| paul | a3957e3 | 2005-11-04 12:48:25 +0000 | [diff] [blame] | 1 | @node Handling SNMP Traps |
| 2 | @section Handling SNMP Traps |
| 3 | |
| 4 | To handle snmp traps make sure your snmp setup of quagga works |
| 5 | correctly as described in the quagga documentation in @xref{SNMP Support}. |
| 6 | |
| 7 | The BGP4 mib will send traps on peer up/down events. These should be |
| 8 | visible in your snmp logs with a message similar to: |
| 9 | |
| 10 | @samp{snmpd[13733]: Got trap from peer on fd 14} |
| 11 | |
| 12 | To react on these traps they should be handled by a trapsink. Configure |
| 13 | your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}: |
| 14 | |
| 15 | @example |
| 16 | # send traps to the snmptrapd on localhost |
| 17 | trapsink localhost |
| 18 | @end example |
| 19 | |
| 20 | This will send all traps to an snmptrapd running on localhost. You can |
| 21 | of course also use a dedicated management station to catch traps. |
| 22 | Configure the snmptrapd daemon by adding the following line to |
| 23 | @file{/etc/snmpd/snmptrapd.conf}: |
| 24 | |
| 25 | @example |
| 26 | traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh |
| 27 | @end example |
| 28 | |
| 29 | This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle |
| 30 | the BGP4 traps. To add traps for other protocol daemons, lookup their |
| 31 | appropriate OID from their mib. (For additional information about which |
| 32 | traps are supported by your mib, lookup the mib on |
| 33 | @uref{http://www.oidview.com/mibs/detail.html}). |
| 34 | |
| 35 | Make sure snmptrapd is started. |
| 36 | |
| 37 | The snmptrap_handle.sh script I personally use for handling BGP4 traps |
| 38 | is below. You can of course do all sorts of things when handling traps, |
| 39 | like sound a siren, have your display flash, etc., be creative ;). |
| 40 | |
| 41 | @verbatim |
| 42 | #!/bin/bash |
| 43 | |
| 44 | # routers name |
| 45 | ROUTER=`hostname -s` |
| 46 | |
| 47 | #email address use to sent out notification |
| 48 | EMAILADDR="john@doe.com" |
| 49 | #email address used (allongside above) where warnings should be sent |
| 50 | EMAILADDR_WARN="sms-john@doe.com" |
| 51 | |
| 52 | # type of notification |
| 53 | TYPE="Notice" |
| 54 | |
| 55 | # local snmp community for getting AS belonging to peer |
| 56 | COMMUNITY="<community>" |
| 57 | |
| 58 | # if a peer address is in $WARN_PEERS a warning should be sent |
| 59 | WARN_PEERS="192.0.2.1" |
| 60 | |
| 61 | |
| 62 | # get stdin |
| 63 | INPUT=`cat -` |
| 64 | |
| 65 | # get some vars from stdin |
| 66 | uptime=`echo $INPUT | cut -d' ' -f5` |
| 67 | peer=`echo $INPUT | cut -d' ' -f8 | sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'` |
| 68 | peerstate=`echo $INPUT | cut -d' ' -f13` |
| 69 | errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'` |
| 70 | suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'` |
| 71 | remoteas=`snmpget -v2c -c $COMMUNITY localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer | cut -d' ' -f4` |
| 72 | |
| 73 | WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | egrep '(as-name|descr)'` |
| 74 | asname=`echo "$WHOISINFO" | grep "^as-name:" | sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' | uniq` |
| 75 | asdescr=`echo "$WHOISINFO" | grep "^descr:" | sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' | uniq` |
| 76 | |
| 77 | # if peer address is in $WARN_PEER, the email should also |
| 78 | # be sent to $EMAILADDR_WARN |
| 79 | for ip in $WARN_PEERS; do |
| 80 | if [ "x$ip" == "x$peer" ]; then |
| 81 | EMAILADDR="$EMAILADDR,$EMAILADDR_WARN" |
| 82 | TYPE="WARNING" |
| 83 | break |
| 84 | fi |
| 85 | done |
| 86 | |
| 87 | |
| 88 | # convert peer state |
| 89 | case "$peerstate" in |
