The MSS feature is automatically enabled and monitors all IP interfaces, including WAN data interfaces, IPSEC tunnels, Ethernet LAN and WAN ports, VoIP engine interfaces, and Dialer and Serial PPP interfaces.
Procedure
Verify that the dynamic trap manager that automatically sets the IP address of the active MGC SNMP trap manager, is configured so that security notifications are sent to the active MGC.
By default, all types of notifications are enabled. You can enter show snmp to check which notification groups are configured to be sent to the active MGC. You can modify the dynamic trap manager configuration using the snmp-server dynamic-trap-manager command, setting the notification type to all or security.
If required, define additional notification recipients using the snmp-server group, snmp-server host, and snmp-server user commands, and activating the security notification filter.
For example:
//define an SNMP group:
Gxxx-001(super)# snmp-server group MSS_group v3 noauth read iso write iso
notify iso
Done!
//create a new snmp user belonging to the SNMP group:
Gxxx-001(super)# snmp-server user MSS MSS_group v3
Done!
//identify an SNMP trap recipient, activating the security notification
filter:
Gxxx-001(super)# snmp-server host 5.5.5.2 traps v3 noauth MSS security
Done!
//view the SNMP configuration
Gxxx-001(super)# show snmp
Authentication trap disabled
Community-Access Community-String
---------------- ----------------
read-only *****
read-write *****
SNMPv3 Notifications Status
-----------------------------
Traps: Enabled
Informs: Enabled Retries: 3 Timeout: 3 seconds
SNMP-Rec-Address Model Level Notification Trap/Inform User name
---------------- ----- ------- --------------- ----------- -------------------
5.5.5.2 v3 noauth all trap MSS
UDP port: 162
Use the set mss-notification rate command to modify the MSS reporting rate, if necessary.
The default is 300 seconds. The Branch Gateway counts events for each DoS class for the duration of the interval. At the end of each interval, if the count of each class of DoS events surpasses a defined threshold, the Branch Gateway generates an MSS notification, reporting on the event type, event parameters, and the number of occurrences. To display the current MSS reporting rate, use the show mss-notification rate command.
Ensure that INADS reporting is configured on the active MGC.
For information about configuring INADS reporting in CM, see Avaya Aura® Communication Manager documentation.
