Hi, In the past I was convinced that Spectrum looks only to the IP source in the SNMP TRAP PDU, never at the Ethernet source of a TRAP in any SNMP trap version v1, v2c, v3.
That's why we used ( WHEN NAT translation is used ) another translation in the path towards Spectrum that translates the Agent source in the trap PDU to the Ethernet source of the packet. Now colleagues tell me they don' have an issue with NAT translation and SNMP traps. Is there something changed or is there another behaviour, setting in Spectrum introduced? Let take an example. * Router X out of band / management address is 139.10.10.1 * In spectrum this router is monitored with a NAT address 192.168.10.1 o In spectrum we remove all redundant addresses by policy & vnmsh script, otherwise we could have issues with duplicate addresses from other Natted environments, where 139.10.10.1 (or 192.168.10.1) is used o So the only reference that spectrum has for router X is ip 192.168.10.1 * SNMP TRAP will arrive at Spectrum without interaction in the path. In my believe trap will be dropped, or mapped on wrong devices if there would be a device with 139.10.10.1 as original, not natted addres, which could happen with multiple customer enviroments. o ETHERNET SOURCE 192.168.10.1 o TRAP PDU Agent Source 139.10.10.1 * WORKAROUND For natted environments we send all traps to a translator that has a sinc with all primary addresses in Spectrum, and it will translate all incoming traps. It will change the agent source in the pdu TO the Ethernet source and forward it then to Spectrum. * SNMP TRAP received in Spectrum is o ETHERNET SOURCE 192.168.10.1 o TRAP PDU Agent Source 192.168.10.1 Now colleagues tell me this is not needed ? is there some new feature/setting to say to Spectrum that It looks to the Ethernet source instead of the PDU Agent source ? Regards, Erwin --- To unsubscribe from spectrum, send email to [email protected] with the body: unsubscribe spectrum [email protected]
