4 To handle snmp traps make sure your snmp setup of frr works correctly as
5 described in the frr documentation in :ref:`snmp-support`.
7 The BGP4 mib will send traps on peer up/down events. These should be visible in
8 your snmp logs with a message similar to:
12 snmpd[13733]: Got trap from peer on fd 14
14 To react on these traps they should be handled by a trapsink. Configure your
15 trapsink by adding the following lines to :file:`/etc/snmpd/snmpd.conf`:
19 # send traps to the snmptrapd on localhost
23 This will send all traps to an snmptrapd running on localhost. You can of
24 course also use a dedicated management station to catch traps. Configure the
25 snmptrapd daemon by adding the following line to
26 :file:`/etc/snmpd/snmptrapd.conf`:
30 traphandle .1.3.6.1.4.1.3317.1.2.2 /etc/snmp/snmptrap_handle.sh
33 This will use the bash script :file:`/etc/snmp/snmptrap_handle.sh` to handle
34 the BGP4 traps. To add traps for other protocol daemons, lookup their
35 appropriate OID from their mib. (For additional information about which traps
36 are supported by your mib, lookup the mib on
37 `http://www.oidview.com/mibs/detail.html <http://www.oidview.com/mibs/detail.html>`_).
39 Make sure *snmptrapd* is started.
41 The snmptrap_handle.sh script I personally use for handling BGP4 traps is
42 below. You can of course do all sorts of things when handling traps, like sound
43 a siren, have your display flash, etc., be creative ;).
52 #email address use to sent out notification
53 EMAILADDR="john@doe.com"
54 #email address used (allongside above) where warnings should be sent
55 EMAILADDR_WARN="sms-john@doe.com"
57 # type of notification
60 # local snmp community for getting AS belonging to peer
61 COMMUNITY="<community>"
63 # if a peer address is in $WARN_PEERS a warning should be sent
64 WARN_PEERS="192.0.2.1"
69 # get some vars from stdin
70 uptime=`echo $INPUT | cut -d' ' -f5`
71 peer=`echo $INPUT | cut -d' ' -f8 | sed -e 's/SNMPv2-SMI::mib-2.15.3.1.14.//g'`
72 peerstate=`echo $INPUT | cut -d' ' -f13`
73 errorcode=`echo $INPUT | cut -d' ' -f9 | sed -e 's/\\"//g'`
74 suberrorcode=`echo $INPUT | cut -d' ' -f10 | sed -e 's/\\"//g'`
75 remoteas=`snmpget -v2c -c $COMMUNITY localhost SNMPv2-SMI::mib-2.15.3.1.9.$peer | cut -d' ' -f4`
77 WHOISINFO=`whois -h whois.ripe.net " -r AS$remoteas" | egrep '(as-name|descr)'`
78 asname=`echo "$WHOISINFO" | grep "^as-name:" | sed -e 's/^as-name://g' -e 's/ //g' -e 's/^ //g' | uniq`
79 asdescr=`echo "$WHOISINFO" | grep "^descr:" | sed -e 's/^descr://g' -e 's/ //g' -e 's/^ //g' | uniq`
81 # if peer address is in $WARN_PEER, the email should also
82 # be sent to $EMAILADDR_WARN
83 for ip in $WARN_PEERS; do
84 if [ "x$ip" == "x$peer" ]; then
85 EMAILADDR="$EMAILADDR,$EMAILADDR_WARN"
93 1) peerstate="Idle" ;;
94 2) peerstate="Connect" ;;
95 3) peerstate="Active" ;;
96 4) peerstate="Opensent" ;;
97 5) peerstate="Openconfirm" ;;
98 6) peerstate="Established" ;;
99 *) peerstate="Unknown" ;;
102 # get textual messages for errors
109 error="Message Header Error"
110 case "$suberrorcode" in
111 01) suberror="Connection Not Synchronized" ;;
112 02) suberror="Bad Message Length" ;;
113 03) suberror="Bad Message Type" ;;
114 *) suberror="Unknown" ;;
118 error="OPEN Message Error"
119 case "$suberrorcode" in
120 01) suberror="Unsupported Version Number" ;;
121 02) suberror="Bad Peer AS" ;;
122 03) suberror="Bad BGP Identifier" ;;
123 04) suberror="Unsupported Optional Parameter" ;;
124 05) suberror="Authentication Failure" ;;
125 06) suberror="Unacceptable Hold Time" ;;
126 *) suberror="Unknown" ;;
130 error="UPDATE Message Error"
131 case "$suberrorcode" in
132 01) suberror="Malformed Attribute List" ;;
133 02) suberror="Unrecognized Well-known Attribute" ;;
134 03) suberror="Missing Well-known Attribute" ;;
135 04) suberror="Attribute Flags Error" ;;
136 05) suberror="Attribute Length Error" ;;
137 06) suberror="Invalid ORIGIN Attribute" ;;
138 07) suberror="AS Routing Loop" ;;
139 08) suberror="Invalid NEXT_HOP Attribute" ;;
140 09) suberror="Optional Attribute Error" ;;
141 10) suberror="Invalid Network Field" ;;
142 11) suberror="Malformed AS_PATH" ;;
143 *) suberror="Unknown" ;;
147 error="Hold Timer Expired"
151 error="Finite State Machine Error"
156 case "$suberrorcode" in
157 01) suberror="Maximum Number of Prefixes Reached" ;;
158 02) suberror="Administratively Shutdown" ;;
159 03) suberror="Peer Unconfigured" ;;
160 04) suberror="Administratively Reset" ;;
161 05) suberror="Connection Rejected" ;;
162 06) suberror="Other Configuration Change" ;;
163 07) suberror="Connection collision resolution" ;;
164 08) suberror="Out of Resource" ;;
165 09) suberror="MAX" ;;
166 *) suberror="Unknown" ;;
175 # create textual message from errorcodes
176 if [ "x$suberror" == "x" ]; then
177 NOTIFY="$errorcode ($error)"
179 NOTIFY="$errorcode/$suberrorcode ($error/$suberror)"
182 # form a decent subject
183 SUBJECT="$TYPE: $ROUTER [bgp] $peer is $peerstate: $NOTIFY"
184 # create the email body
186 BGP notification on router $ROUTER.
190 New state: $peerstate
191 Notification: $NOTIFY
197 Snmpd uptime: $uptime
200 # mail the notification
201 echo "$MAIL" | mail -s "$SUBJECT" $EMAILADDR