Trace SNMP Activity
Monitor SNMP Activity and Track Problems That Affect SNMP Performance on a Device Running Junos OS
On Junos OS devices, you can view the information about monitoring the SNMP activity and identifying the problems that impact the SNMP performance:
- Check for MIB Objects Registered with SNMPd
- Track SNMP Activity
- Monitor SNMP Statistics
- Check CPU Utilization
- Check Kernel and Packet Forwarding Engine Response
Check for MIB Objects Registered with SNMPd
To access data related to a MIB object, the MIB object must be registered with the snmpd. When an SNMP subagent is online, it registers the associated MIB objects with the snmpd. The snmpd maintains a mapping of the objects and the subagents with which the objects are associated. However, the registration attempt fails occasionally, and the objects remain unregistered with the snmpd until the next time the subagent restarts and successfully registers the objects.
When a network management system polls for data related to objects
that are not registered with the snmpd, the snmpd returns either a noSuchName error (for SNMPv1 objects) or a noSuchObject error (for SNMPv2 objects).
You can use the following commands to check for MIB objects that are registered with the snmpd:
show snmp registered-objects—Creates a/var/log/snmp_reg_objsfile that contains the list of registered objects and their mapping to various subagents.file show /var/log/snmp_reg_objs—Displays the contents of the/var/log/snmp_reg_objsfile.
The following example shows the steps for creating and displaying
the /var/log/snmp_reg_objs file:
user@host> show snmp registered-objects user@host> file show /var/log/snmp_reg_objs -------------------------------------------------------------- Registered MIB Objects root_name = -------------------------------------------------------------- .1.2.840.10006.300.43.1.1.1.1.2 (dot3adAggMACAddress) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.3 (dot3adAggActorSystemPriority) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.4 (dot3adAggActorSystemID) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.5 (dot3adAggAggregateOrIndividual) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.6 (dot3adAggActorAdminKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.7 (dot3adAggActorOperKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.8 (dot3adAggPartnerSystemID) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.9 (dot3adAggPartnerSystemPriority) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.10 (dot3adAggPartnerOperKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.1.1.11 (dot3adAggCollectorMaxDelay) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.1.2.1.1 (dot3adAggPortListPorts) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.2 (dot3adAggPortActorSystemPriority) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.3 (dot3adAggPortActorSystemID) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.4 (dot3adAggPortActorAdminKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.5 (dot3adAggPortActorOperKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.6 (dot3adAggPortPartnerAdminSystemPriority) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.7 (dot3adAggPortPartnerOperSystemPriority) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.8 (dot3adAggPortPartnerAdminSystemID) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.9 (dot3adAggPortPartnerOperSystemID) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.10 (dot3adAggPortPartnerAdminKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.11 (dot3adAggPortPartnerOperKey) (/var/run/mib2d-11) .1.2.840.10006.300.43.1.2.1.1.12 (dot3adAggPortSelectedAggID) (/var/run/mib2d-11) ---(more)---
The /var/log/snmp_reg_objs file contains objects that are associated
with the Junos OS processes which are registered with the snmpd. You can view the objects
using the show snmp registered-objects command. If a MIB object related
to a Junos OS process that is up and running is not shown in the list of registered
objects, you might want to restart the software process to retry object registration with
the snmpd.
Track SNMP Activity
SNMP tracing operations track activity of SNMP agents and record the information in log files. By
default, Junos OS does not trace any SNMP activity. To enable tracking of SNMP activities
on a device running Junos OS, include the set traceoptions flag all
statement at the [edit snmp] hierarchy level.
The following log files are created:
snmpd
mib2d
rmopd
You can use the show log log-filename operational command to
view the contents of the log file. In the snmpd log file (see the following example), a
sequence of >>> represents an incoming packet, whereas a
sequence of <<< represents an outgoing packet. You can use the
source and request ID combinations to match requests and responses, if there are multiple
network management systems polling the device at the same time. Response log is not
created in the log file if the SNMP master agent or the SNMP subagent has not responded to
a request.
You can analyze the request-response time to identify and understand delayed responses.
You can review the log file using the show log snmpd command.
Monitor SNMP Statistics
The show snmp statistics extensive operational command provides you with an
option to review SNMP traffic, including traps, on a device. Output for the show
snmp statistics extensive command shows real-time values and can be used to
monitor values such as throttle drops, currently active, max active, not found, time out,
max latency, current queued, total queued, and overflows. You can identify slowness in
SNMP responses by monitoring the currently active count, because a constant increase in
the currently active count is directly linked to slow or no response to SNMP requests.
Check CPU Utilization
High CPU usage of the software processes that are being queried, such as snmpd or mib2d, is
another factor that can lead to slow response or no response. You can use the
show system processes extensive operational command to check the CPU
usage levels of the Junos OS processes.
Check Kernel and Packet Forwarding Engine Response
As mentioned in Understand SNMP Implementation in Junos OS, some
SNMP MIB data are maintained by the kernel or Packet Forwarding Engine. For such data to
be available for the network management system, the kernel has to provide the required
information to the SNMP subagent in mib2d. A slow response from the kernel can cause a
delay in mib2d returning the data to the network management system. Junos OS adds an entry
in the mib2d log file every time that an interface takes more than 10,000 microseconds to
respond to a request for interface statistics. You can use the show log
log-filename | grep “kernel response time” command to find
out the response time taken by the kernel.
