Setting the IP Source Address for SNMP Traps

Problem

You want to set the source IP address for all SNMP traps leaving a router.

Solution

To set the default IP source address for all traps leaving a router, use the following configuration command:

Router#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#snmp-server host 172.25.1.1 ORATRAP
Router(config)#snmp-server trap-source loopback0
Router(config)#end
Router#

 

Discussion

Normally, when you enable SNMP traps to a remote server, that server will see the source IP address of the router's closest interface. However, this is not always meaningful. For instance, it is a relatively common practice to populate your DNS with only the router's loopback interfaces. In this case, the server will not be able to resolve the originator of the trap.

Further, it can be difficult to correlate traps from the same router delivered through different interfaces. This could happen as a result of a network failure, for example. It can be confusing to see a link-down message coming from one IP address and the corresponding link-up message from a different one.

By enabling the snmp-server trap-source command, you can force the router to always use the same IP source address for all of the SNMP traps it sends. Industry best practices dictate that a loopback interface is usually the best choice for this because it is a virtual interface that is always available. Physical interfaces such as Ethernet or Serial interfaces can become unavailable and affect the effectiveness of this command. However, if you set the source interface to an unreachable interface, then the router will resort to using the closest interface as the source address.

Note that Cisco's IOS will even allow you to assign a trap-source interface that does not have an IP assigned address to it. However, the router will forward a syslog message highlighting the issue, and will resort to the default method of using the closest interface address for sending traps. Here is example of the log message that appears in this case:

Jun 12 00:22:00 EDT: %IP_SNMP-4-NOTRAPIP: SNMP trap source Loopback1 has no ip address


Router Configuration and File Management

Router Management

User Access and Privilege Levels

TACACS+

IP Routing

RIP

EIGRP

OSPF

BGP

Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time

DLSw

Router Interfaces and Media

Simple Network Management Protocol

Logging

Access-Lists

DHCP

NAT

First Hop Redundancy Protocols

IP Multicast

IP Mobility

IPv6

MPLS

Security

Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications

Index



Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net