Supported SNMP Notifications (Traps)
Netvisor ONE supports two types of SNMP notifications (a.k.a. traps): event-based and message-based traps.
Event-based traps are the traps generated by the SNMP agent based on specific events when an OID value changes. For example, when there is a change in link-up-down or low-disk-space. Message-based traps are triggered based on messages logged in the local logging mechanism. For instance, a login-failure trap is triggered when a login failure message is saved in the /var/log/auth.log log file. Message-based traps are of the type pnLogMatchNotification. For example, a link-congestion relieved trap message is as below:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (21245) 0:03:32.45
SNMPv2-MIB::snmpTrapOID.0 = OID: PN-LOG-MIB::pnLogMatchNotification
PN-LOG-MIB::pnLogMatchName.4 = STRING: linkCongestionRelieved
PN-LOG-MIB::pnLogFileName.4 = STRING: /nvOS/log/system.log
PN-LOG-MIB::pnLogMatchCount.4 = Gauge32: 15
PN-LOG-MIB::pnLogMatchData.4 = STRING: 2020-02-24,19:28:46.985665-08:00 nru03-proto-1 nvOSd(24190) system congestion_relieved_on_port(11402) : level=critical : port=126 : Congestion relieved on port=126
Table 1 explains the supported SNMP notifications.
Table 1: Details of Supported SNMP Notifications
Trap Name |
Description |
Trap Type |
Trigger |
link-up-down |
Port link is up or down |
Event-based |
If enabled, SNMP generates a trap when a port is up or down. |
default-monitors |
Use default SNMP monitoring |
Event-based |
If enabled, SNMP generates a trap for various error conditions. |
physical-sensors |
Physical sensors are enabled |
Event-based |
If enabled, SNMP generates a trap for physical sensors such as power supplies and fans. |
low-disk-space |
Monitors for low-disk-space |
Event-based |
If enabled, SNMP generates a trap if disk space is lower than threshold. The threshold can be set using the low-disk-space-threshold parameter in snmp-trap-enable-modify command. SNMP checks the output of the command, storage-pool-show. |
system-usage |
Monitors memory & CPU usage |
Event-based |
If enabled, SNMP generates a trap if memory and CPU usage [Total CPU = sys + user] is greater than the threshold. The threshold can be set using the system-usage-threshold parameter in snmp-trap-enable-modify command. SNMP checks the output of the command, system-stats-show. |
login-failure |
Monitors login failures |
Message-based |
If enabled, SNMP generates a trap when user login with wrong password. |
lacp-status |
Monitors LACP enable or disable |
Message-based |
If enabled, SNMP generates a trap when the LACP state changes from enable to disabled or vice versa. |
vport-modified |
Monitors vPort modifications |
Message-based |
If enabled, SNMP generates a trap when vPort modifications occur on the switch. |
stp-port-modified |
Monitors STP port status |
Message-based |
If enabled, SNMP generates a trap when STP port state is modified using the command, switch-local stp-port-modify port 1 <block|edge|bpdu|root-guard> |
stp-port-state-failed |
Monitors STP port state failures |
Message-based |
If enabled, SNMP generates a trap when STP port state is modified using the command, switch-local stp-port-modify port 128 edge bpdu-guard. |
mirror-to-cpu |
Monitors mirror-to-cpu configuration |
Message-based |
If enabled, SNMP generates a trap when created a vflow using the command, vflow-create name mirror scope local action copy-to-cpu and also generates a trap for perror.log. |
link-congestion-detected |
Monitors congestion drop at port |
Message-based |
If enabled, SNMP generates a trap indicating a link is congested. |
fabric-node-state-changed |
Monitors fabric node states |
Message-based |
If enabled, SNMP generates a trap when the a fabric node changes state. |
ospfIfStateChange |
Monitors OSPF interface states |
Event-based |
If enabled, this notification is triggered when interface state changes from DR to Down or vice versa. Originator for this trap is by changing router-id. |
ospfNbrStateChange |
Monitors OSPF NBR states |
Event-based |
If enabled, this notification is triggered when neighbor state changes from DR to Down or vice versa. Originator for this trap is designated router on broadcast networks. |
bgpEstablished |
Monitors BGP NBR state |
Event-based |
