Hello,
We have an implementation of Nagios in our network, and the server has 2 NICs, one to be able to communicate with all customer's devices and another one for management from our network. We want to be able to send traps to Nagios from both networks, but for some reason, Nagios only sees traps originating from our customer's network.
Is there a way to intruct SNMPTT to listen on all IPs?
Thanks in advance
Traps from 2 NICs
Re: Traps from 2 NICs
What is the output of these commands?
https://net-snmp.sourceforge.io/docs/man/snmptrapd.html
Code: Select all
uname -a
cat /etc/*release
netstat -anop | grep 162
ps aux | grep trapdTaken from here:By default, snmptrapd listens for incoming SNMP TRAP and INFORM packets on UDP port 162 on all IPv4 interfaces
https://net-snmp.sourceforge.io/docs/man/snmptrapd.html
Re: Traps from 2 NICs
Hello ssax,
I thought the same, that it only listens in port 162, but I can't explain why I see traps arriving only from 1 network and not from the other (btw, with tcpdump, I do see the traps on the 2nd interface).
Regarding the outputs:
uname -a
Linux cupnagapp00 3.10.0-1127.13.1.el7.x86_64 #1 SMP Fri Jun 12 14:34:17 EDT 2020 x86_64 x86_64 x86_64 GNU/Linux
cat /etc/*release
NAME="Red Hat Enterprise Linux Server"
VERSION="7.8 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.8"
PRETTY_NAME="Red Hat Enterprise Linux"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.8:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.8
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.8"
Red Hat Enterprise Linux Server release 7.8 (Maipo)
Red Hat Enterprise Linux Server release 7.8 (Maipo)
netstat -anop | grep 162
tcp 0 0 10.224.40.60:51162 10.224.40.61:8086 ESTABLISHED 1159/nagflux keepalive (3.77/0/0)
udp 0 0 0.0.0.0:162 0.0.0.0:* 1158/snmptrapd off (0.00/0/0)
unix 2 [ ACC ] STREAM LISTENING 16202 838/VGAuthService /var/run/vmware/guestServicePipe
unix 2 [ ] DGRAM 16234 1185/rhnsd
unix 2 [ ] DGRAM 16220 1156/xinetd
unix 2 [ ] DGRAM 21621 861/chronyd
ps aux | grep trapd
root 1158 0.0 0.2 269736 41456 ? Ss Feb14 246:21 /usr/sbin/snmptrapd -Lsd -f
I thought the same, that it only listens in port 162, but I can't explain why I see traps arriving only from 1 network and not from the other (btw, with tcpdump, I do see the traps on the 2nd interface).
Regarding the outputs:
uname -a
Linux cupnagapp00 3.10.0-1127.13.1.el7.x86_64 #1 SMP Fri Jun 12 14:34:17 EDT 2020 x86_64 x86_64 x86_64 GNU/Linux
cat /etc/*release
NAME="Red Hat Enterprise Linux Server"
VERSION="7.8 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.8"
PRETTY_NAME="Red Hat Enterprise Linux"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.8:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.8
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.8"
Red Hat Enterprise Linux Server release 7.8 (Maipo)
Red Hat Enterprise Linux Server release 7.8 (Maipo)
netstat -anop | grep 162
tcp 0 0 10.224.40.60:51162 10.224.40.61:8086 ESTABLISHED 1159/nagflux keepalive (3.77/0/0)
udp 0 0 0.0.0.0:162 0.0.0.0:* 1158/snmptrapd off (0.00/0/0)
unix 2 [ ACC ] STREAM LISTENING 16202 838/VGAuthService /var/run/vmware/guestServicePipe
unix 2 [ ] DGRAM 16234 1185/rhnsd
unix 2 [ ] DGRAM 16220 1156/xinetd
unix 2 [ ] DGRAM 21621 861/chronyd
ps aux | grep trapd
root 1158 0.0 0.2 269736 41456 ? Ss Feb14 246:21 /usr/sbin/snmptrapd -Lsd -f
Re: Traps from 2 NICs
Edit this file:
Add this to it (setting the IP addresses to what yours are):
Then restart snmptrapd:
Code: Select all
/etc/sysconfig/snmptrapdCode: Select all
OPTIONS="-Lsd -f udp:127.0.0.1:162 udp:192.168.X.X:162 udp:192.168.Y.Y:162"Code: Select all
systemctl restart snmptrapdRe: Traps from 2 NICs
Locking thread, ticket received, we will continue support through the ticket.