Sie sind auf Seite 1von 800
JUNOS® Software Network Management Configuration Guide Release 10.0 Juniper Networks, Inc. 1194 North Mathilda Avenue

JUNOS® Software

Network Management Configuration Guide

Release 10.0

Juniper Networks, Inc.

1194 North Mathilda Avenue Sunnyvale, California 94089 USA

408-745-2000

www.juniper.net

Published: 2009-10-15

This product includes the Envoy SNMP Engine, developed by Epilogue Technology, an Integrated Systems Company. Copyright © 1986-1997, Epilogue Technology Corporation. All rights reserved. This program and its documentation were developed at private expense, and no part of them is in the public domain.

This product includes memory allocation software developed by Mark Moraes, copyright © 1988, 1989, 1993, University of Toronto.

This product includes FreeBSD software developed by the University of California, Berkeley, and its contributors. All of the documentation and software included in the 4.4BSD and 4.4BSD-Lite Releases is copyrighted by the Regents of the University of California. Copyright © 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994. The Regents of the University of California. All rights reserved.

GateD software copyright © 1995, the Regents of the University. All rights reserved. Gate Daemon was originated and developed through release 3.0 by Cornell University and its collaborators. Gated is based on Kirton s EGP, UC Berkeley s routing daemon (routed), and DCNs HELLO routing protocol. Development of Gated has been supported in part by the National Science Foundation. Portions of the GateD software copyright © 1988, Regents of the University of California. All rights reserved. Portions of the GateD software copyright © 1991, D. L. S. Associates.

This product includes software developed by Maker Communications, Inc., copyright © 1996, 1997, Maker Communications, Inc.

Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.

JUNOS® Software Network Management Configuration Guide Copyright © 2009, Juniper Networks, Inc. All rights reserved. Printed in USA.

Writing: Abhilash Prabhakaran, Imrana Salma Editing: Laura Singer Illustration: Faith Bradford Cover Design: Edmonds Design

Revision History October 2009 JUNOS 10.0 R1

The information in this document is current as of the date listed in the revision history.

YEAR 2000 NOTICE

Juniper Networks hardware and software products are Year 2000 compliant. The JUNOS Software has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

END USER LICENSE AGREEMENT

READ THIS END USER LICENSE AGREEMENT ( AGREEMENT ) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING, INSTALLING, OR USING THE SOFTWARE OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN, YOU (AS CUSTOMER OR IF YOU ARE NOT THE CUSTOMER, AS A REPRESENTATIVE/AGENT AUTHORIZED TO BIND THE CUSTOMER) CONSENT TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN, THEN (A) DO NOT DOWNLOAD, INSTALL, OR USE THE SOFTWARE, AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS.

1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customers principal office is located in the Americas) or Juniper Networks

(Cayman) Limited (if the Customer s principal office is located outside the Americas) (such applicable entity being referred to herein as Juniper ), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (Customer) (collectively, the Parties ).

2. The Software. In this Agreement, Software means the program modules and features of the Juniper or Juniper-supplied software, for which Customer

has paid the applicable license or support fees to Juniper or an authorized Juniper reseller, or which was embedded by Juniper in equipment which Customer purchased from Juniper or an authorized Juniper reseller. Software also includes updates, upgrades and new releases of such software. Embedded Software means Software which Juniper has embedded in or loaded onto the Juniper equipment and any updates, upgrades, additions or replacements which are subsequently embedded in or loaded onto the equipment.

3. License Grant. Subject to payment of the applicable fees and the limitations and restrictions set forth herein, Juniper grants to Customer a non-exclusive

and non-transferable license, without right to sublicense, to use the Software, in executable form only, subject to the following use restrictions:

a. Customer shall use Embedded Software solely as embedded in, and for execution on, Juniper equipment originally purchased by Customer from Juniper or an authorized Juniper reseller.

b. Customer shall use the Software on a single hardware chassis having a single processing unit, or as many chassis or processing units for which Customer

has paid the applicable license fees; provided, however, with respect to the Steel-Belted Radius or Odyssey Access Client software only, Customer shall use such Software on a single computer containing a single physical random access memory space and containing any number of processors. Use of the Steel-Belted Radius or IMS AAA software on multiple computers or virtual machines (e.g., Solaris zones) requires multiple licenses, regardless of whether such computers or virtualizations are physically contained on a single chassis.

c. Product purchase documents, paper or electronic user documentation, and/or the particular licenses purchased by Customer may specify limits to

Customer s use of the Software. Such limits may restrict use to a maximum number of seats, registered endpoints, concurrent users, sessions, calls, connections, subscribers, clusters, nodes, realms, devices, links, ports or transactions, or require the purchase of separate licenses to use particular features, functionalities, services, applications, operations, or capabilities, or provide throughput, performance, configuration, bandwidth, interface, processing, temporal, or geographical limits. In addition, such limits may restrict the use of the Software to managing certain kinds of networks or require the Software

to be used only in conjunction with other specific Software. Customers use of the Software shall be subject to all such limitations and purchase of all applicable

licenses.

d. For any trial copy of the Software, Customer s right to use the Software expires 30 days after download, installation or use of the Software. Customer

may operate the Software after the 30-day trial period only if Customer pays for a license to do so. Customer may not extend or create an additional trial period by re-installing the Software after the 30-day trial period.

e. The Global Enterprise Edition of the Steel-Belted Radius software may be used by Customer only to manage access to Customer s enterprise network.

Specifically, service provider customers are expressly prohibited from using the Global Enterprise Edition of the Steel-Belted Radius software to support any commercial network access services.

The foregoing license is not transferable or assignable by Customer. No license is granted herein to any user who did not originally purchase the applicable license(s) for the Software from Juniper or an authorized Juniper reseller.

4. Use Prohibitions. Notwithstanding the foregoing, the license provided herein does not permit the Customer to, and Customer agrees not to and shall

not: (a) modify, unbundle, reverse engineer, or create derivative works based on the Software; (b) make unauthorized copies of the Software (except as necessary for backup purposes); (c) rent, sell, transfer, or grant any rights in and to any copy of the Software, in any form, to any third party; (d) remove any proprietary notices, labels, or marks on or in any copy of the Software or any product in which the Software is embedded; (e) distribute any copy of the Software to any third party, including as may be embedded in Juniper equipment sold in the secondhand market; (f) use any locked or key-restricted feature, function, service, application, operation, or capability without first purchasing the applicable license(s) and obtaining a valid key from Juniper, even if such feature, function, service, application, operation, or capability is enabled without a key; (g) distribute any key for the Software provided by Juniper to any third party; (h) use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper reseller; (i) use Embedded Software on non-Juniper equipment; (j) use Embedded Software (or make it available for use) on Juniper equipment that the Customer did not originally purchase from Juniper or an authorized Juniper reseller; (k) disclose the results of testing or benchmarking of the Software to any third party without the prior written consent of Juniper; or (l) use the Software in any manner other than as expressly provided herein.

