How do I Know that Something Has Happened to the RipEX Station?

Print version

4. How do I Know that Something Has Happened to the RipEX Station?

There are two ways to check the RipEX stations. You can actively query the station in the defined time intervals or you can just wait for the trap to be received.

4.1. Active Querying

If you have a defined item which is updated e.g. every 10 seconds. Zabbix requests a reply to the SNMP GET message for the specific OID object and it stores this value in the database at 10 second intervals.

A trigger can also be configured for each item. For instance, temperature threshold alarm is set to 50°C. Whenever Zabbix receives an SNMP RESPONSE message from any monitored host with temperature higher than 50°C, an alarm is triggered. If the alarm is triggered, it is displayed at the Zabbix Dashboard. The Alarm will be visible in the “Last 20 issues” table and you will see which host is having an issue in the “Host status” table.

When the temperature falls back into the allowed range, the issue will be deleted from the Zabbix dashboard.

Displaying of RipEX issue

Fig. 4.1: Displaying of RipEX issue

4.2. SNMP Traps/Informs

The key aspect of the SNMP are the TRAPS/INFORMS. These OID objects are not actively monitored by the Zabbix manager but by the RipEX itself. This behaviour is described in the on-line help on RipEX web Settings page or in the User manual.

4.2.1. How to configure SNMPv2c Traps/Informs in Zabbix?

This, unfortunately, is a somewhat complex procedure. There are several ways to configure traps – only one of them will be explained in this guide.

[Note]Note

Other approaches could be using SNMPTT functionality or Perl scripts.

[Important]Important

The following section will explain the SNMPv2c Traps only. The SNMPv3 or SNMP Informs differencies and requirements are explained at the end of this section.

You have to install an snmptrapd, a daemon which receives SNMP traps and pass them into the Zabbix front-end. Keep in mind to start it automatically after the system start, e.g. via the command:

# systemctl enable snmptrapd

Zabbix server must be configured to start the SNMP Trapper process. Enable it in the /etc/zabbix/zabbix_server.conf file.

StartSNMPTrapper=1

Define the LOG file as well.

SNMPTrapperFile=/var/log/snmptrap/snmptrap-zabbix.log

Save the changes and create the file manually using the following command:

$ touch /var/log/snmptrap/snmptrap-zabbix.log

Restart the Zabbix server daemon.

You can use the script (snmptrap.sh) which is included in the RipEX_Zabbix_templ.zip file downloadable from https://www.racom.eu/eng/products/radio-modem-ripex.html#download website. Copy the script file into /usr/lib/zabbix/externalscripts/ directory and change the file privileges and make it executable.

# mkdir -p /usr/lib/zabbix/externalscripts; chown zabbix /home/zabbix
# cp misc/snmptrap/snmptrapd.sh /home/zabbix/bin
# chmod +x /usr/lib/zabbix/externalscripts/snmptrapd.sh

After that, you need to edit the file. By executing

$ which zabbix_sender

you will find the full path to this executable binary file. Change the path in the file, e.g.

ZABBIX_SENDER="/usr/bin/zabbix_sender";

The script parses the output of each received SNMP trap, selects the appropriate host and declares an associative array containing trap descriptions. Eventually, it sends the whole message to your Zabbix server.

You should also check the LOG destination, which should be: /var/log/snmptrap/snmptrap-bash.log. Create the directory if not already created and edit this in the snmptrap.sh script file.

LOGFILE=/var/log/snmptrap/snmptrap-bash.log
[Note]Note

The log file could also be located in /var/log/zabbix/snmptrap.log if required, and if you configure SELinux rules correctly.

For a correct snmptrap.sh script functionality, RipEX MIB must be configured in the Zabbix server. First, copy the MIB file RACOM-RipEX-<version>.mib to your MIB directory (on CentOS7, it is /usr/share/snmp/mibs/). Afterwards, you need to edit the SNMP configuration file (/etc/snmp/snmp.conf) with a text editor (e.g. “vim”).

# vim /etc/snmp/snmp.conf

Add the RipEX MIB via the following line and save the changes.

mibs +/usr/share/snmp/mibs/RACOM-RipEX-<version>.mib

Reboot the Zabbix server. The RipEX OIDs, Value mapping etc. should now be correctly translated and understood.

