Configuring multiple SNMP server context to VRF mapping

A single SNMP agent can be supported by multiple instances of the same MIB module by mapping the context name to a virtual routing and forwarding (VRF) instance created within the switch. Each VRF is mapped with a specific key called context name. The context name is used to identify the VRF and fetch the MIB details of the mapped VRF from the underlying modules. For example, the OSPF-MIB by default returns the queried OSPF-MIB object values pertaining to the default VRF (default-vrf). The user input will vary for different SNMP versions. In case of snmp v1 and v2c, we have to map the context with the community by using the command "snmp-server mib community-map". The SNMP agent supports 256 contexts to support context-to-VRF mapping.

The mapping of the community to context and context to VRF is given in the following examples.

  1. Create a community “public” with Groupname “admin”.
    • Enter the congifure command.
      switch(config)# snmp-server community public groupname admin
  2. Create a context and map with VRF. The VRF can be default-vrf or user defined vrf.
    • Enter the congifure command.
    • Enter the snmp-server context context_name vrf vrf-name command.
    switch(config)# snmp-server context mycontext vrf myvrf
  3. Map the community to context.
    • Enter the congifure command.
      switch(config)# snmp-server mib community-map public context mycontext

    In the above example, the community "public" is mapped with the context "mycontext" and the context in turn mapped with the "myvrf". To fetch the OSPF MIB-objects values belonging to the "myvrf", use community public for snmpv1 and v2c query.

    Perform the following steps to set the SNMP server context, using the snmp-server context command and to map the context name in a SNMPv3 packet's protocol data unit (PDU) to the name of a VPN routing and forwarding (VRF) instance. The context-to-VRF mapping is one-to-one and is applicable to all SNMP versions. Only one context is allowed per VRF instance. For SNMPv3, it is enough to map the context with VRF. The snmpv3 request PDU itself will have the provision for context name as input.

  4. Create an user “snmpuser1” with group name “admin”.
    • Enter the congifure command.
      switch(config)# snmp-server user snmpuser1 auth md5 auth-password 123456789 priv DES priv-password 123456789 groupname admin
  5. Map the context mycontext with myvrf.
    • Enter the congifure command.
    • Enter the snmp-server context context_name vrf vrf-name command.
      switch(config)# switch(config)# snmp-server context mycontext vrf myvrf
    Perform snmpv3 query with user and context name with the corresponding credentials. For group name information, refer to Configuring SNMP server groups.