Disabling OSNMPD address spaces: any problem on NetMaster for TCP/IP side?

book

Article ID: 198019

calendar_today

Updated On:

Products

CA NetMaster Network Management for TCP/IP CA SOLVE

Issue/Introduction

Currently, OSNMPD address spaces are running on all LPARs. Is there any problem on Netmaster side if these Address Spaces will be no longer started for security reasons?

Environment

Release : 12.2

Component : CA NetMaster Network Management for TCP/IP

Resolution

Many years ago (releases ago) that would have been a problem, but over the years NetMaster reliance on SNMP has been removed so it's seldom required now.

For the stack, NetMaster for TCP/IP is now using other interfaces to get the same data, using NMIFR to get most of the data that in the past it had to use SNMP. It also uses NetStat for some things as well. In summary, for the STACK resource, under r12.2 there's really nothing missing except if SNMP is used to read MIBs.

For the OSA resources, all depends on what type of monitoring that you are doing.  
NetMaster allows for monitoring of OSA via 3 different mechanisms, each has their own attributes:

  • RMF - This is the most basic and works out of the box
  • OSA/SF -  Requires OSA/SF
  • SNMP - Requires SNMP Agent support.

As seen in the IBM doc (see below), it appears that even the OSA/SF mechanism requires the SNMP AGENT, so, it appears that both SACONFIG and OSAENABLED are required.

OSAENABLED

Indicates that OSA Management support is required at this TCP/IP instance. For optimal performance, specify OSAENABLED only at the TCP/IP instance from which Management support is needed. By default, OSA data retrieval is not enabled.

The SNMP subagent must be enabled, as it provides support for retrieval of SNMP management data about OSA devices and links. Therefore, do not specify the DISABLED parameter for this TCP/IP instance.

To retrieve the data, there must also be at least one TCP/IP instance active for which the OSASF parameter and its port number have been specified in the SACONFIG statement.

OSASF osasf_port_number

A value between 0 and 65535. There is no default. A value in the range 1 - 65535 indicates a port number and marks the corresponding TCP/IP instance as a candidate to communicate with OSA/SF to retrieve SNMP OSA management data. A value of 0 indicates that the corresponding TCP/IP instance is no longer a candidate to communicate with OSA/SF, in the event that the OSA/SF-to-TCP/IP connection is restarted.

Guideline: When multiple TCP/IP instances specify that OSA management data retrieval is wanted, it is suggested that all be configured with the same OSASF parameter. Only one TCP/IP instance connects directly to OSA/SF. Other instances connect to OSA/SF using this primary TCP/IP instance.

If you just want to monitor RMF attributes only, you could remove OSA/SF and SNMP from the picture. 

Additional Information

SACONFIG statement