How to forward SNMP Traps - UDP forwarding
Posted by moog-spike
|
How to forward SNMP Traps - UDP forwarding May 25, 2017 05:57AM |
Registered: 6 years ago Posts: 1 |
Hi,
Just starting out with nginx - and trying to forward SNMP traps (UDP port 162) to two servers, one primary and one backup.
Current config is this:
# Load balance UDP-based trap traffic across two servers
stream {
upstream trap_lam {
server 172.16.225.140:163;
server 172.16.225.141:163 backup;
}
server {
listen 162 udp;
proxy_pass trap_lam;
proxy_timeout 1s;
proxy_responses 1;
error_log /var/log/nginx/trap.log debug;
}
}
If I send a trap to port 162 it does get forwarded - but always get forwarded to both servers. If I have a trap receiver or tcpdump running on both servers - I can see both being sent.
The debug shows this:
2017/05/25 10:53:21 [debug] 730#0: recvmsg on 0.0.0.0:162, ready: 0
2017/05/25 10:53:21 [debug] 730#0: posix_memalign: 00000000009B71A0:256 @16
2017/05/25 10:53:21 [debug] 730#0: posix_memalign: 00000000009B6C70:256 @16
2017/05/25 10:53:21 [debug] 730#0: malloc: 000000000099EAD0:827
2017/05/25 10:53:21 [debug] 730#0: *1 recvmsg: 172.16.225.140:58007 fd:11 n:827
2017/05/25 10:53:21 [info] 730#0: *1 udp client 172.16.225.140:58007 connected to 0.0.0.0:162
2017/05/25 10:53:21 [debug] 730#0: *1 proxy connection handler
2017/05/25 10:53:21 [debug] 730#0: *1 malloc: 0000000000999940:328
2017/05/25 10:53:21 [debug] 730#0: *1 posix_memalign: 000000000099BA10:256 @16
2017/05/25 10:53:21 [debug] 730#0: *1 get rr peer, try: 2
2017/05/25 10:53:21 [debug] 730#0: *1 get rr peer, current: 0000000000976A90 0
2017/05/25 10:53:21 [debug] 730#0: *1 dgram socket 3
2017/05/25 10:53:21 [debug] 730#0: *1 epoll add connection: fd:3 ev:80002005
2017/05/25 10:53:21 [debug] 730#0: *1 connect to 172.16.225.140:163, fd:3 #2
2017/05/25 10:53:21 [debug] 730#0: *1 connected
2017/05/25 10:53:21 [debug] 730#0: *1 proxy connect: 0
2017/05/25 10:53:21 [info] 730#0: *1 udp proxy 172.16.225.140:49464 connected to 172.16.225.140:163
2017/05/25 10:53:21 [debug] 730#0: *1 malloc: 000000000092CAD0:16384
2017/05/25 10:53:21 [debug] 730#0: *1 send: fd:3 827 of 827
2017/05/25 10:53:21 [debug] 730#0: *1 event timer add: 11: 1000:1495706002761
2017/05/25 10:53:21 [debug] 730#0: *1 event timer: 11, old: 1495706002761, new: 1495706002761
2017/05/25 10:53:22 [debug] 730#0: *1 event timer del: 11: 1495706002761
2017/05/25 10:53:22 [debug] 730#0: *1 stream proxy next upstream
2017/05/25 10:53:22 [debug] 730#0: *1 free rr peer 2 4
2017/05/25 10:53:22 [warn] 730#0: *1 upstream server temporarily disabled while proxying connection, udp client: 172.16.225.140, server: 0.0.0.0:162, upstream: "172.16.225.140:163", bytes from/to client:827/0, bytes from/to upstream:0/827
2017/05/25 10:53:22 [debug] 730#0: *1 free rr peer failed: 0000000000976A90 0
2017/05/25 10:53:22 [debug] 730#0: *1 close proxy upstream connection: 3
2017/05/25 10:53:22 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, try: 1
2017/05/25 10:53:22 [debug] 730#0: *1 backup servers
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, try: 1
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, current: 0000000000A09750 0
2017/05/25 10:53:22 [debug] 730#0: *1 dgram socket 3
2017/05/25 10:53:22 [debug] 730#0: *1 epoll add connection: fd:3 ev:80002005
2017/05/25 10:53:22 [debug] 730#0: *1 connect to 172.16.225.141:163, fd:3 #3
2017/05/25 10:53:22 [debug] 730#0: *1 connected
2017/05/25 10:53:22 [debug] 730#0: *1 proxy connect: 0
2017/05/25 10:53:22 [info] 730#0: *1 udp proxy 172.16.225.140:42569 connected to 172.16.225.141:163
2017/05/25 10:53:22 [debug] 730#0: *1 send: fd:3 827 of 827
