Return to snmptrap.texi CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / doc

quagga

    1: @c Documentation on configuring Quagga and snmpd for SNMP traps
    2: @c contributed by Jeroen Simonetti, jsimonetti@denit.net
    3: 
    4: @node Handling SNMP Traps
    5: @section Handling SNMP Traps
    6: 
    7: To handle snmp traps make sure your snmp setup of quagga works
    8: correctly as described in the quagga documentation in @xref{SNMP Support}.
    9: 
   10: The BGP4 mib will send traps on peer up/down events. These should be
   11: visible in your snmp logs with a message similar to:
   12: 
   13: @samp{snmpd[13733]: Got trap from peer on fd 14}
   14: 
   15: To react on these traps they should be handled by a trapsink. Configure
   16: your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:
   17: 
   18: @example
   19:   # send traps to the snmptrapd on localhost
   20:   trapsink localhost
   21: @end example
   22: 
   23: This will send all traps to an snmptrapd running on localhost. You can
   24: of course also use a dedicated management station to catch traps.
   25: Configure the snmptrapd daemon by adding the following line to
   26: @file{/etc/snmpd/snmptrapd.conf}:
   27: 
   28: @c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net
   29: 
   30: @example
   31:   traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
   32: @end example
   33: 
   34: This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
   35: the BGP4 traps. To add traps for other protocol daemons, lookup their
   36: appropriate OID from their mib. (For additional information about which
   37: traps are supported by your mib, lookup the mib on
   38: @uref{http://www.oidview.com/mibs/detail.html}).
   39: 
   40: Make sure snmptrapd is started.
   41: 
   42: The snmptrap_handle.sh script I personally use for handling BGP4 traps
   43: is below. You can of course do all sorts of things when handling traps,
   44: like sound a siren, have your display flash, etc., be creative ;).
   45: 
   46: @verbatim
   47:   #!/bin/bash
   48: 
   49:   # routers name
   50:   ROUTER=`hostname -s`
   51: 
   52:   #email address use to sent out notification
   53:   EMAILADDR="john@doe.com"
   54:   #email address used (allongside above) where warnings should be sent
   55:   EMAILADDR_WARN="sms-john@doe.com"
   56: 
   57:   # type of notification
   58:   TYPE="Notice"
   59: 
   60:   # local snmp community for getting AS belonging to peer
   61:   COMMUNITY="<community>"
   62: 
   63:   # if a peer address is in $WARN_PEERS a warning should be sent
   64:   WARN_PEERS="192.0.2.1"
   65: 
   66: 
   67:   # get stdin
   68:   INPUT=`cat -`
   69: 
   70:   # get some vars from stdin
   71:   uptime=`echo $INPUT | cut -d' ' -f5`
   72:   peer=`echo $INPUT | cut -d' ' -f8 | sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
   73:   peerstate=`echo $INPUT | cut -d' ' -f13`
   74:   errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'`
   75:   suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'`
   76:   remoteas=`snmpget -v2c -c $COMMUNITY localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer | cut -d' ' -f4`
   77: 
   78:   WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | egrep '(as-name|descr)'`
   79:   asname=`echo "$WHOISINFO" | grep "^as-name:" | sed -e 's/^as-name://g' -e 's/  //g' -e 's/^ //g' | uniq`
   80:   asdescr=`echo "$WHOISINFO" | grep "^descr:" | sed -e 's/^descr://g' -e 's/  //g' -e 's/^ //g' | uniq`
   81: 
   82:   # if peer address is in $WARN_PEER, the email should also
   83:   # be sent to $EMAILADDR_WARN
   84:   for ip in $WARN_PEERS; do
   85:     if [ "x$ip" == "x$peer" ]; then
   86:       EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
   87:       TYPE="WARNING"
   88:       break
   89:     fi
   90:   done
   91:   
   92: 
