Junos snmp configuration module
Version: 2019-01-01
module junos-conf-snmp { yang-version 1; namespace "http://yang.juniper.net/junos/conf/snmp"; prefix jc-snmp; import junos-common-ddl-extensions { prefix junos; revision-date "2019-01-01"; } import junos-common-types { prefix jt; revision-date "2019-01-01"; } import junos-conf-root { prefix jc; revision-date "2019-01-01"; } organization "Juniper Networks, Inc."; contact "yang-support@juniper.net"; description "Junos snmp configuration module"; revision "2019-01-01" { description "Junos: 21.3R1.9"; } augment /jc:configuration { uses snmp-group; } augment /jc:configuration/jc:groups { uses snmp-group; } grouping snmp-group { container snmp { description "Simple Network Management Protocol configuration"; uses apply-advanced; leaf system-name { type string; description "System name override"; } leaf description { type string; description "System description"; } leaf location { type string; description "Physical location of system"; } leaf contact { type string; description "Contact information for administrator"; } leaf-list interface { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } ordered-by user; description "Restrict SNMP requests to interfaces"; } container alarm-management { description "Alarm management"; uses apply-advanced; list alarm-list-name { key "name"; ordered-by user; description "Alarm list name"; leaf name { type string { length "1 .. 32"; } description "Alarm list name"; } uses apply-advanced; list alarm-id { key "name"; ordered-by user; description "Alarm id"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 4294967295"; } } description "Alarm id"; } uses apply-advanced; list alarm-state { key "name"; ordered-by user; description "Alarm model state, configure state value as 1 for clear alarm"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 4294967295"; } } description "Alarm state"; } uses apply-advanced; leaf notification-id { type string { length "1 .. 254"; } description "Notification id of alarm"; } leaf varbind-index { junos:must "(".. varbind-value")"; junos:must-message "[varbind-value] must be configured for varbind-index"; type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 4294967295"; } } default "0"; description "Varbind index in alarm varbind list"; } leaf varbind-value { junos:must "(".. varbind-index")"; junos:must-message "[varbind-index] must be configured for varbind-value"; type union { type string { pattern "<.*>|$.*"; } type int32 { range "0 .. 2147483647"; } } default "0"; description "Alarm varbind value"; } leaf description { type string { length "1 .. 2048"; } description "Alarm description"; } leaf varbind-subtree { junos:must "((".. resource-prefix" && ".. varbind-index"))"; junos:must-message "resource-prefix and varbind-index must be configured for varbind-subtree"; type string { length "1 .. 254"; } description "Alarm varbind subtree"; } leaf resource-prefix { type string { length "1 .. 254"; } description "Alarm resource prefix"; } } // list alarm-state } // list alarm-id } // list alarm-list-name } // container alarm-management container filter-interfaces { presence "enable filter-interfaces"; description "List of interfaces that needs to be filtered"; uses apply-advanced; list interfaces { key "name"; ordered-by user; description "Filter specified interfaces"; leaf name { type string; } uses apply-advanced; } // list interfaces leaf all-internal-interfaces { type empty; description "Filter all internal interfaces"; } } // container filter-interfaces leaf if-count-with-filter-interfaces { type empty; description "Filter interfaces config for ifNumber and ipv6Interfaces"; } leaf filter-duplicates { type empty; description "Filter requests with duplicate source address/port and request ID"; } container nonvolatile { description "Configure the handling of nonvolatile SNMP Set requests"; uses apply-advanced; leaf commit-delay { type union { type uint32; type string { pattern "<.*>|$.*"; } } units "seconds"; default "5"; description "Delay between affirmative SNMP Set reply and start of commit"; } } // container nonvolatile container v3 { description "SNMPv3 configuration information"; uses apply-advanced; container usm { description "User-based security model (USM) information"; uses apply-advanced; container local-engine { description "Local engine user configuration"; uses apply-advanced; list user { key "name"; ordered-by user; description "SNMPv3 USM user information"; uses v3-user-config; } // list user } // container local-engine list remote-engine { key "name"; ordered-by user; description "Remote engine user configuration"; leaf name { type string { junos:posix-pattern "^.{5,64}$"; junos:pattern-message "Must be a string of 5 to 64 hex characters"; } description "Remote engine id (Hex format)"; } uses apply-advanced; list user { key "name"; ordered-by user; description "SNMPv3 USM user information"; uses v3-user-config; } // list user } // list remote-engine } // container usm container vacm { description "View-based access control model (VACM) information"; uses apply-advanced; container security-to-group { description "Assigns security names to group"; uses apply-advanced; list security-model { key "name"; ordered-by user; description "Security model context for group assignment"; leaf name { type enumeration { enum "usm" { value 0; description "User-based security model"; } enum "v1" { value 1; description "SNMPv1 model"; } enum "v2c" { value 2; description "SNMPv2c model"; } } description "SNMPv3 security-to-group model name"; } uses apply-advanced; list security-name { key "name"; ordered-by user; description "Security name to assign to group"; leaf name { type string { length "1 .. 32"; } description "Security name"; } uses apply-advanced; leaf group { type string { length "1 .. 32"; } description "Group to which to assign security name"; } } // list security-name } // list security-model } // container security-to-group container access { description "Specify SNMP access limits"; uses apply-advanced; list group { key "name"; ordered-by user; description "Group access configuration"; leaf name { type string { length "1 .. 