Block linkdown/linkup traps

  • Document ID:KM03770331
  • Creation Date:04-Jan-2021
  • Modified Date:07-May-2021
    • Micro Focus Products:
      network node manager 2020.11

Summary

If an interfaces sends a big number of SNMP linkdown/linkup traps for a short period of time due to intermittency present in the network you might want to stop NNMi from processing these trap pairs.

Question

This is how you can configure NNMi to block these traps.

Answer

Note that, the best way would be to configure the device to not send linkDown/linkUp from
the specific interfaces.
If it is not possible, then the next available option is to block the traps in NNM from a specific source. Here it is an example how it can be done.
 
1. Find out/confirm the linkDown/Up trap OIDs from the output of the following command:
nnmtrapdump.ovpl -source source-node-IP
 
For generic traps the OIDs are typically
 
.1.3.6.1.6.3.1.1.5.3.1.3.6.1.6.3.1.1.5
.1.3.6.1.6.3.1.1.5.4.1.3.6.1.6.3.1.1.5
 
For Cisco linkDonw/linkUp should be
 
.1.3.6.1.6.3.1.1.5.3.1.3.6.1.4.1.9
.1.3.6.1.6.3.1.1.5.4.1.3.6.1.4.1.9
 
2. Use the source IP and trap OIDs to configure blocking entries in the file
nnm_data_dir\shared\nnm\conf\nnmtrapd.conf
 
For example, if the source IP is 10.1.2.3 you could configure:
 
<10.1.2.3, .1.3.6.1.6.3.1.1.5.3.*, .1.3.6.1.6.3.1.1.5.4.*>
 
You can use wildcards and ranges in IP if needed. A space after ',' is mandatory.
See more examples in the file nnmtrapd.conf.
 
3. Use the nnmtrapconfig.ovpl command to indicate the NNMi Trap Service
should re-read the filter file:
 
nnmtrapconfig.ovpl -readFilter -u system -p mypassword
 
4. Confirm that the change took place:
 
nnmtrapconfig.ovpl -dumpBlockList -u system -p mypassword
 
You should see the following entry to confirm the traps are blocked from this
source address:
…………
List of blocked source address and trap combinations:
10.1.2.3: .1.3.6.1.6.3.1.1.5.3.* .1.3.6.1.6.3.1.1.5.4.*
…….
 
Now, the linkDown/linkUp traps from the specific device will not appear in the GUI.They still can be seen with "nnmtrapdump.ovpl", however.
The same traps from other devices will be displayed in the GUI.
 
A common error when working with the nnmtrapd.conf file is to have two lines that match the same IP address. The parser works from the top to the bottom. When it finds an IP address match, the parser does not continue further.
 
For example, only the first line is effective if the nnmtrapd.conf file contains the
following two lines:
 
<10.6.3.*, .1.3.6.1.2.1.14.16.0.6>
<10.6.3.*, .1.3.6.1.2.1.10.21.2.0.1>
 
Because the node address matches this first line, the second line is never matched.To enable nnmtrapd.conf to match each specified filter, use syntax similar to the
following:
 
<10.6.3.*, .1.3.6.1.2.1.14.16.0.6, .1.3.6.1.2.1.10.21.2.0.1>
 
As a general rule, use the NNMi console to block traps unless you only want to blockthem from specific IP addresses.