04-01-2010 08:41 AM
I need to tweak some SNMP Views and I'm having a hard time finding something like a best practice document. I've found plenty of references to the usual ip.21 and ip.22 exclusions to block the routing table and ARP. I'd like to locate something with a comprehensive and detailed list of what's available.
Do I need to do MIB walks and parse the info myself or is there somewhere I can go for summaries?
Thanks!
Solved! Go to Solution.
04-01-2010 09:37 PM
You can take each object returned by that command, and plug them in to the MIB Object Navigator at http://www.cisco.com/go/mib or my SNMP Search & Translate tool at http://jaguar.ir.miami.edu/~marcus/snmptrans.html . That will give you specific MIB information as well as the object descriptions.
That said, there is really no need to exclude certain MIB branches unless you're seeing a performance or functional problem. You might want to limit certain branches to certain community string/users, but this would depend on what tasks those users or the applications using those credentials need to perform.
--
Please support CSC Helps Haiti
https://supportforums.cisco.com/docs/DOC-8895
https://supportforums.cisco.com
04-01-2010 12:11 PM
>> Do I need to do MIB walks and parse the info myself or is there somewhere I can go for summaries?
Does "show snmp mib" alleviate the need of mib walks for you?
http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_16.html#wp1012010
04-01-2010 12:28 PM
That's interesting but it's not detailed enough. About half that list is vague as to it's description. However, it would be nice if I could take that list and get some good descriptions of what each one provides. And then also how they roll up. For instance I have the following in a switch I'm looking at:
ciscoEnvMonVoltageStatusEntry.6
ciscoEnvMonVoltageStatusEntry.7
ciscoEnvMonTemperatureStatusEntry.2
ciscoEnvMonTemperatureStatusEntry.3
So, can I roll up to ciscoEnvMon? How about ciscoEnvMonVoltage?
Or am I misunderstanding how it rolls up? I don't have a test box handy that I can mess with.
04-01-2010 09:37 PM
You can take each object returned by that command, and plug them in to the MIB Object Navigator at http://www.cisco.com/go/mib or my SNMP Search & Translate tool at http://jaguar.ir.miami.edu/~marcus/snmptrans.html . That will give you specific MIB information as well as the object descriptions.
That said, there is really no need to exclude certain MIB branches unless you're seeing a performance or functional problem. You might want to limit certain branches to certain community string/users, but this would depend on what tasks those users or the applications using those credentials need to perform.
--
Please support CSC Helps Haiti
https://supportforums.cisco.com/docs/DOC-8895
https://supportforums.cisco.com
04-02-2010 05:27 AM
Joe, thanks! I think I can piece together what I need from that.
My need for limiting is specific. We want to allow customers to access the routers we're providing them as a managed service but we want to know exactly what we're allowing them to see. Specifically we're interested in things like interface status and bit counters. Most of the references I've seen have been the following:
snmp-server view cutdown internet included
snmp-server view cutdown at excluded
snmp-server view cutdown ip.21 excluded
snmp-server view cutdown ip.22 excluded
My problem has been that I couldn't figure out exactly what those were and if they are appropriate for what we want. I think what you've given me is a good start to building that. Thanks!
04-03-2010 10:47 AM
By default, you don't need to configure any view. The default view, v1default, has all of the regular MIB branches included. You would only need to create your own view if you had to do further limiting of branches (or if you need to explicitly allow access to VACM and USM [security] branches).
The typical view you see (mostly called cutdown) filters out the ARP and routing tables. These tables were historically notorious for causing CPU spikes when they were polled. This would only occur, though, if the tables were very large (e.g. on an internet edge router).
--
Please support CSC Helps Haiti
https://supportforums.cisco.com/docs/DOC-8895
https://supportforums.cisco.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide