Configuring snmp

Owned by Tracy Yang (Unlicensed)
Mar 03, 2023
4 min read

Pica8 support snmp from version 2.9.1 on ovs.

SNMP is short for Simple Network Management Protocol, and  it is mainly used for monitoring features, data throughout, communication overload, errors and so on of network devices.

SNMP is composed of agent-side and server-side which contains three communication  behaviors  between them: get, set and trap. The communication process can be detailed roughly as follows: server sends  requests (snmpget or snmpwalk) to agent and then agent will deal with the requests and reply to it. While agent will also send notification to server proactively when finding device status changed or errors occuring.What is more,one server-side can monitor multiple agent-sides and vice versa.

SNMP can not work without mibs which determine the available objects of a device. Every mib can be represented by a subtree and each node in the tree corresponds to one OID number which means one available variable in our device. Our SNMP currently mainly support public IF-MIB and private mibs (pica_private_mib.txt and pica_private_trap_mib.txt ) which are defined by ourselves. The specified contents of  our defined private mibs can be referred in this site: Pica8 Private MIB


1.start snmp on ovs

admin@XorPlus$sudo picos_boot
Configure the default system start-up options:
 (Select key 3 if no change)
    [1]  PicOS L2/L3   * default
    [2]  PicOS Open vSwitch/OpenFlow
    [3]  No start-up change
Enter your choice (1,2,3):2
PicOS Open vSwitch/OpenFlow is selected.
Configure the IP of management interface:
    [1] DHCP
    [2] Static IP
Enter your choice(1,2):1
Start OVS web user interface?(y|n)[n]:y
Start OVS network snmp?(y|n)[n]:y
Please restart the PicOS service
admin@XorPlus$sudo systemctl restart picos


2.command

We enable ovs snmp to update device data and enable trap using following command.

1)Enable snmp:

admin@PicOS-OVS$ovs-vsctl set-snmp-enable true
admin@PicOS-OVS$ovs-vsctl show-snmp
  snmp is enabled
admin@PicOS-OVS$


2)Configure snmp community name:

admin@PICOS-OVS:~$ ovs-vsctl set-snmp-community-name  pica8


Snmp community name default value is public, following command reproduce default value.

admin@PicOS-OVS$ ovs-vsctl set-snmp-community-name


3)Change trap destinations:

admin@PicOS-OVS$ovs-vsctl  show-snmp-trap-targets
snmp trap target is default: l27.0.0.1
admin@PicOS-OVS$

Note:default snmp trap target is 127.0.0.1,and we can use following command to change it.

admin@PicOS-OVS$ovs-vsctl set-snmp-trap-targets 10.10.50.234

Reproduce default snmp trap target:

admin@PicOS-OVS$ovs-vsctl set-snmp-trap-targets




3.Snmp  

Snmpwalk and snmpget:

Both linux console and window SNMP tool can get device data. Following are results from 10.10.51.194:

pica8@pica8:~$ snmpwalk -v 2c -c public 10.10.51.157 1.3.6.1.4.1.35098.1.1
iso.3.6.1.4.1.35098.1.1.0 = INTEGER: 8
pica8@pica8:~$ 
pica8@pica8:~$ snmpget -v 2c -c public 10.10.51.157 1.3.6.1.4.1.35098.1.1.0
iso.3.6.1.4.1.35098.1.1.0 = INTEGER: 8
pica8@pica8:~$

Note: Generally using snmpwalk for snmp data is safer and convinient.On one hand, you can get all data of a table or a group for requesting once by snmpwalk. But snmpget need many times. On the other hand,for snmpget,you need use leaf node of a mib plus index as OID number, while snmpwalk do not. The root difference between them lies in that snmpget can only access a leaf node for one request, but snmpwalk can access a root node instead. For example, cpuUsage OID is 1.3.6.1.4.1.35098.1.1. if you use snmpget,you must access it like this:

snmpget -v 2c -c public 10.10.51.145 1.3.6.1.4.1.35098.1.1.0

Trap notification:

You can use window snmp tools to save the notification results.

