cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11133
Views
15
Helpful
5
Replies

SNMP monitoring for APIC

tobiasdreyer
Level 1
Level 1

Hi all,

I'm trying to implement SNMP monitoring to ACI. I found this guide:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/mib/guide/b_Cisco_ACI_MIB_Quick_Reference/b_Cisco_ACI_MIB_Quick_Reference_chapter_01.html

After finishing the configuration, the N9K were reachable via SNMP, but the APICs not. I used the OOB-Interface IPs. Are there any additional configurations I have to do?

BTW: Does anyone know the System OID from an APIC (APIC-SERVER-L2).

Best regards,

Tobias

5 Replies 5

Ray.Tinney1
Level 1
Level 1

Hey mate,

good idea to check your ACLs which you are using.  I'm using version 3.1 (2m), but it'd be pretty similar in your version.

 

There are 2 sections to configure your ACLs for this in;

1. Under the Fabric / Fabric Policies tab you'll find the path in the left folder explorer Pod Policies / Policies / SNMP / <your SNMP Policy Name>.  In the window that appears as 'Client Group Policies' make sure to add the subnets which you will be using to poll (and the management path over which it'll be generated [Inband / OOB]).

2. Navigate to the Tenants / mgmt tab and from the left folder explorer select your applied management contract (under Contracts / Out-of-Band Contracts in my version) and check the filters which you have applied to permit UDP 161 (or whatever port you've chosen to use as your SNMP polling source) with the consuming subnets.  Finally, just make sure that this contract is correctly applied to your management VRF (it should be by default).

Hi,

 

I have the same problem.

SNMP to the 9ks works, to the APIC it doesn't.

 

I've followed all the instructions in this document (twice!):

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/mib/guide/b_Cisco_ACI_MIB_Quick_Reference/b_Cisco_ACI_MIB_Quick_Reference_chapter_01.html

 

i've allocated the APIC a static management address, and explicitly allowed UDP in the oob contract.

 

SNMP requests to the APIC just time out, no response.

What am i missing?

A couple other things to double check -

1) The External Management Network Instance Profile includes the subnet you're attempting to source your SNMP polling from and it is consuming the OOB contract you've set to permit SNMP (Along with the other necessary filters).
2) The Out-of-band EPG under Node Management EPGs is providing the contract above.
3) Validate you have entries for the devices you're trying to poll the APICs with under Fabric > Global Policies > SNMP Policy (default if a non-default isn't in use) > SNMP Client Group Policy

Ray.Tinney1
Level 1
Level 1

Also,

All SNMP MIBs for the APIC and the N9ks are available from:
https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/mib/list/mib-support.html

 

Mykola Bocharov
Level 1
Level 1

SysObjectID for L2 and M2 is the same - 1.3.6.1.4.1.9.1.2238. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: