In short the answers are 1. Significance = none, Omitted = yes. I have seen some reference material that says foir p[urposes of co-existance SNMPv3 engineID may be generated from wiother IP or MAC address of device and passed in SNMPv1 message. BUT there is no evidence yet this is being or going to eb done.
2. Local = router, remote = NMS i.e. the host that will receive traps or informs. The router will listen for incoming traffic but will only act if the incoming traffic contains its engineID. It may well if SNMPv3 security is used do some verification on local & remote engineID to decide if the remote source is valid or allowed to talk to the local entity. 3. They canm coexist though you may need to do some translation between the various versions if you all 3 running, depending on what your NMS is capable of doing. At the moment is not a happy working environment and there are still a lot of 'features' to ber worked ou with v3, so if you don;'t have to use, then don't. ************************ David Tran wrote: > > Hi All, > I have been trying to understand Cisco SNMP command > and so far, after a few weeks of reading materials on > Cisco websites and recently purchasing O'reily "Essential > SNMP" prove unsuccessfull in fully > implementing SNMP Version3 (aka SNMPv3). > Mainly, I am having problem understand a few > concept regarding Cisco devices: > > 1) What is the purpose of Cisco "EngineID id-number", > specifically the " > snmp-server engineID" command? > I understand that the engineID number > is 24 character long and it is useful for SNMPv3 > because the user's password digest is based on > both the password and the local engine ID. > Now, does it have any significance for SNMPv1 > or SNMPv2c? Can this parameter be omitted if only > SNMPv1 or SNMPv2 is used? > > 2) What is the difference between local and remote > engineID? I am always > under the impression that if snmp-server is > enable on the router, then the > router will be listening for incoming SNMP traffic on > UDP port 161. Because > port 161 is listening for SNMP traffic, > Network Management Station (NMS) > that runs Management Software like HPOpenView, > Cabletron Spectrum and > Loriot and UCD-SNMP for Unix to querry the router > for information. > Furthermore, if the cisco router is enable for "traps" > it will send 'trap' > messages on UDP port 162 to the NMS for messages > like the link is up/down > or when the router is rebooted. If that is the case, > then what the heck is > the local and remote engineID? It seems like the if the > engineID is "remote" on > the "snmp-server engineID remote id-number", does it > mean that the snmp server > running somewhere other than the router? Can someone > explain this to me? > > 3) What is the disadvantage of using SNMPv3? Can I still > access MIB-2 and other standard MIBs? > > Many thanks > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27464&t=27414 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
