Configuring Alarm Reporting to the Upper-Layer NMS

This operation configures the Trap IP address and alarm reporting parameters for an upper-layer network management system (NMS). After the configuration, alarms of eReplication can be reported to the upper-layer NMS.

Procedure

On the menu bar, select Settings.
In the navigation tree, choose Layered NMS > Trap Settings.

Set the northbound trap reporting parameters used for communication between the upper-layer NMS and current eReplication.

Northbound trap reporting parameters are used for communication between the upper-layer NMS and current eReplication. When parameters on the upper-layer NMS are changed, modify the parameters on current eReplication accordingly.

In the Trap Parameters area, select the required SNMP protocol type.
Configuring SNMP authentication information allows alarm information to be securely sent to a third-party NMS. SNMP supports SNMPv1, SNMPv2c, and SNMPv3. Enabling SNMPv1 and SNMPv2c brings security risks. You are advised to use only the secure SNMPv3 protocol.

Set the northbound trap reporting parameters used for communication between the upper-layer NMS and current eReplication. Table 1 describes related parameters.

Figure 1 SNMPv1 parameter settings (SNMPv2c parameter settings are the same.)

Figure 2 SNMPv3 parameters settings

**Table 1** Northbound Trap reporting parameters
Protocol Type	Parameter	Description	Value
SNMPv1 and SNMPv2c	Read Community	Indicates the community name authentication. If the Get or GetNext operation is performed, the read community name is used for authentication.	The password must meet the following requirements: Must include special characters, including !"#$%&'()*+,-./:;<=>?@[\]^`{_\|}~ and spaces. The value must contain uppercase letters, lowercase letters, and digits.
	Confirm Read Community	Confirm the parameter settings.
	Write Community	Indicates the community name authentication. If the Set operation is performed, the write community name is used for authentication.
	Confirm Write Community	Confirm the parameter settings.
SNMPv3	Username	Northbound Trap user name used for communication between the upper-layer NMS and eReplication of the current level.	[Value range] The name contains 1 to 64 characters. [Example] user
	Environment Name	Name of the environment engine.	[Value range] The name contains 1 to 64 characters. [Example] sa
	Environment Engine ID	Unique identifier of an SNMP engine. This ID is used together with the environment name to determine an environment that uniquely identifies an SNMP entity. An SNMP message packet is processed only when the environments of the sender terminal and the recipient terminal are the same. Otherwise, the SNMP message packet will be discarded. This parameter supports two input modes: Hexadecimal input mode: The ID must be in the format of #..**. The validity verification involves the value length and each hexadecimal value. The maximum length is 97 characters, including pound signs (#). Non-hexadecimal input mode: Enter the ID directly. The validity verification involves only the length. The maximum length is 32 characters.	-
	Authentication Protocol	Protocol used for verifying messages. You can select HMACMD5, HMAC_SHA1, HMAC_SHA2, HMAC_SHA2_384, or HMAC_SHA2_512, or do not use any protocol.	[Example] HMAC_SHA2 NOTE: The HMAC_SHA2 encryption protocol is used by default. HMACMD5 and HMAC_SHA1 are insecure protocols and have security risks. You are advised to select HMAC_SHA2(SHA256), HMAC_SHA2_384, or HMAC_SHA2_512.
	Authentication Password	If the authentication protocol is used to verify messages, you need to set the authentication password.	The password complexity requirements are as follows: Contains 8 to 64 characters. Must include special characters, including !"#$%&'()*+,-./:;<=>?@[\]^`{_\|}~ and spaces. Must contain upper-case letters, lower-case letters, and digits. Cannot be the same as the username or the mirror writing of the username.
	Data Encryption Protocol	Encryption protocol used for encapsulating data. The value can be DES or AES, or no encryption. DES: an international universal encryption algorithm. The key length is 56 bytes. AES: an advanced encryption standard. There are three types of key length: 128 bytes, 192 bytes, and 256 bytes. Different lengths provide different-level security protection.	[Example] AES NOTE: The default value is AES. DES is an insecure protocol which may cause security risks. Therefore, AES, AES192, or AES256 is recommended.
	Data Encryption Password	If the encryption algorithm is used for encapsulating data, you need to set the data encryption password. The default password is the same as that of the eReplication Agent.	The password complexity requirements are as follows: Contains 8 to 64 characters. Must include special characters, including !"#$%&'()*+,-./:;<=>?@[\]^`{_\|}~ and spaces. Must contain upper-case letters and lower-case letters. Cannot be the same as the username or the mirror writing of the username.

Click OK.

Add the Trap IP address of the upper-layer NMS.
1. In the Trap IP Address area, click Add.
2. Configure IP Address and Port for the upper-layer NMS to receive alarms.
  
  For SNMPv3, if Authentication Password is set in Trap parameter settings, you need to enter the authentication password. If Authentication Password and Data Encryption Password are set in Trap parameter settings, you need to enter the authentication password and data encryption password.
3. Click OK.
- The MIB file needs to be obtained for parsing alarms.
- After deploying BCManager, obtain MIB file Lego-NorthTrap-MIB from directory /opt/BCManager/Runtime/LegoRuntime/mibs.
- The Lego-NorthTrap-MIB file depends on the MIB file defined by other public standards, such as the RFC1213-MIB file. You need to download the file before using it.