   93:   # convert peer state
   94:   case "$peerstate" in
   95:     1) peerstate="Idle" ;;
   96:     2) peerstate="Connect" ;;
   97:     3) peerstate="Active" ;;
   98:     4) peerstate="Opensent" ;;
   99:     5) peerstate="Openconfirm" ;;
  100:     6) peerstate="Established" ;;
  101:     *) peerstate="Unknown" ;;
  102:   esac
  103: 
  104:   # get textual messages for errors
  105:   case "$errorcode" in
  106:     00)
  107:       error="No error"
  108:       suberror=""
  109:       ;;
  110:     01)
  111:       error="Message Header Error"
  112:       case "$suberrorcode" in
  113:         01) suberror="Connection Not Synchronized" ;;
  114:         02) suberror="Bad Message Length" ;;
  115:         03) suberror="Bad Message Type" ;;
  116:         *) suberror="Unknown" ;;
  117:       esac
  118:       ;;
  119:     02)    
  120:       error="OPEN Message Error"
  121:       case "$suberrorcode" in
  122:         01) suberror="Unsupported Version Number" ;;
  123:         02) suberror="Bad Peer AS" ;;
  124:         03) suberror="Bad BGP Identifier" ;;
  125:         04) suberror="Unsupported Optional Parameter" ;;
  126:         05) suberror="Authentication Failure" ;;
  127:         06) suberror="Unacceptable Hold Time" ;;
  128:         *) suberror="Unknown" ;;
  129:       esac
  130:       ;;
  131:     03)
  132:       error="UPDATE Message Error"
  133:       case "$suberrorcode" in
  134:         01) suberror="Malformed Attribute List" ;;
  135:         02) suberror="Unrecognized Well-known Attribute" ;;
  136:         03) suberror="Missing Well-known Attribute" ;;
  137:         04) suberror="Attribute Flags Error" ;;
  138:         05) suberror="Attribute Length Error" ;;
  139:         06) suberror="Invalid ORIGIN Attribute" ;;
  140:         07) suberror="AS Routing Loop" ;;
  141:         08) suberror="Invalid NEXT_HOP Attribute" ;;
  142:         09) suberror="Optional Attribute Error" ;;
  143:         10) suberror="Invalid Network Field" ;;
  144:         11) suberror="Malformed AS_PATH" ;;
  145:         *) suberror="Unknown" ;;
  146:       esac
  147:       ;;
  148:     04)
  149:       error="Hold Timer Expired"
  150:       suberror=""
  151:       ;;
  152:     05)
  153:       error="Finite State Machine Error"
  154:       suberror=""
  155:       ;;
  156:     06)
  157:       error="Cease"
  158:       case "$suberrorcode" in
  159:         01) suberror="Maximum Number of Prefixes Reached" ;;
  160:         02) suberror="Administratively Shutdown" ;;
  161:         03) suberror="Peer Unconfigured" ;;
  162:         04) suberror="Administratively Reset" ;;
  163:         05) suberror="Connection Rejected" ;;
  164:         06) suberror="Other Configuration Change" ;;
  165:         07) suberror="Connection collision resolution" ;;
  166:         08) suberror="Out of Resource" ;;
  167:         09) suberror="MAX" ;;
  168:         *) suberror="Unknown" ;;
  169:       esac
  170:       ;;
  171:     *)
  172:       error="Unknown"
  173:       suberror=""
  174:       ;;
  175:   esac
  176: 
  177:   # create textual message from errorcodes
  178:   if [ "x$suberror" == "x" ]; then
  179:     NOTIFY="$errorcode ($error)"
  180:   else
  181:     NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
  182:   fi
  183:  
  184: 
  185:   # form a decent subject
  186:   SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
  187:   # create the email body
  188:   MAIL=`cat << EOF
  189:   BGP notification on router $ROUTER.
  190:   
  191:   Peer: $peer
  192:   AS: $remoteas
  193:   New state: $peerstate
  194:   Notification: $NOTIFY
  195: 
  196:   Info:
  197:   $asname
  198:   $asdescr
  199:  
  200:   Snmpd uptime: $uptime
  201:   EOF`
  202: 
  203:   # mail the notification
  204:   echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR
  205: @end verbatim