4.Tap on snmp:

Following configure only used flows which added by web tapping.

As we know, OVS can be configured through its build-in commands, But web looks like more convenient and intuitive.So we develop web to configure OVS in tap units. One tap corresponds a flow in OVS which contains a set of in_ports(flow inports), a set of filters(flow match), a hash type for out-ports(group type + lag hash) and a set of out-ports(make up a group for flow output). One user can create many different taps to control OVS work. Snmp can work as a way of checking the tap configuration other than physical device status and trap.


Oids about tap:

Global lag hash oid:

glLagHashFields            OID    1.3.6.1.4.1.35098.3.1

Tap table field oid:

tapEntry                           OID    1.3.6.1.4.1.35098.3.2.1

tapPrior                           OID    1.3.6.1.4.1.35098.3.2.1.1

inPortName                    OID    1.3.6.1.4.1.35098.3.2.1.2

f-srcMac                         OID    1.3.6.1.4.1.35098.3.2.1.3

f-dstMac                         OID    1.3.6.1.4.1.35098.3.2.1.4

f-srcIp                            OID    1.3.6.1.4.1.35098.3.2.1.5

f-dstIp                            OID    1.3.6.1.4.1.35098.3.2.1.6

f-dlType                         OID    1.3.6.1.4.1.35098.3.2.1.7

f-nwProto                   OID    1.3.6.1.4.1.35098.3.2.1.8

f-dlVlan                       OID    1.3.6.1.4.1.35098.3.2.1.9

f-tcpSrc                     OID    1.3.6.1.4.1.35098.3.2.1.10

f-tcpDst                     OID    1.3.6.1.4.1.35098.3.2.1.11

f-udpSrc                OID    1.3.6.1.4.1.35098.3.2.1.12

f-udpDst                OID    1.3.6.1.4.1.35098.3.2.1.13

f-nwTos                 OID    1.3.6.1.4.1.35098.3.2.1.14

f-vlanPcp                OID    1.3.6.1.4.1.35098.3.2.1.15

a-mod-srcMac            OID    1.3.6.1.4.1.35098.3.2.1.16

a-mod-dstMac            OID    1.3.6.1.4.1.35098.3.2.1.17

a-mod-vlanVid            OID    1.3.6.1.4.1.35098.3.2.1.18

a-mod-vlanPcp            OID    1.3.6.1.4.1.35098.3.2.1.19

a-pushVlan               OID    1.3.6.1.4.1.35098.3.2.1.20

a-popVlan                OID    1.3.6.1.4.1.35098.3.2.1.21

portGroupType                OID    1.3.6.1.4.1.35098.3.2.1.22

outPortName                  OID    1.3.6.1.4.1.35098.3.2.1.23

mirror table oids:

mirrorEntry                  OID    1.3.6.1.4.1.35098.3.3.1

mirrorIndex                  OID    1.3.6.1.4.1.35098.3.3.1.1

mirrorName             OID    1.3.6.1.4.1.35098.3.3.1.2

srcPort                 OID    1.3.6.1.4.1.35098.3.3.1.3

dstPort                 OID    1.3.6.1.4.1.35098.3.3.1.4

outputPort              OID    1.3.6.1.4.1.35098.3.3.1.5


Example:

admin@PicOS-OVS$ovs-ofctl dump-flows br0
OFPST_FLOW reply (OF1.4) (xid=0x2):
 flow_id=53, cookie=0x3, duration=1823.837s, table=0, n_packets=n/a, n_bytes=0, priority=3,in_port=130 actions=output:137
 flow_id=54, cookie=0xfffc, duration=1823.829s, table=0, n_packets=n/a, n_bytes=0, priority=65532,in_port=133,dl_src=11:11:11:11:11:11 actions=drop
admin@PicOS-OVS$
admin@PicOS-OVS$sudo su
root@PicOS-OVS$

root@PicOS-OVS$ovs-vsctl list mirror
_uuid               : 1080b149-740e-414f-8054-3250f041cf7e
external_ids        : {}
name                : "M1"
output_port         : ef639e9a-a215-4a33-9c04-9e463137c91f
output_vlan         : []
select_all          : false
select_dst_port     : [05360726-9dac-4cd0-9a1d-7adf9e9d9026, d090f287-e96b-44a5-ade3-a30f662c075e]
select_src_port     : [11568bd4-0456-4e8d-b294-95ae94d8fb3a, 52c4e38a-dac7-425f-ba64-701122491f34, 5b77ec3e-5fdd-4ccd-820b-2bbc751ed621, 880de11b-d194-45ab-b01c-59eed295565e]
select_vlan         : []
statistics          : {}
root@PicOS-OVS$

