Enabling SNMP Traps and Informs

Problem

You want the router to generate SNMP traps or informs in response to various network events.

Solution

The following configuration commands will enable your router to send unsolicited SNMP traps to a network management server:

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#snmp-server enable traps Router(config)#snmp-server host 172.25.1.1 ORATRAP config entity envmon hsrp Router(config)#snmp-server host nms.oreilly.com ORATRAP bgp snmp envmon Router(config)#end Router#

Notice that the snmp-server host command will accept either an IP address or a hostname.

Beginning with SNMP Version 2c, Cisco routers also support SNMP informs. To enable SNMP informs, use the following commands:

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#snmp-server enable informs Router(config)#snmp-server host 172.25.1.1 informs version 2c ORATRAP snmp envmon Router(config)#end Router#

 

Discussion

SNMP Traps originate from the router's agent and are sent via UDP (port 162) to the network management station (NMS). Unlike the information that the router sends to the NMS in response to an SNMP poll, a trap is unsolicited. The router's agent decides that something important has happened, and that it needs to tell the NMS about it. Before the router agent can send traps, you must enable global trap support (see Table 17-4) and configure the trap host.

SNMP traps are one of the basic elements of fault management. In fact, Requirements for IP Version 4 Routers (RFC 1812) states that all routers must be capable of sending SNMP traps.

Cisco routers can send a large variety of different SNMP traps, including both standard traps, described in RFCs, and Cisco specific traps. The first step in configuring trap support is to enable the particular trap types you wish to use. In our examples, we choose to enable all SNMP trap types by using the configuration command snmp-server enable traps. The fact that we didn't specify individual trap types implicitly enables all trap types. However, you can restrict the router to send only certain types of traps that you are interested in receiving. The various trap-type keywords are shown in Table 17-4. Note that this is a global command that affects all SNMP trap receivers.

Table 17-4. Cisco SNMP trap types

Keyword Description
bgp Allow BGP state change traps
calltracker Send Call Tracker cal start/end notifications
config Allow SNMP configuration traps
cpu Send cpu related notifications
director Allow Distributed Director notifications
dspu Allow dspu event traps
eigrp Enable EGIRP SIA and neighbor auth failure traps
entity Allow SNMP entity traps
envmon Allow environmental monitor traps
flash Send flash insertion and removal traps
frame-relay Allow SNMP frame-relay traps
hsrp Allow SNMP HSRP traps
iplocalpool Allow IP local pool traps
ipmobile Allow mobile IP notifications
Ipsec Send IPsec notifications
isdn Allow SNMP ISDN traps
l2tun-pseudowire-status Send pseudowire state change notifications
l2tun-session Send Layer 2 tunnel session traps
llc2 Sends logical link control type-2 notifications
memory Allow memory pool and buffer pool notifications
mpls-ldp Send MPLS ldp status change traps
mpls-traffic-eng Send MPLS TE tunnel status change notifications
mpls-vpn Send MPLS VPN notifications
ospf Send OSPF sham link notifications
pim Allow PIM notificaitons
repeater Send standard repeater notifications
rsrb Allow rsrb event traps
rsvp Allow RSVP flow change traps
rtr Allow SNMP Response Time Reporter traps
sdlc Allow SDLC event traps
sdllc Allow SDLLC event traps
snmp Allow SNMP-type notifications
srp Send SRP notifications
stun Allow stun event traps
syslog Allow SNMP syslog traps
tty Allow TCP connection traps
udp-port The server host's UDP port number
voice Allow SNMP voice traps
vrrp Send VRRP notifications
vsimaster Send VSI master notifications
X25 Allow x25 event traps

For example, you would use the following commands to tell the router to send only BGP and environmental-type traps:

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#snmp-server enable traps bgp Router(config)#snmp-server enable traps envmon Router(config)#end Router#

You can also disable a particular type of SNMP trap by using the following command:

Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#no snmp-server enable traps envmon Router(config)#end Router#

The following command displays which SNMP trap-types are enabled on a router:

Router#show running-config | include snmp-server enable snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart snmp-server enable traps hsrp snmp-server enable traps config snmp-server enable traps entity snmp-server enable traps envmon snmp-server enable traps bgp snmp-server enable traps ipmulticast snmp-server enable traps msdp snmp-server enable traps rsvp snmp-server enable traps frame-relay snmp-server enable traps syslog snmp-server enable traps rtr snmp-server enable traps dlsw snmp-server enable traps dial snmp-server enable traps dsp card-status snmp-server enable traps voice poor-qov Router#

The second step in configuring SNMP traps is to define the trap recipient by using the snmp-server host command. This command has the following attributes:

snmp-server host host-addr [traps | informs] [version {1 | 2c} ] community-string [udp-port port] [trap-type]

The host-addr argument is the name or IP address of the NMS server that will receive the traps. You can define whether the router will send SNMP traps or informs to this host by specifying either the traps or informs keyword. If neither is specified, the default is to send traps. Also, you can specify which version of SNMP traps the router will send by including either version 1 or version 2c. If neither version is specified, the router will default to Version 1. Note that informs don't exist in SNMP Version 1, so you must specify Version 2c (or version 3) if you want to enable this feature.

The community string argument specifies the community string that the router will send within the SNMP trap or inform. This doesn't need to match either the read-only or read-write community strings on the router.

You can change the default SNMP trap port from 162 (the default) to another value with the optional udp-port keyword. This keyword must be followed by the alternative UDP port number that you want to use.

Finally, if the trap-type keyword is present, it allows you to configure the types of types that the router will send to this server. There is a list of valid trap types in Table 17-4. The command can accept one or more types. However, if no trap types are included, the router will default to sending every enabled trap type.

There are two important things to note about this command. First, you must enable trap-types via the global command before you can specify them for a particular host. Second, this command will allow you to send different sets of traps to different servers. This can sometimes be useful if you have multiple NMS servers that handle different management functions.

The configuration for SNMP informs is almost the same as SNMP traps. The main difference is that you can't enable individual inform types by using the global snmp-server enable informs command. The global inform command lacks the granularity of the same trap-based command. However, you can still enable specific inform types on the host-level command. This can mean more typing if there are several inform recipients. But there is no loss of functionality.

See Also

Recipe 17.22

Категории