• UDP 161
  • UDP 162 (traps & informs)
SNMP Version Description
1 Uses SMIv1, simple authentication with communities, but used MIB-I originally.
2 Uses SMIv2, removed requirement for communities, added GetBulk and Inform messages, but began with MIB-II originally.
2c Pseudo-release (RFC 1905) that allowed SNMPv1-style communities with SNMPv2; otherwise, equivalent to SNMPv2.
3 Mostly identical to SNMPv2, but adds significantly better security, although it supports communities for backward compatibility. Uses MIB-II. MD5/SHA + DES.




Remote Monitoring, or RMON, is an event-notification extension of the SNMP capability
on a Cisco router or switch. RMON enables you to configure thresholds for alerting
based on SNMP objects, so that you can monitor device performance and take appropriate
action to any deviations from the normal range of performance indications.
RMON is divided into two classes: alarms and events.

rmon event 1 log trap public description Fa0.0RisingErrors owner config
rmon event 2 log trap public description Fa0.0FallingErrors owner config
rmon event 3 log trap public description Se0.0RisingErrors owner config
rmon event 4 log trap public description Se0.0FallingErrors owner config
rmon alarm 11 ifInErrors.1 60 delta rising-threshold 10 1 falling-threshold 5 2 
owner config
rmon alarm 20 ifInErrors.2 60 absolute rising-threshold 20 3 falling-threshold 10 
owner config

show rmon alarm
show rmon event

Jun 9 12:54:14.787: %RMON-5-FALLINGTRAP: Falling trap is generated
because the value of ifInErrors.1 has fallen below the fallingthreshold
value 5
Jun 9 12:55:40.732: %RMON-5-FALLINGTRAP: Falling trap is generated
because the value of ifInErrors.2 has fallen below the fallingthreshold
value 10

Leave a Reply