The results from 10.10.51.194:

pica8@pica8:~$snmpwalk -v 2c -c public 10.10.51.174 1.3.6.1.4.1.35098.3.2.1
NPB-PRIVATE-MIB::tapPrior.3 = INTEGER: 3
NPB-PRIVATE-MIB::tapPrior.65532 = INTEGER: 65532
NPB-PRIVATE-MIB::inPortName.3 = STRING: "he-1/1/2"
NPB-PRIVATE-MIB::inPortName.65532 = STRING: "he-1/1/5"
NPB-PRIVATE-MIB::f-srcMac.65532 = STRING: "11:11:11:11:11:11"
NPB-PRIVATE-MIB::portGroupType.3 = STRING: "physical"
NPB-PRIVATE-MIB::outPortName.3 = STRING: "he-1/1/9"
pica8@pica8:~$
pica8@pica8:~$snmpwalk -v 2c -c public 10.10.51.174 1.3.6.1.4.1.35098.3.3.1
NPB-PRIVATE-MIB::mirrorIndex.1 = INTEGER: 1
NPB-PRIVATE-MIB::mirrorName.1 = STRING: "M1"
NPB-PRIVATE-MIB::rxPort.1 = STRING: "he-1/1/3 he-1/1/4 he-1/1/17 he-1/1/18"
NPB-PRIVATE-MIB::txPort.1 = STRING: "he-1/1/1 he-1/1/2"
NPB-PRIVATE-MIB::outputPort.1 = STRING: "he-1/1/19"
pica8@pica8:~$


5.Snmp trap

Pica8 added some private and trap MIBs listed below:

1.link up: OID: 1.3.6.1.6.3.1.1.5.4(physical port and lag port)

   link down:OID:1.3.6.1.6.3.1.1.5.3(physical port and lag port)

2.sfpTraps: 1.3.6.1.4.1.35098.21.2

   1)sfpPlugin: 1.3.6.1.4.1.35098.21.2.1

   2)sfpPlugout: 1.3.6.1.4.1.35098.21.2.2

3,Warm start : OID:1.3.6.1.6.3.1.1.5.2

4,Cold start: OID:1.3.6.1.6.3.1.1.5.1

5,Rpsu traps: oid: 1.3.6.1.4.1.35098.21.1

   1)rpsuPlugIn:1.3.6.1.4.1.35098.21.1.2

   2)rpsuPlugOut:1.3.6.1.4.1.35098.21.1.3

   3)rpsuFanFailed: 1.3.6.1.4.1.35098.21.1.4

   4)rpsuFanRecovery: 1.3.6.1.4.1.35098.21.1.7

   5)rpsuStatusChangePowerOff:1.3.6.1.4.1.35098.21.1.5

   6)rpsuStatusChangePowerOn:1.3.6.1.4.1.35098.21.1.6

6,Fan traps: oid: 1.3.6.1.4.1.35098.21.1

   1)switchFanFailed: 1.3.6.1.4.1.35098.21.3.1  

   2)switchFanRecovery: 1.3.6.1.4.1.35098.21.3.4


Note:

From 2.10.0,Pica8  support log info and trap message about fan and psu.

1) Fan log: fan fail, fan recovery.
2) Fan trap: fan fail, fan recovery.
3) Psu log: plugin,plugout,psu fail,psu recovery,psu power on,psu power off,psu status change.
4) Psu trap: plugin,plugout,psu fail,psu recovery,psu power on,psu power off.



Copyright © 2024 Pica8 Inc. All Rights Reserved.