20.1.4 SNMPv3 operation
For the collection or setting of management data (MIB: management information base), SNMP provides the following four operations:
-
GetRequest: Extracts the information of the specified MIB.
-
GetNextRequest: Extracts information of the MIB after the specified MIB.
-
GetBulkRequest: Extended version of GetNextRequest.
-
SetRequest: Sets a value for the specified MIB.
The above operations are performed for a switch (SNMP agent) from the SNMP manager. Each operation is described below.
- <Structure of this section>
(1) GetRequest operation
The GetRequest operation is used when an SNMP manager extracts MIB information from a switch (agent functionality). One or more MIBs can be specified for this operation. If a switch holds the applicable MIB, the Response operation returns the MIB information.
The following figure illustrates the GetRequest operation.
|
|
![[Figure Data]](./GRAPHICS/ZU151081.GIF)
(2) GetNextRequest operation
The GetNextRequest operation is similar to the GetRequest operation. Whereas the GetRequest operation is used to read the specified MIB, the GetNextRequest operation is used to retrieve the MIB after the specified MIB. One or more MIBs can be specified for this operation.
The following figure illustrates the GetNextRequest operation.
|
|
![[Figure Data]](./GRAPHICS/ZU151111.GIF)
(3) GetBulkRequest operation
The GetBulkRequest operation is an extended GetNextRequest operation. By using the GetNextRequest operation, you can set a number of repetitions. You can extract from the items after the specified MIB as many MIBs as the specified number of repetitions. One or more MIBs can be specified for this operation.
The following figure illustrates the GetBulkRequest operation.
|
|
![[Figure Data]](./GRAPHICS/ZU151131.GIF)
(4) SetRequest operation
The SetRequest operation is similar to the GetRequest, GetNextRequest, and GetBulkRequest operations because it is performed for a switch (agent functionality) from the SNMP manager, but the method for setting a value for the SetRequest operation is different from that of the other operations.
The SetRequest operation specifies both a value to be set and a MIB. When a value is set, the Response operation returns the MIB and the setting value.
The following figure illustrates the SetRequest operation.
|
|
![[Figure Data]](./GRAPHICS/ZU151141.GIF)
(a) Answer when MIB cannot be set
The following are three cases when a MIB cannot be configured:
-
The MIB is read-only.
-
The setting value is not correct.
-
Configuration cannot be performed because of the status of the switch.
Each case returns a different response. If the MIB is read-only, notWritable is returned by the Response operation. The following figure illustrates the SetRequest operation when the MIB is read-only.
|
|
![[Figure Data]](./GRAPHICS/ZU151161.GIF)
If the type of the setting value is not correct, the Response operation returns wrongType. The following figure illustrates the SetRequest operation when the type of the setting value is not correct.
|
|
![[Figure Data]](./GRAPHICS/ZU151181.GIF)
If configuration is not possible because of the status of the switch, genError is returned. For example, when an attempt is made to set a value on a switch, if a setting timeout is detected on the switch, genError is returned. The following figure illustrates the SetRequest operation when configuration is not possible because of the status of the switch.
|
|
![[Figure Data]](./GRAPHICS/ZU151191.GIF)
(5) Restricting Operation in SNMPv3
In SNMPv1 and SNMPv2C, verification is performed by combining a community and the IP addresses for an SNMP manager. In SNMPv3, however, MIB operations that can be performed are controlled by user authentication and the MIB view. To use SNMPv3 on the Switch, you must use a configuration command to register SNMP security users, MIB views, and security groups. In addition, to send a trap, you must use a configuration command to register SNMP security users, MIB views, security groups, and trap-sending SNMP managers.
(6) Error status codes for SNMPv3 operation
If an error occurs as the result of an operation, an SNMP agent assigns an error code for the error status and returns a response in the Response operation. The response contains the number of the MIB information where the error occurred set as the error location number. If the result of the operation is normal, a code indicating no errors is set in the error status, and a response in the Response operation that contains the MIB information of the operations actually performed is returned. The following table describes the error status codes.
|
Error status |
Code |
Description |
|---|---|---|
|
noError |
0 |
No error occurred. |
|
tooBig |
1 |
The data size is too large to be set as a value in the PDU. |
|
noSuchName |
2 |
The specified MIB was not found or writing is not allowed. |
|
badValue |
3 |
The setting value is incorrect. |
|
readOnly |
4 |
A write attempt failed (the Switch does not return this status). |
|
genError |
5 |
Another error occurred. |
|
noAccess |
6 |
A set operation was attempted for a MIB that cannot be accessed. |
|
wrongType |
7 |
A type different from the type required for the MIB was specified. |
|
wrongLength |
8 |
A length different from the length required for a MIB was specified. |
|
wrongEncoding |
9 |
The ASN.1 encoding was incorrect. |
|
wrongValue |
10 |
The MIB value was incorrect. |
|
noCreation |
11 |
The applicable MIB does not exist. |
|
inconsistentValue |
12 |
A value cannot be set due to an inconsistency. |
|
resourceUnavailable |
13 |
A resource required for setting a value cannot be used. |
|
commitFailed |
14 |
An attempt to update a value failed. |
|
undoFailed |
15 |
The original value could not be restored when an attempt to update a value failed. |
|
authorizationError |
16 |
Authentication failed. |
|
notWritable |
17 |
The set operation cannot be performed. |
|
inconsistentName |
18 |
Creation is not currently possible because the MIB does not exist. |