cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1326
Views
0
Helpful
12
Replies

snmp traps

MZydorczyk2
Level 1
Level 1

We have one of our switches setup like this but we are not getting any traps from it. Is there something wrong?

set snmp enable

set snmp trap enable macnotification

set snmp trap 10.1.1.100 all port 162 owner CLI index 1

set port security 1/1-2 disable age 0 maximum 1 shutdown 0 unicast-flood enable

violation shutdown

set port security 3/1-48 disable age 0 maximum 1 shutdown 0 unicast-flood enable

violation shutdown

set port security 4/1-48 disable age 0 maximum 1 shutdown 0 unicast-flood enable

violation shutdown

set port security 5/1-48 disable age 0 maximum 1 shutdown 0 unicast-flood enable

violation shutdown

set cam notification added disable 1/1-2

set cam notification removed disable 1/1-2

set cam notification added enable 3/1-48

set cam notification removed enable 3/1-48

set cam notification added enable 4/1-48

set cam notification removed enable 4/1-48

set cam notification added enable 5/1-48

set cam notification removed enable 5/1-48

set cam agingtime 1 14400

set cam notification enable

set cam notification interval 5

set cam notification historysize 10

We are trying to get macnotifications but we get nothing.

Our community string is blank in the config...

set snmp community read-only

set snmp community read-write

set snmp community read-write

Could this be the problem?

12 Replies 12

Joe Clarke
Cisco Employee
Cisco Employee

Yes, you need at least one valid SNMP read-only community or SNMPv3 username. Other than that, your MAC notification config looks okay.

These traps go to a server so do you need the community string on the switch AND the server?

It depends on the trap server as to whether or not it cares about the community string in the trap. For example, Net-SNMP's snmptrapd now requires you to specify which community strings to allow. It will throw away traps with unknown community strings. You'll need to check your trap receiver's documentation to see what is required.

ok yeah we use net-snmp so I'll see about that.

Doesn't look like putting in a community string worked either. I don't think our version of net-snmp requires the community string in the server config because we do have a couple switches that ARE sending traps. I have looked and the config are the same but they still won't send any.

What are you doing on this switch to force a trap? One thing you could do since this is CatOS is to use the "test snmp" command to generate a test trap. Try:

test snmp trap cmnMacChangedNotification

You might want to put a sniffer on the SNMP manager to see if the traps are in fact getting to it. You can then work backwards to see if the trap is being dropped at any hop along the way.

I get a message that says "Trap number must be integer." Does this require some number?

What version of CatOS?

8.4(9)GLX

You'll need to specify generic and specific trap IDs. Try a simple linkUp trap:

test snmp trap 3

What do you mean trap id's? The 3 is the same thing as you last command?

Run the command:

test snmp trap 3

That should cause the switch to send a linkUp trap to all configured trap destinations.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco