RE: Specifying SNMP Traps

From: Kenneth Wygand (KWygand@customonline.com)
Date: Fri Apr 23 2004 - 10:33:37 GMT-3

• Next message: Yasser Abdullah : "RE: Passive interfaces in ISIS"
• Previous message: R&S Groupstudy: "RE: Passive interfaces in ISIS"
• Maybe in reply to: Tim Last: "Specifying SNMP Traps"
• Next in thread: NETTABLE_WALKER: "Re: Specifying SNMP Traps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Tim & Group,

This is the simple general rule as I see it.

Enabling the "snmp-server enable traps [arguments]" will enable the
internal SNMP engine to create traps for these OIDs (with the exception
of the special case for "snmp trap link-status" as mentioned below).

If you run this command with any [arguments], only traps for those
[arguments] are enabled. If you run the command with no [arguments],
all [arguments] by default are enabled.

If you do not enable "snmp-server enable traps [arguments]", no traps
will be sent anywhere, period, no matter what the "snmp-server host
x.x.x.x" command says!

Then if you enable the "snmp-server host x.x.x.x public [arguments]"
with no [arguments], this host (x.x.x.x) will receive all snmp traps
generated by the internal SNMP engine (the traps issued in the
"snmp-server enable traps [arguments]" command!

If you enable the "snmp-server host x.x.x.x public [arguments]" with
[arguments], you are actually LIMITING the traps that will be received
by this host to the traps listed within the [arguments] of this command.

It helps for me to see the [arguments] in the snmp-server host x.x.x.x
public [arguments]" command almost like an SNMP ACL, stating "Permit all
of the snmp traps listed in the [arguments] and deny all other snmp
traps to this host".

And of course, even with an SNMP ACL, if the engine isn't producing the
traps (from the "snmp-server enable traps [arguments]" command), it
doesn't matter if you SNMP ACL let's them through, because they aren't
being sent to begin with! End result - NO TRAPS!

Hope this helps! :)

Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
Network+, A+
Custom Computer Specialists, Inc.
"The only unattainable goal is the one not attempted."
-Anonymous

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Friday, April 23, 2004 9:15 AM
To: Yasser Abdullah; 'Tim Last'; 'Group Study'
Subject: Re: Specifying SNMP Traps

Yasser,

Thanks again.

I've got to say that for something which is conceptually so simple,
Cisco's
implimentation seems rather complicated, don't you think?

As an example of your point, I could configure this:

int s0
ip addr x.x.x.x m.m.m.m

snmp-server host y.y.y.y public

Here, the host at y.y.y.y would receive link-status traps because, by
default, that's enabled. But, if I didn't want the snmp mgr to get snmp
link status traps, I would need to configure the following:

int bri 0
no snmp trap link-status

snmp-server host y.y.y.y public

So, therefore, in the lab, if I'm instructed to send ONLY, for example,
envmon traps to a host at address z.z.z.z and the rtr has 3 active
interfaces, this is what I should configure:

int bri 0
no snmp trap link-status

int s0
no snmp trap link-status

int e0
no snmp trap link-status

snmp-server host z.z.z.z public envmon < ---- SENDS envmon trap to
host
snmp-server enable traps < ---- ENABLES ALL
TRAPS

Does this look correct?

I think I've got it now.

Thanks, Tim

----- Original Message -----
From: "Yasser Abdullah" <yasser@alharbitelecom.com>
To: "'ccie2be'" <ccie2be@nyc.rr.com>; "'Tim Last'" <packtmon@yahoo.com>;
"'Group Study'" <ccielab@groupstudy.com>
Sent: Friday, April 23, 2004 8:39 AM
Subject: RE: Specifying SNMP Traps

