1
00:00:05,630 --> 00:00:11,870
OK, so in this task, we need to enable SNMP on the routers here's router 1,

2
00:00:12,230 --> 00:00:20,660
I'll go into global configuration mode and use the command SNMP server community to enable SNMP.

3
00:00:21,380 --> 00:00:27,410
We've been told to use public and private as the community strings, in the real world

4
00:00:27,410 --> 00:00:30,170
you wouldn't want to do that, in the real world

5
00:00:30,470 --> 00:00:35,510
you want to use something a lot more secure than public and private

6
00:00:36,560 --> 00:00:43,880
but because this is the lab and we simply want to get used to using SNMP, I'll configure SNMP with those

7
00:00:43,880 --> 00:00:45,080
two community strings.

8
00:00:45,710 --> 00:00:48,230
So show run shows us

9
00:00:50,810 --> 00:00:58,250
those two SNMP community strings, as configured on router 1, on router 2 we'll do something

10
00:00:58,250 --> 00:00:59,160
very similar.

11
00:01:06,060 --> 00:01:14,220
So on router 2 SNMP server community public read-only, 

12
00:01:15,530 --> 00:01:21,480
SNMP server of a community private is going to be read write.

13
00:01:22,130 --> 00:01:26,650
So we've got our two community string's configured on both routers.

14
00:01:27,140 --> 00:01:33,040
That's essentially all we need to do on the routers and now on the PC

15
00:01:33,260 --> 00:01:38,090
we should be able to use the MIB browser to interrogate the routers.

16
00:01:39,050 --> 00:01:46,490
So on the PC, on the desktop MIB browser, I'll put in the IP address of the first router.

17
00:01:47,060 --> 00:01:50,180
The IP addresses have been configured on these devices.

18
00:01:51,350 --> 00:01:53,810
So show IP interface brief on router

19
00:01:53,810 --> 00:01:56,690
1 shows us the IP address of router 1.

20
00:01:58,070 --> 00:01:59,300
So 10.1.1.1, 

21
00:02:01,710 --> 00:02:03,000
I'm going to click on advanced

22
00:02:05,630 --> 00:02:10,139
read community is going to be public, write community is going to be private.

23
00:02:10,970 --> 00:02:18,770
We've been told to use SNMP version 3 per these instructions, so I'm going to click, OK, and

24
00:02:18,890 --> 00:02:26,180
then hopefully I should be able to browse through the MIB tree until I find

25
00:02:27,570 --> 00:02:28,380
system

26
00:02:32,090 --> 00:02:42,260
sysname. So we've been told to get the hostname of router 1 and router 2 as the first task we're going

27
00:02:42,260 --> 00:02:46,010
to be using an SNMP get, to do that, click go

28
00:02:48,120 --> 00:02:52,290
should allow us to get the hostname of the router

29
00:03:01,730 --> 00:03:04,970
and as you can see here, the router name is R1.

30
00:03:06,690 --> 00:03:15,000
If I do something similar with router 2, click go and notice the router name is router 2 so it was as simple

31
00:03:15,000 --> 00:03:21,720
as that to get the hostname of the routers, now we need to view the interfaces on router 1.

32
00:03:22,350 --> 00:03:23,880
So under interfaces

33
00:03:25,010 --> 00:03:29,770
and I need to do that in router 1 you could do something similar on router 2 if you wanted to.

34
00:03:32,600 --> 00:03:38,390
Let's have a look at the interface index, there are interface numbers, description, 

35
00:03:38,790 --> 00:03:41,650
notice there are the interfaces on the router.

36
00:03:42,020 --> 00:03:47,900
We can confirm that by using show IP interface brief on the router again.

37
00:03:47,900 --> 00:03:49,480
So show IP interface brief, 

38
00:03:50,090 --> 00:03:55,190
we've got gigabit 00.01.02 loopback and VLAN 1

39
00:03:55,700 --> 00:03:56,600
and there you go.

40
00:03:57,270 --> 00:04:05,300
It's as simple as that to interrogate a router using SNMP and to get back information about the router.

41
00:04:07,740 --> 00:04:16,010
So what are the interface types? So I have type click go, we can see copper, gigabit, Ethernet, 

42
00:04:16,019 --> 00:04:19,260
loopback and VLAN as the interface types.

43
00:04:19,769 --> 00:04:25,500
You could also look at other information, such as the maximum transmission unit, the speed

44
00:04:27,400 --> 00:04:32,230
of the interfaces, physical addresses, so the Mac addresses.

45
00:04:35,910 --> 00:04:39,270
So on the router show, interface Gigabit 00

46
00:04:42,070 --> 00:04:45,610
notice the Mac address of Gigabit 00, 

47
00:04:46,890 --> 00:04:56,130
which is this interface over here. So SNMP allows a management station to get a lot of information about

48
00:04:56,130 --> 00:04:59,670
a device such as the status of interfaces.