| 90 | 1) peerstate="Idle" ;; |
| 91 | 2) peerstate="Connect" ;; |
| 92 | 3) peerstate="Active" ;; |
| 93 | 4) peerstate="Opensent" ;; |
| 94 | 5) peerstate="Openconfirm" ;; |
| 95 | 6) peerstate="Established" ;; |
| 96 | *) peerstate="Unknown" ;; |
| 97 | esac |
| 98 | |
| 99 | # get textual messages for errors |
| 100 | case "$errorcode" in |
| 101 | 00) |
| 102 | error="No error" |
| 103 | suberror="" |
| 104 | ;; |
| 105 | 01) |
| 106 | error="Message Header Error" |
| 107 | case "$suberrorcode" in |
| 108 | 01) suberror="Connection Not Synchronized" ;; |
| 109 | 02) suberror="Bad Message Length" ;; |
| 110 | 03) suberror="Bad Message Type" ;; |
| 111 | *) suberror="Unknown" ;; |
| 112 | esac |
| 113 | ;; |
| 114 | 02) |
| 115 | error="OPEN Message Error" |
| 116 | case "$suberrorcode" in |
| 117 | 01) suberror="Unsupported Version Number" ;; |
| 118 | 02) suberror="Bad Peer AS" ;; |
| 119 | 03) suberror="Bad BGP Identifier" ;; |
| 120 | 04) suberror="Unsupported Optional Parameter" ;; |
| 121 | 05) suberror="Authentication Failure" ;; |
| 122 | 06) suberror="Unacceptable Hold Time" ;; |
| 123 | *) suberror="Unknown" ;; |
| 124 | esac |
| 125 | ;; |
| 126 | 03) |
| 127 | error="UPDATE Message Error" |
| 128 | case "$suberrorcode" in |
| 129 | 01) suberror="Malformed Attribute List" ;; |
| 130 | 02) suberror="Unrecognized Well-known Attribute" ;; |
| 131 | 03) suberror="Missing Well-known Attribute" ;; |
| 132 | 04) suberror="Attribute Flags Error" ;; |
| 133 | 05) suberror="Attribute Length Error" ;; |
| 134 | 06) suberror="Invalid ORIGIN Attribute" ;; |
| 135 | 07) suberror="AS Routing Loop" ;; |
| 136 | 08) suberror="Invalid NEXT_HOP Attribute" ;; |
| 137 | 09) suberror="Optional Attribute Error" ;; |
| 138 | 10) suberror="Invalid Network Field" ;; |
| 139 | 11) suberror="Malformed AS_PATH" ;; |
| 140 | *) suberror="Unknown" ;; |
| 141 | esac |
| 142 | ;; |
| 143 | 04) |
| 144 | error="Hold Timer Expired" |
| 145 | suberror="" |
| 146 | ;; |
| 147 | 05) |
| 148 | error="Finite State Machine Error" |
| 149 | suberror="" |
| 150 | ;; |
| 151 | 06) |
| 152 | error="Cease" |
| 153 | case "$suberrorcode" in |
| 154 | 01) suberror="Maximum Number of Prefixes Reached" ;; |
| 155 | 02) suberror="Administratively Shutdown" ;; |
| 156 | 03) suberror="Peer Unconfigured" ;; |
| 157 | 04) suberror="Administratively Reset" ;; |
| 158 | 05) suberror="Connection Rejected" ;; |
| 159 | 06) suberror="Other Configuration Change" ;; |
| 160 | 07) suberror="Connection collision resolution" ;; |
| 161 | 08) suberror="Out of Resource" ;; |
| 162 | 09) suberror="MAX" ;; |
| 163 | *) suberror="Unknown" ;; |
| 164 | esac |
| 165 | ;; |
| 166 | *) |
| 167 | error="Unknown" |
| 168 | suberror="" |
| 169 | ;; |
| 170 | esac |
| 171 | |
| 172 | # create textual message from errorcodes |
| 173 | if [ "x$suberror" == "x" ]; then |
| 174 | NOTIFY="$errorcode ($error)" |
| 175 | else |
| 176 | NOTIFY="$errorcode/$suberrorcode ($error/$suberror)" |
| 177 | fi |
| 178 | |
| 179 | |
| 180 | # form a decent subject |
| 181 | SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY" |
| 182 | # create the email body |
| 183 | MAIL=`cat << EOF |
| 184 | BGP notification on router $ROUTER. |
| 185 | |
| 186 | Peer: $peer |
| 187 | AS: $remoteas |
| 188 | New state: $peerstate |
| 189 | Notification: $NOTIFY |
| 190 | |
| 191 | Info: |
| 192 | $asname |
| 193 | $asdescr |
| 194 | |
| 195 | Snmpd uptime: $uptime |
| 196 | EOF` |
| 197 | |
| 198 | # mail the notification |
| 199 | echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR |
| 200 | @end verbatim |
| 201 | |
| 202 | @comment contributed by unknown contributer, please contact maintainers |
| 203 | @comment for credit / attribution. |