Re: SNMP trap question from David Mahler on 2011-05-04 (Ccielab archives 05/2011)

From: David Mahler <dave.mahler_at_gmail.com>
Date: Wed, 4 May 2011 18:18:02 -0700

OK, thanks Gary for verifying I'm not tripping out. Your extra detail
on what EIGRP will actually trap on explained why I couldn't get one
too if I tried.

On Wed, May 4, 2011 at 12:45 AM, garry baker <baker.garry_at_gmail.com> wrote:
> doesnt help but i was able to get that EIGRP trap:
>
> PE1#
> *Mar 1 00:16:22.767: SNMP: Queuing packet to 150.1.2.2
> *Mar 1 00:16:22.767: SNMP: V1 Trap, ent ciscoEigrpMIB, addr 129.53.1.2,
> gentrap 6, spectrap 1
> cEigrpPeerAddr.2.1000.0 = 192.168.3.2
> cEigrpPeerAddrType.2.1000.0 = 1
> *Mar 1 00:16:22.779: %DUAL-5-NBRCHANGE: IP-EIGRP(2) 1000: Neighbor
> 192.168.3.2 (FastEthernet0/1) is down: Auth failure
>
>
> --
> Garry L. Baker
>
> "With sufficient thrust, pigs fly just fine..." - RFC 1925
>
>
> On Wed, May 4, 2011 at 10:30 AM, garry baker <baker.garry_at_gmail.com> wrote:
>>
>> i see the same behavoir in my tests with '(C3725-ADVENTERPRISEK9-M),
>> Version 12.4(15)T12'
>>
>> this host keyword and traps seems shaky and best to me, on my ios version
>> anyway...
>>
>> the doccd would lead you to believe this is the way it was inteaded to be
>> used so you you could send specific traps to specific hosts...
>>
>>
>> PE1(config-router)#do sh run | s snmp
>> snmp-server enable traps eigrp
>> snmp-server enable traps ospf state-change
>> snmp-server enable traps ospf errors
>> snmp-server enable traps ospf retransmit
>> snmp-server enable traps ospf lsa
>> snmp-server enable traps ospf cisco-specific state-change
>> nssa-trans-change
>> snmp-server enable traps ospf cisco-specific state-change shamlink
>> interface-old
>> snmp-server enable traps ospf cisco-specific state-change shamlink
>> neighbor
>> snmp-server enable traps ospf cisco-specific errors
>> snmp-server enable traps ospf cisco-specific retransmit
>> snmp-server enable traps ospf cisco-specific lsa
>> snmp-server host 150.1.2.2 CISCO eigrp
>>
>>
>> PE1#sh debug
>> SNMP:
>> SNMP packet debugging is on
>> *Mar 1 07:12:48.134: SNMP: Queuing packet to 150.1.2.2
>> *Mar 1 07:12:48.134: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 10.2.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>> *Mar 1 07:12:48.186: SNMP: Queuing packet to 150.1.2.2
>> *Mar 1 07:12:48.186: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 192.168.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>>
>> I was only able to get the EIGRP to generate an snmp trap one time (i
>> failed to capture it and my buffer overran), and the doccd says there are
>> only 2 types of traps from the eigrp notification type anyway:
>> eigrpSends Enhanced Interior Gateway Routing Protocol (EIGRP)
>> stuck-in-active (SIA) and neighbor authentication failure notifications.
>>
>> i configured auth to fail on the EIGRP link, but no traps for EIGRP coming
>> from the auth failure:
>> *Mar 1 07:15:46.674: EIGRP: FastEthernet0/1: ignored packet from
>> 192.168.3.2, opcode = 5 (authentication off or key-chain missing)
>>
>>
>> SO i added a second host:
>> snmp-server host 150.1.2.1 CISCO ospf
>> snmp-server host 150.1.2.2 CISCO eigrp
>>
