snmptrap.texi 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
  1. @c Documentation on configuring Quagga and snmpd for SNMP traps
  2. @c contributed by Jeroen Simonetti, jsimonetti@denit.net
  3. @node Handling SNMP Traps
  4. @section Handling SNMP Traps
  5. To handle snmp traps make sure your snmp setup of quagga works
  6. correctly as described in the quagga documentation in @xref{SNMP Support}.
  7. The BGP4 mib will send traps on peer up/down events. These should be
  8. visible in your snmp logs with a message similar to:
  9. @samp{snmpd[13733]: Got trap from peer on fd 14}
  10. To react on these traps they should be handled by a trapsink. Configure
  11. your trapsink by adding the following lines to @file{/etc/snmpd/snmpd.conf}:
  12. @example
  13. # send traps to the snmptrapd on localhost
  14. trapsink localhost
  15. @end example
  16. This will send all traps to an snmptrapd running on localhost. You can
  17. of course also use a dedicated management station to catch traps.
  18. Configure the snmptrapd daemon by adding the following line to
  19. @file{/etc/snmpd/snmptrapd.conf}:
  20. @c Documentation contributed by Jeroen Simonetti, jsimonetti@denit.net
  21. @example
  22. traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
  23. @end example
  24. This will use the bash script @file{/etc/snmp/snmptrap_handle.sh} to handle
  25. the BGP4 traps. To add traps for other protocol daemons, lookup their
  26. appropriate OID from their mib. (For additional information about which
  27. traps are supported by your mib, lookup the mib on
  28. @uref{http://www.oidview.com/mibs/detail.html}).
  29. Make sure snmptrapd is started.
  30. The snmptrap_handle.sh script I personally use for handling BGP4 traps
  31. is below. You can of course do all sorts of things when handling traps,
  32. like sound a siren, have your display flash, etc., be creative ;).
  33. @verbatim
  34. #!/bin/bash
  35. # routers name
  36. ROUTER=`hostname -s`
  37. #email address use to sent out notification
  38. EMAILADDR="john@doe.com"
  39. #email address used (allongside above) where warnings should be sent
  40. EMAILADDR_WARN="sms-john@doe.com"
  41. # type of notification
  42. TYPE="Notice"
  43. # local snmp community for getting AS belonging to peer
  44. COMMUNITY="<community>"
  45. # if a peer address is in $WARN_PEERS a warning should be sent
  46. WARN_PEERS="192.0.2.1"
  47. # get stdin
  48. INPUT=`cat -`
  49. # get some vars from stdin
  50. uptime=`echo $INPUT | cut -d' ' -f5`
  51. peer=`echo $INPUT | cut -d' ' -f8 | \
  52. sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
  53. peerstate=`echo $INPUT | cut -d' ' -f13`
  54. errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\"//g'`
  55. suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\"//g'`
  56. remoteas=`snmpget -v2c -c $COMMUNITY \
  57. localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer \
  58. | cut -d' ' -f4`
  59. WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | \
  60. egrep '(as-name|descr)'`
  61. asname=`echo "$WHOISINFO" | grep "^as-name:" | \
  62. sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' | uniq`
  63. asdescr=`echo "$WHOISINFO" | grep "^descr:" | \
  64. sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' | uniq`
  65. # if peer address is in $WARN_PEER, the email should also
  66. # be sent to $EMAILADDR_WARN
  67. for ip in $WARN_PEERS; do
  68. if [ "x$ip" == "x$peer" ]; then
  69. EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
  70. TYPE="WARNING"
  71. break
  72. fi
  73. done
  74. # convert peer state
  75. case "$peerstate" in
  76. 1) peerstate="Idle" ;;
  77. 2) peerstate="Connect" ;;
  78. 3) peerstate="Active" ;;
  79. 4) peerstate="Opensent" ;;
  80. 5) peerstate="Openconfirm" ;;
  81. 6) peerstate="Established" ;;
  82. *) peerstate="Unknown" ;;
  83. esac
  84. # get textual messages for errors
  85. case "$errorcode" in
  86. 00)
  87. error="No error"
  88. suberror=""
  89. ;;
  90. 01)
  91. error="Message Header Error"
  92. case "$suberrorcode" in
  93. 01) suberror="Connection Not Synchronized" ;;
  94. 02) suberror="Bad Message Length" ;;
  95. 03) suberror="Bad Message Type" ;;
  96. *) suberror="Unknown" ;;
  97. esac
  98. ;;
  99. 02)
  100. error="OPEN Message Error"
  101. case "$suberrorcode" in
  102. 01) suberror="Unsupported Version Number" ;;
  103. 02) suberror="Bad Peer AS" ;;
  104. 03) suberror="Bad BGP Identifier" ;;
  105. 04) suberror="Unsupported Optional Parameter" ;;
  106. 05) suberror="Authentication Failure" ;;
  107. 06) suberror="Unacceptable Hold Time" ;;
  108. *) suberror="Unknown" ;;
  109. esac
  110. ;;
  111. 03)
  112. error="UPDATE Message Error"
  113. case "$suberrorcode" in
  114. 01) suberror="Malformed Attribute List" ;;
  115. 02) suberror="Unrecognized Well-known Attribute" ;;
  116. 03) suberror="Missing Well-known Attribute" ;;
  117. 04) suberror="Attribute Flags Error" ;;
  118. 05) suberror="Attribute Length Error" ;;
  119. 06) suberror="Invalid ORIGIN Attribute" ;;
  120. 07) suberror="AS Routing Loop" ;;
  121. 08) suberror="Invalid NEXT_HOP Attribute" ;;
  122. 09) suberror="Optional Attribute Error" ;;
  123. 10) suberror="Invalid Network Field" ;;
  124. 11) suberror="Malformed AS_PATH" ;;
  125. *) suberror="Unknown" ;;
  126. esac
  127. ;;
  128. 04)
  129. error="Hold Timer Expired"
  130. suberror=""
  131. ;;
  132. 05)
  133. error="Finite State Machine Error"
  134. suberror=""
  135. ;;
  136. 06)
  137. error="Cease"
  138. case "$suberrorcode" in
  139. 01) suberror="Maximum Number of Prefixes Reached" ;;
  140. 02) suberror="Administratively Shutdown" ;;
  141. 03) suberror="Peer Unconfigured" ;;
  142. 04) suberror="Administratively Reset" ;;
  143. 05) suberror="Connection Rejected" ;;
  144. 06) suberror="Other Configuration Change" ;;
  145. 07) suberror="Connection collision resolution" ;;
  146. 08) suberror="Out of Resource" ;;
  147. 09) suberror="MAX" ;;
  148. *) suberror="Unknown" ;;
  149. esac
  150. ;;
  151. *)
  152. error="Unknown"
  153. suberror=""
  154. ;;
  155. esac
  156. # create textual message from errorcodes
  157. if [ "x$suberror" == "x" ]; then
  158. NOTIFY="$errorcode ($error)"
  159. else
  160. NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
  161. fi
  162. # form a decent subject
  163. SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
  164. # create the email body
  165. MAIL=`cat << EOF
  166. BGP notification on router $ROUTER.
  167. Peer: $peer
  168. AS: $remoteas
  169. New state: $peerstate
  170. Notification: $NOTIFY
  171. Info:
  172. $asname
  173. $asdescr
  174. Snmpd uptime: $uptime
  175. EOF`
  176. # mail the notification
  177. echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR
  178. @end verbatim