This section describes the SNMP trap notifications based on system events in detail.

The following are the Avi Load Balancer configuration objects exposed through AVI-NETWORKS-MIB.my:

  • Avi Load Balancer Controller

  • Service Engine

  • Virtual Service

Avi Load Balancer Controller

AviControllerEntry ::=
   	SEQUENCE {
     	aviControllerIndex      Integer32,
       	aviControllerUUID       SnmpAdminString,
       	aviControllerName       DisplayString,
       	aviControllerAddrType   InetAddressType,
      	aviControllerAddr       InetAddress,
       	aviControllerStatus     INTEGER
	}
aviControllerUUID 	    : Unique UUID of the Avi Controller VM
aviControllerName 	    : Name assigned to the Avi Controller (defaults
                          to the IP address of the Avi Controller)
aviControllerAddr 	    : Management v4 IP address of the Avi
                          Controller
aviControllerStatus 	: Runtime status of the Avi Controller

Service Engine

AviServiceEngineEntry ::=
    SEQUENCE {
       	aviServiceEngineIndex      Integer32,
       	aviServiceEngineUUID       SnmpAdminString,
       	aviServiceEngineName       DisplayString,
       	aviServiceEngineAddrType   InetAddressType,
       	aviServiceEngineAddr       InetAddress,
       	aviServiceEngineStatus     INTEGER
    }
aviServiceEngineUUID	: Unique UUID of the Avi Service Engine VM
aviServiceEngineName	: Name of the Service Engine VM 
                          assigned in the Virtual Infrastructure
aviServiceEngineAddr	: Management v4 IP address of the Avi Service 
                          Engine VM
aviServiceEngineStatus 	: Runtime status of the Avi Service Engine

Virtual Service

AviVirtualServiceEntry ::=
    SEQUENCE {
       	aviVirtualServiceIndex      Integer32,
       	aviVirtualServiceUUID       SnmpAdminString,
       	aviVirtualServiceName       DisplayString,
       	aviVirtualServiceAddrType   InetAddressType,
       	aviVirtualServiceAddr       InetAddress,
       	aviVirtualServiceStatus     INTEGER
    }
aviVirtualService UUID	: Unique UUID of the virtual service
aviVirtualServiceName	: Name assigned to the virtual service
aviVirtualServiceAddr	: Virtual IP (v4) address of the virtual service 
aviVirtualServiceStatus : Runtime status of the virtual service

Notifications (Traps)

The Controller cluster leader can issue SNMP trap notifications based on system events. For SNMP trap notifications to reach an external SNMP server, the following configurations should be done:

  • Since the leadership role can change from time to time, the external SNMP server should be configured to allow traffic from any of the three Controllers in the cluster, that is, all three addresses should be in the SNMP server’s allowed-access list.

  • The firewall rules should be configured to allow UDP traffic destined to port 162 on the SNMP trap server from any of the three cluster member’s IP addresses.

System events related to the Avi Load Balancer Controller cluster, Avi Load Balancer Service Engines, virtual services, and SSL certification expiry can be classified into their respective SNMP traps. Other system events use the generic SNMP trap notification to generate traps.

Only the alerts generated for the following events are fed into the specific SNMP traps.

Events

SNMP trap

VS_DOWN, VS_UP

aviVirtualServiceStatusChanged

SE_DOWN, SE_UP

aviServiceEngineStatusChanged

CONTROLLER_NODE_JOINED, CONTROLLER_NODE_LEFT

aviControllerStatusChanged

SSL_CERT_EXPIRE

aviSSLCertificateExpired

All other alerts

aviSystemAlert
Note:

  1. aviSystemAlert is a generic trap notification and can be associated with any of the system events generated by the Avi Load Balancer Controller.

  2. Avi Load Balancer currently supports a large trap payload (a maximum of 4096 bytes) in SNMP trap notifications. Before this, the SNMP trap payload length was restricted to 256 bytes.

Viewing the Trap Server Profiles

In the below window, a Controller with IP address 10.10.24.96 reveals its v2 and v3 trap server profiles by responding to https://10.10.24.96/api/snmptrapprofile HTTP request.