5. Audit. Customer shall maintain accurate records as necessary to verify compliance with this Agreement. Upon request by Juniper, Customer shall furnish

such records to Juniper and certify its compliance with this Agreement.

6.

Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such, Customer

shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence, which at a minimum includes restricting access to the Software to Customer employees and contractors having a need to use the Software for Customer s internal business purposes.

7. Ownership. Juniper and Juniper s licensors, respectively, retain ownership of all right, title, and interest (including copyright) in and to the Software,

associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software.

8. Warranty, Limitation of Liability, Disclaimer of Warranty. The warranty applicable to the Software shall be as set forth in the warranty statement that

accompanies the Software (the Warranty Statement ). Nothing in this Agreement shall give rise to any obligation to support the Software. Support services may be purchased separately. Any such support shall be governed by a separate, written support services agreement. TO THE MAXIMUM EXTENT PERMITTED BY LAW, JUNIPER SHALL NOT BE LIABLE FOR ANY LOST PROFITS, LOSS OF DATA, OR COSTS OR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, THE SOFTWARE, OR ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. IN NO EVENT SHALL JUNIPER BE LIABLE FOR DAMAGES ARISING FROM UNAUTHORIZED OR IMPROPER USE OF ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. EXCEPT AS EXPRESSLY PROVIDED IN THE WARRANTY STATEMENT TO THE EXTENT PERMITTED BY LAW, JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE), INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT DOES JUNIPER WARRANT THAT THE SOFTWARE, OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE, WILL OPERATE WITHOUT ERROR OR INTERRUPTION, OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK. In no event shall Juniper s or its suppliers or licensors liability to Customer, whether

in contract, tort (including negligence), breach of warranty, or otherwise, exceed the price paid by Customer for the Software that gave rise to the claim, or

if the Software is embedded in another Juniper product, the price paid by Customer for such other product. Customer acknowledges and agrees that Juniper

has set its prices and entered into this Agreement in reliance upon the disclaimers of warranty and the limitations of liability set forth herein, that the same reflect an allocation of risk between the Parties (including the risk that a contract remedy may fail of its essential purpose and cause consequential loss), and that the same form an essential basis of the bargain between the Parties.

9. Termination. Any breach of this Agreement or failure by Customer to pay any applicable fees due shall result in automatic termination of the license

granted herein. Upon such termination, Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customers possession or control.

10. Taxes. All license fees payable under this agreement are exclusive of tax. Customer shall be responsible for paying Taxes arising from the purchase of

the license, or importation or use of the Software. If applicable, valid exemption documentation for each taxing jurisdiction shall be provided to Juniper prior to invoicing, and Customer shall promptly notify Juniper if their exemption is revoked or modified. All payments made by Customer shall be net of any applicable withholding tax. Customer will provide reasonable assistance to Juniper in connection with such withholding taxes by promptly: providing Juniper with valid tax receipts and other required documentation showing Customer s payment of any withholding taxes; completing appropriate applications that would reduce the amount of withholding tax to be paid; and notifying and assisting Juniper in any audit or tax proceeding related to transactions hereunder. Customer shall comply with all applicable tax laws and regulations, and Customer will promptly pay or reimburse Juniper for all costs and damages related to any liability incurred by Juniper as a result of Customer s non-compliance or delay with its responsibilities herein. Customer s obligations under this Section shall survive termination or expiration of this Agreement.

11. Export. Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign

agency or authority, and not to export or re-export the Software or any direct product thereof in violation of any such restrictions, laws or regulations, or without all necessary approvals. Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer s ability to export the Software without an export license.

12. Commercial Computer Software. The Software is commercial computer softwareand is provided with restricted rights. Use, duplication, or disclosure

by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227.7201 through 227.7202-4, FAR 12.212, FAR 27.405(b)(2), FAR 52.227-19, or FAR 52.227-14(ALT III) as applicable.

13. Interface Information. To the extent required by applicable law, and at Customer's written request, Juniper shall provide Customer with the interface

information needed to achieve interoperability between the Software and another independently created program, on payment of applicable fee, if any. Customer shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with any applicable terms and conditions upon which Juniper makes such information available.

14. Third Party Software. Any licensor of Juniper whose software is embedded in the Software and any supplier of Juniper whose products or technology

are embedded in (or services are accessed by) the Software shall be a third party beneficiary with respect to this Agreement, and such licensor or vendor shall have the right to enforce this Agreement in its own name as if it were Juniper. In addition, certain third party software may be provided with the Software and is subject to the accompanying license(s), if any, of its respective owner(s). To the extent portions of the Software are distributed under and subject to open source licenses obligating Juniper to make the source code for such portions publicly available (such as the GNU General Public License

( GPL ) or the GNU Library General Public License ( LGPL )), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194

N. Mathilda Ave., Sunnyvale, CA 94089, ATTN: General Counsel. You may obtain a copy of the GPL at http://www.gnu.org/licenses/gpl.html, and

a copy of the LGPL at http://www.gnu.org/licenses/lgpl.html.

15. Miscellaneous. This Agreement shall be governed by the laws of the State of California without reference to its conflicts of laws principles. The provisions

of the U.N. Convention for the International Sale of Goods shall not apply to this Agreement. For any disputes arising under this Agreement, the Parties hereby consent to the personal and exclusive jurisdiction of, and venue in, the state and federal courts within Santa Clara County, California. This Agreement constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software, and supersedes all prior and contemporaneous

agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein. No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in writing by the party to be charged. If any portion of this Agreement is held invalid, the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement. This Agreement and associated documentation has been written in the English language, and the Parties agree that the English version will govern. (For Canada: Les parties aux présentés confirment leur volonté que cette convention de même que tous les documents y compris tout avis qui s'y rattaché, soient redigés en langue anglaise. (Translation: The parties confirm that this Agreement and all related documentation is and will be in the English language)).

Abbreviated Table of Contents

 

About This Guide

xliii

Part 1

Network Management Introduction

 

Chapter 1

Network Management Overview Complete Network Management Configuration Statements

3

Chapter 2

7

Part 2

Integrated Local Management Interface

 

Chapter 3

Integrated Local Management Interface Overview

15

Part 3

Simple Network Management Protocol (SNMP)

 

Chapter 4

SNMP Overview Configuring SNMP SNMPv3 Overview Configuring SNMPv3 SNMP Remote Operations SNMP Support for Routing Instances Understanding the JUNOS Software MIB Support Juniper Networks Enterprise-Specific SNMP Traps Standard SNMP Traps Summary of SNMP Configuration Statements Summary of SNMPv3 Configuration Statements

19

Chapter 5

23

Chapter 6

43

Chapter 7

45

Chapter 8

79

Chapter 9

97

Chapter 10

115

Chapter 11

135

Chapter 12

147

Chapter 13

169

Chapter 14

193

Part 4

RMON Alarms and Events

 