If enabled, this notification is triggered when the BGP FSM enters the ESTABLISHED State. Originator for this trap is to bring up BGP session between two BGP Peers. |
bgpBackwardTransition |
Monitors BGP NBR state transition |
Event-based |
If enabled, this notification is triggered when the BGP FSM moves from higher number to lower numbered state. Originator for this trap when BGP state changes from active to idle (higher state to lower state). |
stp-new-root |
Monitors new STP root |
Event-based |
If enabled, SNMP generates a trap to monitor a new root for STP. |
stp-topology-changed |
Monitors STP topology change |
Event-based |
If enabled, SNMP generates a trap to monitor topology changes for STP. |
interface-up-down |
Monitors vRouter interfaces |
Event-based |
If enabled, SNMP generates a trap for an interface with the state up or down. |
disable-start-stop |
Monitors disable traps for start and stop |
Event-based |
If Enabled, This notification gets triggered to disable cold-start notifications. By default cold-start notifications are enabled. |
fabric-node-state-changed |
Monitors fabric node states |
Event-based |
If enabled, SNMP generates a trap to monitor fabric node state changes. |
vrrp-new-master |
Monitors VRRP master changes |
Event-based |
If enabled, SNMP generates a trap to monitor VRRP master state changes. |
ospfv3IfStateChange |
Monitors OSPF Interface state changes |
Event-based |
If enabled, this notification is triggered when interface state changes from DR to Down or vice versa. |
ospfv3NbrStateChange |
Monitors OSPF neighbor state changes |
Event-based |
If enabled, this notification is triggered when neighbor state changes from DR to Down or vice versa. Originator for this trap is designated router on broadcast networks. |
cluster-tr-diverge |
Monitors Cluster Transaction list for divergence |
Message-based |
If enabled, this notification is triggered when Transaction Diverge message is generated in perror.log. |
cert-expiry |
Monitors expiry of Switch Certificate |
Message-based |
If enabled, this notification gets triggered when switch-certificate expires in xx number of days in /nvOS/log/event.log. You can control value of the number of days by using the cert-expiration-alert-modify <days-before-expiration> command. |
sysup-alert |
Monitor whether all the admin up ports are made up. (L3, vLAG, orphan, cluster) |
Message-based |
If enabled, this notification gets triggered when you reboot the switch or restart nvOS. |
port-bw-threshold-exceed-event |
Monitors whether port bandwidth usage on a port exceeds or falls below a threshold. |
Message-based |
If enabled, this notification gets triggered when bandwidth usage on a port exceeds a configured threshold or when the usage falls below the threshold. |
Expected Behavior of Link Up/Down Traps
The timing and generation of link-up-down traps for data ports are dependent on the sequence in which the ports are brought up and down.
The port bringup sequence when a switch boots up is:
1) Cluster ports, vxlan-loopback-trunk ports, and loopback ports
2) L3 ports
3) vLAG ports
4) Rest of the ports
The port bringdown sequence when a switch goes offline is:
1. Orphan ports ( i.e., non-vLAG, non-L3, non-cluster, or any form of loopback ports)
2. vLAG ports
3. L3 ports
4. Rest of the ports (e.g. cluster ports and internal ports)
As can be seen from the bringup and bringdown sequences, cluster ports are the first ports to be brought up when a switch boots up and are among the last ports to go down when a switch goes offline. As the last ports are being brought down, link scan is disabled, implying that Netvisor ONE provides link-up notifications for cluster ports but there are no link-down notifications. Therefore, a mismatch can always be expected in the number of link-up and link-down SNMP traps, with the number of link-up traps being higher than the number of link-down traps.
Currently, defer-bringup option in port-config-modify command delays the time at which a port is brought up but does not affect the number of SNMP traps in any capacity. defer-bringup is enabled for all orphan ports by default. This prevents traffic loss by ensuring that other ports (e.g. cluster, vLAG, and L3 ports) are up and the network is ready before the orphan ports come up.
Note: Management ports, loopback ports, and internal ports do not have SNMP traps for link-up or link-down events.