Now we have our script prepared, let’s configure the Zabbix front-end:

If you have not yet done so, import the RipEX templates. One application is called TRAPS and it consists of all traps. Link the templates to desired hosts.

[Note]Note

If Zabbix receives a trap for an unknown host it will not be displayed.

The host MUST be configured using the IP address as the Host name, e.g.:

Host name:

192.168.10.1

Visible name:

RipEX1

SNMP interface:

192.168.10.1, port 161, IP

Along with this template, 15 new items and triggers appear at each used host. That is exactly the number of SNMP traps defined at the RipEX. Each trap should be recognized and the Zabbix should display the correct information message at the dashboard.

Definition of RipEX traps

Fig. 4.2: Definition of RipEX traps

RipEX sends a trap whenever the watched value is out of range (or other configured condition is met) and whenever the value falls back within the corresponding range.

Every trap has two states in Zabbix. Each trap can either be in the alarm state or in the OK state.

RSS and DQ trap items are disabled in the template by default. The reason is that we need to define remote RipEX IP addresses first. See the following example for enabling a DQ trap:

Go to the Zabbix web front-end and select a RipEX host for which you want to process DQ traps. Click on the Items button and find an item with the following key: trpDqX.Y.Z.W.

Default DQ trap item

Fig. 4.3: Default DQ trap item

Click on the item and then click on the Clone button. Now you can edit the item. Replace the “X.Y.Z.W” string in the item Name with the remote RipEX radio IP address (e.g. 192.168.131.55). Do the same in the Key field and select the Enabled option in the Status field. See the following example:

Edited DQ trap item

Fig. 4.4: Edited DQ trap item

Save the changes and open the host Triggers list. Repeat the above steps for the DQ trigger and save the changes. You should see the trigger with the enabled status.

Enabled DQ trap trigger

Fig. 4.5: Enabled DQ trap trigger

Follow the same procedure (DQ and RSS) for other remote RipEX units as needed.

You can also define Zabbix to send you an e-mail whenever any trap is triggered. See the Zabbix Documentation or Section Chapter 7, Zabbix Alerting via e-mail of this Application not for the e-mail configuration.

Please, find the file snmptrapd.conf usually it’s in the /etc/snmp/ directory. Edit or create the file as root with the following lines:

authCommunity execute public
authCommunity execute PUBLIC
traphandle default /usr/lib/zabbix/externalscripts/snmptrap.sh

The first two lines will allow all received traps with community public or PUBLIC to be parsed and the third line will force the snmptrapd to use our script.

If you do not know what community names you will receive, add the following line to accept all community names. Note that you should not define this line for security reasons.

disableAuthorization yes

Do not forget to restart snmptrapd. You should have similar snmptrapd parameters in the /etc/sysconfig/ snmptrapd file:

OPTIONS="-Lsd -p /var/run/snmptrapd.pid -On"

This ensures that snmptrapd daemon will not translate the numerical OID numbers which is important for our script to run properly.

[Important]Important

If you install Zabbix on the CentOS distribution, do not forget to enable snmptrapd within SELinux security rules.

SELinux is an important security part of CentOS. Running all the functionality of Zabbix will require configuring these rules. If you do not understand it, consult the required changes with our technical support. More details about SELinux can be also found in this Application note, Chapter 2.8)

[Note]Note

RipEX default Community string name is “public”, however it can be changed (since firmware release 1.3). All RipEX stations within the network must have the same Community string. Otherwise disableAuthorization has to be set to “yes” (or set authCommunity variables for all allowed Community string names).

4.2.2. How to Configure SNMPv3 Traps/Informs in Zabbix?

Now, the system is ready to receive SNMPv2c traps and informs (see the previous section). If you configure SNMPv3 in the network, several additional steps are required.

Snmptrapd deamon needs to decrypt the incoming traps/informs. To successfully authenticate itself and decrypt the message, correct Users with correct secrets must be configured in the /etc/snmp/snmptrapd.conf file.

In this file, you already have the similar lines:

authCommunity log,execute public
authCommunity log,execute PUBLIC
traphandle default /bin/bash /usr/lib/zabbix/externalscripts/snmptrap.sh

For SNMPv3 Inform (not traps), you need to create the user via createUser command. Stop the snmptrapd daemon:

# systemctl stop snmptrapd

Now, edit the /etc/snmp/snmptrapd.conf file and add this line:

createUser racom MD5 "racom1234" DES "racom5678"

This command should add the User “racom” with MD5 and DES secrets. Save the changes and run the snmptrapd daemon.