49
00:05:00,720 --> 00:05:05,490
So that's administrative statuses, here's operational statuses.

50
00:05:06,480 --> 00:05:14,430
Because we shut interfaces down, they're showing as both administratively down and operationally down,

51
00:05:14,790 --> 00:05:23,520
once again, the only interfaces enabled on the router are gigabit 00

52
00:05:24,560 --> 00:05:31,550
and the loopback interfaces, other interfaces are administratively down and we can see that

53
00:05:32,930 --> 00:05:33,980
through this interface.

54
00:05:35,540 --> 00:05:39,470
So let's have a look at the routing table of router 1.

55
00:05:44,090 --> 00:05:53,490
So IP, IP routing table, let's look at the route destination, there are the routes in the routing table.

56
00:05:54,200 --> 00:05:55,730
We can confirm that again

57
00:05:58,080 --> 00:06:05,550
by looking at router 1s CLI, so show IP route.

58
00:06:08,020 --> 00:06:11,620
There's network quadruple one, we can see that here,

59
00:06:13,200 --> 00:06:15,540
quadruple 2 shown here, 

60
00:06:17,240 --> 00:06:25,460
10.1.1.0, 10.1.1.1, we can see that here and we can see a default route

61
00:06:26,710 --> 00:06:33,940
which is pointing to router 2, we can see default route information in the routing table through

62
00:06:33,940 --> 00:06:34,660
SNMP.

63
00:06:36,560 --> 00:06:41,570
So, again, it was as simple as that to get routing information via SNMP.

64
00:06:42,840 --> 00:06:49,410
OK, so the next thing we need to get is the OSPF area on router 1, as well as the OSPF router

65
00:06:49,410 --> 00:06:51,990
ID and OSPF neighbors.

66
00:06:52,890 --> 00:06:56,310
So back in the MIB browser, go to OSPF.

67
00:06:58,220 --> 00:07:05,930
We can get the OSPF router ID, there it is, we can get, as an example, the version of OSPF used which

68
00:07:05,930 --> 00:07:11,000
is version 2, we can get the administrative status of OSPF.

69
00:07:13,320 --> 00:07:15,810
Back on the router, show OSPF

70
00:07:18,930 --> 00:07:21,330
we can see that OSPF is enabled.

71
00:07:22,720 --> 00:07:31,480
Here's the router ID, this is using OSPF version 2 because it's OSPF for IP version 4.

72
00:07:34,630 --> 00:07:41,800
We can also get the OSPF area ID, notice its area zero, again on the router

73
00:07:45,710 --> 00:07:52,940
notice the backbone area, area zero has been enabled in OSPF you can represent it this way or you can

74
00:07:52,940 --> 00:07:54,260
represent it this way.

75
00:07:57,700 --> 00:08:01,480
In this example, authentication hasn't been enabled in OSPF.

76
00:08:03,620 --> 00:08:05,180
We could also look at

77
00:08:07,260 --> 00:08:12,090
the links state database see things such as the router IDs in the link state database,

78
00:08:12,540 --> 00:08:14,130
notice we see those too.

79
00:08:15,390 --> 00:08:21,400
So show IP OSPF database, they are LSA type 1 OSPF

80
00:08:21,450 --> 00:08:24,000
entries and here's LSA type 2

81
00:08:24,910 --> 00:08:27,760
and we can see that through SNMP.

82
00:08:29,330 --> 00:08:32,030
What about the neighbor table, so 

83
00:08:33,789 --> 00:08:40,809
neighbor IP address on router 1 is router 2. On the router show IP OSPF neighbor

84
00:08:41,140 --> 00:08:43,960
we can see that router 2 is a neighbor.

85
00:08:45,290 --> 00:08:47,720
If we change this to router 2, 

86
00:08:48,780 --> 00:08:53,940
we can see that router 1 is a neighbor to router 2 and we can see

87
00:08:55,000 --> 00:09:03,730
the router ID of router 1 requiring router 2 at this point, it has a router ID neighbor of 1

88
00:09:03,730 --> 00:09:04,690
111.

89
00:09:05,260 --> 00:09:06,750
So on router 2

90
00:09:09,960 --> 00:09:20,550
show IP OSPF neighbor, notice there's the neighbor router ID and the IP address of the neighbor as seen on

91
00:09:20,550 --> 00:09:22,290
router 2 again.

92
00:09:23,310 --> 00:09:33,840
There's the IP address as shown here through SNMP router ID is this, as we can see here on router 2.

93
00:09:35,130 --> 00:09:37,730
We can look at the OSPF priority.

94
00:09:37,740 --> 00:09:42,030
So notice the neighbor has a priority of 100, on router 2

95
00:09:42,030 --> 00:09:49,260
we can see that router 1 has that priority configured and on router 1 show run shows us

96
00:09:50,720 --> 00:09:54,830
that the priority was configured on the Gigabit00 interface.

