0 = STRING: Juniper Networks, Inc. mx480 internet router, kernel JUNOS 11.4R2.14 #0: 2012-03-17 16:57:48 UTC builder@evenath.juniper.net:/volume/build/junos/11.4/release/11.4R2.14/obj-i386/bsd/kernels/JUNIPER/kernel Build date: 2012-03-17 18:22:46 UTC Copyright
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.2636.1.1.1.2.25
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (26109399) 3 days, 0:31:33.99
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: test1@north-re0
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 6


 
Modification History:
2019-04-13: Fixed formatting.
Related Links: