SNMPv3 trap delay 5min

  • 0
  • 1
  • Problem
  • Updated 3 years ago
  • Solved
hi,
i am able see snmp messages in snmp server, but there is 5min delay.
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,286 Points 20k badge 2x thumb
You should add a little more details so someone could help...

- switch model & software
- SNMP server product i.e. Netsight with software version
- example of a message that you get with the delay

-Ron
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
System Type:      E4G-200
XOS:  16.1.1.4
SNMP server : internal product

I am  enabling / disabling ports is giving me SNMP critical/clear error but there is 5min delay.
I did wireshark, I can only see snmp get messages, i dont see anything in snmp.trap filter.

 
Photo of Drew C.

Drew C., Community Manager

  • 37,364 Points 20k badge 2x thumb
Can you help clarify if the delay you're seeing is in receiving the trap from the switch (verified with Wireshark) or a delay in your internal product to display it?
Does this work as expected in another EXOS version?
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
I am having issue in receiving trap from the switch....I have not tried on other xos version.(i wont be able to change xos.)

Also, should I be looking for trap in snmp.trap filter? 
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
Where can i get MIB information?
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
what is meaning of this MIB: IF-MIB::ifOperStatus.1001 (1.3.6.1.2.1.2.2.1.8.1001):

can you tell me mib for port up and down? 
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,286 Points 20k badge 2x thumb
You'd download the MIB file on the support site in the software section.
https://esupport.extremenetworks.com/

With an MIB browser you'd search thru the MIB...
https://community.extremenetworks.com/extreme/topics/mib-to-oid-with-description


Below the full information of the MIB entry MIB: IF-MIB::ifOperStatus.1001 (1.3.6.1.2.1.2.2.1.8.1001):

In short it's the interface status (up/down) of interface#1001


iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOperStatus
1.3.6.1.2.1.2.2.1.8

ifOperStatus OBJECT-TYPE
SYNTAX Integer {
    up(1),
    down(2),
    testing(3),
    unknown(4),
    dormant(5),
    notPresent(6),
    lowerLayerDown(7) }
MAX-ACCESS Read Only
STATUS Current
DESCRIPTION
    The current operational state of the interface. The
    testing(3) state indicates that no operational packets can
    be passed. If ifAdminStatus is down(2) then ifOperStatus
    should be down(2). If ifAdminStatus is changed to up(1)
    then ifOperStatus should change to up(1) if the interface is
    ready to transmit and receive network traffic; it should
    change to dormant(5) if the interface is waiting for
    external actions (such as a serial line waiting for an
    incoming connection); it should remain in the down(2) state
    if and only if there is a fault that prevents it from going
    to the up(1) state; it should remain in the notPresent(6)
    state if the interface has missing (typically, hardware)
    components.
::= { ifEntry 8 }     



-Ron
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
Hi,

Thank you for MIB information. 
So, switch is sending get-response after around 10min. Even if I disable /enable switch port, it is not sending trap immediately. If I filter using snmp.trap, I am not getting any packet.

Why there is a delay?, why it is not generating message when port status has changed? why it is not sending any trap?

switch ip: 55.1.128.1
snmp server: 29.189.11.134

SNMP config:

configure snmpv3 add user tester engine-id <xxxx> authentication sha auth-encrypted localized-key <key> privacy aes 128 privacy-encrypted localized-key <key>

configure snmpv3 add group admingrp1 user tester sec-model usm
configure snmpv3 add access admingrp1 sec-model usm sec-level priv read-view "defaultUserView" notify-view "defaultNotifyView"
configure snmpv3 add target-addr "snmptarget" param "snmpparam" ipaddress 29.189.11.134 transport-port 162 tag-list "defaultNotify"



Let me know if you need more information.
Photo of Prashanth KG

Prashanth KG, Employee

  • 5,300 Points 5k badge 2x thumb
Hi Ravi,

The following article may help you test traps for the port up/down. 
https://gtacknowledge.extremenetworks.com/articles/Solution/Port-up-down-alarms-trap-are-not-being-triggered  

Please check in the switch if the port up/down traps are enabled. 
Also, please ensure that the trap receiver is configured properly in the switch by verifying the command, 

show management. 


SNMP v1/v2c TrapReceivers        :    Destination         Source IP Address       Flags   Timeout  Retries
  29.189.11.134 /162                            2ET           -        -

Flags:  Version: 1=v1 2=v2c 3=v3
        Mode: S=Standard E=Enhanced
        Notification Type: T=Trap I=Inform

SNMP stats:     InPkts 0       OutPkts   0       Errors 0       AuthErrors 0
                Gets   0       GetNexts  0       Sets   0       Drops      0
SNMP traps:     Sent   0       AuthTraps Enabled
SNMP inform:    Sent   0       Retries   0       Failed 0

If it still doesnot work, please share the output of show management after your testing. 

Hope this helps!

P.S. The image of the wireshark shared above is not clear. So, I am not sure how it is being filtered. I would suggest using the following filter to ensure that there are traps from the switch. 

ip.addr == <source IP address displayed in the show management output for the trap receiver>. 
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
Hi,

I have enabled port up-down trap.


enable snmp traps port-up-down port 1
enable snmp traps port-up-down port 2
enable snmp traps port-up-down port 3
enable snmp traps port-up-down port 4
enable snmp traps port-up-down port 5
enable snmp traps port-up-down port 6
enable snmp traps port-up-down port 7
enable snmp traps port-up-down port 8
enable snmp traps port-up-down port 9
enable snmp traps port-up-down port 10
enable snmp traps port-up-down port 11
enable snmp traps port-up-down port 12

#show management
...................
...................
SNMP Compatibility Options       :    GETBULK Reply Too Big Action : Too Big Error
    IP Fragmentation             : Disallow
SNMP Notifications               : Enabled
SNMP Notification Receivers  :
    Destination Address      : 29.189.11.134:162
    Source Address           : Not Configured
    Virtual Routers          : VR-Default, VR-Mgmt
    Version                  : v3                Type      : Trap
    Timeout                  : -                 Retries   : -

    Destination Address      : 29.189.11.134:162
    Source Address           : Not Configured
    Virtual Routers          : VR-Default, VR-Mgmt
    Version                  : v2c               Type      : Trap
    Timeout                  : -                 Retries   : -

SNMP stats:     InPkts 35527   OutPkts   35535   Errors 0       AuthErrors 4
                Gets   2908    GetNexts  32602   Sets   0       Drops      0    
SNMP traps:     Sent   12      AuthTraps Enabled
SNMP inform:    Sent   0       Retries   0       Failed 0

=====================================

SNMP traps: sent 12 is very old (i dont when it is generated), not if I do anything it is not changing.
fyi, I am working on snmpv3. 

configure snmp add trapreceiver command is not for snmpv3!!

Also which target parameter I should be using?

my current o/p:
 # show snmpv3 target-params

Target Params Name      : snmpparam
MP Model                : snmpv3
Security Model          : USM
User Name               : tester1
Security Level          : Authentication Privacy
Storage Type            : NonVolatile
Row Status              : Active



Thank you for looking into it.
-
Ravi
(Edited)
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
Any update??

sending you snmpv3 config again:

# Module snmpMaster configuration.

configure snmpv3 add user <username> engine-id <id> authentication sha auth-encrypted localized-key <hash key> privacy aes 128 privacy-encrypted localized-key <hash key>

configure snmpv3 add group "v1v2cNotifyGroup" user "v1v2cNotifyUser1" sec-model snmpv2c

configure snmpv3 add group "mgrp" user <user> sec-model usm

configure snmpv3 add access "mgrp" sec-model usm sec-level priv read-view "defaultUserView" write-view "defaultUserView" notify-view "defaultNotifyView"

configure snmpv3 add community "snmpcomm" name "private" user <user>

configure snmpv3 add community "v1v2cNotifyComm1" name "private" user "v1v2cNotifyUser1"

configure snmpv3 add target-addr "snmptarget" param "snmpparam" ipaddress 29.189.11.134 transport-port 162 tag-list "defaultNotify"

configure snmpv3 add target-addr "v1v2cNotifyTAddr1" param "v1v2cNotifyParam1" ipaddress 29.189.11.134 transport-port 162 tag-list "defaultNotify"

configure snmpv3 add target-params "snmpparam" user <user> mp-model snmpv3 sec-model usm sec-level priv

configure snmpv3 add target-params "v1v2cNotifyParam1" user "v1v2cNotifyUser1" mp-model snmpv2c sec-model snmpv2c sec-level noauth

=====================================================================

Using this one, I can see SNMP Trap number (in show management command o/p) increase whenever I unplug cable.But this is through snmpv2c, If I remove that, it is not increasing. 

Let me know if you need more information.


I this so there is software bug in xos.

-

Ravi

(Edited)
Photo of Prashanth KG

Prashanth KG, Employee

  • 5,300 Points 5k badge 2x thumb
Hi Ravi,

I am suspecting that the port up/down messages are SNMP v2c traps. That is why the traps are sent only with the snmpv2c model. I am currently doing some tests to validate my understanding. Will keep you updated after I get a clarity on this. 

Thanks for your patience. 
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
SO THERE IS BUG WITH XOS ( XOS-16.1.1.4 and XOS-15.7.2.9) AND/OR E4G-200 DEVICE.

ONLY MGMT PORT IS SENDING TRAP, NO OTHER PORTS ARE SENDING TRAP. IF I UNPLUG MGMT PORT AND THEN UNPLUG/PLUG IN ANY OTHER PORT, I CAN SEE TRAP GENERATED.  
IT IS WORKING FINE WITH X460 SWITCH.
Photo of Drew C.

Drew C., Community Manager

  • 37,364 Points 20k badge 2x thumb
Hi Ravi,
I'll ask Prashanth or someone else in GTAC to open a case for you on this issue so that it can be investigated and tracked.
Thanks for bringing it to our attention.

EDIT:  Looks like a case was opened yesterday.  We'll track it there.  Thanks!
(Edited)
Photo of Ravi0087

Ravi0087

  • 304 Points 250 badge 2x thumb
case number :01141591 (it was open last week sometime)
Photo of Drew C.

Drew C., Community Manager

  • 37,364 Points 20k badge 2x thumb
That's the one - I was looking at the wrong date field  :)