When a trap arrives, the trap exploder reads the uncommented FORWARD entries in the trapd.conf file to determine which destinations should receive the forwarded trap. When the criteria of the trap matches the criteria of a FORWARD entry, the trap exploder:

Table 1. Trap exploder translation of incoming traps to forwarded traps

Incoming trap message version

Forwarded trap message version

Comments or conditions that require special processing

v1

v1

If the agent-addr field in an incoming trap is 0.0.0.0 (which indicates an invalid IPv4 address) and the source IP address in the IP packet header is IPv4, the adapter discards the trap.

If the agent-addr field in an incoming trap is 0.0.0.0 and the source IP address in the IP packet header is IPv6, the adapter adds two private variable-bindings (varbinds) that are named smSnmpTrapInetAddressType and smSnmpTrapInetAddress to the varbind list of the forwarded trap. Together, the private varbinds hold the source IPv6 address of the original trap.

v2c

v2c

The adapter sets a standard varbind that is named snmpTrapAddress.0 to the value of the source IP address in the IP packet header:

  • If the snmpTrapAddress.0 value is 0.0.0.0 (which indicates an invalid IPv4 address) and the source IP address in the IP packet header is IPv4, the adapter discards the trap.

  • If the snmpTrapAddress.0 value is not 0.0.0.0 (which indicates a valid IPv4 address), the adapter adds the snmpTrapAddress.0 varbind to the varbind list of the forwarded trap. The varbind holds the source IPv4 address of the original trap.

  • If the snmpTrapAddress.0 value is 0.0.0.0 and the source IP address in the IP packet header is IPv6, the adapter adds two private varbinds that are named smSnmpTrapInetAddressType and smSnmpTrapInetAddress to the varbind list of the forwarded trap. Together, the private varbinds hold the source IPv6 address of the original trap.

v3

The trap exploder forwards received SNMPv1 or v2c traps to the configured destinations irrespective of the traps’ community. The trap exploder does not authenticate SNMPv1 or v2c traps.

The trap exploder authenticates and decrypts received SNMPv3 traps, converts them to SNMPv2c traps, and forwards the SNMPv2c traps to the configured destinations. The trap exploder uses the authentication and privacy credentials that are obtained from a seed file to authenticate and decrypt SNMPv3 traps.