I have zabbix-server and zabbix-snmptraps running in docker swarm.
I sent a trap from two different hosts:
[root@DHC142~]# snmptrap -v 1 -c public 172.10.31.61 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "DHC142 eth1"
[root@HC143~]# snmptrap -v 1 -c public 172.10.31.61 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "HC143 eth1"
I got the following traps in snmptraps.log:
20201012.170732 ZBXTRAP 10.0.0.2 6 33 (null) IF-MIB::linkDown DHC142 eth1 SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 public SNMPv2-MIB::snmpTrapEnterprise.0 IF-MIB::linkDown
20201012.170755 ZBXTRAP 10.0.0.2 6 33 (null) IF-MIB::linkDown HC143 eth1 SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 public SNMPv2-MIB::snmpTrapEnterprise.0 IF-MIB::linkDown
The snmptraps container cannot tell which host it is receiving the traps from. It sees the source IP address as 10.0.0.2 no matter which host it is coming from. The problem is that the traffic from outside must travel through ingress network to hit the container. This ingress network is doing NAT and only the internal IP i.e. 10.0.0.2 is visible to the container.
I had the same problem with host registration, but I was able to work around it by setting DNS name as the default agent interface instead of relying on the source IP address. I don't see such an option for snmptraps. Can someone help? Really appreciate it!
I sent a trap from two different hosts:
[root@DHC142~]# snmptrap -v 1 -c public 172.10.31.61 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "DHC142 eth1"
[root@HC143~]# snmptrap -v 1 -c public 172.10.31.61 '.1.3.6.1.6.3.1.1.5.3' '0.0.0.0' 6 33 '55' .1.3.6.1.6.3.1.1.5.3 s "HC143 eth1"
I got the following traps in snmptraps.log:
20201012.170732 ZBXTRAP 10.0.0.2 6 33 (null) IF-MIB::linkDown DHC142 eth1 SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 public SNMPv2-MIB::snmpTrapEnterprise.0 IF-MIB::linkDown
20201012.170755 ZBXTRAP 10.0.0.2 6 33 (null) IF-MIB::linkDown HC143 eth1 SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 public SNMPv2-MIB::snmpTrapEnterprise.0 IF-MIB::linkDown
The snmptraps container cannot tell which host it is receiving the traps from. It sees the source IP address as 10.0.0.2 no matter which host it is coming from. The problem is that the traffic from outside must travel through ingress network to hit the container. This ingress network is doing NAT and only the internal IP i.e. 10.0.0.2 is visible to the container.
I had the same problem with host registration, but I was able to work around it by setting DNS name as the default agent interface instead of relying on the source IP address. I don't see such an option for snmptraps. Can someone help? Really appreciate it!
Comment