Topics

keepalived snmp_traps usage question

..
 

Hi

I am utilizing snmp traps for VRRP failover notification.

Is there a way of just sending either
a) the traps from keepalived
or
b) the traps from VRRP failover

Our corporate SNMP trap processor administrators are considering the snmp traps from keepalived and VRRP as kind of duplicates of the same event and would like me to restrict them to either event.

Also there is a question regarding sending clear traps when the floating IP is back on the highest priority vrrp_instance ?

I have scanned the documentation and cannot find much on traps except for the ability enable them.  The other snmp options read to me as to handing snmpwalk queries.

Environment information
==================
OS Version
RHEL 7.5

Keepalived version
Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2

Copyright(C) 2001-2017 Alexandre Cassen, <acassen@...>

Build options:  PIPE2 LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_PREF FRA_OIFNAME FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK LIBIPTC LIBIPSET_DYNAMIC LVS LIBIPVS_NETLINK VRRP VRRP_AUTH VRRP_VMAC SOCK_NONBLOCK SOCK_CLOEXEC FIB_ROUTING INET6_ADDR_GEN_MODE SNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3 SO_MARK

config snippet (obfuscated)
I have a vrrp_instance of BACKUP and MASTER on two different servers, with different priorities 50 and 100.

vrrp_instance snippet example

state BACKUP
        interface eth0
        garp_master_delay 10
        virtual_router_id 42
        priority 50
        advert_int 1

Thanks

Roland

Quentin Armitage
 

Roland,

Please see comments inline below.

Quentin Armitage

On Fri, 2019-10-04 at 10:17 +0200, .. wrote:
Hi

I am utilizing snmp traps for VRRP failover notification.

Is there a way of just sending either
a) the traps from keepalived
or
b) the traps from VRRP failover

I am not entirely clear what you mean by this. Are you referring to a) the traps generated for the KEEPALIVED-MIB and b) the traps generated by VRRP-MIB or VRRPV3-MIB? If so, then the answer to your question is yes.

You don't say whether you are using the -x command line option for keepalived. To send only one type of trap it is necessary NOT to use the -x option. Then, if you want to use the KEEPALIVED-MIB traps, add the following to your config:
global_defs {
enable_snmp_keepalived
enable_traps
}

To use the RFC traps (VRRPv2 or VRRPv3 depending on what VRRP version each vrrp instance is)
global_defs {
enable_snmp_rfc
enable_traps
}

or to use the RFC for VRRPv2 traps:
global_defs {
enable_snmp_rfcv2
enable_traps
}

or to use the RFC for VRRPv3 traps:
gloabal_defs {
enable_snmp_rfcv3
enable_traps
}


Our corporate SNMP trap processor administrators are considering the snmp traps from keepalived and VRRP as kind of duplicates of the same event and would like me to restrict them to either event.

Also there is a question regarding sending clear traps when the floating IP is back on the highest priority vrrp_instance ?

I am not sure what you mean by sending 'clear' traps. The KEEPALIVED-MIB will send traps for each MASTER/BACKUP state transition; the RFC MIBs only send traps when a vrrp instance becomes master. The KEEPALIVED-MIB also generates a shutdown trap whereas the RFC MIBs do not.

I have scanned the documentation and cannot find much on traps except for the ability enable them.  The other snmp options read to me as to handing snmpwalk queries.

I think this is explained above. The other snmp options relate to both snmp queries and traps.

Environment information
==================
OS Version
RHEL 7.5

Keepalived version
Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2

This version of keepalived is very old. v2.0.18 is the current version (v2.0.19 will probably be released in the next day or two). These versions have very many enhancements and bug fixes, so it is certainly worth upgrading.

Copyright(C) 2001-2017 Alexandre Cassen, <acassen@...>
Build options:  PIPE2 LIBNL3 RTA_ENCAP RTA_EXPIRES RTA_PREF FRA_OIFNAME FRA_TUN_ID RTAX_CC_ALGO RTAX_QUICKACK LIBIPTC LIBIPSET_DYNAMIC LVS LIBIPVS_NETLINK VRRP VRRP_AUTH VRRP_VMAC SOCK_NONBLOCK SOCK_CLOEXEC FIB_ROUTING INET6_ADDR_GEN_MODE SNMP_V3_FOR_V2 SNMP SNMP_KEEPALIVED SNMP_CHECKER SNMP_RFC SNMP_RFCV2 SNMP_RFCV3 SO_MARK

config snippet (obfuscated)
I have a vrrp_instance of BACKUP and MASTER on two different servers, with different priorities 50 and 100.

vrrp_instance snippet example

state BACKUP
        interface eth0
        garp_master_delay 10
        virtual_router_id 42
        priority 50
        advert_int 1

Thanks

Roland

..
 

On Fri, Oct 4, 2019 at 03:25 AM, Quentin Armitage wrote:
am not sure what you mean by sending 'clear' traps. The KEEPALIVED-MIB will
Hi Quentin, 

Thanks for the quick reply, yes I am using the -x option, I will remove it and test again with just enable_snmp_keepalived and enable_traps in my global config.

/Roland

..
 

This solved my issue, thanks again.