Ad Widget

Collapse

Capture SNMP data when the default SNMP interface is down

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • superlava
    Junior Member
    • Nov 2021
    • 26
    #1

    Capture SNMP data when the default SNMP interface is down

    Hi,

    We're planning to migrate into zabbix for firewall monitoring and we're running a POC. We ran into what seems to be a common problem and need your help.

    We've multiple firewall deployed all across the country. All firewalls have 3 lease lines connected and all 3 are in load balancing mode. Firewall is configured to send out SNMP V3 data from all 3 lease lines. However in zabbix we've configured only primary WAN IP(lets say: XX.181.45.6) for SNMP V3 data. To monitor other 2 lease lines, We've created 2 separate hosts with only ping template.

    Now the problem is... When ever XX.181.45.6 goes down we receive firewall unreachable alert even when other 2 links are up. We created custom trigger with dependency between other 2 hosts, This resolved the firewall unreachable alerts but we still don't receive SNMP data while the primary link is down.

    Our network architecture seems to be common one and we need to know if there's any way to receive SNMP alerts from the host even if the 2 links are down.

    Bellow is our network architecture and host configuration.

    Need your help in resolving this.... Thanks in advance.
    Attached Files
    Tags: default, interface, snmpv3, template, zabbix
    • troffasky
      Senior Member
      • Jul 2008
      • 567
      #2
      Yeah, it's annoying, but we just duplicate the hosts in this kind of scenario. It means duplicate copies of the polled data, but it makes it clear what line had the issue.

        Comment

        • tikkami
          Member
          • May 2018
          • 71
          #3
          Should be doable via API.

          Write a script (bash, python, etc) to read status of ping triggers (or ping IPs directly from script).
          If IP which is used by snmp gets down, then script should change IP-address of SNMP interface.

            Comment

            • superlava
              #3.1
              superlava commented
              19-11-2021, 14:00
              Editing a comment
              Looks so... While adding SNMP interface. We can add multiple SNMP interface and there's an option to make any IP as default interface.

              Is there any way we can make use of this feature?
            • cyber
              Senior Member
              Zabbix Certified SpecialistZabbix Certified Professional
              • Dec 2006
              • 4807
              #4
              That logic is quite solid... your interface is down, interface is made unavailable, so no data is polled. It has no knowledge of other IF-s.
              I am not too familiar with all that SNMP stuff, but maybe adding additional SNMP interfaces to host helps? I know items are tied to interface, but maybe adding specific items, which are tied to second and third interface?

                Comment

                • superlava
                  Junior Member
                  • Nov 2021
                  • 26
                  #5
                  Created 3 interfaces and made 1 default as bellow. Now I'm not able to delete this interface any way to change this automatically when the IP is not reachable?
                  Attached Files
                  Last edited by superlava; 25-11-2021, 11:20.

                    Comment

                    • ISiroshtan
                      Senior Member
                      • Nov 2019
                      • 324
                      #6
                      Would you instead of deleting interface try to promote different one to be a default one?

                      The HostInterface Object has 'main' property in it. I would expect you to be able to use HostInterface Update method to change said property on one of the other two interfaces to make it default.

                      Hope it helps.

                        Comment

                        • superlava
                          #6.1
                          superlava commented
                          25-11-2021, 13:25
                          Editing a comment
                          Thank You. This should work... and yes, I can make other interface as default one. But I was looking for a built in feature to switch between interfaces based on Host reachability status.
                        • ISiroshtan
                          Senior Member
                          • Nov 2019
                          • 324
                          #7
                          Hey superlava.

                          I understand what you want to do, but I don't see/know any easy way to achieve it.

                          I can expand a bit on proposal from tikammi, like instead of using shell script that will continuously ping your routers/read data of specific trigger, you can create a new action in Zabbix, that will react to "Host unreachable" trigger of specific host group and as a reaction would call a script passing {HOST.ID} macro as an argument. Said script, in turn, would auth in Zabbix API, get interface list of host by provided hostID, will start to ping router interfaces one-by-one and as soon as any of them responds - set that interface as default.

                          This way, if you have multiple hosts with such setup, you don't need to have a separate shell script for each host. Rather you just need to make sure it's in needed host group for said action to be triggered.

                          I can see this working in theory, but obviously i never did make such a set up before so not sure if there are any downsides or issue you might encounter trying to implement it.

                            Comment

                            • superlava
                              #7.1
                              superlava commented
                              01-12-2021, 09:51
                              Editing a comment
                              Thank You ISiroshtan. Will try this.
                            Previous template Next
                            Working...