Configuring snmp
Pica8 support snmp from version 2.9.1 on ovs.
SNMP is short for Simple Network Management Protocol, and it is mainly used for monitoring features, data throughout, communication overload, errors and so on of network devices.
SNMP is composed of agent-side and server-side which contains three communication behaviors between them: get, set and trap. The communication process can be detailed roughly as follows: server sends requests (snmpget or snmpwalk) to agent and then agent will deal with the requests and reply to it. While agent will also send notification to server proactively when finding device status changed or errors occuring.What is more,one server-side can monitor multiple agent-sides and vice versa.
SNMP can not work without mibs which determine the available objects of a device. Every mib can be represented by a subtree and each node in the tree corresponds to one OID number which means one available variable in our device. Our SNMP currently mainly support public IF-MIB and private mibs (pica_private_mib.txt and pica_private_trap_mib.txt ) which are defined by ourselves. The specified contents of our defined private mibs can be referred in this site: Pica8 Private MIB
1.start snmp on ovs
admin@XorPlus$sudo picos_boot Configure the default system start-up options: (Select key 3 if no change) [1] PicOS L2/L3 * default [2] PicOS Open vSwitch/OpenFlow [3] No start-up change Enter your choice (1,2,3):2 PicOS Open vSwitch/OpenFlow is selected. Configure the IP of management interface: [1] DHCP [2] Static IP Enter your choice(1,2):1 Start OVS web user interface?(y|n)[n]:y Start OVS network snmp?(y|n)[n]:y Please restart the PicOS service admin@XorPlus$sudo systemctl restart picos
2.command
We enable ovs snmp to update device data and enable trap using following command.
1)Enable snmp:
admin@PicOS-OVS$ovs-vsctl set-snmp-enable true admin@PicOS-OVS$ovs-vsctl show-snmp snmp is enabled admin@PicOS-OVS$
2)Configure snmp community name:
admin@PICOS-OVS:~$ ovs-vsctl set-snmp-community-name pica8
Snmp community name default value is public, following command reproduce default value.
admin@PicOS-OVS$ ovs-vsctl set-snmp-community-name
3)Change trap destinations:
admin@PicOS-OVS$ovs-vsctl show-snmp-trap-targets snmp trap target is default: l27.0.0.1 admin@PicOS-OVS$
Note:default snmp trap target is 127.0.0.1,and we can use following command to change it.
admin@PicOS-OVS$ovs-vsctl set-snmp-trap-targets 10.10.50.234
Reproduce default snmp trap target:
admin@PicOS-OVS$ovs-vsctl set-snmp-trap-targets
3.Snmp
Snmpwalk and snmpget:
Both linux console and window SNMP tool can get device data. Following are results from 10.10.51.194:
pica8@pica8:~$ snmpwalk -v 2c -c public 10.10.51.157 1.3.6.1.4.1.35098.1.1 iso.3.6.1.4.1.35098.1.1.0 = INTEGER: 8 pica8@pica8:~$ pica8@pica8:~$ snmpget -v 2c -c public 10.10.51.157 1.3.6.1.4.1.35098.1.1.0 iso.3.6.1.4.1.35098.1.1.0 = INTEGER: 8 pica8@pica8:~$
Note: Generally using snmpwalk for snmp data is safer and convinient.On one hand, you can get all data of a table or a group for requesting once by snmpwalk. But snmpget need many times. On the other hand,for snmpget,you need use leaf node of a mib plus index as OID number, while snmpwalk do not. The root difference between them lies in that snmpget can only access a leaf node for one request, but snmpwalk can access a root node instead. For example, cpuUsage OID is 1.3.6.1.4.1.35098.1.1. if you use snmpget,you must access it like this:
snmpget -v 2c -c public 10.10.51.145 1.3.6.1.4.1.35098.1.1.0
Trap notification:
You can use window snmp tools to save the notification results.
4.Tap on snmp:
As we know, OVS can be configured through its build-in commands, But web looks like more convenient and intuitive.So we develop web to configure OVS in tap units. One tap corresponds a flow in OVS which contains a set of in_ports(flow inports), a set of filters(flow match), a hash type for out-ports(group type + lag hash) and a set of out-ports(make up a group for flow output). One user can create many different taps to control OVS work. Snmp can work as a way of checking the tap configuration other than physical device status and trap.
