Re: Configuring a new vacmContextName
This is a discussion on Re: Configuring a new vacmContextName within the SNMP Users forums, part of the Networking and Network Related category; On 09/04/2008, Joan Landry <Joan.Landry@overturenetworks.com> wrote: > >>If you are using &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-10-2008
|
|||
|
|||
Re: Configuring a new vacmContextName
On 09/04/2008, Joan Landry <Joan.Landry@overturenetworks.com> wrote:
> >>If you are using "com2sec", then this relates to SNMPv1/2. > > What should I use for SNMPv3? Take a step back. Think about what the "com2sec" directive is doing. It's taking the only administrative information that is available in SNMPv1/2c (the community string), and mapping it into a security name and an (optional) context. Now think about the admin information that is available with SNMPv3. There's a username (which isn't strictly the same as a security name, but is close enough), and an (optional) context. So the same information is there already, as part of the SNMPv3 protocol. The basic purpose of "com2sec" is precisely to bring SNMPv1/2c up into line with SNMPv3. From there on, the rest of the configuration (group/view/access) works in the same way for all three versions. > >>Also, what MIB information have you registered in "context1", and how > have you done this? > > I do not know what this means, so can you tell me what I have to do to > register mibs into context1? Contexts are essentially a way of having multiple copies of the same MIB structure, supported in parallel. So the agent can report different collections of values, depending on the context of the request. But in order to do this, the agent needs to know what information is available for each context. This doesn't happen by magic - it needs to be told. Whenever you implement a MIB module, you register various OIDs with the agent (so that the agent knows to call this routine when it gets an appropriate request). If you don't register the OID(s), then the agent won't answer requests for them. But you don't register the OIDs in isolation - you register them in a particular context. (Typically the default context - ""). So the previous paragraph should actually read something like "The agent receives a request for certain OIDs *in a given context*", and "you register OIDs with the agent *in a particular context*", etc If you only register MIB modules in the default context, then even if you set up the access control correctly, the agent won't know about any information to report in other contexts. So queries in a non-default context will always return nothing - 'cos there's nothing to return! See the Wiki page http://www.net-snmp.org/wiki/index.p...SNMPv3_context and the FAQ entry How can I register a MIB module in a different (SNMPv3) context? http://www.net-snmp.org/wiki/index.php/FAQ:Coding_22 for more details. Dave ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757...un.com/javaone _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/...net-snmp-users 
|
Linear Mode