32"; } description "SNMPv3 VACM group name"; } uses apply-advanced; container default-context-prefix { description "Default context-prefix access configuration"; uses apply-advanced; list security-model { key "name"; ordered-by user; description "Security model access configuration"; uses security-model-access; } // list security-model } // container default-context-prefix list context-prefix { key "name"; ordered-by user; description "Context-prefix access configuration"; leaf name { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "SNMPv3 VACM context prefix"; } uses apply-advanced; list security-model { key "name"; ordered-by user; description "Security model access configuration"; uses security-model-access; } // list security-model } // list context-prefix } // list group } // container access } // container vacm list target-address { key "name"; ordered-by user; description "Identifies notification targets as well as allowed management stations"; leaf name { type string { length "1 .. 32"; } description "SNMP target address name"; } uses apply-advanced; leaf address { type jt:ipaddr; description "SNMP target address"; } leaf port { type union { type uint16; type string { pattern "<.*>|$.*"; } } default "162"; description "SNMP target port number"; } leaf timeout { type union { type uint32; type string { pattern "<.*>|$.*"; } } units "seconds"; default "15"; description "Acknowledgment timeout for confirmed SNMP notifications"; } leaf retry-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 255"; } } default "3"; description "Maximum retry count for confirmed SNMP notifications"; } leaf tag-list { type string { length "0 .. 255"; } description "SNMP tag list used to select target addresses"; } leaf address-mask { type jt:ipaddr; description "Mask range of addresses for community string access control."; } leaf routing-instance { type string { junos:posix-pattern "!^(([*]{1,})|(__.*__)|(.{194,}))$"; junos:pattern-message "Must be a non-reserved string of 193 characters or less"; } description "Routing instance for trap destination"; } leaf logical-system { type string { junos:posix-pattern "^[a-zA-Z0-9_-]{1,63}$"; junos:pattern-message "Logical-system name is a string consisting of up to 63 letters, numbers, dashes and underscores"; } description "Logical-system name for trap destination"; } leaf target-parameters { type string { length "1 .. 32"; } description "SNMPv3 target parameter name in the target parameters table"; } } // list target-address list target-parameters { key "name"; ordered-by user; description "Parameters and filter name used when sending notifications"; leaf name { type string { length "1 .. 32"; } description "SNMPv3 target parameters name"; } uses apply-advanced; container parameters { description "Parameters used when sending notifications"; uses apply-advanced; leaf message-processing-model { type enumeration { enum "v1" { value 0; description "SNMPv1 model"; } enum "v2c" { value 1; description "SNMPv2c model"; } enum "v3" { value 2; description "SNMPv3 model"; } } description "The message processing model to be used when generating SNMP notifications"; } leaf security-model { type enumeration { enum "usm" { value 0; description "User-based security model"; } enum "v1" { value 1; description "SNMPv1 model"; } enum "v2c" { value 2; description "SNMPv2c model"; } } description "Security-model used when generating SNMP notifications"; } leaf security-level { type enumeration { enum "none" { value 0; description "None (noAuthNoPriv)"; } enum "authentication" { value 1; description "Authentication (authNoPriv)"; } enum "privacy" { value 2; description "Privacy and authentication (authPriv)"; } } description "Security-level used when generating SNMP notifications"; } leaf security-name { type string { length "1 .. 32"; } description "Security name used when generating SNMP notifications"; } } // container parameters container notify-filter { description "Notify filter to apply to notifications"; leaf filter { type string { length "1 .. 32"; } description "Filter name to apply to notifications"; } } // container notify-filter } // list target-parameters list notify { key "name"; ordered-by user; description "Used to select management targets for notifications as well as the type of notifications"; leaf name { type string { length "1 .. 32"; } description "Notify name"; } uses apply-advanced; leaf type { type enumeration { enum "trap" { value 0; description "SNMP trap"; } enum "inform" { value 1; description "Inform request"; } } default "trap"; description "Notification type"; } leaf tag { type string { length "0 .. 255"; } description "Notifications will be sent to all targets configured with this tag"; } } // list notify list notify-filter { key "name"; ordered-by user; description "Filters to apply to SNMP notifications"; leaf name { type string { length "1 .. 32"; } description "SNMP profile name in the notify filter table"; } uses apply-advanced; list oid { key "name"; ordered-by user; description "OID include/exclude list"; leaf name { type string { junos:posix-pattern "^(.?1|[a-zA-Z][a-zA-Z0-9]*)(.[0-9]+|[.][*]|[.][a-zA-Z])*$"; junos:pattern-message "Must be an OID of the form 1.x.*.z... or objname[.x.*.z]"; } description "OID to include/exclude from notify filter"; } choice filter-action { leaf include { type empty; description "Include this OID in the notify filter"; } leaf exclude { type empty; description "Exclude this OID from the notify filter"; } } // choice filter-action } // list oid } // list notify-filter leaf management-routing-instance { junos:must "("routing-instances $$")"; junos:must-message "Referenced routing instance must be defined under [edit routing-instances] hierarchy level"; type string { junos:posix-pattern "!^((__.*__)|(all)|(.*[ ].*)|("")|(.{129,}))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less with no spaces."; } description "Enable SNMPv3 access for all routing instances from this default context"; } list snmp-community { key "name"; ordered-by user; description "SNMP community and view-based access control model configuration"; leaf name { type string { length "1 .. 32"; } description "Unique index value in this community table entry"; } uses apply-advanced; leaf community-name { type jt:unreadable; description "SNMPv1/v2c community name (default is same as community-index)"; } leaf security-name { type string { length "1 .. 