Chapter 15

Configuring RMON Alarms and Events Monitoring RMON Alarms and Events Summary of RMON Alarm and Event Configuration Statements

237

Chapter 16

245

Chapter 17

255

Part 5

Health Monitoring

 

Chapter 18

Configuring Health Monitoring Summary of Health Monitoring Configuration Statements

267

Chapter 19

271

Part 6

Monitoring Service Quality

 

Chapter 20

Monitoring Service Quality in Service Provider Networks

277

JUNOS 10.0 Network Management Configuration Guide

Part 7

 

Juniper Networks Enterprise-Specific MIBs

Chapter 21

Interpreting the Structure of Management Information MIB

305

Chapter 22

Interpreting the Enterprise-Specific Antivirus Objects MIB

311

Chapter 23

Interpreting the Enterprise-Specific Chassis MIBs 315

Chapter 24

Interpreting the Enterprise-Specific Destination Class Usage MIB

411

Chapter 25

Interpreting the Enterprise-Specific BGP4 V2 MIB 413 Interpreting the Enterprise-Specific SNMP IDP MIB 415 Interpreting the Enterprise-Specific Ping MIB 419

Chapter 26

Chapter 27

Chapter 28

Interpreting the Enterprise-Specific Traceroute MIB 433

Chapter 29

Interpreting the Enterprise-Specific RMON Events and Alarms MIB Interpreting the Enterprise-Specific Reverse-Path-Forwarding MIB Interpreting the Enterprise-Specific Source Class Usage MIB Interpreting the Enterprise-Specific Passive Monitoring MIB

435

Chapter 30

439

Chapter 31

441

Chapter 32

443

Chapter 33

Interpreting the Enterprise-Specific SONET/SDH Interface Management MIB

445

Chapter 34

Interpreting the Enterprise-Specific SONET APS MIB 449

Chapter 35

Interpreting the Enterprise-Specific IPsec Monitoring MIB Interpreting the Enterprise-Specific Ethernet MAC MIB Interpreting the Enterprise-Specific Interface MIB

459

Chapter 36

467

Chapter 37

469

Chapter 38

Interpreting the Enterprise-Specific VPN MIB 475

Chapter 39

Interpreting the Enterprise-Specific Flow Collection Services MIB

487

Chapter 40

Interpreting the Enterprise-Specific Services PIC MIB 491

Chapter 41

Interpreting the Enterprise-Specific Dynamic Flow Capture MIB Interpreting the Enterprise-Specific Chassis Forwarding MIB

497

Chapter 42

505

Chapter 43

Interpreting the Enterprise-Specific System Log MIB 507 Interpreting the Enterprise-Specific MPLS LDP MIB 511

Chapter 44

Chapter 45

Interpreting the Enterprise-Specific Packet Forwarding Engine MIB

513

Chapter 46

Interpreting the Enterprise-Specific Event MIB 517

Chapter 47

Interpreting the Enterprise-Specific Bidirectional Forwarding Detection (BFD) MIB Interpreting the Enterprise-Specific Layer 2 Transport Protocol (L2TP) MIB

 

519

Chapter 48

521

Chapter 49

Interpreting the Enterprise-Specific Real-Time Performance Monitoring (RPM) MIB Interpreting the Enterprise-Specific Class-of-Service MIB

531

Chapter 50

539

Chapter 51

Interpreting the Enterprise-Specific IP Forward MIB 543

Chapter 52

Interpreting the Enterprise-Specific ATM Class-of-Service MIB

545

Chapter 53

Interpreting the Enterprise-Specific Firewall MIB 551 Interpreting the Enterprise-Specific ATM MIB 553

Chapter 54

Chapter 55

Interpreting the Enterprise-Specific Configuration Management MIB

563

Chapter 56

Interpreting the Enterprise-Specific IPv4 MIB 567 Interpreting the Enterprise-Specific Alarm MIB 569 Interpreting the Enterprise-Specific RSVP MIB 571 Interpreting the Enterprise-Specific MPLS MIB 573

Chapter 57

Chapter 58

Chapter 59

Abbreviated Table of Contents

 

Chapter 60

Interpreting the Enterprise-Specific Host Resources MIB Interpreting the Enterprise-Specific Layer 2 Control Protocol (L2CP) MIB Interpreting the Enterprise-Specific MIMSTP MIB Interpreting the Enterprise-Specific L2ALD MIB Interpreting the Enterprise-Specific Utility MIB Interpreting the Enterprise-Specific AAA Objects MIB Interpreting the Enterprise-Specific Access Authentication Objects MIB Interpreting the Enterprise-Specific DNS Objects MIB Interpreting the Enterprise-Specific IPsec Generic Flow Monitoring Object MIB Interpreting the Enterprise-Specific IPsec VPN Objects MIB Interpreting the Enterprise-Specific Network Address Translation Objects MIB Interpreting the Enterprise-Specific Policy Objects MIB Interpreting the Enterprise-Specific Security Interface Extension Objects MIB Interpreting the VPN Certificate Objects MIB Interpreting the Enterprise-Specific Security Screening Objects MIB Interpreting the Enterprise-Specific LDP MIB Interpreting the Enterprise-Specific EX Series SMI MIB Interpreting the Enterprise-Specific EX MAC Notification MIB Interpreting the Enterprise-Specific Analyzer MIB Interpreting the Enterprise-Specific VLAN MIB Interpreting the Enterprise-Specific Virtual Chassis MIB Interpreting the Enterprise-Specific PAE Extension MIB Interpreting the Enterprise-Specific SPU Monitoring MIB Interpreting the Enterprise-Specific OTN Interface Management MIB

579

Chapter 61

581

Chapter 62

583

Chapter 63

597

Chapter 64

599

Chapter 65

603

Chapter 66

607

Chapter 67

609

Chapter 68

 

611

 

Chapter 69

625

Chapter 70

 

629

 

Chapter 71

633

Chapter 72

 

639

 

Chapter 73

643

Chapter 74

645

Chapter 75

657

Chapter 76

661

Chapter 77

663

Chapter 78

667

Chapter 79

671

Chapter 80

677

Chapter 81

679

Chapter 82

683

Chapter 83

685

Part 8

Accounting Options

 

Chapter 84

Accounting Options Overview Configuring Accounting Options Summary of Accounting Options Configuration Statements

691

Chapter 85

693

Chapter 86

717

Part 9

Index

Index Index of Statements and Commands

737

747

JUNOS 10.0 Network Management Configuration Guide

Table of Contents

 

About This Guide

xliii

JUNOS Documentation and Release Notes Objectives Audience Supported Platforms Using the Indexes Using the Examples in This Manual Merging a Full Example Merging a Snippet Documentation Conventions Documentation Feedback Requesting Technical Support Self-Help Online Tools and Resources Opening a Case with JTAC

xliii

xliv

xliv

xliv

xlv

xlv

xlv

xlvi

xlvi

xlviii

xlviii

xlix

xlix

Part 1

Network Management Introduction

Chapter 1

Network Management Overview

3

Understanding Device Management Functions in JUNOS Software

3

Chapter 2

Complete Network Management Configuration Statements

7

Configuration Statements at the [edit accounting-options] Hierarchy Level Configuration Statements at the [edit snmp] Hierarchy Level