2017/05/25 10:53:22 [debug] 730#0: *1 event timer add: 11: 1000:1495706003762
2017/05/25 10:53:22 [debug] 730#0: *1 event timer: 11, old: 1495706003762, new: 1495706003764
2017/05/25 10:53:22 [debug] 730#0: *1 event timer: 11, old: 1495706003762, new: 1495706003765
2017/05/25 10:53:23 [debug] 730#0: *1 event timer del: 11: 1495706003762
2017/05/25 10:53:23 [debug] 730#0: *1 stream proxy next upstream
2017/05/25 10:53:23 [debug] 730#0: *1 free rr peer 1 4
2017/05/25 10:53:23 [warn] 730#0: *1 upstream server temporarily disabled while proxying connection, udp client: 172.16.225.140, server: 0.0.0.0:162, upstream: "172.16.225.141:163", bytes from/to client:827/0, bytes from/to upstream:0/827
2017/05/25 10:53:23 [debug] 730#0: *1 free rr peer failed: 0000000000A09750 0
2017/05/25 10:53:23 [debug] 730#0: *1 finalize stream proxy: -5
2017/05/25 10:53:23 [debug] 730#0: *1 close stream proxy upstream connection: 3
2017/05/25 10:53:23 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:23 [debug] 730#0: *1 close stream connection: 11
2017/05/25 10:53:23 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000092CAD0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 0000000000999940
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000099EAD0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 00000000009B71A0, unused: 0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 00000000009B6C70, unused: 8
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000099BA10, unused: 160
I was wondering if it's the proxy_responses that are causing the issue - an SNMP trap is a fire and forget - no response is expected or sent.
Any ideas ?
I couldn't find anything on the forum about SNMP - but apologies if that has been covered previously.
Cheers
Spike
Just starting out with nginx - and trying to forward SNMP traps (UDP port 162) to two servers, one primary and one backup.
Current config is this:
# Load balance UDP-based trap traffic across two servers
stream {
upstream trap_lam {
server 172.16.225.140:163;
server 172.16.225.141:163 backup;
}
server {
listen 162 udp;
proxy_pass trap_lam;
proxy_timeout 1s;
proxy_responses 1;
error_log /var/log/nginx/trap.log debug;
}
}
If I send a trap to port 162 it does get forwarded - but always get forwarded to both servers. If I have a trap receiver or tcpdump running on both servers - I can see both being sent.
The debug shows this:
2017/05/25 10:53:21 [debug] 730#0: recvmsg on 0.0.0.0:162, ready: 0
2017/05/25 10:53:21 [debug] 730#0: posix_memalign: 00000000009B71A0:256 @16
2017/05/25 10:53:21 [debug] 730#0: posix_memalign: 00000000009B6C70:256 @16
2017/05/25 10:53:21 [debug] 730#0: malloc: 000000000099EAD0:827
2017/05/25 10:53:21 [debug] 730#0: *1 recvmsg: 172.16.225.140:58007 fd:11 n:827
2017/05/25 10:53:21 [info] 730#0: *1 udp client 172.16.225.140:58007 connected to 0.0.0.0:162
2017/05/25 10:53:21 [debug] 730#0: *1 proxy connection handler
2017/05/25 10:53:21 [debug] 730#0: *1 malloc: 0000000000999940:328
2017/05/25 10:53:21 [debug] 730#0: *1 posix_memalign: 000000000099BA10:256 @16
2017/05/25 10:53:21 [debug] 730#0: *1 get rr peer, try: 2
2017/05/25 10:53:21 [debug] 730#0: *1 get rr peer, current: 0000000000976A90 0
2017/05/25 10:53:21 [debug] 730#0: *1 dgram socket 3
2017/05/25 10:53:21 [debug] 730#0: *1 epoll add connection: fd:3 ev:80002005
2017/05/25 10:53:21 [debug] 730#0: *1 connect to 172.16.225.140:163, fd:3 #2
2017/05/25 10:53:21 [debug] 730#0: *1 connected
2017/05/25 10:53:21 [debug] 730#0: *1 proxy connect: 0
2017/05/25 10:53:21 [info] 730#0: *1 udp proxy 172.16.225.140:49464 connected to 172.16.225.140:163
