NetIron CER 2024C snmp trap for rout-map threshold

  • 0
  • 1
  • Question
  • Updated 2 months ago
  • Answered
Hello,

I need some help with my snmp configuration. I have two NetIron CER2024C. They're used as border gateways. They have vrrp configured and VRF in order to distribute the traffic to the ISP.

The thing is that I have a threshold set for each VRF, but I don't have traps arriving to my Management system when the threshold is reached.
Here's the configuration:

!VRF configuration
vrf example
 rd 65001:1
 address-family ipv4
 exit-address-family
 address-family ipv6
 exit-address-family
exit-vrf
!SNMP
snmp-server
snmp-server community 2 $NW ro 2
snmp-server community 2 $NVUn rw 2
snmp-server contact exi
no snmp-server enable traps ospf
no snmp-server enable traps isis
no snmp-server enable traps vsrp
no snmp-server enable traps udld
!
snmp-server host 10.1.1.77 version v1 2 $Xj1k
snmp-server host 10.1.1.78 version v1 2 $UXj1k
snmp-server host 10.2.2.114 version v1 2 $
snmp-server host 10.1.1.77 version v2c 2 $NQ==
snmp-server access-group 2
!
route-map CPREF permit 10
 set local-preference 400
!
route-map IPREF permit 10
 set local-preference 300
!
route-map INPREF permit 10
 set local-preference 500
!
I have traps that are sent for the physical interfaces. Is there possible to do the same but for the logical interfaces?

Thanks in advance!
Photo of Laura Pineiro

Laura Pineiro

  • 110 Points 100 badge 2x thumb

Posted 3 months ago

  • 0
  • 1
Photo of Samantha R Newman

Samantha R Newman, Employee

  • 120 Points 100 badge 2x thumb
Laura, 
     It is not clear to me what you are asking for in the first question. you state:

"The thing is that I have a threshold set for each VRF, but I don't have traps arriving to my Management system when the threshold is reached." 

    Yet based on your sample configuration I only see 1 VRF referenced. I can see you have configured SNMP server information and a few route maps. 

    Can you give me an example of the thresholds you are setting that you are expecting to get traps on? 

  Regarding your second question about getting traps on a virtual interface if it goes down. The answer would be no. Because the interface is virtual and thus not tied to a particular physical port (can be mapped to many physical interfaces) all interfaces would have to drop to get a trap on a virtual interface. By the time you get traps on a virtual interface you will have already received traps for the physical interfaces. Hopefully that helps.
Photo of Laura Pineiro

Laura Pineiro

  • 110 Points 100 badge 2x thumb
HI,
firstly, thanks a lot for your answer. Maybe I didn't explain right my problem.
I have three virtual interfaces at "vrf example", the interface I use for snmp polling is the management interface, whose belongs to "default-vrf".
What I want is to get the traffic used by each virtual interface, since we have set thresholds of 400, 300 and 500 Mbs for ve1, ve2, and ve3 respectively.
Maybe I just need to check the MIBs for Net Iron and look for the right parameter, but I can find it.
So, clarifying my answer, what I basically want is to get the traffic for the virtual interfaces instead the physical ones.

Thanks again for your helps,

Laura
Photo of Samantha R Newman

Samantha R Newman, Employee

  • 120 Points 100 badge 2x thumb
Laura, your welcome we're glad we are helping. 

First let's be clear the only time a virtual interface will "see" traffic is when any routing is done. Also, if you were trying to capture total bandwidth either inbound or outbound from an a virtual interface it would be the sum of all physical links associated with that virtual interface and VLAN. Lastly, measuring bandwidth in this way would only measure routed traffic as stated. Any switched traffic from one physical interface to another for a VLAN will not be counted nor seen. 

The way in which you are trying to accomplish this will not work. Routemaps and using local pref's is used for BGP routing only, not for defining bandwidth thresholds. My recommendation would be to measure RX and TX traffic by doing SNMP GETS from your SNMP server to the following OID's:

.1.3.6.1.2.1.2.2.1.10 (IfInOctets)

.1.3.6.1.2.1.2.2.1.16 (ifoutoctets)

By measuring the number of inoctets and outoctets you can get an idea on total utilization on a physical interface. Then if your SNMP server allows you to you can set thresholds on your server to notify you or any other admin when that threshold is breached. 

Finally I will say that please keep in mind that when you are measuring utilization on a link that traffic can be "bursty" at times. So it would be best practice to consider graphing link utilization over a set period of time. Daily, weekly or monthly is usually how most customers do this. 

Hopefully this helps give you some direction.

Regards,
Samantha Newman
Technical Support Engineer
Extreme Networks
Photo of Laura Pineiro

Laura Pineiro

  • 110 Points 100 badge 2x thumb
Thanks a lot Samantha. Your explication had been very useful.
I'll keep in mind your recommendations.

Best regards,

Laura