This KB article explains how to configure Nagios XI to receive SNMP Traps that come in via IPv6 (Internet Protocol version 6).
It is a requirement to have already followed this guide to install all the SNMP Trap pre-requisites:
Documentation - How to Integrate SNMP Traps With Nagios XI
Editing Files
In many steps of this article you will be required to edit files. This documentation will use the vi text editor. When using the vi
editor:
Configure SNMPTRAPD
These steps configure snmptrapd to listen for IPv6 traps.
Establish an SSH session to your Nagios XI server as a root user.
Edit the /etc/snmp/snmptrapd.conf file and add the following line:
snmpTrapdAddr udp:162,udp6:162
Save and close the file.
Now restart the SNMPTRAPD service:
RHEL 6 | CentOS 6 | Oracle Linux 6
service snmptrapd restart
RHEL 7 | CentOS 7 | Oracle Linux 7 | Debian | Ubuntu 16/18
systemctl restart snmptrapd.service
Ubuntu 14
service snmpd restart
Firewall Rules
You will also need to add a firewall rule allow IPv6 SNMP Traps using one of the commands below:
RHEL 6 | CentOS 6 | Oracle Linux 6
ip6tables -I INPUT -p udp --destination-port 162 -j ACCEPT
service ip6tables save
RHEL 7 | CentOS 7 | Oracle Linux 7
firewall-cmd --zone=public --add-port=162/udp
firewall-cmd --zone=public --add-port=162/udp --permanent
Debian
iptables -I INPUT -p udp --destination-port 162 -j ACCEPT
Ubuntu
ufw allow proto udp from any to any port 162
ufw reload
At this point your Nagios XI server will listen for SNMP IPv6 traps (as well as IPv4).
Update snmptraphandling.py Script
There is currently a bug in how the Net-SNMP libraries spool these received IPv6 traps. In brief, the side affects of this bug are:
The IPv6 address is not formatted correctly
snmptrapd is not able to resolve this address to a DNS record
snmptt is not able to resolve this address to a DNS record
This causes the address submitted to Nagios XI as a passive check result to be an incorrect address
Full details about the bug are reported here:
#2704 IPv6 Trap addresses not processed correctly
Without going into too much detail about the bug, lets compare the address in an IPv4 trap compared to an IPv6 trap:
IPv4
localhost.localdomain
This was submitted as 127.0.0.1 but has been resolved, which is fine
IPv6
UDP/IPv6: [::1]:50618
The address should be ::1 and if it was able to, it could have been resolved to a DNS record
Once the trap is spooled, it is processed by snmptt (SNMP Trap Translator).
Processed traps are submitted to Nagios using the EXEC statement, which executes the /usr/local/bin/snmptraphandling.py script and passes on the address value.
The following modifications to the snmptraphandling.py script allow:
The corrected IPv6 address to be resolved to a DNS record, hence allowing the passive check result to correctly target the host object in Nagios
If it's not able to be resolved to a DNS object, the correctly formatted IPv6 address will be submitted in the passive check result
Edit the file
/usr/local/bin/snmptraphandling.py
Change this:
host = sys.argv[1]
To this:
host = sys.argv[1]
if host.startswith("UDP/IPv6"):
try:
import socket
host = socket.gethostbyaddr(sys.argv[1].partition('[')[-1].rpartition(']')[0])[0]
#host = host.partition('.')[0]
except:
host = sys.argv[1].partition('[')[-1].rpartition(']')[0]
This line here:
host = socket.gethostbyaddr(sys.argv[1].partition('[')[-1].rpartition(']')[0])[0]
Will result in something like myserver.mydomain.local
If you uncomment this line:
#host = host.partition('.')[0]
The object will be the short version myserver
Final Thoughts
For any support related questions please visit the Nagios Support Forums at:
http://support.nagios.com/forum/
Article ID: 499
Created On: Thu, Apr 28, 2016 at 1:50 AM
Last Updated On: Tue, Dec 18, 2018 at 5:38 PM
Authored by: tlea
Online URL: https://support.nagios.com/kb/article/nagios-xi-receiving-ipv6-snmp-traps-499.html