Blame - doc/snmptrap.texi - quagga

blob: 6c67288d706c8d72c3ed650cd669c374a1837f8a [file] [log] [blame]

Paul Jakma	4528ffa	2006-02-19 07:16:25 +0000	[diff] [blame]	1	@c Documentation on configuring Quagga and snmpd for SNMP traps
				2	@c contributed by Jeroen Simonetti, jsimonetti@denit.net
				3
paul	a3957e3	2005-11-04 12:48:25 +0000	[diff] [blame]	4	@node Handling SNMP Traps
				5	@section Handling SNMP Traps
				6
				7	To handle snmp traps make sure your snmp setup of quagga works
				8	correctly as described in the quagga documentation in @xref{SNMP Support}.
				9
				10	The BGP4 mib will send traps on peer up/down events. These should be
				11	visible in your snmp logs with a message similar to:
				12
				13	@samp{snmpd[13733]: Got trap from peer on fd 14}
				14
				15	To react on these traps they should be handled by a trapsink. Configure
				16	your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:
				17
				18	@example
				19	# send traps to the snmptrapd on localhost
				20	trapsink localhost
				21	@end example
				22
				23	This will send all traps to an snmptrapd running on localhost. You can
				24	of course also use a dedicated management station to catch traps.
				25	Configure the snmptrapd daemon by adding the following line to
				26	@file{/etc/snmpd/snmptrapd.conf}:
				27
Paul Jakma	4528ffa	2006-02-19 07:16:25 +0000	[diff] [blame]	28	@c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net
				29
paul	a3957e3	2005-11-04 12:48:25 +0000	[diff] [blame]	30	@example
				31	traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
				32	@end example
				33
				34	This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
				35	the BGP4 traps. To add traps for other protocol daemons, lookup their
				36	appropriate OID from their mib. (For additional information about which
				37	traps are supported by your mib, lookup the mib on
				38	@uref{http://www.oidview.com/mibs/detail.html}).
				39
				40	Make sure snmptrapd is started.
				41
				42	The snmptrap_handle.sh script I personally use for handling BGP4 traps
				43	is below. You can of course do all sorts of things when handling traps,
				44	like sound a siren, have your display flash, etc., be creative ;).
				45
				46	@verbatim
				47	#!/bin/bash
				48
				49	# routers name
				50	ROUTER=`hostname -s`
				51
				52	#email address use to sent out notification
				53	EMAILADDR="john@doe.com"
				54	#email address used (allongside above) where warnings should be sent
				55	EMAILADDR_WARN="sms-john@doe.com"
				56
				57	# type of notification
				58	TYPE="Notice"
				59
				60	# local snmp community for getting AS belonging to peer
				61	COMMUNITY="<community>"
				62
				63	# if a peer address is in $WARN_PEERS a warning should be sent
				64	WARN_PEERS="192.0.2.1"
				65
				66
				67	# get stdin
				68	INPUT=`cat -`
				69
				70	# get some vars from stdin
				71	uptime=`echo $INPUT \| cut -d' ' -f5`
Paul Jakma	1bfd655	2017-03-08 23:31:47 +0000	[diff] [blame]	72	peer=`echo $INPUT \| cut -d' ' -f8 \| \
				73	sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
paul	a3957e3	2005-11-04 12:48:25 +0000	[diff] [blame]	74	peerstate=`echo $INPUT \| cut -d' ' -f13`
				75	errorcode=`echo $INPUT \| cut -d' ' -f9 \| sed -e 's/\"//g'`
				76	suberrorcode=`echo $INPUT \| cut -d' ' -f10 \| sed -e 's/\"//g'`
Paul Jakma	1bfd655	2017-03-08 23:31:47 +0000	[diff] [blame]	77	remoteas=`snmpget -v2c -c $COMMUNITY \
				78	localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer \
				79	\| cut -d' ' -f4`
paul	a3957e3	2005-11-04 12:48:25 +0000	[diff] [blame]	80
Paul Jakma	1bfd655	2017-03-08 23:31:47 +0000	[diff] [blame]	81	WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" \| \
				82	egrep '(as-name\|descr)'`
				83	asname=`echo "$WHOISINFO" \| grep "^as-name:" \| \
				84	sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' \| uniq`