32"; } description "Security name used when performing access control"; } leaf context { type string { length "0 .. 32"; } description "Context used when performing access control"; } leaf tag { type string { length "0 .. 255"; } description "Tag identifier for set of targets allowed to use this community string"; } } // list snmp-community } // container v3 list proxy { key "name"; ordered-by user; description "SNMP proxy configuration"; leaf name { type string; description "Unique proxy name"; } uses apply-advanced; leaf device-name { type string; description "Satellite/Proxied Device name or IP address"; } choice version { container version-v1 { description "For v1 proxy configuration define snmp-community"; uses comm-object; } // container version-v1 container version-v2c { description "For v2c proxy configuration define snmp-community"; uses comm-object; } // container version-v2c container version-v3 { description "For v3 proxy configuration define security-name"; uses sec-object; } // container version-v3 } // choice version list routing-instance { key "name"; ordered-by user; description "Associate routing-instance name for proxy forwarding"; leaf name { type string; description "Routing-instance name for proxy forwarding"; } uses apply-advanced; } // list routing-instance list logical-system { key "name"; ordered-by user; description "Associate logical-system name for proxy forwarding"; leaf name { junos:must "(".. .. logical-system $$ routing-instance")"; junos:must-message "[routing-instance] must be configured for this logical-system"; type string { junos:posix-pattern "^[a-zA-Z0-9_-]{1,63}$"; junos:pattern-message "Logical-system name is a string consisting of up to 63 letters, numbers, dashes and underscores"; } description "Associate logical-system name for proxy forwarding"; } uses apply-advanced; list routing-instance { key "name"; ordered-by user; description "Associate routing-instance name for proxy forwarding"; leaf name { type string; description "Routing-instance name for proxy forwarding"; } uses apply-advanced; } // list routing-instance } // list logical-system } // list proxy container subagent { description "SNMP subagent configuration"; uses apply-advanced; container tcp { presence "enable tcp"; description "Allow SNMP subagent tcp connection"; uses apply-advanced; container routing-instance { description "Specify routing-instance name for tcp connection"; uses apply-advanced; leaf default { type empty; description "Allow connections over default routing-instance"; } } // container routing-instance } // container tcp } // container subagent container engine-id { description "SNMPv3 engine ID"; uses apply-advanced; choice engine-id-choice { leaf use-mac-address { type empty; description "Uses management interface MAC Address for the engine ID"; } leaf use-default-ip-address { type empty; description "Use default IP address for the engine ID"; } leaf local { type string { junos:posix-pattern "^.{1,27}$"; junos:pattern-message "Must be a string of 27 characters or less"; } description "Local engine ID"; } } // choice engine-id-choice } // container engine-id container access { status deprecated; description "SNMPv3 access information"; uses apply-advanced; list user { key "name"; ordered-by user; description "SNMPv3 USM user information"; leaf name { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "SNMPv3 USM username"; } uses apply-advanced; leaf authentication-type { type enumeration { enum "none" { value 0; description "No authentication"; } enum "md5" { value 1; description "MD5 hash algorithm"; } enum "sha" { value 2; description "SHA hash algorithm"; } } description "SNMPv3 USM authentication type"; } leaf authentication-password { type jt:unreadable; description "SNMPv3 USM authentication password"; } leaf privacy-type { type enumeration { enum "none" { value 0; description "No privacy"; } enum "des" { value 1; description "DES algorithm"; } } description "SNMPv3 USM privacy type"; } leaf privacy-password { type jt:unreadable; description "SNMPv3 USM privacy password"; } list clients { key "name"; ordered-by user; description "List of source address prefix ranges to accept"; leaf name { type jt:ipprefix; description "Address or prefix"; } leaf restrict { type empty; description "Deny access"; } } // list clients } // list user list group { key "name"; ordered-by user; description "SNMPv3 USM group information"; leaf name { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "SNMPv3 USM group name"; } uses apply-advanced; leaf-list user { type string; ordered-by user; description "SNMPv3 USM username"; } leaf model { type enumeration { enum "usm" { value 0; description "User-based security model"; } } description "SNMPv3 security model"; } } // list group list context { key "name"; ordered-by user; description "SNMPv3 context information"; leaf name { type string { junos:posix-pattern "^.{0,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "SNMPv3 context name"; } uses apply-advanced; leaf description { type string; description "SNMPv3 context description"; } list group { key "name"; ordered-by user; description "Access group"; leaf name { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "SNMPv3 USM group name"; } uses apply-advanced; leaf model { type enumeration { enum "usm" { value 0; description "User-based security model"; } } description "SNMPv3 security model"; } leaf security-level { type enumeration { enum "none" { value 0; description "None: NoAuthNoPriv"; } enum "authentication" { value 1; description "Authentication: AuthNoPriv"; } enum "privacy" { value 2; description "Privacy: AuthPriv"; } } description "SNMPv3 security level"; } leaf read-view { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "Read view name"; } leaf write-view { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "Write view name"; } } // list group } // list context } // container access list view { key "name"; ordered-by user; description "Define MIB views"; leaf name { type string { junos:posix-pattern "^.{1,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "MIB view name"; } uses apply-advanced; list oid { key "name"; ordered-by user; description "OID include/exclude list"; leaf name { type string { junos:posix-pattern "^(.?1|[a-zA-Z][a-zA-Z0-9]*)(.[0-9]+|[.][*]|[.][a-zA-Z])*$"; junos:pattern-message "Must be an OID of the form 1.x.