Skip to content

Commit

Permalink
[SNMP] management VRF SNMP support (#2608)
Browse files Browse the repository at this point in the history
* [SNMP] management VRF SNMP support

This commit adds SNMP support for Management VRF using l3mdev.
The patch included provides VRF support, there is no single
"listendevice" configuration, rather multiple agentaddress
config options can each have their own "interface" to bind to
using "ip%interface". The snmpd.conf file is accordingly
generated using the snmp.yml file and redis database info.

Adding below the comments of SNMP patch 1376
--------------------------------------------
Since the Linux kernel added support for Virtual Routing
and Forwarding (VRF) in version 4.3
(Note: these won't compile on non-linux platforms)

https://www.kernel.org/doc/Documentation/networking/vrf.txt

Linux users could not use snmpd in its current form to
bind specific listening IP addresses to specific VRF
devices. A simplified description of a VRF inteface
is an interface that is a master (a container of sorts)
that collects a set of physicalinterfaces to form a
routing table.

This set of two patches (one for V5-7-patches and one
for V5-8-patches branches) is almost identical to patch
single "listendevice" configuration. Rather, multiple
agentAddress config options can each have their own
"interface" to bind to using the <ip>%<interface>
syntax.</interface></ip>
-------------------------------------------

Signed-off-by: Harish Venkatraman <[email protected]>
  • Loading branch information
Harish Venkatraman authored and lguohan committed Sep 19, 2019
1 parent 5c9348b commit 9d2d617
Show file tree
Hide file tree
Showing 5 changed files with 853 additions and 0 deletions.
26 changes: 26 additions & 0 deletions dockers/docker-snmp-sv2/snmpd.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,21 @@
#

# Listen for connections on all ip addresses, including eth0, ipv4 lo
#
{% if snmp_agent_address_1 or snmp_agent_address_2 or snmp_agent_address_3 %}
{% if snmp_agent_address_1 %}
agentAddress {{ snmp_agent_address_1 }}
{% endif %}
{% if snmp_agent_address_2 %}
agentAddress {{ snmp_agent_address_2 }}
{% endif %}
{% if snmp_agent_address_3 %}
agentAddress {{ snmp_agent_address_3 }}
{% endif %}
{% else %}
agentAddress udp:161
{% endif %}

# TODO: only support ipv4 lo addresses, add ipv6 support later

###############################################################################
Expand Down Expand Up @@ -90,11 +104,23 @@ load 12 10 5
# Note: disabled snmp traps due to side effect of causing snmpd to listen on all ports (0.0.0.0)
#
# send SNMPv1 traps
{%if v1_trap_dest and v1_trap_dest != 'NotConfigured' %}
trapsink {{ v1_trap_dest }} public
{% else %}
#trapsink localhost public
{% endif %}
# send SNMPv2c traps
{%if v2_trap_dest and v2_trap_dest != 'NotConfigured' %}
trap2sink {{ v2_trap_dest }} public
{% else %}
#trap2sink localhost public
{% endif %}
# send SNMPv2c INFORMs
{%if v3_trap_dest and v3_trap_dest != 'NotConfigured' %}
informsink {{ v3_trap_dest }} public
{% else %}
#informsink localhost public
{% endif %}

# Note that you typically only want *one* of these three lines
# Uncommenting two (or all three) will result in multiple copies of each notification.
Expand Down
37 changes: 37 additions & 0 deletions files/build_templates/docker_image_ctl.j2
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,43 @@ function postStartAction()
fi
{%- elif docker_container_name == "snmp" %}
docker exec -i database redis-cli -n 6 HSET 'DEVICE_METADATA|localhost' chassis_serial_number $(decode-syseeprom -s)
vrfenabled=`/usr/bin/redis-cli -n 4 hget "MGMT_VRF_CONFIG|vrf_global" mgmtVrfEnabled`
v1SnmpTrapIp=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v1TrapDest" DestIp`
v1SnmpTrapPort=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v1TrapDest" DestPort`
v1MgmtVrf=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v1TrapDest" vrf`
v2SnmpTrapIp=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v2TrapDest" DestIp`
v2SnmpTrapPort=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v2TrapDest" DestPort`
v2MgmtVrf=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v2TrapDest" vrf`
v3SnmpTrapIp=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v3TrapDest" DestIp`
v3SnmpTrapPort=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v3TrapDest" DestPort`
v3MgmtVrf=`/usr/bin/redis-cli -n 4 hget "SNMP_TRAP_CONFIG|v3TrapDest" vrf`

if [ "${v1SnmpTrapIp}" != "" ]
then
sed -i "s/v1_trap_dest:.*/v1_trap_dest: ${v1SnmpTrapIp}:${v1SnmpTrapPort}%${v1MgmtVrf}/" "/etc/sonic/snmp.yml"
fi
if [ "${v2SnmpTrapIp}" != "" ]
then
sed -i "s/v2_trap_dest:.*/v2_trap_dest: ${v2SnmpTrapIp}:${v2SnmpTrapPort}%${v2MgmtVrf}/" "/etc/sonic/snmp.yml"
fi
if [ "${v3SnmpTrapIp}" != "" ]
then
sed -i "s/v3_trap_dest:.*/v3_trap_dest: ${v3SnmpTrapIp}:${v3SnmpTrapPort}%${v3MgmtVrf}/" "/etc/sonic/snmp.yml"
fi

if [ "${vrfenabled}" == "true" ]
then
keys=`/usr/bin/redis-cli -n 4 keys "SNMP_AGENT_ADDRESS_CONFIG|*"`
count=1
for key in $keys;do
ip=`echo $key|cut -d "|" -f2`
vrf=`echo $key|cut -d "|" -f3`
echo "snmp_agent_address_$count: $ip%$vrf" >> /tmp/snmpagentaddr.yml
count=$((count+1))
done
sed -i '/snmp_agent_address_*/d' /etc/sonic/snmp.yml
cat /tmp/snmpagentaddr.yml >> /etc/sonic/snmp.yml
fi
{%- else %}
: # nothing
{%- endif %}
Expand Down
3 changes: 3 additions & 0 deletions files/image_config/snmp/snmp.yml
Original file line number Diff line number Diff line change
@@ -1,2 +1,5 @@
snmp_rocommunity: public
snmp_location: public
v1_trap_dest: NotConfigured
v2_trap_dest: NotConfigured
v3_trap_dest: NotConfigured
Loading

0 comments on commit 9d2d617

Please sign in to comment.