Oids about tap:
Global lag hash oid:
glLagHashFields OID 1.3.6.1.4.1.35098.3.1
Tap table field oid:
tapEntry OID 1.3.6.1.4.1.35098.3.2.1
tapPrior OID 1.3.6.1.4.1.35098.3.2.1.1
inPortName OID 1.3.6.1.4.1.35098.3.2.1.2
f-srcMac OID 1.3.6.1.4.1.35098.3.2.1.3
f-dstMac OID 1.3.6.1.4.1.35098.3.2.1.4
f-srcIp OID 1.3.6.1.4.1.35098.3.2.1.5
f-dstIp OID 1.3.6.1.4.1.35098.3.2.1.6
f-dlType OID 1.3.6.1.4.1.35098.3.2.1.7
f-nwProto OID 1.3.6.1.4.1.35098.3.2.1.8
f-dlVlan OID 1.3.6.1.4.1.35098.3.2.1.9
f-tcpSrc OID 1.3.6.1.4.1.35098.3.2.1.10
f-tcpDst OID 1.3.6.1.4.1.35098.3.2.1.11
f-udpSrc OID 1.3.6.1.4.1.35098.3.2.1.12
f-udpDst OID 1.3.6.1.4.1.35098.3.2.1.13
f-nwTos OID 1.3.6.1.4.1.35098.3.2.1.14
f-vlanPcp OID 1.3.6.1.4.1.35098.3.2.1.15
a-mod-srcMac OID 1.3.6.1.4.1.35098.3.2.1.16
a-mod-dstMac OID 1.3.6.1.4.1.35098.3.2.1.17
a-mod-vlanVid OID 1.3.6.1.4.1.35098.3.2.1.18
a-mod-vlanPcp OID 1.3.6.1.4.1.35098.3.2.1.19
a-pushVlan OID 1.3.6.1.4.1.35098.3.2.1.20
a-popVlan OID 1.3.6.1.4.1.35098.3.2.1.21
portGroupType OID 1.3.6.1.4.1.35098.3.2.1.22
outPortName OID 1.3.6.1.4.1.35098.3.2.1.23
mirror table oids:
mirrorEntry OID 1.3.6.1.4.1.35098.3.3.1
mirrorIndex OID 1.3.6.1.4.1.35098.3.3.1.1
mirrorName OID 1.3.6.1.4.1.35098.3.3.1.2
srcPort OID 1.3.6.1.4.1.35098.3.3.1.3
dstPort OID 1.3.6.1.4.1.35098.3.3.1.4
outputPort OID 1.3.6.1.4.1.35098.3.3.1.5
Example:
admin@PicOS-OVS$ovs-ofctl dump-flows br0 OFPST_FLOW reply (OF1.4) (xid=0x2): flow_id=53, cookie=0x3, duration=1823.837s, table=0, n_packets=n/a, n_bytes=0, priority=3,in_port=130 actions=output:137 flow_id=54, cookie=0xfffc, duration=1823.829s, table=0, n_packets=n/a, n_bytes=0, priority=65532,in_port=133,dl_src=11:11:11:11:11:11 actions=drop admin@PicOS-OVS$ admin@PicOS-OVS$sudo su root@PicOS-OVS$ root@PicOS-OVS$ovs-vsctl list mirror _uuid : 1080b149-740e-414f-8054-3250f041cf7e external_ids : {} name : "M1" output_port : ef639e9a-a215-4a33-9c04-9e463137c91f output_vlan : [] select_all : false select_dst_port : [05360726-9dac-4cd0-9a1d-7adf9e9d9026, d090f287-e96b-44a5-ade3-a30f662c075e] select_src_port : [11568bd4-0456-4e8d-b294-95ae94d8fb3a, 52c4e38a-dac7-425f-ba64-701122491f34, 5b77ec3e-5fdd-4ccd-820b-2bbc751ed621, 880de11b-d194-45ab-b01c-59eed295565e] select_vlan : [] statistics : {} root@PicOS-OVS$
The results from 10.10.51.194:
pica8@pica8:~$snmpwalk -v 2c -c public 10.10.51.174 1.3.6.1.4.1.35098.3.2.1 NPB-PRIVATE-MIB::tapPrior.3 = INTEGER: 3 NPB-PRIVATE-MIB::tapPrior.65532 = INTEGER: 65532 NPB-PRIVATE-MIB::inPortName.3 = STRING: "he-1/1/2" NPB-PRIVATE-MIB::inPortName.65532 = STRING: "he-1/1/5" NPB-PRIVATE-MIB::f-srcMac.65532 = STRING: "11:11:11:11:11:11" NPB-PRIVATE-MIB::portGroupType.3 = STRING: "physical" NPB-PRIVATE-MIB::outPortName.3 = STRING: "he-1/1/9" pica8@pica8:~$ pica8@pica8:~$snmpwalk -v 2c -c public 10.10.51.174 1.3.6.1.4.1.35098.3.3.1 NPB-PRIVATE-MIB::mirrorIndex.1 = INTEGER: 1 NPB-PRIVATE-MIB::mirrorName.1 = STRING: "M1" NPB-PRIVATE-MIB::rxPort.1 = STRING: "he-1/1/3 he-1/1/4 he-1/1/17 he-1/1/18" NPB-PRIVATE-MIB::txPort.1 = STRING: "he-1/1/1 he-1/1/2" NPB-PRIVATE-MIB::outputPort.1 = STRING: "he-1/1/19" pica8@pica8:~$
5.Snmp trap
Pica8 added some private and trap MIBs listed below:
1.link up: OID: 1.3.6.1.6.3.1.1.5.4(physical port and lag port)
link down:OID:1.3.6.1.6.3.1.1.5.3(physical port and lag port)
2.sfpTraps: 1.3.6.1.4.1.35098.21.2
1)sfpPlugin: 1.3.6.1.4.1.35098.21.2.1
2)sfpPlugout: 1.3.6.1.4.1.35098.21.2.2
3,Warm start : OID:1.3.6.1.6.3.1.1.5.2
4,Cold start: OID:1.3.6.1.6.3.1.1.5.1
5,Rpsu traps: oid: 1.3.6.1.4.1.35098.21.1
1)rpsuPlugIn:1.3.6.1.4.1.35098.21.1.2
2)rpsuPlugOut:1.3.6.1.4.1.35098.21.1.3
3)rpsuFanFailed: 1.3.6.1.4.1.35098.21.1.4
4)rpsuFanRecovery: 1.3.6.1.4.1.35098.21.1.7
5)rpsuStatusChangePowerOff:1.3.6.1.4.1.35098.21.1.5
6)rpsuStatusChangePowerOn:1.3.6.1.4.1.35098.21.1.6
6,Fan traps: oid: 1.3.6.1.4.1.35098.21.1
1)switchFanFailed: 1.3.6.1.4.1.35098.21.3.1
2)switchFanRecovery: 1.3.6.1.4.1.35098.21.3.4
Note:
From 2.10.0,Pica8 support log info and trap message about fan and psu.
Copyright © 2024 Pica8 Inc. All Rights Reserved.