> Yes. There is only a an exception to point 1:
>
> The 'snmp-server enable traps' is not required for traps which are
sent
> using a different command. For example the 'SNMP trap link-status'
> interface command would send traps to specified hosts even if the
> 'snmp-server enable traps' command is not configured.
>
> Brgds,
>
> Yasser
>
> -----Original Message-----
> From: ccie2be [mailto:ccie2be@nyc.rr.com]
> Sent: Friday, April 23, 2004 3:26 PM
> To: Yasser Abdullah; 'Tim Last'; 'Group Study'
> Subject: Re: Specifying SNMP Traps
>
> Ah, Yasser, that was the missing piece of info.
>
> Thank you, man.
>
> I bet you must work with snmp at your job, right?
>
> Now, one last variation I'd like to ask you about. Suppose this were
> the
> config:
>
> snmp-server host 10.10.10.10 public config bgp tty
> snmp-server enable traps
>
> According to the Doc's, if no type of trap is specified, then, by
> default,
> all traps can be sent, correct?
> But, since the snmp-server host specified 3 particular traps, only
those
> traps are sent to only that host.
>
> Then to summerize how these commands work:
>
> 1) To send traps both the snmp-server host command and the snmp-server
> enable trap MUST BE SPECIFIED.
>
> 2) If specific traps are listed in the snmp-server host command, that
> host
> will get only the traps specified in that command
>
> 3) If specific traps are specified in the snmp-server enable trap
> command,
> those traps will be sent to all hosts specified in all snmp-server
hosts
> commands which DON'T have specific traps listed. For example,
>
> snmp-server host 11.11.11.11 public
> snmp-server host 10.10.10.10 public config bgp tty
> snmp-server enable traps hsrp
>
> Here, host 11.11.11.11 will get the hsrp trap because it didn't
specify
> any
> traps and
> host 10.10.10.10 wil get the config bgp and tty traps because those
are
> the
> traps its specified.
>
> Do you this right?
>
> Thanks, Tim
>
>
> ----- Original Message -----
> From: "Yasser Abdullah" <yasser@alharbitelecom.com>
> To: "'ccie2be'" <ccie2be@nyc.rr.com>; "'Tim Last'"
<packtmon@yahoo.com>;
> "'Group Study'" <ccielab@groupstudy.com>
> Sent: Friday, April 23, 2004 7:35 AM
> Subject: RE: Specifying SNMP Traps
>
>
> > Yes, it is actually a term used to describe traps or informs.
> >
> > No, the type of traps doesn't need to be specified twice, at least
not
> > all. In your example, bgp, config and tty were specified in the host
> > command. However, this command alone doesn't automatically send
traps.
> > You need to activate the sending of traps by issuing the snmp-server
> > enable traps at least for one of the traps types.
> >
> > In the example below, you could have done with only one snmp-server
> > enable traps commands.
> >
> > snmp-server host 10.10.10.10 public config bgp tty
> > snmp-server enable traps config
> >
> > In this case, all hosts will get the config traps, but only host
> > 10.10.10.10 will get the bgp and tty traps.
> >
> > Brgds,
> >
> > Yasser
> >
> >
> > -----Original Message-----
> > From: ccie2be [mailto:ccie2be@nyc.rr.com]
> > Sent: Friday, April 23, 2004 2:12 PM
> > To: Yasser Abdullah; 'Tim Last'; 'Group Study'
> > Subject: Re: Specifying SNMP Traps
> >
> > Yasser,
> >
> > Thanks for getting back to me.
> >
> > I'm still a bit confused.
> >
> > What's the difference between a "Notification" and a "Trap"?
> >
> > Aren't they the different names for the same thing?
> >
> > Also, does the type of trap have to be specified twice,
> >
> > once in the snmp-server host command and
> >
> > again, in the snmp-server enable trap command?
> >
> > It's confusing because in the example below, both BGP and CONFIG
were
> > specified twice,
> >
> > but TTY was only specified once - in the snmp-server host command.
> >
> > Why is TTY only specified once but BGP and CONFIG is specified
twice?
> >
> > It doesn't make sense to me.
> >
> > Thanks in advance, Tim
> > ----- Original Message -----
> > From: "Yasser Abdullah" <yasser@alharbitelecom.com>
> > To: "'Tim Last'" <packtmon@yahoo.com>; "'Group Study'"
> > <ccielab@groupstudy.com>
> > Sent: Friday, April 23, 2004 4:51 AM
> > Subject: RE: Specifying SNMP Traps
> >
> >
> > > The first command would specify the recipient of the traps and the
> > type
> > > or traps to be sent. However, no traps will be sent for any of the
> > > notifications above until you configure the' snmp-server enable
> traps'
> > > for at least one notification type.
> > >
> > >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
> > > ffun_r/ffrprt3/frf014.htm#1113568
> > >
> > > HTH,
> > >
> > > Yasser
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> > Of
> > > Tim Last
> > > Sent: Friday, April 23, 2004 12:26 AM
> > > To: Group Study
> > > Subject: Specifying SNMP Traps
> > >
> > > Hi guys,
> > >
> > > I found this example here:
> > >
> > >
> >
>
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a
> > > 0080094a05.shtml
> > >
> > > snmp-server host 10.10.10.10 public config bgp tty snmp-server
> enable
> > > traps config snmp-server enable traps bgp
> > >
> > > I understand why the 1st first command is there, but why are the
> other
> > 2
> > >
> > >
> > > commands needed? Isn't it enough that that both "config" and
"bgp"
> in
> > > the 1st command?
> > >
> > > Or, is it really necessary to specify "config" and "bgp" twice,
> once
> > >
> > > in the 1st command and again in the enable traps command.
> > >
> > >
> > >
> > > Thanks in advance, Tim
> > >
> > >
> > >
> > > ---------------------------------
> > > Do you Yahoo!?
> > > Yahoo! Photos: High-quality 4x6 digital prints for 25"
> > >
> > >
> >
>

• Next message: Yasser Abdullah : "RE: Passive interfaces in ISIS"
• Previous message: R&S Groupstudy: "RE: Passive interfaces in ISIS"
• Maybe in reply to: Tim Last: "Specifying SNMP Traps"
• Next in thread: NETTABLE_WALKER: "Re: Specifying SNMP Traps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:53 GMT-3