This section describes the SNMP trap notifications based on system events in detail.
The following are the NSX Advanced Load Balancer configuration objects exposed through AVI-NETWORKS-MIB.my:
NSX Advanced Load Balancer Controller
Service Engine
Virtual Service
NSX Advanced Load Balancer Controller
AviControllerEntry ::=
SEQUENCE {
aviControllerIndex Integer32,
aviControllerUUID SnmpAdminString,
aviControllerName DisplayString,
aviControllerAddrType InetAddressType,
aviControllerAddr InetAddress,
aviControllerStatus INTEGER
}
aviControllerUUID : Unique UUID of the Avi Controller VM
aviControllerName : Name assigned to the Avi Controller (defaults
to the IP address of the Avi Controller)
aviControllerAddr : Management v4 IP address of the Avi
Controller
aviControllerStatus : Runtime status of the Avi Controller
Service Engine
AviServiceEngineEntry ::=
SEQUENCE {
aviServiceEngineIndex Integer32,
aviServiceEngineUUID SnmpAdminString,
aviServiceEngineName DisplayString,
aviServiceEngineAddrType InetAddressType,
aviServiceEngineAddr InetAddress,
aviServiceEngineStatus INTEGER
}
aviServiceEngineUUID : Unique UUID of the Avi Service Engine VM
aviServiceEngineName : Name of the Service Engine VM
assigned in the Virtual Infrastructure
aviServiceEngineAddr : Management v4 IP address of the Avi Service
Engine VM
aviServiceEngineStatus : Runtime status of the Avi Service Engine
Virtual Service
AviVirtualServiceEntry ::=
SEQUENCE {
aviVirtualServiceIndex Integer32,
aviVirtualServiceUUID SnmpAdminString,
aviVirtualServiceName DisplayString,
aviVirtualServiceAddrType InetAddressType,
aviVirtualServiceAddr InetAddress,
aviVirtualServiceStatus INTEGER
}
aviVirtualService UUID : Unique UUID of the virtual service
aviVirtualServiceName : Name assigned to the virtual service
aviVirtualServiceAddr : Virtual IP (v4) address of the virtual service
aviVirtualServiceStatus : Runtime status of the virtual service
Notifications (Traps)
The Controller cluster leader can issue SNMP trap notifications based on system events. For SNMP trap notifications to reach an external SNMP server, the following configurations should be done:
Since the leadership role can change from time to time, the external SNMP server should be configured to allow traffic from any of the three Controllers in the cluster, that is, all three addresses should be in the SNMP server’s allowed-access list.
The firewall rules should be configured to allow UDP traffic destined to port 162 on the SNMP trap server from any of the three cluster member’s IP addresses.
System events related to the NSX Advanced Load Balancer Controller cluster, NSX Advanced Load Balancer Service Engines, virtual services, and SSL certification expiry can be classified into their respective SNMP traps. Other system events use the generic SNMP trap notification to generate traps.
Only the alerts generated for the following events are fed into the specific SNMP traps.
Events |
SNMP trap |
|---|---|
VS_DOWN, VS_UP |
aviVirtualServiceStatusChanged |
SE_DOWN, SE_UP |
aviServiceEngineStatusChanged |
CONTROLLER_NODE_JOINED, CONTROLLER_NODE_LEFT |
aviControllerStatusChanged |
SSL_CERT_EXPIRE |
aviSSLCertificateExpired |
All other alerts |
aviSystemAlert |
aviSystemAlertis a generic trap notification and can be associated with any of the system events generated by the NSX Advanced Load Balancer Controller.NSX Advanced Load Balancer currently supports a large trap payload (a maximum of 4096 bytes) in SNMP trap notifications. Before this, the SNMP trap payload length was restricted to 256 bytes.
Viewing the Trap Server Profiles
In the below window, a Controller with IP address 10.10.24.96 reveals its v2 and v3 trap server profiles by responding to https://10.10.24.96/api/snmptrapprofile HTTP request.
{
"count": 2,
"results": [
{
"uuid": "snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4",
"url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-aa815f66-2190-4ff4-a20f-0c9fe41deff4",
"tenant_ref": "https://10.10.24.96/api/tenant/admin",
"name": "SnmpTrap-2",
"trap_servers": [
{
"version": "SNMP_VER2",
"ip_addr": {
"type": "V4",
"addr": "10.10.0.235"
},
"community": "<sensitive>"
}
],
"_last_modified": "1509670261022622"
},
{
"uuid": "snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7",
"url": "https://10.10.24.96/api/snmptrapprofile/snmptrapprofile-2e28610a-e100-4de7-ae92-20bd7a4ee3b7",
"tenant_ref": "https://10.10.24.96/api/tenant/admin",
"name": "SnmpTrap-1",
"trap_servers": [
{
"version": "SNMP_VER3",
"ip_addr": {
"type": "V4",
"addr": "10.10.3.1"
},
"user": {
"username": "snmpv3trapuser",
"auth_type": "SNMP_V3_AUTH_MD5",
"priv_passphrase": "<sensitive>",
"auth_passphrase": "<sensitive>",
"priv_type": "SNMP_V3_PRIV_AES"
}
}
],
"_last_modified": "1509670185831024"
}
]
}
aviControllerStatusChanged
aviControllerStatusChanged NOTIFICATION-TYPE
OBJECTS {
aviControllerStatus,
aviOperStatusReason
}
STATUS current
DESCRIPTION
"This alert is generated when Controller status
Changes."
::= { aviNotificationsObjects 1 }
This trap is generated when the NSX Advanced Load Balancer Controller status changes.
The following Controller-state-change system events can initiate the aviControllerStatusChange trap:
Controller-Node-Left
Controller-Node-Joined
For each of the above NSX Advanced Load Balancer Controller status-change events, there is a default system alert configuration and a respective default alert action.
aviServiceEngineStatusChanged
aviServiceEngineStatusChanged NOTIFICATION-TYPE
OBJECTS {
aviObjectURL,
aviServiceEngineStatus,
aviOperStatusReason
}
STATUS current
DESCRIPTION
"This alert is generated when Service Engine status
Changes."
::= { aviNotificationsObjects 2 }
This trap is generated when the NSX Advanced Load Balancer SE status changes.
The following NSX Advanced Load Balancer SE status-change events can initiate the aviServiceEngineStatusChanged trap:
SE-Up
SE-Down
For each of the above NSX Advanced Load Balancer SE status-change events, there is a default system alert configuration.
aviVirtualServiceStatusChanged
aviVirtualServiceStatusChanged NOTIFICATION-TYPE
OBJECTS {
aviObjectURL,
aviVirtualServiceStatus,
aviVirtualServiceStatusReason
}
STATUS current
DESCRIPTION
"This alert is generated when virtual service status
changes."
::= { aviNotificationsObjects 3 }
This trap is generated when the virtual service status changes.
The following virtual service status-change events can initiate the aviVirtualServiceStatusChanged trap:
VS-Down
VS-Up
aviSSLCertificateExpired
aviSSLCertificateExpired NOTIFICATION-TYPE
OBJECTS {
aviObjectURL,
aviSSLCertificateInfo
}
STATUS current
DESCRIPTION
"This alert is generated when SSL Certificate
Expires."
::= { aviNotificationsObjects 4 }
This trap is generated when an SSL certificate expires. The virtual service Ssl-Cert-Expire event can initiate the aviVirtualServiceStatusChanged trap.
aviSystemAlert
aviSystemAlert NOTIFICATION-TYPE
OBJECTS {
aviSystemAlertInfoDesc
}
STATUS current
DESCRIPTION
"This is a generic system alert"
::= { aviNotificationsObjects 5 }
This is a generic trap notification. It can be associated with any of the system events generated by the NSX Advanced Load Balancer Controller.
To configure SNMP traps for the NSX Advanced Load Balancer Controller status-change events, see Configuring SNMP Event-based Trap.
