SNMP Traps in Contrail Insights
Contrail Insights supports monitoring of SNMP traps sent from network devices. Traps are unsolicited messages sent from an SNMP agent to remote network management systems or trap receivers.
Configuring Devices to Forward SNMP Traps
For Contrail Insights to listen to SNMP traps from devices, you need to configure the devices to forward the traps because they are not forwarded by default. This can be done either manually from the Junos OS CLI of the device or through Contrail Insights software development kit (SDK).
Check the SNMP Trap Configuration on Device
Before Contrail Insights Version 3.1:
In Contrail Insights version 3.0, Contrail Insights only supports SNMPv2 traps. After the device is configured to forward SNMP traps, you can verify the configuration by logging into the Junos OS CLI and running the following command:
show snmp
The output should be similar to the following example:
trap-options {
source-address {device_ip};
}
trap-group snmp-trap-metallb-test {
version v2;
destination-port 42597;
categories {
link;
authentication;
}
targets {
{collector_1_ip};
{collector_2_ip};
}
}
For additional details regarding configuration, refer to SNMP Traps in Contrail Insights.
After Contrail Insights Version 3.1:
When Contrail Insights version 3.1 or later is installed, SNMP trap configuration on the device needs to be updated because the configuration for the devices on Contrail Insights version 3.0 is no longer valid. In Contrail Insights version 3.1 or later, Contrail Insights supports both SNMPv2 and SNMPv3. You need to configure the device using the following sample configuration so that Contrail Insights will collect the SNMP traps.
After the device is configured to forward SNMP traps, you can verify the configuration by logging into Junos OS CLI and running the following command:
show snmp v3
The output should be similar to the following example for SNMPv2:
The security-name public in the following
configuration refers to the SNMPv2 community name you set in your
device. Set the SNMPv2 community name before you add this SNMP trap
configuration.
...
SNMP v2c Configuration
...
target-address appformix_snmp_v2 {
address x.x.x.x;
port 42597;
tag-list appformix_snmp_v2;
target-parameters appformix_snmp_v2;
}
target-parameters appformix_snmp_v2 {
parameters {
message-processing-model v2c;
security-model v2c;
security-level none;
security-name public; //this is the snmp v2c community name
}
notify-filter appformix_snmp_v2;
}
notify appformix_snmp_v2 {
type trap;
tag appformix_snmp_v2;
}
notify-filter appformix_snmp_v2 {
oid .1 include;
}
The output should be similar to the following example for SNMPv3:
...
SNMP v3 Configuration
...
target-address appformix_snmp_v3 {
address x.x.x.x;
port 42597;
tag-list appformix_snmp_v3;
target-parameters appformix_snmp_v3;
}
target-parameters appformix_snmp_v3 {
parameters {
message-processing-model v3;
security-model usm;
security-level authentication;
security-name acelio;
}
notify-filter appformix_snmp_v3;
}
notify appformix_snmp_v3 {
type trap;
tag appformix_snmp_v3;
}
notify-filter appformix_snmp_v3 {
oid .1 include;
}
The variables security-model, security-level, and security-name are related to the SNMPv3 configuration you set in this device.
Configure the device with SNMPv3 credentials before you enable SNMPv3
traps.
Configuring Contrail Insights to Enable SNMP Traps Monitoring from Network Devices
- Enable Listening to SNMP Traps for Network Devices
- Create Network Device JSON File for SNMPv2c
- Create Network Device JSON File for SNMPv3
- Configuring Contrail Insights Network Device Monitoring Plug-Ins
- Enable SNMP Trap to Show in Contrail Insights Dashboard
- SNMP Trap Data for External Notification
Enable Listening to SNMP Traps for Network Devices
In Contrail Insights Dashboard, Settings > Network Devices, you can add or edit SNMP device configuration and enable Contrail
Insights to collect the SNMP traps for those configured devices. As
long as you have posted the snmp_trap_network_device plug-in from Ansible, Contrail Insights will automatically start
listening on SNMP traps from all SNMP network devices configured in
Contrail Insights.
The field SnmpEngineId is needed
when you want to enable SNMPv3 traps for a device. This field is not
required for normal SNMP polling.
Create Network Device JSON File for SNMPv2c
The list of network devices that needs to be monitored should be added to a JSON file with the following format. There can be multiple devices in the JSON file.