*.z... or objname[.x.*.z]"; } description "OID to include or exclude from view"; } choice view-action { leaf include { type empty; description "Include this OID in the view"; } leaf exclude { type empty; description "Exclude this OID from the view"; } } // choice view-action } // list oid } // list view list client-list { key "name"; ordered-by user; description "Client list"; leaf name { type string { junos:posix-pattern "^.{1,128}$"; junos:pattern-message "Must be a string of 128 characters or less"; } description "The name for the client list"; } uses apply-advanced; list client-address-list { key "name"; ordered-by user; description "Client address list"; uses client-address-object; } // list client-address-list } // list client-list list community { key "name"; ordered-by user; description "Configure a community string"; leaf name { type string; description "Community name"; } uses apply-advanced; leaf view { type string; description "View name"; } leaf authorization { type enumeration { enum "read-only" { value 0; description "Allow read-only access"; } enum "read-write" { value 1; description "Allow read and write access"; } } description "Authorization type"; } choice clients_choice { leaf client-list-name { type string { junos:posix-pattern "^.{1,128}$"; junos:pattern-message "Must be a string of 128 characters or less"; } description "The name of client list or prefix list"; } list clients { key "name"; ordered-by user; description "List of source address prefix ranges to accept"; leaf name { type jt:ipprefix; description "Address or prefix"; } leaf restrict { type empty; description "Deny access"; } } // list clients } // choice clients_choice list routing-instances { key "name"; ordered-by user; status deprecated; description "Use logical-system/routing-instance for v1/v2c clients"; leaf name { junos:must "("snmp routing-instance-access")"; junos:must-message "[snmp routing-instance-access] must be configured"; type string { junos:posix-pattern "!^(([*]{1,})|(__.*__)|(.{194,}))$"; junos:pattern-message "Must be a non-reserved string of 193 characters or less"; } description "Routing instance of v1/v2c clients"; } uses apply-advanced; choice clients_choice { leaf client-list-name { type string { junos:posix-pattern "^.{1,128}$"; junos:pattern-message "Must be a string of 128 characters or less"; } description "The name of client list or prefix list"; } list clients { key "name"; ordered-by user; description "List of source address prefix ranges to accept"; leaf name { type jt:ipprefix; description "Address or prefix"; } leaf restrict { type empty; description "Deny access"; } } // list clients } // choice clients_choice } // list routing-instances list routing-instance { key "name"; ordered-by user; description "Use routing-instance name for v1/v2c clients"; leaf name { junos:must "("snmp routing-instance-access")"; junos:must-message "[snmp routing-instance-access] must be configured"; type string { junos:posix-pattern "!^((__.*__)|(all)|(.*[ ].*)|("")|(.{129,}))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less with no spaces."; } description "Routing instance of v1/v2c clients"; } uses apply-advanced; choice clients_choice { leaf client-list-name { type string { junos:posix-pattern "^.{1,128}$"; junos:pattern-message "Must be a string of 128 characters or less"; } description "The name of client list or prefix list"; } list clients { key "name"; ordered-by user; description "List of source address prefix ranges to accept"; leaf name { type jt:ipprefix; description "Address or prefix"; } leaf restrict { type empty; description "Deny access"; } } // list clients } // choice clients_choice } // list routing-instance list logical-system { key "name"; ordered-by user; description "Use logical-system name for v1/v2c clients"; leaf name { junos:must "(".. .. logical-system $$ routing-instance")"; junos:must-message "[routing-instance] must be configured for this logical-system"; type string { junos:posix-pattern "^[a-zA-Z0-9_-]{1,63}$"; junos:pattern-message "Logical-system name is a string consisting of up to 63 letters, numbers, dashes and underscores"; } description "Use logical-system name for v1/v2c clients"; } uses apply-advanced; list routing-instance { key "name"; ordered-by user; description "Use routing-instance name for v1/v2c clients"; leaf name { junos:must "("snmp routing-instance-access")"; junos:must-message "[snmp routing-instance-access] must be configured"; type string { junos:posix-pattern "!^((__.*__)|(all)|(.*[ ].*)|("")|(.{129,}))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less with no spaces."; } description "Routing instance of v1/v2c clients"; } uses apply-advanced; choice clients_choice { leaf client-list-name { type string { junos:posix-pattern "^.{1,128}$"; junos:pattern-message "Must be a string of 128 characters or less"; } description "The name of client list or prefix list"; } list clients { key "name"; ordered-by user; description "List of source address prefix ranges to accept"; leaf name { type jt:ipprefix; description "Address or prefix"; } leaf restrict { type empty; description "Deny access"; } } // list clients } // choice clients_choice } // list routing-instance } // list logical-system } // list community container trap-options { presence "enable trap-options"; description "SNMP trap options"; uses apply-advanced; container source-address { description "IPv4/IPv6 source address for trap PDUs"; uses apply-advanced; choice address-choice { leaf lo0 { type empty; description "Use lowest address on loopback interface"; } leaf address { type jt:ipaddr; description "Use specified address"; } } // choice address-choice } // container source-address leaf enterprise-oid { type empty; description "Add snmpTrapEnterprise oid in varbind of all traps"; } leaf context-oid { type empty; description "Add context oid in varbind of all traps at the end"; } list routing-instances { key "name"; ordered-by user; status deprecated; description "Use routing-instance name for source-address"; leaf name { junos:must "(".. source-address")"; junos:must-message "source-address must be configured"; type string { junos:posix-pattern "!^(([*]{1,})|(__.*__)|(.