>> and now i get this, so OSPF is working for both hosts now, still no EIGRP
>>
>> PE1(config)#
>> *Mar 1 07:18:12.502: SNMP: Queuing packet to 150.1.2.1
>> *Mar 1 07:18:12.506: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 10.2.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>> *Mar 1 07:18:12.530: SNMP: Queuing packet to 150.1.2.2
>> *Mar 1 07:18:12.530: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 10.2.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>>
>> SO went back to this and still just OSPF:
>> snmp-server host 150.1.2.2 CISCO
>>
>> PE1(config)#
>> *Mar 1 07:19:41.410: SNMP: Queuing packet to 150.1.2.2
>> *Mar 1 07:19:41.414: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 10.2.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>> *Mar 1 07:19:41.442: SNMP: Queuing packet to 150.1.2.2
>> *Mar 1 07:19:41.442: SNMP: V1 Trap, ent ospfTrap.2, addr 150.1.1.1,
>> gentrap 6, spectrap 13
>> ospfGeneralGroup.1 = 192.168.1.1
>> ospfLsdbEntry.1 = 0.0.3.232
>> ospfLsdbEntry.2 = 3
>> ospfLsdbEntry.3 = 192.168.2.0
>> ospfLsdbEntry.4 = 192.168.1.1
>>
>>
>> --
>> Garry L. Baker
>>
>> "With sufficient thrust, pigs fly just fine..." - RFC 1925
>>
>>
>> On Wed, May 4, 2011 at 8:53 AM, David Mahler <dave.mahler_at_gmail.com>
>> wrote:
>>>
>>> Hello All,
>>>
>>> This is probably an easy one, but it's stumping me at the moment:
>>>
>>> In this config I believe globally I am saying "enable ospf traps" but
>>> on the host level I am saying "send only eigrp traps to 5.5.5.5"
>>> effectively saying no traps should send:
>>>
>>> snmp-server enable traps ospf state-change
>>> snmp-server enable traps ospf errors
>>> snmp-server enable traps ospf retransmit
>>> snmp-server enable traps ospf lsa
>>> snmp-server enable traps ospf cisco-specific state-change
>>> nssa-trans-change
>>> snmp-server enable traps ospf cisco-specific state-change shamlink
>>> interface-old
>>> snmp-server enable traps ospf cisco-specific state-change shamlink
>>> neighbor
>>> snmp-server enable traps ospf cisco-specific errors
>>> snmp-server enable traps ospf cisco-specific retransmit
>>> snmp-server enable traps ospf cisco-specific lsa
>>>
>>>
>>> snmp-server host 5.5.5.5 CISCO eigrp
>>>
>>>
>>> However when I debug - I still see ospf traps sent to 5.5.5.5
>>>
>>> *Mar 1 01:20:49.463: SNMP: Queuing packet to 5.5.5.5
>>> *Mar 1 01:20:49.467: SNMP: V1 Trap, ent ospfTrap.2, addr 46.0.0.4,
>>> gentrap 6, spectrap 12
>>> ospfGeneralGroup.1 = 4.4.4.4
>>> ospfLsdbEntry.1 = 0.0.0.0
>>> ospfLsdbEntry.2 = 5
>>> ospfLsdbEntry.3 = 3.3.3.3
>>> ospfLsdbEntry.4 = 4.4.4.4
>>> *Mar 1 01:20:49.579: SNMP: Packet sent via UDP to 5.5.5.5
>>> *Mar 1 01:20:49.835: SNMP: Packet sent via UDP to 5.5.5.5
>>>
>>>
>>> Even in Cisco Docs I see an example like this:
>>>
>>> "This example does not send traps to any host. The BGP traps are
>>> enabled for all hosts, but only the ISDN traps are enabled to be sent
>>> to a host.
>>>
>>> snmp-server enable traps bgp
>>> snmp-server host bob public isdn"
>>>
>>>
>>> Am I missing something easy?
>>>
>>> Thanks in advance!!
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed May 04 2011 - 18:18:02 ART

This archive was generated by hypermail 2.2.0 : Wed Jun 01 2011 - 09:01:11 ART