8.11.10

Understanding Simple Network Management Protocol (SNMP) Traps

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa5.shtml

SNMPv1 traps are defined in RFC 1157, with these fields:

  • Enterprise—Identifies the type of managed object that generates the trap.

  • Agent address—Provides the address of the managed object that generates the trap.

  • Generic trap type—Indicates one of a number of generic trap types.

  • Specific trap code—Indicates one of a number of specific trap codes.

  • Time stamp—Provides the amount of time that has elapsed between the last network reinitialization and generation of the trap.

  • Variable bindings—The data field of the trap that contains PDU. Each variable binding associates a particular MIB object instance with its current value.

Standard generic traps are: coldStart, warmStart, linkDown, linkUp, authenticationFailure, egpNeighborLoss. For generic SNMPv1 traps, Enterprise field contains value of sysObjectID  of the device that sends trap. For vendor specific traps, Generic trap type field is set to enterpriseSpecific(6).

In SNMPv2c trap is defined as NOTIFICATION and formatted differently compared to SNMPv1. It has these parameters:

  • sysUpTime—This is the same as Time stamp in SNMPv1 trap.

  • snmpTrapOID  —Trap identification field. For generic traps, values are defined in RFC 1907, for vendor specific traps snmpTrapOID is essentially a concatenation of the SNMPv1 Enterprise parameter and two additional sub-identifiers, '0', and the SNMPv1 Specific trap code parameter.

  • VarBindList—This is a list of variable-bindings.

In order for a management system to understand a trap sent to it by an agent, the management system must know what the object identifier (OID) defines. Therefore, it must have the MIB for that trap loaded. This provides the correct OID information so that the network management system can understand the traps sent to it.

No comments: