9d2d617264
* [SNMP] management VRF SNMP support This commit adds SNMP support for Management VRF using l3mdev. The patch included provides VRF support, there is no single "listendevice" configuration, rather multiple agentaddress config options can each have their own "interface" to bind to using "ip%interface". The snmpd.conf file is accordingly generated using the snmp.yml file and redis database info. Adding below the comments of SNMP patch 1376 -------------------------------------------- Since the Linux kernel added support for Virtual Routing and Forwarding (VRF) in version 4.3 (Note: these won't compile on non-linux platforms) https://www.kernel.org/doc/Documentation/networking/vrf.txt Linux users could not use snmpd in its current form to bind specific listening IP addresses to specific VRF devices. A simplified description of a VRF inteface is an interface that is a master (a container of sorts) that collects a set of physicalinterfaces to form a routing table. This set of two patches (one for V5-7-patches and one for V5-8-patches branches) is almost identical to patch single "listendevice" configuration. Rather, multiple agentAddress config options can each have their own "interface" to bind to using the <ip>%<interface> syntax.</interface></ip> ------------------------------------------- Signed-off-by: Harish Venkatraman <harish_venkatraman@dell.com>
161 lines
4.9 KiB
Django/Jinja
161 lines
4.9 KiB
Django/Jinja
###############################################################################
|
|
# Managed by sonic-config-engine
|
|
###############################################################################
|
|
#
|
|
# EXAMPLE.conf:
|
|
# An example configuration file for configuring the Net-SNMP agent ('snmpd')
|
|
# See the 'snmpd.conf(5)' man page for details
|
|
#
|
|
# Some entries are deliberately commented out, and will need to be explicitly activated
|
|
#
|
|
###############################################################################
|
|
#
|
|
# AGENT BEHAVIOUR
|
|
#
|
|
|
|
# Listen for connections on all ip addresses, including eth0, ipv4 lo
|
|
#
|
|
{% if snmp_agent_address_1 or snmp_agent_address_2 or snmp_agent_address_3 %}
|
|
{% if snmp_agent_address_1 %}
|
|
agentAddress {{ snmp_agent_address_1 }}
|
|
{% endif %}
|
|
{% if snmp_agent_address_2 %}
|
|
agentAddress {{ snmp_agent_address_2 }}
|
|
{% endif %}
|
|
{% if snmp_agent_address_3 %}
|
|
agentAddress {{ snmp_agent_address_3 }}
|
|
{% endif %}
|
|
{% else %}
|
|
agentAddress udp:161
|
|
{% endif %}
|
|
|
|
# TODO: only support ipv4 lo addresses, add ipv6 support later
|
|
|
|
###############################################################################
|
|
#
|
|
# ACCESS CONTROL
|
|
#
|
|
|
|
# system + hrSystem groups only
|
|
view systemonly included .1.3.6.1.2.1.1
|
|
view systemonly included .1.3.6.1.2.1.25.1
|
|
|
|
# Default access to basic system info
|
|
{% if snmp_rocommunities %}
|
|
{% for community in snmp_rocommunities %}
|
|
rocommunity {{ community }}
|
|
{% endfor %}
|
|
{% else %}
|
|
rocommunity {{ snmp_rocommunity }}
|
|
{% endif %}
|
|
|
|
###############################################################################
|
|
#
|
|
# SYSTEM INFORMATION
|
|
#
|
|
|
|
# Note that setting these values here, results in the corresponding MIB objects being 'read-only'
|
|
# See snmpd.conf(5) for more details
|
|
sysLocation {{ snmp_location }}
|
|
sysContact Azure Cloud Switch vteam <linuxnetdev@microsoft.com>
|
|
# Application + End-to-End layers
|
|
sysServices 72
|
|
|
|
|
|
#
|
|
# Process Monitoring
|
|
#
|
|
# todo: should we enable snmp based monitoring of sswsyncd and other processes?
|
|
|
|
# At least one 'sendmail' process, but no more than 10
|
|
#proc sendmail 10 1
|
|
|
|
# Walk the UCD-SNMP-MIB::prTable to see the resulting output
|
|
# Note that this table will be empty if there are no "proc" entries in the snmpd.conf file
|
|
|
|
|
|
#
|
|
# Disk Monitoring
|
|
#
|
|
# 10MBs required on root disk, 5% free on /var, 10% free on all other disks
|
|
disk / 10000
|
|
disk /var 5%
|
|
includeAllDisks 10%
|
|
|
|
# Walk the UCD-SNMP-MIB::dskTable to see the resulting output
|
|
# Note that this table will be empty if there are no "disk" entries in the snmpd.conf file
|
|
|
|
|
|
#
|
|
# System Load
|
|
#
|
|
# Unacceptable 1-, 5-, and 15-minute load averages
|
|
load 12 10 5
|
|
|
|
# Walk the UCD-SNMP-MIB::laTable to see the resulting output
|
|
# Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file
|
|
|
|
|
|
|
|
###############################################################################
|
|
#
|
|
# ACTIVE MONITORING
|
|
#
|
|
# Note: disabled snmp traps due to side effect of causing snmpd to listen on all ports (0.0.0.0)
|
|
#
|
|
# send SNMPv1 traps
|
|
{%if v1_trap_dest and v1_trap_dest != 'NotConfigured' %}
|
|
trapsink {{ v1_trap_dest }} public
|
|
{% else %}
|
|
#trapsink localhost public
|
|
{% endif %}
|
|
# send SNMPv2c traps
|
|
{%if v2_trap_dest and v2_trap_dest != 'NotConfigured' %}
|
|
trap2sink {{ v2_trap_dest }} public
|
|
{% else %}
|
|
#trap2sink localhost public
|
|
{% endif %}
|
|
# send SNMPv2c INFORMs
|
|
{%if v3_trap_dest and v3_trap_dest != 'NotConfigured' %}
|
|
informsink {{ v3_trap_dest }} public
|
|
{% else %}
|
|
#informsink localhost public
|
|
{% endif %}
|
|
|
|
# Note that you typically only want *one* of these three lines
|
|
# Uncommenting two (or all three) will result in multiple copies of each notification.
|
|
|
|
|
|
#
|
|
# Event MIB - automatically generate alerts
|
|
#
|
|
# Remember to activate the 'createUser' lines above
|
|
#iquerySecName internalUser
|
|
#rouser internalUser
|
|
# generate traps on UCD error conditions
|
|
#defaultMonitors yes
|
|
#note, this release of snmpd does not support linkUpDownNotifications
|
|
# generate traps on linkUp/Down
|
|
#linkUpDownNotifications yes
|
|
|
|
|
|
#
|
|
# AgentX Sub-agents
|
|
#
|
|
# Run as an AgentX master agent
|
|
master agentx
|
|
# internal socket to allow extension to other docker containers
|
|
# Currently the other container using this is docker-fpm-frr
|
|
# make sure this line matches bgp:/etc/snmp/frr.conf
|
|
# please see testing procedure in the same file to verify this works
|
|
# to verify the SNMP docker side look for the following string in the log file:
|
|
# INFO snmp-subagent [ax_interface] INFO: Using agentx socket type tcp with path tcp:localhost:3161
|
|
# INFO supervisord snmp-subagent INFO:ax_interface:Using agentx socket type tcp with path tcp:localhost:3161
|
|
agentxsocket tcp:localhost:3161
|
|
|
|
#
|
|
# SysDescription pass-through
|
|
#
|
|
|
|
pass -p 10 .1.3.6.1.2.1.1.1 /usr/share/snmp/sysDescr_pass.py
|