{194,}))$"; junos:pattern-message "Must be a non-reserved string of 193 characters or less"; } description "Routing instance of trap destination"; } uses apply-advanced; container source-address { description "IPv4/IPv6 source address for trap PDUs"; uses apply-advanced; choice address-choice { leaf lo0 { type empty; description "Use lowest address on loopback interface"; } leaf address { type jt:ipaddr; description "Use specified address"; } } // choice address-choice } // container source-address } // list routing-instances list routing-instance { key "name"; ordered-by user; description "Use routing-instance name for source-address"; leaf name { junos:must "(".. source-address")"; junos:must-message "source-address must be configured"; type string { junos:posix-pattern "!^((__.*__)|(all)|(.*[ ].*)|("")|(.{129,}))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less with no spaces."; } description "Routing instance of trap destination"; } uses apply-advanced; container source-address { description "IPv4/IPv6 source address for trap PDUs"; uses apply-advanced; choice address-choice { leaf lo0 { type empty; description "Use lowest address on loopback interface"; } leaf address { type jt:ipaddr; description "Use specified address"; } } // choice address-choice } // container source-address } // list routing-instance list logical-system { key "name"; ordered-by user; description "Use logical-system name for source-address"; leaf name { junos:must "(".. .. logical-system $$ routing-instance")"; junos:must-message "[routing-instance] must be configured for this logical-system"; type string { junos:posix-pattern "^[a-zA-Z0-9_-]{1,63}$"; junos:pattern-message "Logical-system name is a string consisting of up to 63 letters, numbers, dashes and underscores"; } description "Use logical-system name for source-address"; } uses apply-advanced; list routing-instance { key "name"; ordered-by user; description "Use routing-instance name for source-address"; leaf name { junos:must "(".. source-address")"; junos:must-message "source-address must be configured"; type string { junos:posix-pattern "!^((__.*__)|(all)|(.*[ ].*)|("")|(.{129,}))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less with no spaces."; } description "Routing instance of trap destination"; } uses apply-advanced; container source-address { description "IPv4/IPv6 source address for trap PDUs"; uses apply-advanced; choice address-choice { leaf lo0 { type empty; description "Use lowest address on loopback interface"; } leaf address { type jt:ipaddr; description "Use specified address"; } } // choice address-choice } // container source-address } // list routing-instance } // list logical-system leaf agent-address { type enumeration { enum "outgoing-interface" { value 0; description "Use address on outgoing interface"; } } description "Agent address for v1 trap PDUs"; } } // container trap-options list trap-group { key "name"; ordered-by user; description "Configure traps and notifications"; leaf name { type string; description "Trap group name"; } uses apply-advanced; leaf version { type enumeration { enum "all" { value 0; description "Send SNMPv1 and SNMPv2 traps"; } enum "v1" { value 1; description "Send SNMPv1 traps"; } enum "v2" { value 2; description "Send SNMPv2 traps"; } } description "SNMP version"; } leaf destination-port { type union { type int32; type string { pattern "<.*>|$.*"; } } description "SNMP trap receiver port number"; } container categories { description "Trap categories"; uses apply-advanced; leaf authentication { type empty; description "Authentication failures"; } leaf chassis { type empty; description "Chassis or environment notifications"; } leaf link { type empty; description "Link up-down transitions"; } leaf remote-operations { type empty; description "Remote operations"; } leaf routing { type empty; description "Routing protocol notifications"; } leaf startup { type empty; description "System warm and cold starts"; } leaf ggsn { type empty; description "GGSN notifications"; } leaf rmon-alarm { type empty; description "RMON rising and falling alarms"; } leaf vrrp-events { type empty; description "VRRP notifications"; } leaf configuration { type empty; description "Configuration notifications"; } leaf services { type empty; description "Services notifications"; } leaf chassis-cluster { type empty; description "Clustering notifications"; } leaf timing-events { type empty; description "Timing defects/events notifications"; } leaf dot3oam-events { type empty; description "802.3ah notifications"; } container sonet-alarms { presence "enable sonet-alarms"; description "SONET alarm trap subcategories"; uses apply-advanced; leaf loss-of-light { type empty; description "Loss of light alarm notification"; } leaf pll-lock { type empty; description "PLL lock alarm notification"; } leaf loss-of-frame { type empty; description "Loss of frame alarm notification"; } leaf loss-of-signal { type empty; description "Loss of signal alarm notification"; } leaf severely-errored-frame { type empty; description "Severely errored frame alarm notification"; } leaf line-ais { type empty; description "Line AIS alarm notification"; } leaf path-ais { type empty; description "Path AIS alarm notification"; } leaf loss-of-pointer { type empty; description "Loss of pointer alarm notification"; } leaf ber-defect { type empty; description "Sonet bit error rate alarm defect notification"; } leaf ber-fault { type empty; description "Sonet bit error rate alarm fault notification"; } leaf line-remote-defect-indication { type empty; description "Line Remote Defect Indication alarm notification"; } leaf path-remote-defect-indication { type empty; description "Path Remote Defect Indication alarm notification"; } leaf remote-error-indication { type empty; description "Remote Error Indication alarm notification"; } leaf unequipped { type empty; description "Unequipped alarm notification"; } leaf path-mismatch { type empty; description "Path mismatch alarm notification"; } leaf loss-of-cell { type empty; description "Loss of Cell delineation alarm notification"; } leaf vt-ais { type empty; description "VT AIS alarm notification"; } leaf vt-loss-of-pointer { type empty; description "VT Loss Of Pointer alarm notification"; } leaf vt-remote-defect-indication { type empty; description "VT Remote Defect Indication alarm notification"; } leaf