{
"NetworkDeviceList": [
{
"NetworkDevice": {
"MetaData": {
"SnmpConfig": {
"Version": "2c",
"OIDList": ["TCP-MIB::tcp",
"IF-MIB::ifTable",
"enterprises.2636.3.1.13.1"],
"Community": "public"}
},
"Name": "QFX0",
"NetworkDeviceId": "QFX0",
"ManagementIp": "x.x.x.x",
"ChassisType": "tor",
"Source": ["user.snmp"],
"InterfaceList": [
],
"ConnectionInfo": []
}
}
]
}
The user.snmp needs to be included in Source field. Contrail
Insights automatically starts monitoring the traps sent from all
user.snmp devices configured in Contrail Insights. For more
details about other fields and how to post network devices using Ansible, refer
to Configure Network Device from JSON
File.
Create Network Device JSON File for SNMPv3
The list of network devices that needs to be monitored should
be added to a JSON file using the following format. There can be multiple
devices in the JSON file. For SNMPv3 traps, you need to specify the SnmpEngineId for SnmpConfig.
{
"NetworkDeviceList": [
{
"NetworkDevice": {
"MetaData": {
"SnmpConfig": {
"Version": "3",
"Password": "pwd",
"Level": "authPriv",
"PrivKey": "privkey",
"PrivProtocol": "DES",
"Protocol": "MD5",
"SnmpEngineId": "80000a4c010a574478",
"OIDList": ["TCP-MIB::tcp",
"IF-MIB::ifTable",
"enterprises.2636.3.1.13.1"],
"Username": "user"}
},
"Name": "QFX0",
"NetworkDeviceId": "QFX0",
"ManagementIp": "x.x.x.x",
"ChassisType": "tor",
"Source": ["user.snmp"],
"InterfaceList": [
],
"ConnectionInfo": []
}
}
]
}
Configuring Contrail Insights Network Device Monitoring Plug-Ins
Contrail Insights needs to be configured at the time of installation
to enable the SNMP trap plug-in. Contrail Insights has a built-in
SNMP trap plug-in in the certified_plugins folder in the Ansible installation directory. This needs to be included
in the plug-in descriptor in the appformix_plugins variable in group_vars/all.
# network_device_file_name is optional, if you want to add devices from UI, then you don't need it
network_device_file_name: <path_to_above_json_file>
appformix_plugins:
- { plugin_info: certified_plugins/snmp_trap_network_device.json }
Enable SNMP Trap to Show in Contrail Insights Dashboard
There is a built-in SNMP trap rule that is configured in profiles/network_device_snmp_trap_profile.json to enable
SNMP trap pop-up in the Contrail Insights Dashboard Alarm page. The
trap is posted to Contrail Insights by default and every time traps
are sent to Contrail Insights Agent, the traps appear in the Contrail
Insights Dashboard Alarm page and display detailed information about
the traps Contrail Insights receives.
SNMP Trap Data for External Notification
When Contrail Insights receives a SNMP trap, Contrail Insights
displays the trap in Dashboard > Alarms as rule network_device_snmp_trap and sends it to Apache Kafka, if Kafka has been configured in Contrail Insights. You can
associate the rule network_device_snmp_trap with external notifiers such as PagerDuty, ServiceNow, Slack, Custom
Notifier, and so on.
Following is an example JSON file sent to external notifiers for SNMP trap:
{'status': {
'description': 'NetworkDevice sample_device: SNMP Trap Received for OID=linkUp',
'timestamp': 1555549001000,
'entityType': 'network_device',
'state': 'triggered',
'entityDetails': {},
'entityId': 'sample_device',
'metaData': {
'snmpTrapOID': 'linkUp',
'Timestamp': 1555548996000,
'ifAdminStatus': '1',
'roomKey': 'sample_device',
'ifIndex': '545',
'ifName': 'irb.20',
'ifOperStatus': '1',
'sysUpTimeInstance': '1028117810'}
},
'kind': 'Alarm',
'spec': {
'aggregationFunction': 'sum',
'intervalDuration': 1,
'severity': 'none',
'module': 'alarms',
'intervalCount': 1,
'metricType': 'snmp.trap',
'name': 'network_device_snmp_trap',
'eventRuleId': 'NETWORK_DEVICE_SNMP_TRAP',
'mode': 'event',
'intervalsWithException': 1,
'threshold': 1,
'comparisonFunction': 'equal'},
'apiVersion': 'v2'}
You can find a brief description of the SNMP trap in the status > description field,
detailed information of the SNMP trap in the status > metaData field, and status > entityId tells you which network device
this trap belongs to.
Install MIBs in Contrail Insights Network Agents
When Contrail Insights receives the traps from devices, Contrail
Insights might not be able to decode the OID into a proper user understandable
string if corresponding MIBs are not installed in your Contrail Insights
Agents. You need to download the MIBs and either manually copy all
of the *.txt MIB files to all network agents /usr/share/snmp/mibs/ or use Contrail Insights Ansible
to deploy the MIB files.
To install MIBs from Ansible see Custom SNMP Plug-Ins.