11-09-2023 06:55 PM
Hello,
Can someone explain to me what's the difference between SNMPv3 "view" and "context"?
Thanks,
Riad.
Solved! Go to Solution.
11-10-2023 01:51 AM
Hello @riad1990new,
In SNMPv3, a "view" refers to a subset of the managed objects within the SNMP MIB that an SNMP entity can access or manipulate. Views are defined to control the level of access that a particular SNMP user has to specific portions of the MIB tree. They are associated with SNMP security models and are used to enforce access control policies. They help define which parts of the MIB a user or a community is allowed to retrieve or modify.
On the other hand, a "context" in SNMPv3 refers to a domain or a specific instance of a managed entity on a device. SNMPv3 introduced the concept of contexts to allow for the monitoring of multiple instances of the same SNMP object on a device without ambiguity. SNMP contexts are particularly useful in scenarios where a single SNMP agent manages multiple virtual routing or VRFs on a device, and each VRF has its own set of SNMP information. Contexts help distinguish between these different instances.
https://datatracker.ietf.org/doc/html/rfc3411#section-3.3.1
11-10-2023 01:18 AM
Hello
I have never had to use contexts for snmpv3 however my understanding they are used for secure placement of specific snmp mibs within a vpn, basically separating snmp traffic and access to snmp objects within each separate vpn.
SNMPv3 views are created to allow access to certain snmp objects , used in conjunction with v3 groups and access-lists you can allow snmp hosts/users specific privilege access to these views.
11-10-2023 01:51 AM
Hello @riad1990new,
In SNMPv3, a "view" refers to a subset of the managed objects within the SNMP MIB that an SNMP entity can access or manipulate. Views are defined to control the level of access that a particular SNMP user has to specific portions of the MIB tree. They are associated with SNMP security models and are used to enforce access control policies. They help define which parts of the MIB a user or a community is allowed to retrieve or modify.
On the other hand, a "context" in SNMPv3 refers to a domain or a specific instance of a managed entity on a device. SNMPv3 introduced the concept of contexts to allow for the monitoring of multiple instances of the same SNMP object on a device without ambiguity. SNMP contexts are particularly useful in scenarios where a single SNMP agent manages multiple virtual routing or VRFs on a device, and each VRF has its own set of SNMP information. Contexts help distinguish between these different instances.
https://datatracker.ietf.org/doc/html/rfc3411#section-3.3.1
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide