You want to set the source IP address for all SNMP traps leaving a router.
To set the default IP source address for all traps leaving a router, use the following configuration commands:
Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#snmp-server host 172.25.1.1 ORATRAP Router(config)#snmp-server trap-source loopback0 Router(config)#end Router#
Normally, when you enable SNMP traps to a remote server, that server will see the source IP address of the router's closest interface. However, this is not always meaningful. For instance, it is relatively common practice to populate your DNS with only the router's loopback interfaces. In this case, the server will not be able to resolve the originator of the trap.
Further, it can be difficult to correlate traps from the same router delivered through different interfaces. For example, this could happen as a result of a network failure. It can be confusing to see a link down message coming from one IP address and the corresponding link up message from a different one.
By enabling the snmp-server trap-source command, you can force the router to always use the same IP source address for all of the SNMP traps it sends. Industry best practices dictate that a loopback interface is usually the best choice for this because it is a virtual interface that is always available. Physical interfaces such as Ethernet or serial interfaces can become unavailable and limit the usefulness of this command. If you set the source interface to an unreachable interface, the router will resort to using the closest interface as the source address.
Note that Cisco's IOS will even allow you to assign a trap source interface without having an IP assigned address to it. However, the router will forward a syslog message highlighting the issue and resort to the default method of using the closest interface address for sending traps. Here is an example of the log message that appears in this case:
Jun 12 00:22:00 EDT: %IP_SNMP-4-NOTRAPIP: SNMP trap source Loopback1 has no ip address
There is not yet an equivalent command for SNMP informs.
 |
|
|
| Top |