Annotation of embedaddon/quagga/doc/snmptrap.texi, revision 1.1
1.1 ! misho 1: @c Documentation on configuring Quagga and snmpd for SNMP traps
! 2: @c contributed by Jeroen Simonetti, jsimonetti@denit.net
! 3:
! 4: @node Handling SNMP Traps
! 5: @section Handling SNMP Traps
! 6:
! 7: To handle snmp traps make sure your snmp setup of quagga works
! 8: correctly as described in the quagga documentation in @xref{SNMP Support}.
! 9:
! 10: The BGP4 mib will send traps on peer up/down events. These should be
! 11: visible in your snmp logs with a message similar to:
! 12:
! 13: @samp{snmpd[13733]: Got trap from peer on fd 14}
! 14:
! 15: To react on these traps they should be handled by a trapsink. Configure
! 16: your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:
! 17:
! 18: @example
! 19: # send traps to the snmptrapd on localhost
! 20: trapsink localhost
! 21: @end example
! 22:
! 23: This will send all traps to an snmptrapd running on localhost. You can
! 24: of course also use a dedicated management station to catch traps.
! 25: Configure the snmptrapd daemon by adding the following line to
! 26: @file{/etc/snmpd/snmptrapd.conf}:
! 27:
! 28: @c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net
! 29:
! 30: @example
! 31: traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
! 32: @end example
! 33:
! 34: This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
! 35: the BGP4 traps. To add traps for other protocol daemons, lookup their
! 36: appropriate OID from their mib. (For additional information about which
! 37: traps are supported by your mib, lookup the mib on
! 38: @uref{http://www.oidview.com/mibs/detail.html}).
! 39:
! 40: Make sure snmptrapd is started.
! 41:
! 42: The snmptrap_handle.sh script I personally use for handling BGP4 traps
! 43: is below. You can of course do all sorts of things when handling traps,
! 44: like sound a siren, have your display flash, etc., be creative ;).
! 45:
! 46: @verbatim
! 47: #!/bin/bash
! 48:
! 49: # routers name
! 50: ROUTER=`hostname -s`
! 51:
! 52: #email address use to sent out notification
! 53: EMAILADDR="john@doe.com"
! 54: #email address used (allongside above) where warnings should be sent
! 55: EMAILADDR_WARN="sms-john@doe.com"
! 56:
! 57: # type of notification
! 58: TYPE="Notice"
! 59:
! 60: # local snmp community for getting AS belonging to peer
! 61: COMMUNITY="<community>"
! 62:
! 63: # if a peer address is in $WARN_PEERS a warning should be sent
! 64: WARN_PEERS="192.0.2.1"
! 65:
! 66:
! 67: # get stdin
! 68: INPUT=`cat -`
! 69:
! 70: # get some vars from stdin
! 71: uptime=`echo $INPUT | cut -d' ' -f5`
! 72: peer=`echo $INPUT | cut -d' ' -f8 | sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
! 73: peerstate=`echo $INPUT | cut -d' ' -f13`
! 74: errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'`
! 75: suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'`
! 76: remoteas=`snmpget -v2c -c $COMMUNITY localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer | cut -d' ' -f4`
! 77:
! 78: WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | egrep '(as-name|descr)'`
! 79: asname=`echo "$WHOISINFO" | grep "^as-name:" | sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' | uniq`
! 80: asdescr=`echo "$WHOISINFO" | grep "^descr:" | sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' | uniq`
! 81:
! 82: # if peer address is in $WARN_PEER, the email should also
! 83: # be sent to $EMAILADDR_WARN
! 84: for ip in $WARN_PEERS; do
! 85: if [ "x$ip" == "x$peer" ]; then