vt-unequipped { type empty; description "VT Unequipped alarm notification"; } leaf vt-label-mismatch { type empty; description "VT label mismatch error notification"; } leaf vt-loss-of-cell { type empty; description "VT Loss of Cell delineation notification"; } } // container sonet-alarms container otn-alarms { presence "enable otn-alarms"; description "OTN alarm trap subcategories"; uses apply-advanced; leaf oc-los { type empty; description "Loss of signal alarm notification"; } leaf oc-lof { type empty; description "Loss of frame alarm notification"; } leaf oc-lom { type empty; description "Loss of multiframe alarm notification"; } leaf wavelength-lock { type empty; description "Wavelength lock alarm notification"; } leaf otu-ais { type empty; description "OTU Alarm indication signal alarm notification"; } leaf otu-bdi { type empty; description "OTU Backward defect indication alarm notification"; } leaf otu-ttim { type empty; description "OTU Trace identification mismatch alarm notification"; } leaf otu-iae { type empty; description "OTU Incoming alignment error alarm notification"; } leaf otu-sd { type empty; description "OTU Signal degrade alarm notification"; } leaf otu-sf { type empty; description "OTU Signal fail alarm notification"; } leaf otu-fec-exe { type empty; description "OTU Fec excessive errors alarm notification"; } leaf otu-fec-deg { type empty; description "OTU Fec degraded errors alarm notification"; } leaf otu-bbe-threshold { type empty; description "OTU Background block error threshold alarm notification"; } leaf otu-es-threshold { type empty; description "OTU Errored Second threshold alarm notification"; } leaf otu-ses-threshold { type empty; description "OTU Severely Errored Second threshold alarm notification"; } leaf otu-uas-threshold { type empty; description "OTU Unavailable Second threshold alarm notification"; } leaf odu-ais { type empty; description "ODU Alarm indication signal alarm notification"; } leaf odu-oci { type empty; description "ODU Open connection indicator alarm notification"; } leaf odu-lck { type empty; description "ODU Locked alarm notification"; } leaf odu-bdi { type empty; description "ODU Backward defect indication alarm notification"; } leaf odu-ttim { type empty; description "ODU Trace identification mismatch alarm notification"; } leaf odu-sd { type empty; description "ODU Signal degrade alarm notification"; } leaf odu-sf { type empty; description "ODU Signal fail alarm notification"; } leaf odu-rx-aps-change { type empty; description "ODU Receive APS change notification"; } leaf odu-bbe-threshold { type empty; description "ODU Background block error threshold alarm notification"; } leaf odu-es-threshold { type empty; description "ODU Errored Second threshold alarm notification"; } leaf odu-ses-threshold { type empty; description "ODU Severely Errored Second threshold alarm notification"; } leaf odu-uas-threshold { type empty; description "ODU Unavailable Second threshold alarm notification"; } leaf opu-ptm { type empty; description "ODU Payload Type Mismatch alarm notification"; } } // container otn-alarms } // container categories list targets { key "name"; ordered-by user; description "Targets for trap messages"; leaf name { type jt:hostname; description "IP address"; } } // list targets leaf routing-instance { type string { junos:posix-pattern "!^(([*]{1,})|(__.*__)|(.{194,}))$"; junos:pattern-message "Must be a non-reserved string of 193 characters or less"; } description "Routing instance for trap destination"; } leaf logical-system { type string { junos:posix-pattern "^[a-zA-Z0-9_-]{1,63}$"; junos:pattern-message "Logical-system name is a string consisting of up to 63 letters, numbers, dashes and underscores"; } description "Logical-system name for trap destination"; } } // list trap-group container routing-instance-access { presence "enable routing-instance-access"; description "SNMP routing-instance options"; uses apply-advanced; list access-list { key "name"; description "Allow/Deny SNMP access to routing-instances"; leaf name { junos:must "(!("snmp routing-instance-access access-list $$={default}"))"; junos:must-message "default routing-instance is always allowed"; type string { junos:posix-pattern "!^((__.*__)|(.{194,}))$"; junos:pattern-message "Must be a non-reserved string of 193 characters or less"; } description "Routing-instance in format <name>, <prefix>* or *"; } leaf restrict { type empty; description "Deny access"; } } // list access-list } // container routing-instance-access leaf logical-system-trap-filter { type empty; description "Allow only logical-system specific traps"; } container traceoptions { description "Trace options for SNMP"; uses apply-advanced; container memory-trace { junos:must "(!("snmp traceoptions no-default-memory-trace"))"; junos:must-message "remove no-default-memory-trace config to activate memory-trace"; presence "enable memory-trace"; description "Memory tracing information"; uses apply-advanced; leaf size { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1250 .. 12500"; } } units "kilobytes"; default "5120"; description "Memory size reserved for tracing "; } } // container memory-trace leaf no-remote-trace { junos:must "("system tracing")"; junos:must-message "'no-remote-trace' is valid only when [system tracing] is configured"; type empty; description "Disable remote tracing"; } container file { description "Trace file information"; leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "10"; description "Maximum number of trace files"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice leaf match { type jt:regular-expression; description "Regular expression for lines to be logged"; } } // container file list flag { key "name"; ordered-by user; description "Tracing parameters"; leaf name { type enumeration { enum "timer" { value 0; description "Trace internal timer events"; } enum "protocol-timeouts" { value 1; description "Trace SNMP request timeouts"; } enum "pdu" { value 2; description "Dump SNMP request/response packets"; } enum "varbind-error" { value 3; description "Trace varbind errors"; } enum "routing-socket" { value 4; description "Trace routing socket calls"; } enum "interface-stats" { value 5; description "Trace interface statistics (logical and physical)"; } enum "subagent" { value 