7

8

Part 2

Integrated Local Management Interface

Chapter 3

Integrated Local Management Interface Overview

15

Understanding the Integrated Local Management Interface

15

JUNOS 10.0 Network Management Configuration Guide

Part 3

Simple Network Management Protocol (SNMP)

Chapter 4

SNMP Overview

19

Understanding SNMP Implementation in JUNOS Software SNMP Architecture Management Information Base (MIB) SNMP Traps and Informs JUNOS SNMP Agent Features

19

19

20

20

22

Chapter 5

Configuring SNMP

23

Configuring SNMP on a Device Running JUNOS Software Configuring the System Contact on a Device Running JUNOS Software Configuring the System Location for a Device Running JUNOS Software Configuring the System Description on a Device Running JUNOS Software Filtering Duplicate SNMP Requests Configuring the Commit Delay Timer Configuring the System Name Configuring the SNMP Community String Examples: Configuring the SNMP Community String Adding a Group of Clients to an SNMP Community Configuring SNMP Trap Options and Groups on a Device Running JUNOS Software Configuring SNMP Trap Options Configuring the Source Address for SNMP Traps Configuring the Agent Address for SNMP Traps Configuring SNMP Trap Groups Example: Configuring SNMP Trap Groups Configuring the Interfaces on Which SNMP Requests Can Be Accepted Example: Configuring Secured Access List Checking Filtering Interface Information Out of SNMP Get and GetNext Output Configuring MIB Views Example: Ping Proxy MIB Tracing SNMP Activity on a Device Running JUNOS Software Configuring the Number and Size of SNMP Log Files Configuring Access to the Log File Configuring a Regular Expression for Lines to Be Logged Configuring the Trace Operations Example: Tracing SNMP Activity Configuring the Local Engine ID

24

26

26

26

27

27

28

28

29

30

31

32

32

33

34

36

36

37

37

38

38

39

40

40

40

41

42

42

Chapter 6

SNMPv3 Overview

43

SNMPv3 Overview

43

Table of Contents

Chapter 7

Configuring SNMPv3

45

Complete SNMPv3 Configuration Statements Minimum SNMPv3 Configuration on a Device Running JUNOS Software Configuring the Local Engine ID Creating SNMPv3 Users Configuring the SNMPv3 Authentication Type Configuring MD5 Authentication Configuring SHA Authentication Configuring No Authentication Configuring the Encryption Type Configuring the Advanced Encryption Standard Algorithm Configuring the Data Encryption Algorithm Configuring Triple DES Configuring No Encryption Example: Creating SNMPv3 Users Configuration Defining Access Privileges for an SNMP Group Configuring the Access Privileges Granted to a Group Configuring the Group Configuring the Security Model Configuring the Security Level Associating MIB Views with an SNMP User Group Configuring the Notify View Configuring the Read View Configuring the Write View Example: Access Privilege Configuration Assigning Security Names to Groups Configuring the Security Model Configuring the Security Name Configuring the Group Example: Security Group Configuration Configuring SNMPv3 Traps on a Device Running JUNOS Software Configuring the SNMPv3 Trap Notification Example: Configuring SNMPv3 Trap Notification Configuring the Trap Notification Filter Configuring the Trap Target Address Configuring the Address Configuring the Address Mask Configuring the Port Configuring the Routing Instance Configuring the Tag List Applying Target Parameters Example: Configuring the Tag List Defining and Configuring the Trap Target Parameters Applying the Trap Notification Filter Configuring the Target Parameters Configuring the Message Processing Model Configuring the Security Model

46

47

48

49

50

50

50

51

51

51

52

52

53

53

54

55

55

55

56

56

57

57

57

57

58

59

59

59

60

60

61

62

62

63

64

64

64

64

65

65

65

66

67

67

67

68

JUNOS 10.0 Network Management Configuration Guide

 

Configuring the Security Level Configuring the Security Name Configuring SNMP Informs Configuring the Remote Engine and Remote User Example: Configuring the Remote Engine ID and Remote Users Configuring the Inform Notification Type and Target Address Example: Configuring the Inform Notification Type and Target Address Configuring the SNMPv3 Community Configuring the Community Name Configuring the Security Names Configuring the Tag Example: SNMPv3 Community Configuration Example: SNMPv3 Configuration

68

68

69

70

71

71

72

73

74

74

74

75

75

Chapter 8

SNMP Remote Operations

79

SNMP Remote Operations Overview SNMP Remote Operation Requirements Setting SNMP Views Example: Setting SNMP Views Setting Trap Notification for Remote Operations Example: Setting Trap Notification for Remote Operations Using Variable-Length String Indexes Example: Set Variable-Length String Indexes Enabling Logging Using the Ping MIB Starting a Ping Test Using Multiple Set Protocol Data Units (PDUs) Using a Single Set PDU Monitoring a Running Ping Test pingResultsTable pingProbeHistoryTable Generating Traps Gathering Ping Test Results Stopping a Ping Test Interpreting Ping Variables Using the Traceroute MIB Starting a Traceroute Test Using Multiple Set PDUs Using a Single Set PDU Monitoring a Running Traceroute Test traceRouteResultsTable traceRouteProbeResultsTable traceRouteHopsTable Generating Traps Monitoring Traceroute Test Completion Gathering Traceroute Test Results Stopping a Traceroute Test Traceroute Variables

79

80

80

80

81

81

81

81

82

82

82

83

83

83

84

85

86

86

88

88

89

89

90

90

90

90

91

93

94

94

95

96

96

Table of Contents

Chapter 9

SNMP Support for Routing Instances

97

Understanding SNMP Support for Routing Instances Support Classes for MIB Objects Identifying a Routing Instance Enabling SNMP Access over Routing Instances Specifying a Routing Instance in an SNMPv1 or SNMPv2c Community Example: Configuring Interface Settings for a Routing Instance Configuring Access Lists for SNMP Access over Routing Instances Trap Support for Routing Instances MIB Support Details

97

98

99

100

100

101

102

103

103

Chapter 10

Understanding the JUNOS Software MIB Support

115

Standard SNMP MIBs Supported by JUNOS Software Juniper Networks Enterprise-Specific MIBs Loading MIB Files to a Network Management System

