Specifications

CHAPTER 5

Implementing High Availability

SNMP

An SNMP manager collects information from SNMP agents residing on network devices, either through regular polling

or by event-generated traps. The information is stored on the local device in a Management Information Base (MIB).

Access to the MIB is controlled by SNMP community strings. Access can be read-only (RO) or read-write(RW).

There are three versions of SNMP. Versions 1 and 2 send the community strings in clear text. They cannot authenticate

the source of a message or encrypt a message. Therefore they should be used only for read-only access. SNMPv3 adds

three security levels:

n noAuthNoPriv: Neither authenticates nor encrypts

n authNoPriv: Authenticates the sender but does not encrypt the message

n authPriv: Both authenticates the sender and encrypts the message

The following configuration creates a standard access list that allows only traffic sourced from the host at 10.1.1.1. Two

community-strings are created, “ccnp” for read-only access and “c1sc0” for read-write access. Read-write access is

permitted only from the host specified in access list 1. Next, the SNMP server address is given, along with the command

to send traps messages to that server. Because SNMP version 3 is used, the username “admin” is needed.

sw1(config)# access-list 1 permit 10.1.1.1

sw1(config)# snmp-server community ccnp ro

sw1(config)# snmp-server community c1sc0 rw 1

sw1(config)# snmp-server host 10.1.1.2 traps admin

IP SLA

IP SLA is a feature that enables a Cisco router or switch to simulate specific types of traffic and send it to a receiver,

[ 70 ]

CCNP SWITCH 642-813 Quick Reference by Denise Donohue

9781587140112.qxd 11/23/09 11:35 AM Page 70