iCan Blog Archive

A stealth change in the 7.1 release is the support of V3 of the Simple Network Management Protocol (SNMP).  You won’t find this secret documented clearly in the Information Center and it’s not covered in the 7.1 overview information. It’s covered in the 7.1 Technical Overview Redbooks publication.

Simple Network Management Protocol (SNMP) version 3 is the current standard version of SNMP. SNMP has been available on i (and it’s predecessors) for years, but hadn’t been updated since its original availability. The primary motivation for the update to SNMP in 7.1 was to support IPv6, but SNMPv3 also incorporates the use of user-based authentication and data privacy.  

You must enable the system to handle SNMPv3 requests. Do this by using the Change SNMP Attributes (CHGSNMPA) command, with the “Allow SNMPv3 support” (ALWSNMPV3) parameter set to *YES. The default is *NO, so until you specifically change the attributes, you won’t be using v3. The SNMP server must be ended and then started again for this change to take effect. If you change this attribute to allow SNMPv3, it won’t affect any existing SNMP applications that you may have, since older version packets will still be accepted and handled as they were before.

User-based authentication for SNMP requires that you use the Add User for SNMP (ADDUSRSNMP) command. This command is new in 7.1, and there are the corresponding change and remove commands. An SNMP user isn’t the same as an IBM i user profile. Rather, SNMP users are added and maintained separately. SNMP users allow for authentication and privacy for SNMP request/response flows, and you can restrict access to management information base (MIB) objects based upon the SNMP user names.

Finally, 7.1 also provides support for several new MIBs:
•    RFC 4293 – MIB for the Internet Protocol (IP)
•    RFC 4292 – IP Forwarding Table MIB
•    RFC 4022 – MIB for the Transmission Control Protocol (TCP)
•    RFC 4113 – MIB for the User Datagram Protocol (UDP)

This blog post was originally published on IBMSystemsMag.com and is reproduced here by permission of IBM Systems Media.