97
00:09:57,230 --> 00:10:00,920
So a lot of information can be gleaned through SNMP.

98
00:10:01,610 --> 00:10:05,020
I've completed all the read-only tasks.

99
00:10:06,290 --> 00:10:12,020
Let's change the name of R1 to router 1, so here's router 1 notice

100
00:10:12,020 --> 00:10:14,060
the router name is R1.

101
00:10:16,820 --> 00:10:24,620
What we want to do now, however, is change the system name at the moment, it's R1 but we want

102
00:10:24,620 --> 00:10:27,180
to change that by using a set

103
00:10:28,100 --> 00:10:30,830
and in this case, it's an octet string.

104
00:10:31,250 --> 00:10:33,620
So let's change the name to R1

105
00:10:34,780 --> 00:10:39,160
click go, we're told that the router name is changed on the router

106
00:10:40,060 --> 00:10:42,750
we can confirm that the router name has changed.

107
00:10:43,600 --> 00:10:50,500
So if I go back to get there's the router name, I could change it back to R1

108
00:10:54,310 --> 00:11:02,020
click OK, click go router name has changed, we can confirm that again through the console of

109
00:11:02,020 --> 00:11:07,810
the router. So I'll change that back to get, then to set

110
00:11:10,790 --> 00:11:18,320
and set it back to router 1 per our instructions and notice on the router we see that the name

111
00:11:18,320 --> 00:11:19,040
is router 1.

112
00:11:20,480 --> 00:11:21,730
So I'm happy with that.

113
00:11:21,740 --> 00:11:25,460
I've completed these tasks and shown you a bit more.

114
00:11:26,520 --> 00:11:29,670
How did you get on, were you able to complete these tasks?

115
00:11:31,290 --> 00:11:34,410
Now, as an extra I'm going to set

116
00:11:35,930 --> 00:11:37,860
packet tracer to simulation mode

117
00:11:39,770 --> 00:11:48,070
and then I'm going to use get to get the router name from router 1 and click go.

118
00:11:48,920 --> 00:11:52,660
So notice an SNMP packet is sent to the router.

119
00:11:53,270 --> 00:11:56,860
SNMP port is port 161

120
00:11:57,260 --> 00:11:59,960
this is a UDP packet, source

121
00:11:59,960 --> 00:12:05,150
IP address is 10.1.1.200, which is the PC destination is the router.

122
00:12:06,190 --> 00:12:14,110
We can see the outbound PDU here so we can see lots of information, such as the source, Mac address,

123
00:12:14,650 --> 00:12:16,120
destination Mac address.

124
00:12:17,230 --> 00:12:24,290
We can see source IP the PC, the destination is the router, but the important information is here.

125
00:12:25,030 --> 00:12:30,400
SNMP uses UDP Port 161 as both the source and destination Port number.

126
00:12:32,310 --> 00:12:37,560
I'll click capture forward packet goes to the switch and then onto the router.

127
00:12:38,540 --> 00:12:43,790
So let's have a look at the packet inbound PDU looks like this.

128
00:12:45,060 --> 00:12:47,190
We're not seeing a lot of SNMP information.

129
00:12:48,800 --> 00:12:55,670
In packet tracer we can see that the version of SNMP is version 3, we can see that the community is set to

130
00:12:55,670 --> 00:12:56,300
public.

131
00:12:57,540 --> 00:13:07,040
On the packet that goes back to the PC notice the source is the router destination is the PC.

132
00:13:07,470 --> 00:13:11,250
We can see version 3 community is public.

133
00:13:13,400 --> 00:13:15,050
Let's capture forward to that.

134
00:13:16,020 --> 00:13:17,640
It's the PC

135
00:13:19,300 --> 00:13:22,960
and on the PC, we've received that

136
00:13:24,420 --> 00:13:31,380
SNMP packet, we're not seeing a lot of detail through packet tracer here, it's not showing us the

137
00:13:31,530 --> 00:13:36,420
actual information that's returned, such as the router hostname

138
00:13:38,380 --> 00:13:42,330
but if you were using a proper Wireshark capture, you'd be able to see more information.

139
00:13:43,030 --> 00:13:48,190
But what I want to point out is notice the source and destination port number is 161, 

140
00:13:48,640 --> 00:13:50,770
Protocol used is the UDP.

141
00:13:52,570 --> 00:13:57,610
What I like about packet tracer here is it's shown us clearly how SNMP works.

142
00:13:58,030 --> 00:14:02,310
It's very simple to configure SNMP and then browse the MIBS

143
00:14:03,890 --> 00:14:10,910
on the devices using S&NMP and retrieve information, as well as configure the devices through SNMP.