beautypg.com

Enhancing is-is network security, Configuring is-is network management – H3C Technologies H3C S12500-X Series Switches User Manual

Page 160

background image

146

282B

Configuring IS-IS network management

This task includes the following configurations:

Bind an IS-IS process to MIB so that you can use network management software to manage the
specified IS-IS process.

Enable IS-IS notifications to report important events.

Notifications are delivered to the SNMP module, which outputs the notifications according to the

configured output rules. For more information about SNMP notifications, see Network Management and
Monitoring Configuration Guide.
TRILL uses the IS-IS MIB to provide the TRILL object management function for NMS. Because the MIB

objects defined in the IS-IS MIB are single-instance management objects, NMS cannot manage IS-IS and

TRILL at the same time. According to the management for multiple OSPF instances defined in RFC 4750,
you can set a context name for the SNMP object for managing TRILL. In this way, the SNMP requests for

managing IS-IS and the SNMP requests for managing TRILL from NMS can be distinguished. Because

the context name is a concept specific to SNMPv3, the community names are mapped to context names

for distinguishing different protocols in SNMPv1/v2c.
To configure IS-IS network management:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Bind MIB to an IS-IS

process.

isis mib-binding process-id

By default, MIB is bound to the IS-IS
process with the smallest process

ID.

3.

Enable IS-IS

notification sending.

snmp-agent trap enable isis
[ adjacency-state-change | area-mismatch

| authentication | authentication-type |

buffsize-mismatch | id-length-mismatch |
lsdboverload-state-change | lsp-corrupt |

lsp-parse-error | lsp-size-exceeded |

manual-address-drop | max-seq-exceeded
| maxarea-mismatch | own-lsp-purge |

protocol-support | rejected-adjacency |

skip-sequence-number | version-skew ] *

By default, IS-IS notification
sending is enabled.

4.

Enter IS-IS view.

isis [ process-id ] [ vpn-instance
vpn-instance-name ]

N/A

5.

Configure the context
name for the SNMP

object for managing

IS-IS.

snmp context-name context-name

By default, no context name is set
for the SNMP object for managing

IS-IS.

63B

Enhancing IS-IS network security

To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS authentication

involves neighbor relationship authentication, area authentication, and routing domain authentication.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: