====== Trap Filter/Forwarding ====== Author: David McGee ===== Introduction ===== Trap forwarding allows Errigal to forward SNMP (Simple Network Management Protocol) traps received to an external entity, other than our DAS integrator customers, based on our customer's contractual requirements with their carriers. This functionality is available in the Admin section of the SNMP Manager application under **TrapFilter**. ---- ===== Trap filter examples ===== Upon reviewing the trap filter section of the SNMP Manager on a QA environment, you will likely see a number of trap filters setup based on a variety of different triggers and customers. For example: * ExteNet Systems have an agreement with AT&T for many different types of traps to be sent based on a number of rules. ---- ===== How the trap filter works ===== The functionality is driven by SQL queries against our MySQL SNMP Manager database (snmp_manager). Check out the trap_filter table on a QA system - perform a 'desc' on it to see what fields are present. On a QA environment, bring up a TrapFilter entry via the user interface. The important elements to note include: * **Query**: An SQL query constructed to enable the TrapFilter functionality to determine what subset of traps to forward. * **Conversion**: Rules for how to map database fields in the general_trap_summary table to varbind values in the custom trap that is forwarded. * ** Query Database Profile**: What database should be queried? It is advised to query a slave for this instance. * **Forward Trap Name**: The name of the custom trap that is created and forwarded to the carrier. * **IP Destinations**: The IP address at the carrier/customer end that can receive forwarded SNMP traps. This is generally on port 162. * **MIB**: The MIB document that is to be used with the exchange of traps from Errigal's NMS (Network Management Station) product to the carrier's NMS. This is usually the custom ERRIGAL-INTERNAL-SYSTEM.mib document for Errigal customer operations. Try find this through GIT Version Control on Errigal's BitBucket repository. * **Trap Filter Type**: The strategy to use for tracking/audit purposes * **Status**: The current status of the trap filter in question. * **Traps Forwarded Since Trap Filter Start**: The number of traps forwarded since the filter in question had been initiated. Essentially, these TrapFilter elements are configured to do the following (Note, above keywords highlighted in bold): * Perform the associated **Query** against the database specified in the **Database Profile** * Observe all traps in the **Query** result set. There may be many different types of traps with different names, values, etc. Regardless of this, we will take normalised info and construct generic traps using the **Forward Trap Name** trap type * Using the **Forward Trap Name**, construct a custom trap and send it to each of the IP Addresses listed in the **IP Destinations** * This trap name appears in the **MIB** (Management Information Base) document * On receiving these traps, the carrier in question can decipher them using the same **MIB** (i.e. ERRIGAL-INTERNAL-SYSTEM.mib - Errigal's own MIB!) ---- ===== How to check is Trap Forwarding is forwarding traps ===== * Go to the threadConfig controller in the Snmp Manager and see which handler is set up to be the Trap Forwarder * SSH to the server specified to be the Trap Forwarder and check the Snmp logs for "Sending errigalDasAlarm to destination:" * Once verified that traps are forwarding proceed to the TrapFilter controller in the Snmp Manager. * Select the desired trap filter * Take down locally the 'Query:' as this is the query used to pull the general trap summaries * Run this query in the local workbench and filter as necessary. Ensure the desired traps are present