6; description "Trace master-agent interations with sub-agents"; } enum "general" { value 7; description "Trace general events"; } enum "nonvolatile-sets" { value 8; description "Nonvolatile SNMP set request handling"; } enum "all" { value 9; description "Trace everything"; } } } } // list flag } // container traceoptions container rmon { presence "enable rmon"; description "Remote Monitoring configuration"; uses apply-advanced; list history { key "name"; ordered-by user; description "RMON history entries"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 65535"; } } description "RMON history identifier"; } uses apply-advanced; leaf interface { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Enable RMON on this interface"; } leaf bucket-size { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 65535"; } } default "50"; description "Requested buckets for the interface"; } leaf interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 2147483647"; } } units "seconds"; default "1800"; description "Interval between samples"; } leaf owner { type string { junos:posix-pattern "^[[:alnum:]._-]{0,32}$"; junos:pattern-message "Must be an alphanumberic string of 32 characters or less"; } description "Owner name of the entry"; } } // list history list alarm { key "name"; ordered-by user; description "RMON alarm entries"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 65535"; } } description "RMON alarm identifier"; } uses apply-advanced; leaf description { type string { junos:posix-pattern "^.{1,120}$"; junos:pattern-message "Must be a string of 120 characters or less"; } description "General description of alarm (stored in alarmOwner)"; } leaf interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 2147483647"; } } units "seconds"; default "60"; description "Interval between samples"; } leaf falling-threshold-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 2147483647"; } } units "seconds"; default "2147483647"; description "Interval between samples during falling-threshold test"; } leaf variable { type string { junos:posix-pattern "^([.]?1|[a-zA-Z][a-zA-Z0-9]*)([.]([a-zA-Z]|[0-9]+))*$"; junos:pattern-message "Must be an OID of the form 1.x.y.z... or objname[.x.y.z] where x, y, & z are either numbers or a single letter"; } description "OID of MIB variable to be monitored"; } leaf sample-type { type enumeration { enum "absolute-value" { value 0; description "Absolute sample value is used"; } enum "delta-value" { value 1; description "Difference between sampled values is used"; } } description "Method of sampling the selected variable"; } leaf request-type { type enumeration { enum "get-request" { value 0; description "Get request"; } enum "get-next-request" { value 1; description "Get-next request"; } enum "walk-request" { value 2; description "Walk request"; } } default "get-request"; description "Type of SNMP request to issue for alarm"; } leaf startup-alarm { type enumeration { enum "rising-alarm" { value 0; description "Rising alarm may be sent at startup"; } enum "falling-alarm" { value 1; description "Falling alarm may be sent at startup"; } enum "rising-or-falling-alarm" { value 2; description "Rising or falling alarm may be sent at startup"; } } default "rising-or-falling-alarm"; description "The alarm that may be sent upon entry startup"; } leaf rising-threshold { type union { type int32; type string { pattern "<.*>|$.*"; } } description "The rising threshold"; } leaf falling-threshold { type union { type int32; type string { pattern "<.*>|$.*"; } } default "2147483647"; description "The falling threshold"; } leaf rising-event-index { type union { type string { pattern "<.*>|$.*"; } type int32 { range "0 .. 65535"; } } default "0"; description "Event triggered after rising threshold is crossed"; } leaf falling-event-index { type union { type string { pattern "<.*>|$.*"; } type int32 { range "0 .. 65535"; } } default "0"; description "Event triggered after falling threshold is crossed"; } leaf syslog-subtag { type string { junos:posix-pattern "^[A-Z][A-Z0-9_]{0,79}$"; junos:pattern-message "Must be a string of 80 upper case characters or less"; } description "Tag to be added to syslog messages"; } } // list alarm list event { key "name"; ordered-by user; description "RMON event entries"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 65535"; } } description "RMON event identifier"; } uses apply-advanced; leaf description { type string { junos:posix-pattern "^.{1,127}$"; junos:pattern-message "Must be a string of 127 characters or less"; } description "General description of event"; } leaf type { type enumeration { enum "none" { value 0; description "No notifications"; } enum "log" { value 1; description "Add entry to logTable"; } enum "snmptrap" { value 2; description "Send SNMP trap"; } enum "log-and-trap" { value 3; description "Send SNMP trap and make log entry"; } } default "log-and-trap"; description "The type of notification for this event"; } leaf community { type string { junos:posix-pattern "^.{1,127}$"; junos:pattern-message "Must be a string of 127 characters or less"; } description "The community (trap group) for outgoing traps"; } } // list event } // container rmon container health-monitor { presence "enable health-monitor"; description "Health monitoring configuration"; uses apply-advanced; leaf interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 2147483647"; } } units "seconds"; description "Interval between samples"; } leaf rising-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 100"; } } units "percent"; description "Rising threshold applied to all monitored objects"; } leaf falling-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 100"; } } units "percent"; description "Falling threshold applied to all monitored objects"; } container idp { presence "enable idp"; description "IDP health monitor configuration"; uses apply-advanced; leaf interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 2147483647"; } } units "seconds"; description "Interval between samples"; } leaf rising-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 100"; } } units "percent"; description "Rising threshold applied to all monitored objects"; } leaf falling-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 100"; } } units "percent"; description "Falling