SNMP Notifications of Syslog Messages
October 29, 2008 at 4:47 pm | In System Management | Leave a CommentConfiguration
snmp-server enable traps syslog snmp-server host 155.1.146.100 CISCO ! logging history debugging logging history size 100
Usage Guidelines
When the history table is full (that is, it contains the maximum number of message entries specified with the logging history size command), the oldest message entry is deleted from the table to allow the new message entry to be stored.
Examples
In the following example, the user sets the number of messages stored in the history table to 20:
logging history size 20
SNMP MAC Address Notifications
October 29, 2008 at 3:08 pm | In System Management | Leave a CommentIEWB1-Vol1-v5 Task: 12.20
Configuration SW1 to send traps when there’re new MAC address on interface connected to R1 and R5
Configuration
Rack1SW1#sh run interface FastEthernet0/1 snmp trap mac-notification change added snmp trap mac-notification change removed interface FastEthernet0/5 snmp trap mac-notification change added snmp trap mac-notification change removed snmp-server enable traps mac-notification change snmp-server host 155.1.146.100 CISCO mac-address-table notification change interval 2 mac-address-table notification change history-size 100 mac-address-table notification change
Verification
Rack1SW1#debug snmp packets SNMP packet debugging is on Rack1R1(config)#int fa0/0 Rack1R1(config-if)#mac-address 0000.6c11.1111 Rack1R1#ping 155.1.146.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 155.1.146.4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms Rack1SW1# *Mar 1 02:28:36.393: SNMP: Queuing packet to 155.1.146.100 *Mar 1 02:28:36.393: SNMP: V1 Trap, ent cmnMIBNotificationPrefix, addr 155.1.67.7, gentrap 6, spectrap 1 cmnHistMacChangedMsg.1 = 01 00 92 00 00 6C 11 11 11 00 03 00 cmnHistTimestamp.1 = 891639 Rack1SW1#sh mac address-table notification change MAC Notification Feature is Enabled on the switch Interval between Notification Traps : 2 secs Number of MAC Addresses Added : 3 Number of MAC Addresses Removed : 3 Number of Notifications sent to NMS : 5 Maximum Number of entries configured in History Table : 100 Current History Table Length : 5 MAC Notification Traps are Enabled History Table contents ---------------------- History Index 1, Entry Timestamp 891639, Despatch Timestamp 891639 MAC Changed Message : Operation: Added Vlan: 146 MAC Addr: 0000.6c11.1111 Dot1dBasePort: 3 History Index 2, Entry Timestamp 921715, Despatch Timestamp 921715 MAC Changed Message : Operation: Deleted Vlan: 146 MAC Addr: 000b.5f76.7280 Dot1dBasePort: 3 History Index 3, Entry Timestamp 942366, Despatch Timestamp 942366 MAC Changed Message : Operation: Added Vlan: 146 MAC Addr: 0000.6c11.0001 Dot1dBasePort: 3 History Index 4, Entry Timestamp 944973, Despatch Timestamp 944973 MAC Changed Message : Operation: Deleted Vlan: 146 MAC Addr: 0000.6c11.1111 Dot1dBasePort: 3 Operation: Deleted Vlan: 146 MAC Addr: 0000.6c11.0001 Dot1dBasePort: 3 History Index 5, Entry Timestamp 945174, Despatch Timestamp 945174 MAC Changed Message : Operation: Added Vlan: 146 MAC Addr: 0000.6c11.0001 Dot1dBasePort: 3
SNMP Traps and Informs
October 29, 2008 at 12:28 pm | In System Management | Leave a CommentIEWB-vol1-v5 Task 12.17:
Configure R4 to send traps and informs about link status (except Serial interfaces) to management stations.
R4: snmp-server enable traps snmp linkdown linkup snmp-server host 155.1.146.101 inform version 2c CISCO snmp-server host 155.1.146.100 CISCO ! interface Serial0/0 no snmp trap link-status ! interface Serial0/1 no snmp trap link-status
Verification
Rack1R4#sh snmp host Notification host: 155.1.146.101 udp-port: 162 type: inform user: CISCO security model: v2c Notification host: 155.1.146.100 udp-port: 162 type: trap user: CISCO security model: v1
Rack1R4#debug snmp packet SNMP packet debugging is on Rack1R4#c Enter configuration commands, one per line. End with CNTL/Z. Rack1R4(config)#int e0/0 Rack1R4(config-if)#shut Rack1R4(config-if)# *Apr 7 17:20:47.354: %LINK-5-CHANGED: Interface Ethernet0/0, changed state to administratively down *Apr 7 17:20:48.354: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down *Apr 7 17:20:48.354: SNMP: Inform request, reqid 12, errstat 0, erridx 0 sysUpTime.0 = 1558882 snmpTrapOID.0 = snmpTraps.3 ifIndex.1 = 1 ifDescr.1 = Ethernet0/0 ifType.1 = 6 lifEntry.20.1 = administratively down *Apr 7 17:20:48.442: SNMP: Packet sent via UDP to 155.1.146.101.162 *Apr 7 17:20:48.442: SNMP: Queuing packet to 155.1.146.100 *Apr 7 17:20:48.442: SNMP: V1 Trap, ent snmpTraps, addr 155.1.45.4, gentrap 2, spectrap 0 ifIndex.1 = 1 ifDescr.1 = Ethernet0/0 ifType.1 = 6 lifEntry.20.1 = administratively down Rack1R4(config-if)# *Apr 7 17:20:48.694: SNMP: Packet sent via UDP to 155.1.146.100
SNMP agents can send Informs or Traps
Traps are messages alerting the SNMP manager to a condition on the network
Informs are traps that require ACK from SNMP manager. Inform are more reliable than Traps
The snmp-server host command is used in conjunction with the snmp-server enable command. Use the snmp-server enable command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server enable command and the snmp-server host command for that host must be enabled.
Doc CD Navigation
Blog at WordPress.com. | Theme: Pool by Borja Fernandez.
Entries and comments feeds.
