Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Defining the SNMP community

SNMP community strings are used only by systems that support SNMPv1 and SNMPv2c protocols. SNMPv3 uses a username and password authentication, along with an encryption key.

The SNMP community of a system is the list of SNMP clients authorized to make requests of the system. Authorization for the community is in the form of a community string. The community string acts as a password, providing basic security and protecting the system against spurious SNMP requests.

  • If no SNMP clients or networks are explicitly defined, then any client presenting the correct community string is granted the access privilege specified in the authorization option.
  • If any client or network is defined, then only explicitly listed clients or networks are granted access to the system. Those clients have the access privilege specified by the authorization option. (The default is read-only.)

With reference to the figure Configuring SNMP communities and traps, the following configuration example shows how to set the SNMP community string for the system R1 to abc123 and specify three clients for the community with the following IP addresses: 176.16.0.15, 176.16.0.16, and 176.16.0.17. Read-only access is provided for this community.

Table 1. Defining an SNMP community
Create the snmp configuration node and the community configuration node. Set the community string. Note that using the edit command creates the community if it does not already exist.

Navigate to the configuration node of the community for easier configuration.

vyatta@R1# edit service snmp community abc123
[edit service snmp community abc123]
List the SNMP clients making up this community.
vyatta@R1# set client 176.16.0.15
vyatta@R1# set client 176.16.0.16
vyatta@R1# set client 176.16.0.17
Set the privilege level for this community to read-only.
vyatta@R1# set authorization ro
Commit the change.
vyatta@R1# commit
Verify the configuration.
vyatta@R1# show
 authorization ro
 client 176.16.0.15
 client 176.16.0.16
 client 176.16.0.17
Return to the top of the configuration tree.
vyatta@R1# top