Quagga
/
quagga-github-mirror
mirror of https://github.com/Quagga/quagga


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211
							@c Documentation on configuring Quagga and snmpd for SNMP traps
@c contributed by Jeroen Simonetti, jsimonetti@denit.net

@node Handling SNMP Traps
@section Handling SNMP Traps

To handle snmp traps make sure your snmp setup of quagga works
correctly as described in the quagga documentation in @xref{SNMP Support}.

The BGP4 mib will send traps on peer up/down events. These should be
visible in your snmp logs with a message similar to:

@samp{snmpd[13733]: Got trap from peer on fd 14}

To react on these traps they should be handled by a trapsink. Configure
your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:

@example
  # send traps to the snmptrapd on localhost
  trapsink localhost
@end example

This will send all traps to an snmptrapd running on localhost. You can
of course also use a dedicated management station to catch traps.
Configure the snmptrapd daemon by adding the following line to
@file{/etc/snmpd/snmptrapd.conf}:

@c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net

@example
  traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
@end example

This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
the BGP4 traps. To add traps for other protocol daemons, lookup their
appropriate OID from their mib. (For additional information about which
traps are supported by your mib, lookup the mib on
@uref{http://www.oidview.com/mibs/detail.html}).

Make sure snmptrapd is started.

The snmptrap_handle.sh script I personally use for handling BGP4 traps
is below. You can of course do all sorts of things when handling traps,
like sound a siren, have your display flash, etc., be creative ;).

@verbatim
  #!/bin/bash

  # routers name
  ROUTER=`hostname -s`

  #email address use to sent out notification
  EMAILADDR="john@doe.com"
  #email address used (allongside above) where warnings should be sent
  EMAILADDR_WARN="sms-john@doe.com"

  # type of notification
  TYPE="Notice"

  # local snmp community for getting AS belonging to peer
  COMMUNITY="<community>"

  # if a peer address is in $WARN_PEERS a warning should be sent
  WARN_PEERS="192.0.2.1"


  # get stdin
  INPUT=`cat -`

  # get some vars from stdin
  uptime=`echo $INPUT | cut -d' ' -f5`
  peer=`echo $INPUT | cut -d' ' -f8 | \
	sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
  peerstate=`echo $INPUT | cut -d' ' -f13`
  errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'`
  suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'`
  remoteas=`snmpget -v2c -c $COMMUNITY \
		localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer \
		| cut -d' ' -f4`

  WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | \
		egrep '(as-name|descr)'`
  asname=`echo "$WHOISINFO" | grep "^as-name:" | \
		sed -e 's/^as-name://g' -e 's/  //g' -e 's/^ //g' | uniq`
  asdescr=`echo "$WHOISINFO" | grep "^descr:" | \
		sed -e 's/^descr://g' -e 's/  //g' -e 's/^ //g' | uniq`

  # if peer address is in $WARN_PEER, the email should also
  # be sent to $EMAILADDR_WARN
  for ip in $WARN_PEERS; do
    if [ "x$ip" == "x$peer" ]; then
      EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
      TYPE="WARNING"
      break
    fi
  done
  

  # convert peer state
  case "$peerstate" in
    1) peerstate="Idle" ;;
    2) peerstate="Connect" ;;
    3) peerstate="Active" ;;
    4) peerstate="Opensent" ;;
    5) peerstate="Openconfirm" ;;
    6) peerstate="Established" ;;
    *) peerstate="Unknown" ;;
  esac

  # get textual messages for errors
  case "$errorcode" in
    00)
      error="No error"
      suberror=""
      ;;
    01)
      error="Message Header Error"
      case "$suberrorcode" in
        01) suberror="Connection Not Synchronized" ;;
        02) suberror="Bad Message Length" ;;
        03) suberror="Bad Message Type" ;;
        *) suberror="Unknown" ;;
      esac
      ;;
    02)    
      error="OPEN Message Error"
      case "$suberrorcode" in
        01) suberror="Unsupported Version Number" ;;
        02) suberror="Bad Peer AS" ;;
        03) suberror="Bad BGP Identifier" ;;
        04) suberror="Unsupported Optional Parameter" ;;
        05) suberror="Authentication Failure" ;;
        06) suberror="Unacceptable Hold Time" ;;
        *) suberror="Unknown" ;;
      esac
      ;;
    03)
      error="UPDATE Message Error"
      case "$suberrorcode" in
        01) suberror="Malformed Attribute List" ;;
        02) suberror="Unrecognized Well-known Attribute" ;;
        03) suberror="Missing Well-known Attribute" ;;
        04) suberror="Attribute Flags Error" ;;
        05) suberror="Attribute Length Error" ;;
        06) suberror="Invalid ORIGIN Attribute" ;;
        07) suberror="AS Routing Loop" ;;
        08) suberror="Invalid NEXT_HOP Attribute" ;;
        09) suberror="Optional Attribute Error" ;;
        10) suberror="Invalid Network Field" ;;
        11) suberror="Malformed AS_PATH" ;;
        *) suberror="Unknown" ;;
      esac
      ;;
    04)
      error="Hold Timer Expired"
      suberror=""
      ;;
    05)
      error="Finite State Machine Error"
      suberror=""
      ;;
    06)
      error="Cease"
      case "$suberrorcode" in
        01) suberror="Maximum Number of Prefixes Reached" ;;
        02) suberror="Administratively Shutdown" ;;
        03) suberror="Peer Unconfigured" ;;
        04) suberror="Administratively Reset" ;;
        05) suberror="Connection Rejected" ;;
        06) suberror="Other Configuration Change" ;;
        07) suberror="Connection collision resolution" ;;
        08) suberror="Out of Resource" ;;
        09) suberror="MAX" ;;
        *) suberror="Unknown" ;;
      esac
      ;;
    *)
      error="Unknown"
      suberror=""
      ;;
  esac

  # create textual message from errorcodes
  if [ "x$suberror" == "x" ]; then
    NOTIFY="$errorcode ($error)"
  else
    NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
  fi
 

  # form a decent subject
  SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
  # create the email body
  MAIL=`cat << EOF
  BGP notification on router $ROUTER.
  
  Peer: $peer
  AS: $remoteas
  New state: $peerstate
  Notification: $NOTIFY

  Info:
  $asname
  $asdescr
 
  Snmpd uptime: $uptime
  EOF`

  # mail the notification
  echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR
@end verbatim