Kaspersky SD-WAN
2.2
English

Contents

Monitoring CPE, VNF, and PNF devices using SNMP

You can use SNMP to monitor CPE devices as well as virtual and physical network functions. You need to install an SNMP agent on the component that you want to monitor. The SNMP agent gathers monitoring data and sends it to the SNMP manager for processing. In Kaspersky SD-WAN, the Zabbix proxy server acts as the SNMP manager.

The SNMP manager and SNMP agents exchange requests and notifications. By default, SNMP agents receive requests from the SNMP manager on port 161. However, the SNMP manager can send requests through any available port. The response arrives on the same port from which the request was sent.

By default, the SNMP manager receives notifications from SNMP agents on port 162. However, SNMP agents can send notifications through any available port. Two types of notifications exist:

  • Traps are notifications about events that the SNMP agent sends without a prior request from the SNMP manager. When a specified event occurs, such as a shutdown of a CPE device or one of its network interfaces, the SNMP agent generates a trap and sends it to the SNMP manager as a UPD message. Traps allow automatically informing the SNMP manager about events without waiting for a request.
  • Inform requests are notifications similar to traps, which differ in that they require additional confirmation from the SNMP manager. When the SNMP agent sends an inform request to the SNMP manager, the SNMP agent waits to receive an acknowledgment. If the SNMP manager successfully receives and processes the inform request, it sends an acknowledgment message to the SNMP agent. The acknowledgment mechanism allows you to ensure the reliability of delivery of notifications.

When using the TLS or DTLS protocol, traps arrive on port 10162 of the SNMP manager, and information requests arrive on port 10161.

All basic protocol data units (PDUs) have the same structure (see figure below). The IP header and UDP header are used for encapsulation and are not actually part of the protocol data unit.

The diagram shows the 7 parts of the protocol data unit: IP and UDP headers, version, password (community), PDU type, request ID, error status and index, and associated variables.

SNMP Protocol Data Unit diagram

To display the table of traps, go to the Infrastructure menu section, click Management → Configuration menu next to the controller to which the components that you want to monitor are connected, and go to the SNMP section. Information about traps is displayed in the following columns of the table:

  • # is the serial number of the trap.
  • Manager IP is the IP address or host name of the SNMP manager.
  • Manager port is the port number of the SNMP manager.
  • Community is the SNMP community string.
  • Allowed traps are traps that SNMP agents must send to the SNMP manager.
  • Description is a brief description of the trap.

In this section

Configuring the connection of the SNMP manager to SNMP agents

Creating a trap

Editing a trap

Deleting a trap
Page top
[Topic 256976]

Configuring the connection of the SNMP manager to SNMP agents

You must specify the settings for connecting the SNMP manager to SNMP agents installed on CPE devices, as well as on the virtual and physical network functions. The specified settings are used for all SNMP agents.

To configure the connection of the SNMP manager to SNMP agents:

  1. In the menu, go to the Infrastructure section.

    This opens the resource management page. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management → Configuration menu next to the controller to which the components that you want to monitor are connected.

    This opens the controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of controller nodes.

  3. Go to the SNMP section.

    A table of traps is displayed.

  4. In the upper part of the page, under Manager parameters, click Edit.
  5. This opens a window; in that window, in the Address field, enter the IP address or host name of the equipment on which the SNMP agent is installed, in the <transport protocol>:<IP address or host name>/<port number> format. For example, you can enter udp:192.168.2.0/24.
  6. In the Community field, enter the SNMP community string. The SNMP community string is used as a password which the SNMP manager uses to connect to SNMP agents. Default value: public means read-only access is granted. We recommend changing the default to a unique community string to ensure the security of communication between the SNMP manager and the SNMP agents.

    You must specify the same community string when configuring the SNMP manager connection to SNMP agents and when creating or editing traps.

  7. Click Save.

The connecting of the SNMP manager to agents is configured.

Page top
[Topic 257024]

Creating a trap

You can create a trap that SNMP agents must send to the SNMP manager.

To create a trap:

  1. In the menu, go to the Infrastructure section.

    This opens the resource management page. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.

  2. Click Management → Configuration menu next to the controller to which the components that you want to monitor are connected.

    This opens the controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of controller nodes.

  3. Go to the SNMP section.

    A table of traps is displayed.

  4. Under Trap parameters, click Edit.
  5. This opens a window; in that window, click + Add to create a trap.
  6. In the Manager IP field, enter the IP address or host name of the SNMP manager. Range of values: 1 to 255.
  7. In the Manager port field, enter the port number of the SNMP manager. Range of values: 1 to 65,534. Default value: 162.
  8. In the Community field, enter the SNMP community string. The SNMP community string is used as a password which the SNMP manager uses to connect to SNMP agents. Default value: public means read-only access is granted. We recommend changing the default to a unique community string to ensure the security of communication between the SNMP manager and the SNMP agents.

    You must specify the same SNMP community string when configuring the SNMP manager connection to SNMP agents and when creating or editing traps.

  9. In the Allowed traps field, click Edit and clear the following check boxes to specify which traps SNMP agents do not send to the SNMP manager:
    • Clear the Trap, when an interface is active check box to prevent the SNMP agent from sending a trap to the SNMP manager when one of the ports of the component on which the SNMP agent is installed becomes active.
    • Clear the Trap, when an interface is inactive check box to prevent the SNMP agent from sending a trap to the SNMP manager when one of the ports of the component on which the SNMP agent is installed becomes inactive.
    • Clear the Trap, when an equipment is active check box to prevent the SNMP agent from sending a trap to the SNMP manager when the component on which the SNMP agent is installed becomes active.
    • Clear the Trap, when an equipment is inactive check box to prevent the SNMP agent from sending a trap to the SNMP manager when the component on which the SNMP agent is installed becomes inactive.

    By default, the check boxes are selected.

  10. Click Back to continue specifying trap settings.
  11. In the Description field, enter a brief description of the trap.
  12. Click Save.

The trap is created and displayed in the table.

Page top
[Topic 257030]

Editing a trap

To edit a trap:

  1. In the menu, go to the Infrastructure section.

    This opens the resource management page. By default, the Network resources tab is selected, which displays the table of controllers.

  2. Click Management → Configuration menu next to the controller to which the components that you want to monitor are connected.

    This opens the controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of controller nodes.

  3. Go to the SNMP section.

    A table of traps is displayed.

  4. Under Trap parameters, click Edit.
  5. This opens a window; in that window, if necessary, edit the trap settings. For a description of the settings, see instructions for creating a trap.
  6. Click Save.

The trap is modified and updated in the table.

Page top
[Topic 257039]

Deleting a trap

Deleted traps cannot be restored.

To delete a trap:

  1. In the menu, go to the Infrastructure section.

    This opens the resource management page. By default, the Network resources tab is selected, which displays the table of controllers.

  2. Click Management → Configuration menu next to the controller to which the components that you want to monitor are connected.

    This opens the controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of controller nodes.

  3. Go to the SNMP section.

    A table of traps is displayed.

  4. Under Trap parameters, click Edit.
  5. This opens a window; in that window, click Delete next to the trap that you want to delete.
  6. Click Save.

The trap is deleted and is no longer displayed in the table.

Page top
[Topic 257044]