115

123

132

Chapter 11

Juniper Networks Enterprise-Specific SNMP Traps

135

Juniper Networks Enterprise-Specific SNMP Version 1 Traps Juniper Networks Enterprise-Specific SNMP Version 2 Traps Juniper Networks Enteprise-Specific BGP Traps Juniper Networks Enterprise-Specific LDP Traps Disabling LDP Traps Juniper Networks Enterprise-Specific MIMSTP Traps Juniper Networks Enterprise-Specific MPLS Traps Juniper Networks Enterprise-Specific Version 2 Traps on EX Series Ethernet Switches Juniper Networks Enterprise-Specific Version 2 Traps on MX960 Routers Raising Traps for Events Based on System Log Messages Unsupported Enterprise-Specific SNMP Traps Spoofing Enterprise-Specific SNMP Traps

135

139

143

144

144

144

144

144

144

145

145

145

Chapter 12

Standard SNMP Traps

147

Standard SNMP Version 1 Traps SNMP Version 1 Standard Traps SNMP Version 1 Ping Traps MIB SNMP Version 1 Traceroute Traps MIB SNMP Version 1 VRRP Traps MIB Standard SNMP Version 2 Traps SNMP Version 2 Standard Traps SNMP Version 2 MPLS Traps SNMP Version 2 OSPF Traps MIB SNMP Version 2 Ping Traps MIB

147

149

150

151

152

153

155

156

157

161

JUNOS 10.0 Network Management Configuration Guide

 

SNMP Version 2 Traceroute Traps MIB SNMP Version 2 VRRP Traps MIB Standard SNMP Traps on EX Series Ethernet Switches Unsupported Standard SNMP Traps Spoofing Standard SNMP Traps

162

163

163

164

168

Chapter 13

Summary of SNMP Configuration Statements

169

access-list agent-address authorization categories client-list client-list-name clients commit-delay community contact description destination-port engine-id filter-duplicates filter-interfaces interface location logical-system logical-system-trap-filter name nonvolatile oid routing-instance routing-instance-access snmp source-address targets traceoptions trap-group trap-options version view view (Associating MIB View with a Community) view (Configuring MIB View)

169

170

170

171

171

172

172

173

174

175

175

176

176

177

177

178

178

179

179

180

180

181

182

183

183

184

184

185

187

188

188

189

190

191

Chapter 14

Summary of SNMPv3 Configuration Statements

193

address address-mask

193

194

authentication-md5

195

authentication-none

196

authentication-password

196

Table of Contents

authentication-sha

197

community-name

198

engine-id

199

group

200

group (Configuring)

201

group (Defining Access Privileges for an SNMPv3 Group)

201

inform-retry-count

202

inform-timeout

202

local-engine

203

message-processing-model

204

notify

205

notify-filter

206

notify-filter (Applying to Management Target)

206

notify-filter (Configuring)

206

notify-view

207

oid

208

parameters

208

port

209

privacy-3des

209

privacy-aes128

210

privacy-des

211

privacy-none

211

privacy-password

212

read-view

212

remote-engine

213

routing-instance

214

security-level

215

security-level (Defining Access Privileges)

216

security-level (Generating SNMP Notifications)

216

security-model

217

security-model (Access Privileges)

218

security-model (Group)

218

security-model (SNMP Notifications)

219

security-name

220

security-name (Community String)

221

security-name (Security Group)

221

security-name (SNMP Notifications)

222

security-to-group

223

snmp-community

223

tag

224

tag-list

225

target-address

225

target-parameters

226

type

227

user

228

usm

229

v3

231

vacm

233

view

233

write-view

234

JUNOS 10.0 Network Management Configuration Guide

Part 4

RMON Alarms and Events

Chapter 15

Configuring RMON Alarms and Events

237

Understanding RMON Alarms and Events Configuration Minimum RMON Alarm and Event Entry Configuration Configuring an Alarm Entry and Its Attributes Configuring the Alarm Entry Configuring the Description Configuring the Falling Event Index or Rising Event Index Configuring the Falling Threshold or Rising Threshold Configuring the Interval Configuring the Falling Threshold Interval Configuring the Request Type Configuring the Sample Type Configuring the Startup Alarm Configuring the System Log Tag Configuring the Variable Configuring an Event Entry and Its Attributes Example: Configuring an RMON Alarm and Event Entry

237

238

238

239

239

239

240

240

240

241

241

242

242

242

242

243

Chapter 16

Monitoring RMON Alarms and Events

245

RMON Alarms alarmTable jnxRmonAlarmTable Using alarmTable to Monitor MIB Objects Creating an Alarm Entry Configuring the Alarm MIB Objects alarmInterval alarmVariable alarmSampleType alarmValue alarmStartupAlarm alarmRisingThreshold alarmFallingThreshold alarmOwner alarmRisingEventIndex alarmFallingEventIndex Activating a New Row in alarmTable Modifying an Active Row in alarmTable Deactivating a Row in alarmTable RMON Events eventTable Using eventTable to Log Alarms Creating an Event Entry Configuring the MIB Objects Activating a New Row in eventTable Deactivating a Row in eventTable

245

246

246

247

247

247

248

248

248

248

248

249

249

249

249

249

250

250

250

250

250

251

251

251

253

253

Table of Contents

Chapter 17

Summary of RMON Alarm and Event Configuration Statements

255

alarm

255

community

256

description

256

event

257

falling-event-index

257

falling-threshold

258

falling-threshold-interval

258

interval

259

request-type

259

rising-event-index

260

rising-threshold

260

rmon

261

sample-type

261

startup-alarm

262

syslog-subtag

262

type

263

variable

263

Part 5

Health Monitoring

Chapter 18

Configuring Health Monitoring

267

Configuring Health Monitoring on Devices Running JUNOS Software Monitored Objects Minimum Health Monitoring Configuration Configuring the Falling Threshold or Rising Threshold Configuring the Interval Log Entries and Traps Example: Configuring Health Monitoring

267

268

269

269

269

270

270

Chapter 19

Summary of Health Monitoring Configuration Statements

271

falling-threshold

271

health-monitor

272

interval

272

rising-threshold

273

JUNOS 10.0 Network Management Configuration Guide

Part 6

Monitoring Service Quality

Chapter 20

Monitoring Service Quality in Service Provider Networks

277

Understanding Measurement Points, Key Performance Indicators, and Baseline Values Measurement Points Basic Key Performance Indicators Setting Baselines Understanding RMON for Monitoring Service Quality Setting Thresholds RMON Command-Line Interface RMON Event Table RMON Alarm Table Troubleshooting RMON Defining and Measuring Network Availability Defining Network Availability Monitoring the SLA and the Required Bandwidth Measuring Availability Real-Time Performance Monitoring Measuring Health Measuring Performance Measuring Class of Service Inbound Firewall Filter Counters per Class Monitoring Output Bytes per Queue Dropped Traffic

277

277

278

279

279

279

280

281

281

282

283

283

285

285

286

288

294

296

297

299

299

Part 7

Juniper Networks Enterprise-Specific MIBs

Chapter 21

Interpreting the Structure of Management Information MIB

305

jnxProducts

305

jnxServices

305

jnxMibs

307

jnxTraps

308

jnxExperiment

309

Chapter 22

Interpreting the Enterprise-Specific Antivirus Objects MIB

311

Scan Engine Objects Table Scan Statistics Objects Table Antivirus Traps Objects Table