Checking the Kernel Response Time
user@host> show log mib2d | grep “kernel response time” Aug 17 22:39:37 == kernel response time for COS_IPVPN_DEFAULT_OUTPUT-t1-7/3/0:10:27.0-o: 9.126471 sec, range (0.000007, 11.000806) Aug 17 22:39:53 == kernel response time for COS_IPVPN_DEFAULT_INPUT-t1-7/2/0:5:15.0-i: 5.387321 sec, range (0.000007, 11.000806) Aug 17 22:39:53 == kernel response time for ct1-6/1/0:9:15: 0.695406 sec, range (0.000007, 11.000806) Aug 17 22:40:04 == kernel response time for t1-6/3/0:6:19: 1.878542 sec, range (0.000007, 11.000806) Aug 17 22:40:22 == kernel response time for lsq-7/0/0: 2.556592 sec, range (0.000007, 11.000806)
Trace SNMP Activity on a Device Running Junos OS
SNMP tracing operations track activity for SNMP agents and record the information in log files. The logged error descriptions provide detailed information to solve problems.
By default, Junos OS does not trace any SNMP activity. If you
include the traceoptions statement at the [edit snmp] hierarchy level, the default tracing behavior is:
Important activities are logged in files located in the /var/log directory. Each log is named after the SNMP agent that generates it. Currently, the following log files are created in the /var/log directory when the
traceoptionsstatement is used:chassisd
craftd
ilmid
mib2d
rmopd
serviced
snmpd
When a trace file named filename reaches its maximum size, it is renamed filename.0, then filename.1, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten. (For more information about how log files are created, see the System Log Explorer.)
Log files can be accessed only by the user who configured the tracing operation.
You cannot change the directory (/var/log) in which trace files are located. However, you can customize the
other trace file settings by including the following statements at
the [edit snmp] hierarchy level:
[edit snmp] traceoptions { file <files number> <match regular-expression> <size size> <world-readable | no-world-readable>; flag flag; memory-trace; no-remote-trace; no-default-memory-trace; }
These statements are described in the following sections:
- Configure the Number and Size of SNMP Log Files
- Configure Access to the Log File
- Configure a Regular Expression for Lines to Be Logged
- Configure the Trace Operations
Configure the Number and Size of SNMP Log Files
By default, when the trace file reach 128 kilobytes (KB) in size, it is renamed filename.0, then filename.1, and so on, until there are three trace files. Then the oldest trace file (filename.2) is overwritten.
You can configure the limits on the number and size of
trace files by including the following statements at the [edit
snmp traceoptions] hierarchy level:
[edit snmp traceoptions] file files number size size;
For example, set the maximum file size to 2 MB, and the maximum number of files to 20. When the file that receives the output of the tracing operation (filename) reaches 2 MB, filename is renamed filename.0, and a new file called filename is created. When the new filename reaches 2 MB, filename.0 is renamed filename.1 and filename is renamed filename.0. This process repeats until there are 20 trace files. Then the oldest file (filename.19) is overwritten by the newest file (filename.0).
The number of files can be from 2 through 1000 files. The file size of each file can be from 10 KB through 1 gigabyte (GB).
Configure Access to the Log File
By default, log files can be accessed only by the user who configured the tracing operation.
To specify that any user can read all log files, include
the file world-readable statement at the [edit snmp
traceoptions] hierarchy level:
[edit snmp traceoptions] file world-readable;
To explicitly set the default behavior, include the file no-world-readable statement at the [edit snmp traceoptions] hierarchy level:
[edit snmp traceoptions] file no-world-readable;
Configure a Regular Expression for Lines to Be Logged
By default, the trace operation output includes all lines relevant to the logged activities.
You can refine the output by including the match statement at the [edit snmp traceoptions file filename] hierarchy level and specifying a regular expression (regex)
to be matched:
[edit snmp traceoptions] file filename match regular-expression;
Configure the Trace Operations
By default, only important activities are logged. You
can specify which trace operations are to be logged by including the
following flag statement (with one or more tracing flags)
at the [edit snmp traceoptions] hierarchy level:
[edit snmp traceoptions]
flag {
all;
configuration;
database;
events;
general;
interface-stats;
nonvolatile-sets;
pdu;
policy;
protocol-timeouts;
routing-socket;
server;
subagent;
timer;
varbind-error;
}
Table 1 describes the meaning of the SNMP tracing flags.
Flag |
Description |
Default Setting |
|---|---|---|
|
Log all operations. |
Off |
|
Log reading of the configuration at the |
Off |
|
Log events involving storage and retrieval in the events database. |
Off |
|
Log important events. |
Off |
|
Log general events. |
Off |
|
Log physical and logical interface statistics. |
Off |
|
Log nonvolatile SNMP set request handling. |
Off |
|
Log SNMP request and response packets. |
Off |
|
Log policy processing. |
Off |
|
Log SNMP response timeouts. |
Off |
|
Log routing socket calls. |
Off |
|
Log communication with processes that are generating events. |
Off |
|
Log subagent restarts. |
Off |
|
Log internal timer events. |
Off |
|
Log variable binding errors. |
Off |
To display the end of the log for an agent, issue the show log agentd | last operational mode
command:
[edit] user@host# run show log agentd | last
where agent is the name of an
SNMP agent.
Example: Tracing SNMP Activity
Trace information about SNMP packets:
[edit]
snmp {
traceoptions {
file size 10k files 5;
flag pdu;
flag protocol-timeouts;
flag varbind-error;
}
}
Configure the Certificate Expiration Trap
Before you begin:
Understand how certificates works on VPN. Read Understanding Certificate Chains.
This topic shows how to configure certificate expiration trap and configure the number of days before to generate the trap.
See Also
Enable Peer Down and IPsec Tunnel Down Traps
This topic shows how to enable peer-down and ipsec-tunnel-down traps.