! 86: EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
! 87: TYPE="WARNING"
! 88: break
! 89: fi
! 90: done
! 91:
! 92:
! 93: # convert peer state
! 94: case "$peerstate" in
! 95: 1) peerstate="Idle" ;;
! 96: 2) peerstate="Connect" ;;
! 97: 3) peerstate="Active" ;;
! 98: 4) peerstate="Opensent" ;;
! 99: 5) peerstate="Openconfirm" ;;
! 100: 6) peerstate="Established" ;;
! 101: *) peerstate="Unknown" ;;
! 102: esac
! 103:
! 104: # get textual messages for errors
! 105: case "$errorcode" in
! 106: 00)
! 107: error="No error"
! 108: suberror=""
! 109: ;;
! 110: 01)
! 111: error="Message Header Error"
! 112: case "$suberrorcode" in
! 113: 01) suberror="Connection Not Synchronized" ;;
! 114: 02) suberror="Bad Message Length" ;;
! 115: 03) suberror="Bad Message Type" ;;
! 116: *) suberror="Unknown" ;;
! 117: esac
! 118: ;;
! 119: 02)
! 120: error="OPEN Message Error"
! 121: case "$suberrorcode" in
! 122: 01) suberror="Unsupported Version Number" ;;
! 123: 02) suberror="Bad Peer AS" ;;
! 124: 03) suberror="Bad BGP Identifier" ;;
! 125: 04) suberror="Unsupported Optional Parameter" ;;
! 126: 05) suberror="Authentication Failure" ;;
! 127: 06) suberror="Unacceptable Hold Time" ;;
! 128: *) suberror="Unknown" ;;
! 129: esac
! 130: ;;
! 131: 03)
! 132: error="UPDATE Message Error"
! 133: case "$suberrorcode" in
! 134: 01) suberror="Malformed Attribute List" ;;
! 135: 02) suberror="Unrecognized Well-known Attribute" ;;
! 136: 03) suberror="Missing Well-known Attribute" ;;
! 137: 04) suberror="Attribute Flags Error" ;;
! 138: 05) suberror="Attribute Length Error" ;;
! 139: 06) suberror="Invalid ORIGIN Attribute" ;;
! 140: 07) suberror="AS Routing Loop" ;;
! 141: 08) suberror="Invalid NEXT_HOP Attribute" ;;
! 142: 09) suberror="Optional Attribute Error" ;;
! 143: 10) suberror="Invalid Network Field" ;;
! 144: 11) suberror="Malformed AS_PATH" ;;
! 145: *) suberror="Unknown" ;;
! 146: esac
! 147: ;;
! 148: 04)
! 149: error="Hold Timer Expired"
! 150: suberror=""
! 151: ;;
! 152: 05)
! 153: error="Finite State Machine Error"
! 154: suberror=""
! 155: ;;
! 156: 06)
! 157: error="Cease"
! 158: case "$suberrorcode" in
! 159: 01) suberror="Maximum Number of Prefixes Reached" ;;
! 160: 02) suberror="Administratively Shutdown" ;;
! 161: 03) suberror="Peer Unconfigured" ;;
! 162: 04) suberror="Administratively Reset" ;;
! 163: 05) suberror="Connection Rejected" ;;
! 164: 06) suberror="Other Configuration Change" ;;
! 165: 07) suberror="Connection collision resolution" ;;
! 166: 08) suberror="Out of Resource" ;;
! 167: 09) suberror="MAX" ;;
! 168: *) suberror="Unknown" ;;
! 169: esac
! 170: ;;
! 171: *)
! 172: error="Unknown"
! 173: suberror=""
! 174: ;;
! 175: esac
! 176:
! 177: # create textual message from errorcodes
! 178: if [ "x$suberror" == "x" ]; then
! 179: NOTIFY="$errorcode ($error)"
! 180: else
! 181: NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
! 182: fi
! 183:
! 184:
! 185: # form a decent subject
! 186: SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
! 187: # create the email body
! 188: MAIL=`cat << EOF
! 189: BGP notification on router $ROUTER.
! 190:
! 191: Peer: $peer
! 192: AS: $remoteas
! 193: New state: $peerstate
! 194: Notification: $NOTIFY
! 195:
! 196: Info:
! 197: $asname
! 198: $asdescr
! 199:
! 200: Snmpd uptime: $uptime
! 201: EOF`
! 202:
! 203: # mail the notification
! 204: echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR
! 205: @end verbatim
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to snmptrap.texi CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / doc