Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

IPv6 and SNMP: Traps arrive, but not processed by snmptrapd

https://support.nagios.com/forum/viewtopic.php?t=37746

Page 1 of 8

IPv6 and SNMP: Traps arrive, but not processed by snmptrapd

Posted: Wed Mar 30, 2016 5:13 pm
by gormank
Hi,
Here's another one of my SNMP questions... I have the trap receiver set up and see traps over IPv4. We ran out of address space so a new blade chassis and its iLOs use IPv6. I added an NIC on the Nagios servers, can ping to/from the new hardware, and see traps over IPv6 using tcpdump. Below are example traps over both protocols. The Nagios servers were restarted after adding the new NICs and snmptrapd and snmptt have been restarted since then.

Code: Select all

# tcpdump -i eth3 -s 0 port 162

tcpdump: WARNING: eth3: no IPv4 address assigned
listening on eth3, link-type EN10MB (Ethernet), capture size 65535 bytes
21:41:13.511945 IP6 2001:4888:a03:311f:c0:a:0:190.32861 > 2001:4888:a03:311f:c0:a:0:1f5.snmptrap:  C=hidden Trap(167)  E:232 0.0.0.0 enterpriseSpecific s=11003 9293453 system.sysName.0="TXSLM2MCHP7004-OA" E:232.11.2.11.1=1 E:232.11.2.8.1="HP Onboard Administrator Test Trap sent from enclosure: TXSLM2MCHP7004"

# tcpdump -i eth1 -s 0 port 162

listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
21:45:37.519799 IP 10.133.133.100.cisco-ipsla > 10.133.133.74.snmptrap:  C=hidden Trap(165)  E:232 10.133.133.100 enterpriseSpecific s=11003 980382006 system.sysName.0="OA-7446A0F9190B" E:232.11.2.11.1=0 E:232.11.2.8.1="HP Onboard Administrator Test Trap sent from enclosure: TXLSM2MCHP7001"
The trouble is I don't see them logged in syslog by snmptrapd, so snmptt and Nagios get nothing. I see nothing in any snmp*conf files that tell it to listen on any particular interface, or address.

Any ideas?

Thanks!
Kev

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Wed Mar 30, 2016 7:29 pm
by Box293
On this page:
http://www.net-snmp.org/docs/man/snmptrapd.html
LISTENING ADDRESSES
By default, snmptrapd listens for incoming SNMP TRAP and INFORM packets on UDP port 162 on all IPv4 interfaces. However, it is possible to modify this behaviour by specifying one or more listening addresses as arguments to snmptrapd. See the snmpd(8) manual page for more information about the format of listening addresses.

On this page:
http://www.net-snmp.org/docs/man/snmpd.html
udp6:10161
listen on port 10161 on all IPv6 interfaces.

So taking that information, I would edit /etc/snmp/snmptrapd.conf and add the line:

Code: Select all

udp6:162
Save and restart snmptrapd

Does this help?

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 11:30 am
by gormank
No help, and while the trap arrived, it isn't processed. My net-snmp is a bit old.

Code: Select all

Mar 31 16:25:02 txslm2mlnag001 snmptrapd[15029]: /etc/snmp/snmptrapd.conf: line 13: Error: Blank line following udp6:162 token.
Mar 31 16:25:02 txslm2mlnag001 snmptrapd[15029]: net-snmp: 1 error(s) in config file(s)
Mar 31 16:25:02 txslm2mlnag001 snmptrapd[15029]: /etc/snmp/snmptrapd.conf: line 13: Error: Blank line following udp6:162 token.
Mar 31 16:25:02 txslm2mlnag001 snmptrapd[15029]: net-snmp: 1 error(s) in config file(s)
Mar 31 16:25:02 txslm2mlnag001 snmptrapd[15073]: NET-SNMP version 5.5
There's no blank line after the udp6:162 token. Its the token it doesn't like.