311

312

313

Table of Contents

Chapter 23

Interpreting the Enterprise-Specific Chassis MIBs

315

Textual Convention for Chassis MIB jnxBoxAnatomy Top-Level Objects jnxContainersTable jnxContentsLastChange jnxContentsTable jnxLEDLastChange jnxLEDTable jnxFilledLastChange jnxFilledTable jnxOperatingTable jnxRedundancyTable jnxFruTable jnxBoxKernelMemoryUsedPercent jnxBoxSystemDomainType Chassis Traps SNMPv1 Trap Format SNMPv2 Trap Format Chassis Definitions for Router Model MIB MIB Objects for the M120 Router MIB Objects for the MX960 Ethernet Services Router MIB Objects for the MX480 Ethernet Services Router MIB Objects for the MX240 Ethernet Services Router MIB Objects for the EX Series Ethernet Switches MIB Objects for the SRX3400 Services Gateway MIB Objects for the SRX3600 Services Gateway MIB Objects for the SRX5600 Services Gateway MIB Objects for the SRX5800 Services Gateway MIB Objects for the SRX100 Services Gateway MIB Objects for the SRX210 Services Gateway MIB Objects for the SRX240 Services Gateway MIB Objects for the SRX650 Services Gateway

316

317

317

317

324

324

335

335

339

339

348

356

361

396

396

396

399

400

401

403

404

405

405

405

407

407

408

408

409

409

410

410

Chapter 24

Interpreting the Enterprise-Specific Destination Class Usage MIB

411

jnxDCUsTable

411

jnxDcuStatsTable

412

Chapter 25

Interpreting the Enterprise-Specific BGP4 V2 MIB

413

jnxBgpM2PrefixCountersTable

413

JnxBgpM2PrefixCountersEntry

413

JUNOS 10.0 Network Management Configuration Guide

Chapter 26

Interpreting the Enterprise-Specific SNMP IDP MIB

415

jnxJsIdpObjects jnxJsIdpAttackTable IDP Signature Update and Attack Log Notifications

415

416

417

Chapter 27

Interpreting the Enterprise-Specific Ping MIB

419

jnxPingCtlTable

419

jnxPingCtlEntry

420

jnxPingResultsTable

423

jnxpingResultsEntry

423

jnxPingProbeHistoryTable

426

jnxPingProbeHistoryEntry

426

jnxPingLastTestResultTable

428

jnxPingLastTestResultEntry

428

Chapter 28

Interpreting the Enterprise-Specific Traceroute MIB

433

jnxTraceRouteCtlTable

433

jnxTraceRouteCtlEntry

433

Chapter 29

Interpreting the Enterprise-Specific RMON Events and Alarms MIB

435

jnxRmonAlarmTable RMON Event and Alarm Traps

435

437

Chapter 30

Interpreting the Enterprise-Specific Reverse-Path-Forwarding MIB

439

jnxRpfStatsTable

439

jnxRpfStatsEntry

439

Chapter 31

Interpreting the Enterprise-Specific Source Class Usage MIB

441

jnxScuStatsTable

441

jnxRpfStatsEntry

441

Chapter 32

Interpreting the Enterprise-Specific Passive Monitoring MIB

443

jnxPMonFlowTable

443

Table of Contents

Chapter 33

Interpreting the Enterprise-Specific SONET/SDH Interface Management MIB

445

jnxSonetAlarmsTable

445

jnxSonetAlarmEntry

445

Chapter 34

Interpreting the Enterprise-Specific SONET APS MIB

449

apsConfigTable

449

apsConfigEntry

449

apsStatusTable

451

apsStatusEntry

451

apsChanConfigTable

454

apsChanConfigEntry

454

apsChanStatusTable

455

apsChanStatusEntry

455

Chapter 35

Interpreting the Enterprise-Specific IPsec Monitoring MIB

459

jnxIkeTunnelTable

459

jnxIkeTunnelEntry

459

jnxIPSecTunnelTable

462

jnxIPSecTunnelEntry

462

jnxIPSecSaTable

464

jnxIPSecSaEntry

464

Chapter 36

Interpreting the Enterprise-Specific Ethernet MAC MIB

467

jnxMacStatsTable

467

jnxMacStatsEntry

467

Chapter 37

Interpreting the Enterprise-Specific Interface MIB

469

jnxIfTable

469

jnxIfEntry

469

ifChassisTable

471

ifChassisEntry

472

Chapter 38

Interpreting the Enterprise-Specific VPN MIB

475

jnxVpnInfo

475

jnxVpnTable

476

jnxVpnEntry

476

jnxVpnIfTable

477

jnxVpnIfEntry

477

JUNOS 10.0 Network Management Configuration Guide

 

jnxVpnPwTable jnxVpnPwEntry jnxVpnRTTable jnxVpnRTEntry VPN Traps

480

480

485

485

485

Chapter 39

Interpreting the Enterprise-Specific Flow Collection Services MIB

487

jnxCollGlobalStats

487

jnxCollPicIfTable

488

jnxCollPicEntry

488

jnxCollFileTable

489

jnxCollFileEntry

490

Chapter 40

Interpreting the Enterprise-Specific Services PIC MIB

491

jnxSpSvcSetTable jnxSpSvcSetEntry jnxSpSvcSetSvcTypeTable jnxSpSvcSetSvcTypeEntry jnxSpSvcSetIfTable jnxSpSvcSetSvcIfEntry Service Traps Redundant Interfaces

491

491

493

493

494

494

495

495

Chapter 41

Interpreting the Enterprise-Specific Dynamic Flow Capture MIB

497

jnxDfcCSTable jnxDfcCSEntry jnxDfcCDTable jnxDfcCDEntry DFC Notification Variables DFC Notification Definitions

497

497

501

501

501

502

Chapter 42

Interpreting the Enterprise-Specific Chassis Forwarding MIB

505

jnxFwddProcess

505

Chapter 43

Interpreting the Enterprise-Specific System Log MIB

507

jnxSyslogTable

507

jnxSyslogEntry

507

jnxSyslogAvTable

509

jnxSyslogEntry

510

Table of Contents

Chapter 44

Interpreting the Enterprise-Specific MPLS LDP MIB

511

Chapter 45

Interpreting the Enterprise-Specific Packet Forwarding Engine MIB

513

jnxPfeNotifyGlTable

513

jnxPfeNotifyGlEntry

513

jnxPfeNotifyTypeTable

515

jnxPfeNotifyTypeEntry

515

Chapter 46

Interpreting the Enterprise-Specific Event MIB

517

jnxEventAvTable jnxEventAvEntry Notifications for the Event MIB

517

517

518

Chapter 47

Interpreting the Enterprise-Specific Bidirectional Forwarding Detection (BFD) MIB

