[j-nsp] SNMP access to default RI when lo0.0 is inside a VRF
Jason Lixfeld
jason-jnsp at lixfeld.ca
Wed Jul 20 12:22:45 EDT 2016
Hi again,
I have an EX9204 running 14.2R4.9. I’m accessing the box in-band via lo0 which is configured inside a management routing-instance (VRF). My SNMP management station also lives within the same routing-instance inside the MPLS cloud of which this routing-instance participates.
My understanding is that in order for my management station to have SNMP access to be box, I need to configure the routing-instance inside a SNMP community, however when doing so, SNMP access for some things is limited to the scope of the routing instance only, and I need full visibility to the system from my management station.
Is this possible?
This is sort of where I’m at now:
routing-instances {
management {
instance-type vrf;
interface lo0.0;
route-distinguisher 21949:21949;
vrf-export VRF--MANAGEMENT-INTERNAL-EXPORT;
vrf-target target:21949:21949;
}
}
community comm {
authorization read-only;
clients {
10.219.51.130/32;
}
routing-instance management;
}
routing-instance-access {
access-list {
management;
}
}
traceoptions {
file snmp;
}
More information about the juniper-nsp
mailing list