				85	asdescr=`echo "$WHOISINFO" \| grep "^descr:" \| \
				86	sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' \| uniq`
paul	a3957e3	2005-11-04 12:48:25 +0000	[diff] [blame]	87
				88	# if peer address is in $WARN_PEER, the email should also
				89	# be sent to $EMAILADDR_WARN
				90	for ip in $WARN_PEERS; do
				91	if [ "x$ip" == "x$peer" ]; then
				92	EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
				93	TYPE="WARNING"
				94	break
				95	fi
				96	done
				97
				98
				99	# convert peer state
				100	case "$peerstate" in
				101	1) peerstate="Idle" ;;
				102	2) peerstate="Connect" ;;
				103	3) peerstate="Active" ;;
				104	4) peerstate="Opensent" ;;
				105	5) peerstate="Openconfirm" ;;
				106	6) peerstate="Established" ;;
				107	*) peerstate="Unknown" ;;
				108	esac
				109
				110	# get textual messages for errors
				111	case "$errorcode" in
				112	00)
				113	error="No error"
				114	suberror=""
				115	;;
				116	01)
				117	error="Message Header Error"
				118	case "$suberrorcode" in
				119	01) suberror="Connection Not Synchronized" ;;
				120	02) suberror="Bad Message Length" ;;
				121	03) suberror="Bad Message Type" ;;
				122	*) suberror="Unknown" ;;
				123	esac
				124	;;
				125	02)
				126	error="OPEN Message Error"
				127	case "$suberrorcode" in
				128	01) suberror="Unsupported Version Number" ;;
				129	02) suberror="Bad Peer AS" ;;
				130	03) suberror="Bad BGP Identifier" ;;
				131	04) suberror="Unsupported Optional Parameter" ;;
				132	05) suberror="Authentication Failure" ;;
				133	06) suberror="Unacceptable Hold Time" ;;
				134	*) suberror="Unknown" ;;
				135	esac
				136	;;
				137	03)
				138	error="UPDATE Message Error"
				139	case "$suberrorcode" in
				140	01) suberror="Malformed Attribute List" ;;
				141	02) suberror="Unrecognized Well-known Attribute" ;;
				142	03) suberror="Missing Well-known Attribute" ;;
				143	04) suberror="Attribute Flags Error" ;;
				144	05) suberror="Attribute Length Error" ;;
				145	06) suberror="Invalid ORIGIN Attribute" ;;
				146	07) suberror="AS Routing Loop" ;;
				147	08) suberror="Invalid NEXT_HOP Attribute" ;;
				148	09) suberror="Optional Attribute Error" ;;
				149	10) suberror="Invalid Network Field" ;;
				150	11) suberror="Malformed AS_PATH" ;;
				151	*) suberror="Unknown" ;;
				152	esac
				153	;;
				154	04)
				155	error="Hold Timer Expired"
				156	suberror=""
				157	;;
				158	05)
				159	error="Finite State Machine Error"
				160	suberror=""
				161	;;
				162	06)
				163	error="Cease"
				164	case "$suberrorcode" in
				165	01) suberror="Maximum Number of Prefixes Reached" ;;
				166	02) suberror="Administratively Shutdown" ;;
				167	03) suberror="Peer Unconfigured" ;;
				168	04) suberror="Administratively Reset" ;;
				169	05) suberror="Connection Rejected" ;;
				170	06) suberror="Other Configuration Change" ;;
				171	07) suberror="Connection collision resolution" ;;
				172	08) suberror="Out of Resource" ;;
				173	09) suberror="MAX" ;;
				174	*) suberror="Unknown" ;;
				175	esac
				176	;;
				177	*)
				178	error="Unknown"
				179	suberror=""
				180	;;
				181	esac
				182
				183	# create textual message from errorcodes
				184	if [ "x$suberror" == "x" ]; then
				185	NOTIFY="$errorcode ($error)"
				186	else
				187	NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
				188	fi
				189
				190
				191	# form a decent subject
				192	SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
				193	# create the email body
				194	MAIL=`cat << EOF
				195	BGP notification on router $ROUTER.
				196
				197	Peer: $peer
				198	AS: $remoteas
				199	New state: $peerstate
				200	Notification: $NOTIFY
				201
				202	Info:
				203	$asname
				204	$asdescr
				205
				206	Snmpd uptime: $uptime
				207	EOF`
				208
				209	# mail the notification
				210	echo "$MAIL" \| mail -s "$SUBJECT" $EMAILADDR
				211	@end verbatim