Paul and others thanks for explaining this it is much clearer now. I
definitely think the documentation could do with a few notes from your
explanations and I shall pass that along to them once my head gets back into
the proper shape - I was pounding it on my desk :-)
Tom
-----Original Message-----
From: Paul Goyette [mailto:pgoyette@juniper.net]
Sent: Tuesday, October 30, 2001 9:11 AM
To: tthomas@torrentnet.com; Dave Humphrey; juniper-nsp@puck.nether.net
Subject: RE: SNMP Sets
Tom,
You are correct. Beginning with JUNOS 5.0, we have a
limited ability to implement Read/Write communities,
using the MIB View configuration commands.
However, this does not allow complete read/write access
to the router's entire MIB. The reason we implemented
the MIB Views and read/write access was for the ability
to manipulate the Proxy Ping MIB. I don't believe that
any other portion of the MIB is writeable.
-----Original Message-----
From: Tom Thomas [mailto:tthomas@torrentnet.com]
Sent: Tuesday, October 30, 2001 5:28 AM
To: Dave Humphrey; juniper-nsp@puck.nether.net
Subject: RE: SNMP Sets
Dave,
Respectfully I inform you that I did my homework prior to making this post,
let me explain. I also must say that while my tests do seem to agree with
you the documentation says that it is possible in several places. Take for
example
[pg 25 NetMgmt - junos 5] To allow Set requests within a community, you need
to define that community as authorization read-write.
But yet then the documentation contradicts accepted SNMP implementations,
which is okay but they should you earlier like on pg 25 where they talk
about RW:
[pg 28 NetMGmt - Junos 5] By default, an SNMP community grants read access
and denies write access to all supported MIB objects (even communities
marked as authorization read-write). To restrict or grant the read or write
properties associated with a set of MIB objects, you must associate a MIB
view with a community.
Okay so I did this and it is still not working so your belief that JUNOS
does not support sets appears to be correct in operation but the
documentation says it is possible. If anyone in Juniper is reading this I
would appreciate some clarification on the documentation and my problem.
Thanks
Tom
-----Original Message-----
From: Dave Humphrey [mailto:dave.humphrey@telindusk.net]
Sent: Tuesday, October 30, 2001 4:59 AM
To: tthomas@torrentnet.com; juniper-nsp@puck.nether.net
Subject: RE: SNMP Sets
Juniper SNMP does not allow set commands, it is a read only implementation.
Dave
-----Original Message-----
From: Tom Thomas [mailto:tthomas@torrentnet.com]
Sent: 30 October 2001 03:33
To: juniper-nsp@puck.nether.net
Subject: SNMP Sets
Perhaps I am doing this wrong but I believe the following config should work
to allow me to SET the system contact value, the oid is right, the community
name is set right and still all attempts to set this value fail of course it
works fine on a cisco.
torrent@June01# show
description "JUNIPER NETWORKS ROUTER";
location "RALEIGH, NC";
contact "MY ROUTER";
view WRITE {
oid .1.3.6.1.2.1.1.4 include;
}
community public {
authorization read-only;
}
community 8zktIP {
view WRITE;
authorization read-write;
}
trap-group ALERTS {
version v2;
categories link;
targets {
192.168.254.7;
}
}
[edit snmp]
torrent@June01#
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:37 EDT