519

jnxBfdSessTable jnxBfdSessEntry Notifications for the BFD MIB

519

519

520

Chapter 48

Interpreting the Enterprise-Specific Layer 2 Transport Protocol (L2TP) MIB

521

L2TP Scalar Status and Statistics Group

521

jnxL2tpTunnelGroupStatsTable

522

jnxL2tpTunnelStatsTable

523

jnxL2tpSessionStatsTable

525

jnxL2tpMlpppBundleStatsTable

530

Chapter 49

Interpreting the Enterprise-Specific Real-Time Performance Monitoring

(RPM) MIB

531

jnxRpmResultsSampleTable

531

JnxRpmMeasurementType

532

JnxRpmTimestampType

533

jnxRpmResultsSummaryTable

533

jnxRpmResultsCalculatedTable

534

jnxRpmHistorySampleTable

535

jnxRpmHistorySummaryTable

536

jnxRpmHistoryCalculatedTable

536

JUNOS 10.0 Network Management Configuration Guide

Chapter 50

Interpreting the Enterprise-Specific Class-of-Service MIB

539

jnxCosInvQstatTable

539

Chapter 51

Interpreting the Enterprise-Specific IP Forward MIB

543

jnxIpCidrRouteTable

543

jnxIpCidrRouteEntry

543

Chapter 52

Interpreting the Enterprise-Specific ATM Class-of-Service MIB

545

jnxCosAtmVcTable

545

jnxCosAtmVcScTable

546

jnxCosAtmVcQstatsTable

548

jnxCosAtmTrunkTable

548

Chapter 53

Interpreting the Enterprise-Specific Firewall MIB

551

jnxFirewallsTable

551

jnxFirewallCounterTable

552

Chapter 54

Interpreting the Enterprise-Specific ATM MIB

553

jnxAtmIfTable

553

jnxAtmVCTable

555

jnxAtmVpTable

558

jnxAtmTrunkTable

560

Chapter 55

Interpreting the Enterprise-Specific Configuration Management MIB

563

Text Conventions Configuration Change Management Objects and jnxCmCfgChgEventTable jnxCmCfgChgEventTable Rescue Configuration Change Management Objects Configuration Management Notifications

563

564

564

565

566

Chapter 56

Interpreting the Enterprise-Specific IPv4 MIB

567

jnxIpv4AddrTable

567

Table of Contents

Chapter 57

Interpreting the Enterprise-Specific Alarm MIB

569

jnxAlarmRelayMode

569

jnxYellowAlarms

569

jnxRedAlarms

570

Chapter 58

Interpreting the Enterprise-Specific RSVP MIB

571

jnxRsvpSessionTable

571

Chapter 59

Interpreting the Enterprise-Specific MPLS MIB

573

MPLS Info Table MPLS Traffic Engineering (TE) Info Table mplsAdminGroup mplsLspInfoList Enterprise-Specific MPLS Traps

573

574

574

574

577

Chapter 60

Interpreting the Enterprise-Specific Host Resources MIB

579

jnxHrStorageTable

579

Chapter 61

Interpreting the Enterprise-Specific Layer 2 Control Protocol (L2CP) MIB

581

L2CP MIB Objects Supported by JUNOS Software

581

Chapter 62

Interpreting the Enterprise-Specific MIMSTP MIB

583

jnxMIDot1sJuniperMstTable

583

Juniper Networks MSTI Bridge Table jnxMIMstVlanInstanceMappingTable jnxMIMstCistPortTable jnxMIMstMstiPortTable Juniper Networks Enterprise-Specific MIMSTP Traps

588

590

591

594

596

Chapter 63

Interpreting the Enterprise-Specific L2ALD MIB

597

jnxl2aldInterfaceTable

597

MAC Address Limit Traps

598

JUNOS 10.0 Network Management Configuration Guide

Chapter 64

Interpreting the Enterprise-Specific Utility MIB

599

jnxUtilCounter32Table

599

jnxUtilCounter64Table

600

jnxUtilIntegerTable

600

jnxUtilUintTable

600

jnxUtilStringTable

601

Chapter 65

Interpreting the Enterprise-Specific AAA Objects MIB

603

Text Conventions jnxUserAAAStatTable jnxUserAAAServerName Access Authentication-Related Traps

603

604

604

604

Chapter 66

Interpreting the Enterprise-Specific Access Authentication Objects MIB

607

jnxJsFwAuthStats

607

jnxJsAuthTrapVars

608

jnxJsAuthNotifications

608

Chapter 67

Interpreting the Enterprise-Specific DNS Objects MIB

609

jnxJsDnsProxyDataObjects

609

Chapter 68

Interpreting the Enterprise-Specific IPsec Generic Flow Monitoring Object MIB

611

Branch Tree Objects Text Conventions Number of IKE Tunnels Currently Active IPsec Phase 1 IKE Tunnel Table IPsec Phase 2 IKE Tunnel Table IPsec Phase 2 Security Association Table

611

612

615

616

619

622

Chapter 69

Interpreting the Enterprise-Specific IPsec VPN Objects MIB

625

Text Conventions jnxJsIpSecTunnelTable

625

626

Table of Contents

Chapter 70

Interpreting the Enterprise-Specific Network Address Translation Objects MIB

629

Source NAT Table jnxJsNatIfSrcPoolPortTable NAT Trap Definitions

629

631

631

Chapter 71

Interpreting the Enterprise-Specific Policy Objects MIB

633

Security Policy Table jnxJsPolicyStatsTable

633

635

Chapter 72

Interpreting the Enterprise-Specific Security Interface Extension Objects MIB

639

jnxJsIfMonTable

639

Chapter 73

Interpreting the VPN Certificate Objects MIB

643

jnxJsLoadedCaCertTable

643

jnxJsLoadedLocalCertTable

644

Chapter 74

Interpreting the Enterprise-Specific Security Screening Objects MIB

645

jnxJsScreenMonTable

645

Chapter 75

Interpreting the Enterprise-Specific LDP MIB

657

LDP Notification Objects and Notification Types LDP Statistics Table

657

660

Chapter 76

Interpreting the Enterprise-Specific EX Series SMI MIB

661

Chapter 77

Interpreting the Enterprise-Specific EX MAC Notification MIB

663

MAC Notification Global Group MAC Notification MIB Global Objects MAC History Index MAC History Changes Message

663

663

664

665

JUNOS 10.0 Network Management Configuration Guide

Chapter 78

Interpreting the Enterprise-Specific Analyzer MIB

667

Analyzer Table Analyzer Input Table Analyzer Output Table

667

668

669

Chapter 79

Interpreting the Enterprise-Specific VLAN MIB

671

VLAN Configuration Table jnxExVlanTable VLAN Interfaces Table jnxExVlanInterfaceTable Port Group Table jnxExVlanPortGroupTable MAC List Table