Code: Select all

disableAuthorization yes
traphandle default /usr/local/sbin/snmptthandler

################################################## #########################
# SECTION: Authentication options
#
# Authentication options

# ignoreauthfailure: Ignore authentication failure traps
# arguments: (1|yes|true|0|no|false)

ignoreauthfailure 1
udp6:162
I made the same change to snmpd.conf, started it, and got the same error in syslog.

Code: Select all

Mar 31 17:23:19 txslm2mlnag001 snmpd[32060]: /etc/snmp/snmpd.conf: line 465: Error: Blank line following udp6:162 token.
Mar 31 17:23:19 txslm2mlnag001 snmpd[32060]: net-snmp: 1 error(s) in config file(s)
Mar 31 17:23:19 txslm2mlnag001 snmpd[32060]: /etc/snmp/snmpd.conf: line 465: Error: Blank line following udp6:162 token.
Mar 31 17:23:19 txslm2mlnag001 snmpd[32060]: net-snmp: 1 error(s) in config file(s)
Mar 31 17:23:19 txslm2mlnag001 snmpd[32062]: NET-SNMP version 5.5
I'll test with a newer version of net-snmp. Mine's 5.5-50 and 5.5-54 seems to be latest for RHRL 6.

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 4:11 pm
by hsmith
Let us know what happens with the newer net-snmp.

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 4:21 pm
by gormank
The man pages are from 2009, so by now this should be working regardless of the version...

From the example snmpd.conf I found the following syntax.

# grep -e udp6 -e IPv6 /usr/share/doc/net-snmp-5.5/EXAMPLE.conf
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161

I converted that to the following.

agentAddress udp:162
agentAddress udp6:[2001:4888:a03:311f:c0:a:0:1f5]:162
agentAddress udp6:[::1]:162
agentAddress udp:162,udp6:[::1]:162
agentAddress udp:162,udp6:[2001:4888:a03:311f:c0:a:0:1f5]:162

I tried all of them. None changes what traps are processed. Traps on IPv4 are processed even when the 3rd entry above tells the system to only listen on IPv6...

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 5:19 pm
by tmcdonald
While we can definitely still help troubleshoot this a while longer, you will honestly probably have better luck asking in a forum dedicated to SNMP:

http://www.tek-tips.com/threadminder.cfm?pid=833 (Ignore that, they do not appear very active)

or on the net-snmp mailing list:

https://sourceforge.net/p/net-snmp/mail ... nmp-users/ (offline at the moment due to SourceForge issues)

There's also a general Net-SNMP support page:

http://www.net-snmp.org/support/contacts.html

They deal with these packages all the time, while we only deal with them occasionally. Otherwise if you can find a guy with a very grey, very long beard I've found that usually helps :)

The only thing I can think of is that the snmpd service is not picking up the changes for whatever reason.

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 5:22 pm
by gormank
I think I had the wrong syntax. This should work in theory, but doesn't in real life.

snmpTrapdAddr udp:162,udp6:[::1]:162
snmpTrapdAddr udp:162,udp6:[2001:4888:a03:311f:c0:a:0:1f5]:162
snmpTrapdAddr udp6:[::1]:162,udp:162
snmpTrapdAddr udp:162,udp6:162

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 5:22 pm
by jolson
Kevin,

Give this one a try:

Code: Select all

udp6:[::]:161

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 5:23 pm
by ssax
Try editing your /etc/init.d/snmptrapd and change this:

Code: Select all

OPTIONS="-Lsd -p /var/run/snmptrapd.pid"
To this:

Code: Select all

OPTIONS="-Lsd udp6:162 -p /var/run/snmptrapd.pid"
Then restart snmptrapd:

Code: Select all

service snmptrapd restart
May want to validate that it still works with non-IPv6 if your using them.

Re: IPv6 and SNMP: Traps arrive, but not processed by snmptr

Posted: Thu Mar 31, 2016 5:26 pm
by gormank
Same non-result from this:

snmpTrapdAddr udp:162,udp6:[::]:162
All times are UTC-05:00
Page 1 of 8

Powered by phpBB® Forum Software © phpBB Limited