{
  "count": 2,
  "results": [
    {
      "uuid": "snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4",
      "url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4",
      "tenant_ref": "https://10.10.24.96/api/tenant/admin",
      "name": "SnmpTrap-2",
      "trap_servers": [
        {
          "version": "SNMP_VER2",
          "ip_addr": {
            "type": "V4",
            "addr": "10.10.0.235"
          },
          "community": "<sensitive>"
        }
      ],
      "_last_modified": "1509670261022622"
    },
    {
      "uuid": "snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7",
      "url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7",
      "tenant_ref": "https://10.10.24.96/api/tenant/admin",
      "name": "SnmpTrap-1",
      "trap_servers": [
        {
          "version": "SNMP_VER3",
          "ip_addr": {
            "type": "V4",
            "addr": "10.10.3.1"
          },
          "user": {
            "username": "snmpv3trapuser",
            "auth_type": "SNMP_V3_AUTH_MD5",
            "priv_passphrase": "<sensitive>",
            "auth_passphrase": "<sensitive>",
            "priv_type": "SNMP_V3_PRIV_AES"
          }
        }
      ],
      "_last_modified": "1509670185831024"
    }
  ]
}

aviControllerStatusChanged

aviControllerStatusChanged NOTIFICATION-TYPE
   	OBJECTS {
   	aviControllerStatus,
   	aviOperStatusReason
   	}
	STATUS     current
	DESCRIPTION
	"This alert is generated when Controller status 
   	Changes."
	::= { aviNotificationsObjects 1 }

This trap is generated when the Avi Load Balancer Controller status changes.

The following Controller-state-change system events can initiate the aviControllerStatusChange trap:

  • Controller-Node-Left

  • Controller-Node-Joined

For each of the above Avi Load Balancer Controller status-change events, there is a default system alert configuration and a respective default alert action.

aviServiceEngineStatusChanged

aviServiceEngineStatusChanged NOTIFICATION-TYPE
   	OBJECTS {
   	aviObjectURL,
   	aviServiceEngineStatus,
   	aviOperStatusReason
   	}
   	STATUS     current
   	DESCRIPTION
   	"This alert is generated when Service Engine status 
   	Changes."
	::= { aviNotificationsObjects 2 }

This trap is generated when the Avi Load Balancer SE status changes.

The following Avi Load Balancer SE status-change events can initiate the aviServiceEngineStatusChanged trap:

  • SE-Up

  • SE-Down

For each of the above Avi Load Balancer SE status-change events, there is a default system alert configuration.

aviVirtualServiceStatusChanged

aviVirtualServiceStatusChanged NOTIFICATION-TYPE
   	OBJECTS {
   	aviObjectURL,
   	aviVirtualServiceStatus,
   	aviVirtualServiceStatusReason
   	}
   	STATUS     current
   	DESCRIPTION
   	"This alert is generated when virtual service status 
   	changes."
   	::= { aviNotificationsObjects 3 }

This trap is generated when the virtual service status changes.

The following virtual service status-change events can initiate the aviVirtualServiceStatusChanged trap:

  • VS-Down

  • VS-Up

aviSSLCertificateExpired

aviSSLCertificateExpired NOTIFICATION-TYPE
	OBJECTS {
   	aviObjectURL,
   	aviSSLCertificateInfo
   	}
   	STATUS     current
   	DESCRIPTION
   	"This alert is generated when SSL Certificate 
   	Expires."
   	::= { aviNotificationsObjects 4 }

This trap is generated when an SSL certificate expires. The virtual service Ssl-Cert-Expire event can initiate the aviVirtualServiceStatusChanged trap.

aviSystemAlert

aviSystemAlert NOTIFICATION-TYPE
	OBJECTS {
   	aviSystemAlertInfoDesc
   	}
   	STATUS     current
   	DESCRIPTION
   	"This is a generic system alert"
   	::= { aviNotificationsObjects 5 }

This is a generic trap notification. It can be associated with any of the system events generated by the Avi Load Balancer Controller.

To configure SNMP traps for the Avi Load Balancer Controller status-change events, see Configuring SNMP Event-based Trap.