threshold applied to all monitored objects"; } } // container idp } // container health-monitor container arp { presence "enable arp"; description "JVision ARP settings"; uses apply-advanced; leaf host-name-resolution { type empty; description "Enable host name resolution"; } } // container arp container customization { description "Customize SNMP behaviour based on knob"; uses apply-advanced; leaf ether-stats-ifd-only { type empty; description "To stop exposing IFLs as part of etherStatsTable"; } } // container customization } // container snmp } // grouping snmp-group grouping apply-advanced { description "Apply advanced configuration logic"; leaf-list apply-groups { type string; ordered-by user; description "Groups from which to inherit configuration data"; } leaf-list apply-groups-except { type string; ordered-by user; description "Don't inherit configuration data from these groups"; } list apply-macro { key "name"; ordered-by user; description "Macro and parameters for commit script expansion"; uses apply-macro-type; } // list apply-macro } // grouping apply-advanced grouping apply-macro-type { description "Macro data for commit-script expansion"; leaf name { type string; description "Name of the macro to be expanded"; } list data { key "name"; uses macro-data-type; } // list data } // grouping apply-macro-type grouping client-address-object { description "Client address"; leaf name { type jt:ipprefix; description "Address or prefix"; } uses apply-advanced; leaf restrict { type empty; description "Deny access"; } } // grouping client-address-object grouping comm-object { description "Specify snmp-community name"; uses apply-advanced; leaf snmp-community { type string { length "1 .. 32"; } description "Specify community name"; } leaf no-default-comm-to-v3-config { type empty; description "No default snmp-community and v3 configuration"; } } // grouping comm-object grouping macro-data-type { leaf name { type string; description "Keyword part of the keyword-value pair"; } leaf value { type string; description "Value part of the keyword-value pair"; } } // grouping macro-data-type grouping sec-object { description "Specify security-name"; uses apply-advanced; leaf security-name { type string { length "1 .. 32"; } description "Specify v3 security-name"; } leaf context { type string; description "Specify context name associated to this security-name"; } } // grouping sec-object grouping security-model-access { description "Security access configuration"; leaf name { type enumeration { enum "any" { value 0; description "Any security model"; } enum "usm" { value 1; description "User-based security model"; } enum "v1" { value 2; description "SNMPv1 model"; } enum "v2c" { value 3; description "SNMPv2c model"; } } description "SNMPv3 VACM security model"; } uses apply-advanced; list security-level { key "name"; ordered-by user; description "Security level access configuration"; leaf name { type enumeration { enum "none" { value 0; description "None (noAuthNoPriv)"; } enum "authentication" { value 1; description "Authentication (authNoPriv)"; } enum "privacy" { value 2; description "Privacy and authentication (authPriv)"; } } description "SNMPv3 VACM security level"; } uses apply-advanced; leaf context-match { type enumeration { enum "exact" { value 0; description "Exact match of prefix and context name"; } enum "prefix" { value 1; description "Only match the context prefix"; } } default "exact"; description "Type of match to perform on context-prefix"; } leaf read-view { type string { junos:posix-pattern "^.{0,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "View used for read access"; } leaf write-view { type string { junos:posix-pattern "^.{0,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "View used for write access"; } leaf notify-view { type string { junos:posix-pattern "^.{0,32}$"; junos:pattern-message "Must be a string of 32 characters or less"; } description "View used to notifications"; } } // list security-level } // grouping security-model-access grouping v3-user-config { description "SNMPv3 user configuration"; leaf name { type string { length "1 .. 32"; } description "User name"; } uses apply-advanced; choice authentication { container authentication-md5 { description "Configure MD5 authentication"; uses auth-object; } // container authentication-md5 container authentication-sha { description "Configure SHA authentication"; uses auth-object; } // container authentication-sha container authentication-sha224 { description "Configure SHA224 authentication"; uses auth-object; } // container authentication-sha224 container authentication-sha256 { description "Configure SHA256 authentication"; uses auth-object; } // container authentication-sha256 container authentication-sha384 { description "Configure SHA384 authentication"; uses auth-object; } // container authentication-sha384 container authentication-sha512 { description "Configure SHA512 authentication"; uses auth-object; } // container authentication-sha512 leaf authentication-none { type empty; description "Set no authentication for the user"; } } // choice authentication choice privacy { container privacy-des { description "Configure DES privacy"; uses priv-object; } // container privacy-des container privacy-3des { description "Configure Triple DES privacy"; uses priv-object; } // container privacy-3des container privacy-aes128 { description "Configure AES128 privacy"; uses priv-object; } // container privacy-aes128 leaf privacy-none { type empty; description "Set no privacy for the user"; } } // choice privacy } // grouping v3-user-config grouping auth-object { description "Authentication parameters"; uses apply-advanced; leaf authentication-password { type string { length "8 .. 1024"; } description "User's authentication password"; } leaf authentication-key { type jt:unreadable; description "Encrypted key used for user authentication"; } } // grouping auth-object grouping priv-object { description "Privacy parameters"; uses apply-advanced; leaf privacy-password { type string { length "8 .. 1024"; } description "User's privacy password"; } leaf privacy-key { type jt:unreadable; description "Encrypted key used for user privacy"; } } // grouping priv-object } // module junos-conf-snmp
© 2023 YumaWorks, Inc. All rights reserved.