This section describes the SNMP trap notifications based on system events in detail.
The following are the Avi Load Balancer configuration objects exposed through AVI-NETWORKS-MIB.my:
Avi Load Balancer Controller
Service Engine
Virtual Service
Avi Load Balancer Controller
AviControllerEntry ::= SEQUENCE { aviControllerIndex Integer32, aviControllerUUID SnmpAdminString, aviControllerName DisplayString, aviControllerAddrType InetAddressType, aviControllerAddr InetAddress, aviControllerStatus INTEGER } aviControllerUUID : Unique UUID of the Avi Controller VM aviControllerName : Name assigned to the Avi Controller (defaults to the IP address of the Avi Controller) aviControllerAddr : Management v4 IP address of the Avi Controller aviControllerStatus : Runtime status of the Avi Controller
Service Engine
AviServiceEngineEntry ::= SEQUENCE { aviServiceEngineIndex Integer32, aviServiceEngineUUID SnmpAdminString, aviServiceEngineName DisplayString, aviServiceEngineAddrType InetAddressType, aviServiceEngineAddr InetAddress, aviServiceEngineStatus INTEGER } aviServiceEngineUUID : Unique UUID of the Avi Service Engine VM aviServiceEngineName : Name of the Service Engine VM assigned in the Virtual Infrastructure aviServiceEngineAddr : Management v4 IP address of the Avi Service Engine VM aviServiceEngineStatus : Runtime status of the Avi Service Engine
Virtual Service
AviVirtualServiceEntry ::= SEQUENCE { aviVirtualServiceIndex Integer32, aviVirtualServiceUUID SnmpAdminString, aviVirtualServiceName DisplayString, aviVirtualServiceAddrType InetAddressType, aviVirtualServiceAddr InetAddress, aviVirtualServiceStatus INTEGER } aviVirtualService UUID : Unique UUID of the virtual service aviVirtualServiceName : Name assigned to the virtual service aviVirtualServiceAddr : Virtual IP (v4) address of the virtual service aviVirtualServiceStatus : Runtime status of the virtual service
Notifications (Traps)
The Controller cluster leader can issue SNMP trap notifications based on system events. For SNMP trap notifications to reach an external SNMP server, the following configurations should be done:
Since the leadership role can change from time to time, the external SNMP server should be configured to allow traffic from any of the three Controllers in the cluster, that is, all three addresses should be in the SNMP server’s allowed-access list.
The firewall rules should be configured to allow UDP traffic destined to port 162 on the SNMP trap server from any of the three cluster member’s IP addresses.
System events related to the Avi Load Balancer Controller cluster, Avi Load Balancer Service Engines, virtual services, and SSL certification expiry can be classified into their respective SNMP traps. Other system events use the generic SNMP trap notification to generate traps.
Only the alerts generated for the following events are fed into the specific SNMP traps.
Events |
SNMP trap |
---|---|
VS_DOWN, VS_UP |
aviVirtualServiceStatusChanged |
SE_DOWN, SE_UP |
aviServiceEngineStatusChanged |
CONTROLLER_NODE_JOINED, CONTROLLER_NODE_LEFT |
aviControllerStatusChanged |
SSL_CERT_EXPIRE |
aviSSLCertificateExpired |
All other alerts |
aviSystemAlert |
aviSystemAlert
is a generic trap notification and can be associated with any of the system events generated by the Avi Load Balancer Controller.Avi Load Balancer currently supports a large trap payload (a maximum of 4096 bytes) in SNMP trap notifications. Before this, the SNMP trap payload length was restricted to 256 bytes.
Viewing the Trap Server Profiles
In the below window, a Controller with IP address 10.10.24.96 reveals its v2 and v3 trap server profiles by responding to https://10.10.24.96/api/snmptrapprofile
HTTP request.
{ "count": 2, "results": [ { "uuid": "snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4", "url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4", "tenant_ref": "https://10.10.24.96/api/tenant/admin", "name": "SnmpTrap-2", "trap_servers": [ { "version": "SNMP_VER2", "ip_addr": { "type": "V4", "addr": "10.10.0.235" }, "community": "<sensitive>" } ], "_last_modified": "1509670261022622" }, { "uuid": "snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7", "url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7", "tenant_ref": "https://10.10.24.96/api/tenant/admin", "name": "SnmpTrap-1", "trap_servers": [ { "version": "SNMP_VER3", "ip_addr": { "type": "V4", "addr": "10.10.3.1" }, "user": { "username": "snmpv3trapuser", "auth_type": "SNMP_V3_AUTH_MD5", "priv_passphrase": "<sensitive>", "auth_passphrase": "<sensitive>", "priv_type": "SNMP_V3_PRIV_AES" } } ], "_last_modified": "1509670185831024" } ] }
aviControllerStatusChanged
aviControllerStatusChanged NOTIFICATION-TYPE OBJECTS { aviControllerStatus, aviOperStatusReason } STATUS current DESCRIPTION "This alert is generated when Controller status Changes." ::= { aviNotificationsObjects 1 }
This trap is generated when the Avi Load Balancer Controller status changes.
The following Controller-state-change system events can initiate the aviControllerStatusChange
trap:
Controller-Node-Left
Controller-Node-Joined
For each of the above Avi Load Balancer Controller status-change events, there is a default system alert configuration and a respective default alert action.
aviServiceEngineStatusChanged
aviServiceEngineStatusChanged NOTIFICATION-TYPE OBJECTS { aviObjectURL, aviServiceEngineStatus, aviOperStatusReason } STATUS current DESCRIPTION "This alert is generated when Service Engine status Changes." ::= { aviNotificationsObjects 2 }
This trap is generated when the Avi Load Balancer SE status changes.
The following Avi Load Balancer SE status-change events can initiate the aviServiceEngineStatusChanged
trap:
SE-Up
SE-Down
For each of the above Avi Load Balancer SE status-change events, there is a default system alert configuration.
aviVirtualServiceStatusChanged
aviVirtualServiceStatusChanged NOTIFICATION-TYPE OBJECTS { aviObjectURL, aviVirtualServiceStatus, aviVirtualServiceStatusReason } STATUS current DESCRIPTION "This alert is generated when virtual service status changes." ::= { aviNotificationsObjects 3 }
This trap is generated when the virtual service status changes.
The following virtual service status-change events can initiate the aviVirtualServiceStatusChanged
trap:
VS-Down
VS-Up
aviSSLCertificateExpired
aviSSLCertificateExpired NOTIFICATION-TYPE OBJECTS { aviObjectURL, aviSSLCertificateInfo } STATUS current DESCRIPTION "This alert is generated when SSL Certificate Expires." ::= { aviNotificationsObjects 4 }
This trap is generated when an SSL certificate expires. The virtual service Ssl-Cert-Expire
event can initiate the aviVirtualServiceStatusChanged
trap.
aviSystemAlert
aviSystemAlert NOTIFICATION-TYPE OBJECTS { aviSystemAlertInfoDesc } STATUS current DESCRIPTION "This is a generic system alert" ::= { aviNotificationsObjects 5 }
This is a generic trap notification. It can be associated with any of the system events generated by the Avi Load Balancer Controller.
To configure SNMP traps for the Avi Load Balancer Controller status-change events, see Configuring SNMP Event-based Trap.