# systemctl start snmptrapd

Check if the addition was successful via

# cat /var/lib/net-snmp/snmptrapd.conf

You should see a line similar to the following one:

usmUser 1 3 0x80001f8880a9b9e400d6e8655900000000 "racom" "racom" NULL .1.3.6.1.6.3.10.1.1.3 
0x40d2c90a2f4ee04dd30eb4e207a1e4ab507ce8d1 .1.3.6.1.6.3.10.1.2.2 
0x40d2c90a2f4ee04dd30eb4e207a1e4ab ""

Now, the SNMPv3 informs can be successfully received and used.

SNMPv3 Traps need a bit different command. Everything is the same, but the EngineID must be configured. In the RipEX web interface, create the unique EngineID within SNMP configuration page. This value is static and unique. For each RipEX unit, you need to create a separate User in the snmptrap configuration file. Stop the snmptrapd daemon again and add a similar line in the /etc/snmp/snmptrapd.conf file:

createUser -e 0000831304199430ac1077ab racom MD5 "racom1234" DES "racom5678"

This creates a “racom” user the same way as for the Informs, but the EngineID 0000831304199430ac1077ab is fixed and must correspond to that created in the RipEX web interface.

Start the deamon and check the procedure:

# cat /var/lib/net-snmp/snmptrapd.conf
usmUser 1 3 0x0000831304199430ac1077ab "racom" "racom" NULL .1.3.6.1.6.3.10.1.1.2 
0xfcddda2e844853de23eb838d96e985d9 .1.3.6.1.6.3.10.1.2.4 
0xfcddda2e844853de23eb838d96e985d9 ""

A similar line should be there – check the EngineID parameter. If succesful, Informs and Traps should now be working correctly. If not, try to check all the mentioned steps and verify your procedure.

[Note]Note

The same procedure must be met for any other SNMPv3 devices and their SNMPv3 traps/informs (not just RipEX).

4.2.3. Basic Trap/Inform Functionality Tests

Now Zabbix is ready to receive SNMP traps/informs from all RipEX stations and enter them into the database properly. In order to test it, force the trap to be sent from any RipEX and see whether it appears in the Zabbix front-end. If not, check that the respective UDP port (162) is enabled at your firewall and check the settings again. You can also execute Tcpdump or Wireshark at the selected interface of your Zabbix server or somewhere along the intended packet path.

Another basic test can be run using the following command:

zabbix_sender -z localhost -p 10051 -s "192.168.10.1" -k trpTemp -o "trpTemp, ALARM: ON"

The IP address of your RipEX station is 192.168.10.1, key is “trpTemp” and the message for the Zabbix server is “trpTemp, ALARM: ON”. The command should trigger the host’s ” temperature exceeded the threshold” alarm. Note that you need to have a host configured with this IP address, otherwise the trap will not be shown.

It is important to set the KEY value correctly, otherwise the trap/inform would not match the trigger. See more KEY values with their description below:

  • trpRssIPAddress – Remote station RSS value out of range (Replace the IPAddress with a real remote RipEX IP address)

  • trpDqIPAddress – Remote station DQ value out of range (Replace the IPAddress with a real remote RipEX IP address)

  • ttrpTxLost – TX Lost value out of range

  • trpUcc – UCC value out of range

  • trpTemp – Modem temperature value out of range

  • trpRfpwr – RF power value out of range

  • trpLanPr – Ethernet RX/TX packet ratio out of range

  • trpCom1Pr – COM1 RX/TX packet ratio out of range

  • trpCom2Pr – COM2 RX/TX packet ratio out of range

  • trpHwIn – HW input in the alarm state

  • trpHotStby – Modem becomes active in a Hot-Standby mode

  • trpBpath – Backup path state has changed

  • trpBpathAlt – Alternative path state has changed

  • trpUnitReady – Unit ready signal has changed

If you want to clear the trap/inform alarm, just repeat the same zabbix_sender command, but change the message to contain the word “OFF”. E.g. “ALARM OFF”.

Zabbix dashboard – Status of units

Fig. 4.6: Zabbix dashboard – Status of units

You can also see Trap’s output in Monitoring → Latest Data → TRAPS of your RipEX station → History. The displayed information differs based on the trap received. See the detailed description in the respective Zabbix item.