Annotation of embedaddon/quagga/doc/snmptrap.texi, revision 1.1.1.1
1.1 misho 1: @c Documentation on configuring Quagga and snmpd for SNMP traps
2: @c contributed by Jeroen Simonetti, jsimonetti@denit.net
3:
4: @node Handling SNMP Traps
5: @section Handling SNMP Traps
6:
7: To handle snmp traps make sure your snmp setup of quagga works
8: correctly as described in the quagga documentation in @xref{SNMP Support}.
9:
10: The BGP4 mib will send traps on peer up/down events. These should be
11: visible in your snmp logs with a message similar to:
12:
13: @samp{snmpd[13733]: Got trap from peer on fd 14}
14:
15: To react on these traps they should be handled by a trapsink. Configure
16: your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:
17:
18: @example
19: # send traps to the snmptrapd on localhost
20: trapsink localhost
21: @end example
22:
23: This will send all traps to an snmptrapd running on localhost. You can
24: of course also use a dedicated management station to catch traps.
25: Configure the snmptrapd daemon by adding the following line to
26: @file{/etc/snmpd/snmptrapd.conf}:
27:
28: @c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net
29:
30: @example
31: traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
32: @end example
33:
34: This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
35: the BGP4 traps. To add traps for other protocol daemons, lookup their
36: appropriate OID from their mib. (For additional information about which
37: traps are supported by your mib, lookup the mib on
38: @uref{http://www.oidview.com/mibs/detail.html}).
39:
40: Make sure snmptrapd is started.
41:
42: The snmptrap_handle.sh script I personally use for handling BGP4 traps
43: is below. You can of course do all sorts of things when handling traps,
44: like sound a siren, have your display flash, etc., be creative ;).
45:
46: @verbatim
47: #!/bin/bash
48:
49: # routers name
50: ROUTER=`hostname -s`
51:
52: #email address use to sent out notification
53: EMAILADDR="john@doe.com"
54: #email address used (allongside above) where warnings should be sent
55: EMAILADDR_WARN="sms-john@doe.com"
56:
57: # type of notification
58: TYPE="Notice"
59:
60: # local snmp community for getting AS belonging to peer
61: COMMUNITY="<community>"
62:
63: # if a peer address is in $WARN_PEERS a warning should be sent
64: WARN_PEERS="192.0.2.1"
65:
66:
67: # get stdin
68: INPUT=`cat -`
69:
70: # get some vars from stdin
71: uptime=`echo $INPUT | cut -d' ' -f5`
72: peer=`echo $INPUT | cut -d' ' -f8 | sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
73: peerstate=`echo $INPUT | cut -d' ' -f13`
74: errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'`
75: suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'`
76: remoteas=`snmpget -v2c -c $COMMUNITY localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer | cut -d' ' -f4`
77:
78: WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | egrep '(as-name|descr)'`
79: asname=`echo "$WHOISINFO" | grep "^as-name:" | sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' | uniq`
80: asdescr=`echo "$WHOISINFO" | grep "^descr:" | sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' | uniq`
81:
82: # if peer address is in $WARN_PEER, the email should also
83: # be sent to $EMAILADDR_WARN
84: for ip in $WARN_PEERS; do
85: if [ "x$ip" == "x$peer" ]; then
86: EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
87: TYPE="WARNING"
88: break
89: fi
90: done
91:
92:
93: # convert peer state
94: case "$peerstate" in
95: 1) peerstate="Idle" ;;
96: 2) peerstate="Connect" ;;
97: 3) peerstate="Active" ;;
98: 4) peerstate="Opensent" ;;
99: 5) peerstate="Openconfirm" ;;
100: 6) peerstate="Established" ;;
101: *) peerstate="Unknown" ;;
102: esac
103:
104: # get textual messages for errors
105: case "$errorcode" in
106: 00)
107: error="No error"
108: suberror=""
109: ;;
110: 01)
111: error="Message Header Error"
112: case "$suberrorcode" in
113: 01) suberror="Connection Not Synchronized" ;;
114: 02) suberror="Bad Message Length" ;;
115: 03) suberror="Bad Message Type" ;;
116: *) suberror="Unknown" ;;
117: esac
118: ;;
119: 02)
120: error="OPEN Message Error"
121: case "$suberrorcode" in
122: 01) suberror="Unsupported Version Number" ;;
123: 02) suberror="Bad Peer AS" ;;
124: 03) suberror="Bad BGP Identifier" ;;
125: 04) suberror="Unsupported Optional Parameter" ;;
126: 05) suberror="Authentication Failure" ;;
127: 06) suberror="Unacceptable Hold Time" ;;
128: *) suberror="Unknown" ;;
129: esac
130: ;;
131: 03)
132: error="UPDATE Message Error"
133: case "$suberrorcode" in
134: 01) suberror="Malformed Attribute List" ;;
135: 02) suberror="Unrecognized Well-known Attribute" ;;
136: 03) suberror="Missing Well-known Attribute" ;;
137: 04) suberror="Attribute Flags Error" ;;
138: 05) suberror="Attribute Length Error" ;;
139: 06) suberror="Invalid ORIGIN Attribute" ;;
140: 07) suberror="AS Routing Loop" ;;
141: 08) suberror="Invalid NEXT_HOP Attribute" ;;
142: 09) suberror="Optional Attribute Error" ;;
143: 10) suberror="Invalid Network Field" ;;
144: 11) suberror="Malformed AS_PATH" ;;
145: *) suberror="Unknown" ;;
146: esac
147: ;;
148: 04)
149: error="Hold Timer Expired"
150: suberror=""
151: ;;
152: 05)
153: error="Finite State Machine Error"
154: suberror=""
155: ;;
156: 06)
157: error="Cease"
158: case "$suberrorcode" in
159: 01) suberror="Maximum Number of Prefixes Reached" ;;
160: 02) suberror="Administratively Shutdown" ;;
161: 03) suberror="Peer Unconfigured" ;;
162: 04) suberror="Administratively Reset" ;;
163: 05) suberror="Connection Rejected" ;;
164: 06) suberror="Other Configuration Change" ;;
165: 07) suberror="Connection collision resolution" ;;
166: 08) suberror="Out of Resource" ;;
167: 09) suberror="MAX" ;;
168: *) suberror="Unknown" ;;
169: esac
170: ;;
171: *)
172: error="Unknown"
173: suberror=""
174: ;;
175: esac
176:
177: # create textual message from errorcodes
178: if [ "x$suberror" == "x" ]; then
179: NOTIFY="$errorcode ($error)"
180: else
181: NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
182: fi
183:
184:
185: # form a decent subject
186: SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
187: # create the email body
188: MAIL=`cat << EOF
189: BGP notification on router $ROUTER.
190:
191: Peer: $peer
192: AS: $remoteas
193: New state: $peerstate
194: Notification: $NOTIFY
195:
196: Info:
197: $asname
198: $asdescr
199:
200: Snmpd uptime: $uptime
201: EOF`
202:
203: # mail the notification
204: echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR
205: @end verbatim
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>