672

672

673

673

674

675

676

Chapter 80

Interpreting the Enterprise-Specific Virtual Chassis MIB

677

Virtual Chassis Member Table

677

Chapter 81

Interpreting the Enterprise-Specific PAE Extension MIB

679

jnxAuthProfileName Authentication Configuration Extension Table Static MAC List Authentication Bypass Table jnxStaticMacAuthBypassIfTable

679

679

680

680

Chapter 82

Interpreting the Enterprise-Specific SPU Monitoring MIB

683

SPU Monitoring Objects Table

683

Chapter 83

Interpreting the Enterprise-Specific OTN Interface Management MIB

685

OTN MIB Textual Conventions jnxOtnAlarmTable

685

686

jnxOtnCurrentOdu15minTable

687

Part 8

Accounting Options

Chapter 84

Accounting Options Overview

691

Accounting Options Overview

691

Table of Contents

Chapter 85

Configuring Accounting Options

693

Accounting Options Configuration Accounting Options Full Configuration Minimum Accounting Options Configuration Configuring Files Configuring the Storage Location of the File Configuring the Maximum Size of the File Configuring the Maximum Number of Files Configuring the Start Time for File Transfer Configuring the Transfer Interval of the File Configuring Archive Sites Configuring the Interface Profile Configuring Fields Configuring the File Information Configuring the Interval Example: Configuring the Interface Profile Configuring the Filter Profile Configuring the Counters Configuring the File Information Configuring the Interval Example: Configuring a Filter Profile Example: Configuring Interface-Specific Firewall Counters and Filter Profiles Source Class Usage Options Overview Configuring SCU or DCU Creating Prefix Route Filters in a Policy Statement Applying the Policy to the Forwarding Table Enabling Accounting on Inbound and Outbound Interfaces Configuring SCU on a Virtual Loopback Tunnel Interface Example: Configuring a Virtual Loopback Tunnel Interface on a Provider Edge Router Equipped with a Tunnel PIC Example: Mapping the VRF Instance Type to the Virtual Loopback Tunnel Interface Example: Sending Traffic Received from the Virtual Loopback Interface Out the Source Class Output Interface Configuring Class Usage Profiles Configuring a Class Usage Profile Configuring the File Information Configuring the Interval Creating a Class Usage Profile to Collect Source Class Usage Statistics Creating a Class Usage Profile to Collect Destination Class Usage Statistics Configuring the MIB Profile Configuring the File Information Configuring the Interval Configuring the MIB Operation

693

693

694

696

697

697

697

698

698

699

699

700

700

700

700

702

702

702

703

703

704

705

706

706

706

707

708

708

708

709

709

709

710

710

710

711

712

712

712

713

JUNOS 10.0 Network Management Configuration Guide

 

Configuring MIB Object Names Example: Configuring a MIB Profile Configuring the Routing Engine Profile Configuring Fields Configuring the File Information Configuring the Interval Example: Configuring a Routing Engine Profile

713

713

713

714

714

714

715

Chapter 86

Summary of Accounting Options Configuration Statements

717

accounting-options archive-sites class-usage-profile counters destination-classes fields fields (for Interface Profiles) fields (for Routing Engine Profiles)

717

718

719

720

720

721

722

723

file

724

file (Associating with a Profile) file (Configuring a Log File)

724

725

files

725

filter-profile

726

interface-profile

727

interval

728

mib-profile

729

nonpersistent

729

object-names

730

operation

730

routing-engine-profile

731

size

731

source-classes

732

start-time

732

transfer-interval

733

Part 9

Index

Index Index of Statements and Commands

737

747

List of Figures

Part 3

Simple Network Management Protocol (SNMP)

 

Chapter 7

Configuring SNMPv3 Figure 1: Inform Request and Response SNMP Support for Routing Instances Figure 2: SNMP Data for Routing Instances

45

 

69

 

Chapter 9

97

 

98

Part 6

Monitoring Service Quality

 

Chapter 20

Monitoring Service Quality in Service Provider Networks Figure 3: Network Entry Points Figure 4: Setting Thresholds Figure 5: Regional Points of Presence Figure 6: Measurements to Each Router Figure 7: Network Behavior During Congestion

277

 

278

280

283

284

297

JUNOS 10.0 Network Management Configuration Guide

List of Tables

 

About This Guide Table 1: Notice Icons Table 2: Text and Syntax Conventions

xliii

xlvii

xlvii

Part 1

Network Management Introduction

 

Chapter 1

Network Management Overview Table 3: Device Management Features in JUNOS Software

3

 

4

Part 3

Simple Network Management Protocol (SNMP)

 

Chapter 5

Configuring SNMP Table 4: SNMP Tracing Flags

23

 

41

 

Chapter 8

SNMP Remote Operations Table 5: Results in pingProbeHistoryTable: After the First Ping Test Table 6: Results in pingProbeHistoryTable: After the First Probe of the Second Test Table 7: Results in pingProbeHistoryTable: After the Second Ping Test Table 8: traceRouteProbeHistoryTable SNMP Support for Routing Instances Table 9: MIB Support for Routing Instances (Juniper Networks MIBs) Table 10: Class 1 MIB Objects (Standard and Juniper MIBs) Table 11: Class 2 MIB Objects (Standard and Juniper MIBs) Table 12: Class 3 MIB Objects (Standard and Juniper MIBs) Table 13: Class 4 MIB Objects (Standard and Juniper MIBs)

79

 

87

87

88

95

 

Chapter 9

97

 

103

107

111

112

113

 

Chapter 10

Understanding the JUNOS Software MIB Support 115

 

Table 14: Standard MIBs Supported on Devices Running JUNOS Software

115

 

Chapter 11

Juniper Networks Enterprise-Specific SNMP Traps 135

 

Table 15: Juniper Networks Enterprise-Specific Supported SNMP Version 1 Traps Table 16: Enterprise-Specific Supported SNMP Version 2 Traps Table 17: Unsupported Enterprise-Specific SNMP Traps

136

140

145

 

Chapter 12

Standard SNMP Traps Table 18: Standard Supported SNMP Version 1 Traps Table 19: Standard Supported SNMP Version 2 Traps Table 20: Unsupported Standard SNMP Traps

147

 

147

153

165

JUNOS 10.0 Network Management Configuration Guide

Part 5

Health Monitoring

 

Chapter 18

Configuring Health Monitoring Table 21: Monitored Object Instances

267

 

268

Part 6

Monitoring Service Quality

 

Chapter 20

Monitoring Service Quality in Service Provider Networks Table 22: RMON Event Table Table 23: RMON Alarm Table Table 24: jnxRmon Alarm Extensions Table 25: Real-Time Performance Monitoring Configuration Options Table 26: Health Metrics Table 27: Counter Values for vlan-ccc Encapsulation Table 28: Performance Metrics Table 29: Inbound Traffic Per Class Table 30: Inbound Counters Table 31: Outbound Counters for ATM Interfaces Table 32: Outbound Counters for Non-ATM Interfaces Table 33: Dropped Traffic Counters

277

 

281

282

282

286

288

294

294

298

298

299