2017/05/25 10:53:21 [debug] 730#0: *1 malloc: 000000000092CAD0:16384
2017/05/25 10:53:21 [debug] 730#0: *1 send: fd:3 827 of 827
2017/05/25 10:53:21 [debug] 730#0: *1 event timer add: 11: 1000:1495706002761
2017/05/25 10:53:21 [debug] 730#0: *1 event timer: 11, old: 1495706002761, new: 1495706002761
2017/05/25 10:53:22 [debug] 730#0: *1 event timer del: 11: 1495706002761
2017/05/25 10:53:22 [debug] 730#0: *1 stream proxy next upstream
2017/05/25 10:53:22 [debug] 730#0: *1 free rr peer 2 4
2017/05/25 10:53:22 [warn] 730#0: *1 upstream server temporarily disabled while proxying connection, udp client: 172.16.225.140, server: 0.0.0.0:162, upstream: "172.16.225.140:163", bytes from/to client:827/0, bytes from/to upstream:0/827
2017/05/25 10:53:22 [debug] 730#0: *1 free rr peer failed: 0000000000976A90 0
2017/05/25 10:53:22 [debug] 730#0: *1 close proxy upstream connection: 3
2017/05/25 10:53:22 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, try: 1
2017/05/25 10:53:22 [debug] 730#0: *1 backup servers
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, try: 1
2017/05/25 10:53:22 [debug] 730#0: *1 get rr peer, current: 0000000000A09750 0
2017/05/25 10:53:22 [debug] 730#0: *1 dgram socket 3
2017/05/25 10:53:22 [debug] 730#0: *1 epoll add connection: fd:3 ev:80002005
2017/05/25 10:53:22 [debug] 730#0: *1 connect to 172.16.225.141:163, fd:3 #3
2017/05/25 10:53:22 [debug] 730#0: *1 connected
2017/05/25 10:53:22 [debug] 730#0: *1 proxy connect: 0
2017/05/25 10:53:22 [info] 730#0: *1 udp proxy 172.16.225.140:42569 connected to 172.16.225.141:163
2017/05/25 10:53:22 [debug] 730#0: *1 send: fd:3 827 of 827
2017/05/25 10:53:22 [debug] 730#0: *1 event timer add: 11: 1000:1495706003762
2017/05/25 10:53:22 [debug] 730#0: *1 event timer: 11, old: 1495706003762, new: 1495706003764
2017/05/25 10:53:22 [debug] 730#0: *1 event timer: 11, old: 1495706003762, new: 1495706003765
2017/05/25 10:53:23 [debug] 730#0: *1 event timer del: 11: 1495706003762
2017/05/25 10:53:23 [debug] 730#0: *1 stream proxy next upstream
2017/05/25 10:53:23 [debug] 730#0: *1 free rr peer 1 4
2017/05/25 10:53:23 [warn] 730#0: *1 upstream server temporarily disabled while proxying connection, udp client: 172.16.225.140, server: 0.0.0.0:162, upstream: "172.16.225.141:163", bytes from/to client:827/0, bytes from/to upstream:0/827
2017/05/25 10:53:23 [debug] 730#0: *1 free rr peer failed: 0000000000A09750 0
2017/05/25 10:53:23 [debug] 730#0: *1 finalize stream proxy: -5
2017/05/25 10:53:23 [debug] 730#0: *1 close stream proxy upstream connection: 3
2017/05/25 10:53:23 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:23 [debug] 730#0: *1 close stream connection: 11
2017/05/25 10:53:23 [debug] 730#0: *1 reusable connection: 0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000092CAD0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 0000000000999940
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000099EAD0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 00000000009B71A0, unused: 0
2017/05/25 10:53:23 [debug] 730#0: *1 free: 00000000009B6C70, unused: 8
2017/05/25 10:53:23 [debug] 730#0: *1 free: 000000000099BA10, unused: 160
I was wondering if it's the proxy_responses that are causing the issue - an SNMP trap is a fire and forget - no response is expected or sent.
Any ideas ?
I couldn't find anything on the forum about SNMP - but apologies if that has been covered previously.
Cheers
Spike
Sorry, only registered users may post in this forum.
Online Users
Guests:
170
Record Number of Users:
8
on April 13, 2023
Record Number of Guests:
421
on December 02, 2018
This forum is powered by Phorum.
 |
 |
 |
 |
|