[j-nsp] SNMP polling a logical-system without encoding it asLS/RI at community

Zenon Mousmoulas zmousm at admin.grnet.gr
Thu Jan 15 05:59:57 EST 2009 

On 15 Ιαν 2009, at 12:04 ΜΜ, Subodh Kumar wrote:

>> Is it at all possible to configure snmp so that when the
>> logical system is polled on a specific address (e.g. the one assigned
>> to its' lo0.<someunit>) it will reply as if the specially encoded
>> community had been specified? Is it possible i.e. to identify the
>> logical system not through the community but rather through the
>> destination address?
>
>
> Yes its possible, but the address/interface you poll should be part of
> the routing-instance. E.g. interface fe-0/1/0.0 is part of routing
> instance "ri1". The configured primary address on fe-0/1/0.0 is  
> 10.0.0.5
> and the community is "public". In that case sending a snmp request on
> address 10.0.0.5 with community "public" will get you data specific to
> routing-instance "ri1".

I'm not sure how this applies to logical systems, however. Lo0.1 is  
part of the logical system:

logical-systems {
     mytarget {
         interfaces {
	    # [...]
             lo0 {
                 unit 1 {
                     family inet {
                         address 10.0.0.5/32;
		    }
		}
	    }

However it has not been explicitly assigned to a specific routing  
instance, since we don't use any, therefore I believe it belongs to  
the default RI.
When I poll through this interface with community "public", I get no  
answer...

The SNMP configuration looks like this:

community private {
     authorization read-write;
     clients {
         0.0.0.0/0 restrict;
     }
}
community public {
     authorization read-only;
     clients {
         0.0.0.0/0 restrict;
         <snmp-manager1>;/32
         <snmp-manager2>/32;
         <snmp-manager3>/32;
     }
     logical-system mytarget {
         routing-instance default;
     }
}
routing-instance-access;

Do we need to explicitly configure an RI, apart from the implicitly  
existing "default", even only for this purpose, then assign all of the  
logical-system's interfaces to it?

> This feature is only supported from Release 8.4 onwards. Hope you are
> using a release after it.

We're using R9.3.

Thank you so much for your insight.

Best regards,
Z.

More information about the juniper-nsp mailing list