;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
Overview
This KB article explains how to configure Nagios xi to receive SNMP Traps that come in via IPv6 (Internet Protocol version 6).
It is a requirement to have already followed this guide to install all the SNMP Trap pre-requisites:
Documentation - How to Integrate SNMP Traps With Nagios xi
Editing Files
In many steps of this article you will be required to edit files. This documentation will use the vi text editor. When using the vi
editor:
- To make changes press i on the keyboard first to enter insert mode
- Press Esc to exit insert mode
- When you have finished, save the changes in vi by typing :wq and press Enter
Configure SNMPTRAPD
These steps configure snmptrapd to listen for IPv6 traps.
Establish an SSH session to your Nagios xi server as a root user.
Edit the /etc/snmp/snmptrapd.conf file and add the following line:
snmpTrapdAddr udp:162,udp6:162
Save and close the file.
Now restart the SNMPTRAPD service:
RHEL 7+ | CentOS 7+ | Oracle Linux 7+ | Debian | Ubuntu 16/18/20
systemctl restart snmptrapd.service
Firewall Rules
You will also need to add a firewall rule allow IPv6 SNMP Traps using one of the commands below:
RHEL 7 + | CentOS 7 + | Oracle Linux 7 +
firewall-cmd --zone=public --add-port=162/udp
firewall-cmd --zone=public --add-port=162/udp --permanent
Debian
iptables -I INPUT -p udp --destination-port 162 -j ACCEPT
Ubuntu
ufw allow proto udp from any to any port 162
ufw reload
At this point your Nagios xi server will listen for SNMP IPv6 traps (as well as IPv4).
Update snmptraphandling.py Script
There is currently a bug in how the Net-SNMP libraries spool these received IPv6 traps. In brief, the side affects of this bug are:
-
The IPv6 address is not formatted correctly
-
snmptrapd is not able to resolve this address to a DNS record
-
snmptt is not able to resolve this address to a DNS record
-
This causes the address submitted to Nagios xi as a passive check result to be an incorrect address
Full details about the bug are reported here:
#2704 IPv6 Trap addresses not processed correctly
Without going into too much detail about the bug, lets compare the address in an IPv4 trap compared to an IPv6 trap:
-
IPv4
-
localhost.localdomain
-
This was submitted as 127.0.0.1 but has been resolved, which is fine
-
-
IPv6
-
UDP/IPv6: [::1]:50618
-
The address should be ::1 and if it was able to, it could have been resolved to a DNS record
-
Once the trap is spooled, it is processed by snmptt (SNMP Trap Translator).
Processed traps are submitted to Nagios using the EXEC statement, which executes the /usr/local/bin/snmptraphandling.py script and passes on the address value.
The following modifications to the snmptraphandling.py script allow:
-
The corrected IPv6 address to be resolved to a DNS record, hence allowing the passive check result to correctly target the host object in Nagios
-
If it's not able to be resolved to a DNS object, the correctly formatted IPv6 address will be submitted in the passive check result
Edit the file
/usr/local/bin/snmptraphandling.py
Change this:
host = sys.argv[1]
To this:
host = sys.argv[1]
if host.startswith("UDP/IPv6"):
try:
import socket
host = socket.gethostbyaddr(sys.argv[1].partition('[')[-1].rpartition(']')[0])[0]
#host = host.partition('.')[0]
except:
host = sys.argv[1].partition('[')[-1].rpartition(']')[0]
This line here:
host = socket.gethostbyaddr(sys.argv[1].partition('[')[-1].rpartition(']')[0])[0]
Will result in something like myserver.mydomain.local
If you uncomment this line:
#host = host.partition('.')[0]
The object will be the short version myserver
Final Thoughts
For any support related questions please visit the Nagios Support Forums at:
Subscribe to Article
Print Article
Email Article to Friend
Export to PDF
Export to MS Word
