SNMPTRAPD receiving raw packets but the actual trap won't get logged or listen

Question

SNMPTRAPD receiving raw packets but the actual trap won't get logged or listen

1k views Asked by Rupesh Arora At 28 February 2019 at 04:06

I'm working on the SNMP trap. I'm using snmptrapd application to listen to SNMP traps, an issue with the snmptrapd unable to listen to the traps while it showing raw packets are coming when using -d option in snmptrapd command.

Here is my command /usr/sbin/snmptrapd -afnd -Lf/tmp/trap.log -On -c /etc/snmp/snmptrapd.conf Output for the following command is

Received 626 byte packet from UDP: [10.128.255.194]:45406->[10.7.254.1]:162
0000: 30 82 02 6E  02 01 03 30  0F 02 03 4F  D4 FA 02 02    0..n...0...O....
0016: 20 00 04 01  00 02 01 03  04 27 30 25  04 0B 80 00     ........'0%....
0032: 00 A1 03 52  54 00 01 E9  0A 02 01 04  02 04 01 04    ...RT...........
0048: 89 3A 04 09  4D 6F 74 6F  4E 6F 72 74  68 04 00 04    .:..MotoNorth...
0064: 00 30 82 02  2D 04 0B 80  00 00 A1 03  52 54 00 01    .0..-.......RT..
0080: E9 0A 04 06  6E 6F 41 75  74 68 A7 82  02 14 02 03    ....noAuth......
0096: 4F D4 F9 02  01 00 02 01  00 30 82 02  05 30 10 06    O........0...0..
0112: 08 2B 06 01  02 01 01 03  00 43 04 65  C5 9B 0D 30    .+.......C.e...0
0128: 19 06 0A 2B  06 01 06 03  01 01 04 01  00 06 0B 2B    ...+...........+
0144: 06 01 04 01  81 21 03 0A  68 01 30 13  06 0C 2B 06    .....!..h.0...+.
0160: 01 04 01 81  21 03 0A 69  03 00 02 03  08 08 2D 30    ....!..i......-0
0176: 22 06 0C 2B  06 01 04 01  81 21 03 0A  69 04 00 04    "..+.....!..i...
0192: 12 55 6E 6B  6E 6F 77 6E  45 76 65 6E  74 53 6F 75    .UnknownEventSou
0208: 72 63 65 30  12 06 0C 2B  06 01 04 01  81 21 03 0A    rce0...+.....!..
0224: 69 05 00 02  02 01 00 30  1C 06 0C 2B  06 01 04 01    i......0...+....
0240: 81 21 03 0A  69 06 00 04  0C 31 30 2E  31 2E 32 33    .!..i....10.1.23
0256: 33 2E 32 33  30 30 1C 06  0C 2B 06 01  04 01 81 21    3.2300...+.....!
0272: 03 0A 69 07  00 04 0C 31  30 2E 31 2E  32 33 33 2E    ..i....10.1.233.
0288: 32 33 30 30  1C 06 0C 2B  06 01 04 01  81 21 03 0A    2300...+.....!..
0304: 69 08 00 04  0C 31 30 2E  31 2E 32 33  33 2E 32 33    i....10.1.233.23
0320: 30 30 11 06  0C 2B 06 01  04 01 81 21  03 0A 69 09    00...+.....!..i.
0336: 00 02 01 05  30 1C 06 0C  2B 06 01 04  01 81 21 03    ....0...+.....!.
0352: 0A 69 0A 00  04 0C 31 30  2E 31 2E 32  33 33 2E 32    .i....10.1.233.2
0368: 33 30 30 1B  06 0C 2B 06  01 04 01 81  21 03 0A 69    300...+.....!..i
0384: 0B 00 04 0B  07 E3 02 1B  10 33 02 06  2B 05 1E 30    .........3..+..0
0400: 1B 06 0C 2B  06 01 04 01  81 21 03 0A  69 0C 00 04    ...+.....!..i...
0416: 0B 07 E3 02  1B 10 33 02  00 2B 05 1E  30 81 C3 06    ......3..+..0...
0432: 0C 2B 06 01  04 01 81 21  03 0A 69 0D  00 04 81 B2    .+.....!..i.....
0448: 45 76 65 6E  74 20 72 65  63 65 69 76  65 64 20 66    Event received f
0464: 72 6F 6D 20  61 6E 20 55  6E 6B 6E 6F  77 6E 20 49    rom an Unknown I
0480: 50 41 64 64  72 65 73 73  2E 20 48 70  53 77 69 74    PAddress. HpSwit
0496: 63 68 32 36  31 30 2D 34  38 2C 20 73  6E 6D 70 54    ch2610-48, snmpT
0512: 72 61 70 4F  49 44 20 3D  20 2E 31 2E  33 2E 36 2E    rapOID = .1.3.6.
0528: 31 2E 34 2E  31 2E 31 31  2E 32 2E 33  2E 37 2E 31    1.4.1.11.2.3.7.1
0544: 31 2E 37 37  2E 30 2E 32  2C 20 65 76  65 6E 74 44    1.77.0.2, eventD
0560: 65 73 63 72  69 70 74 69  6F 6E 2E 37  36 20 3A 20    escription.76 : 
0576: 49 20 30 32  2F 32 37 2F  31 39 20 31  31 3A 32 31    I 02/27/19 11:21
0592: 3A 30 32 20  70 6F 72 74  73 3A 20 70  6F 72 74 20    :02 ports: port 
0608: 31 39 20 69  73 20 6E 6F  77 20 6F 66  66 2D 6C 69    19 is now off-li
0624: 6E 65
Received 334 byte packet from UDP: [10.1.7.100]:161->[10.7.254.1]:162
0000: 30 82 01 4A  02 01 01 04  06 70 75 62  6C 69 63 A7    0..J.....public.
0016: 82 01 3B 02  01 00 02 01  00 02 01 00  30 82 01 2E    ..;.........0...
0032: 30 10 06 08  2B 06 01 02  01 01 03 00  43 04 01 1B    0...+.......C...
0048: 6B 0B 30 17  06 0A 2B 06  01 06 03 01  01 04 01 00    k.0...+.........
0064: 06 09 2B 06  01 04 01 CE  53 01 03 30  1D 06 0A 2B    ..+.....S..0...+
0080: 06 01 04 01  CE 53 01 03  01 04 0F 4E  56 52 2D 50    .....S.....NVR-P
0096: 48 31 2D 37  53 51 44 43  37 32 30 18  06 0A 2B 06    H1-7SQDC720...+.
0112: 01 04 01 CE  53 01 03 02  04 0A 31 30  2E 31 2E 37    ....S.....10.1.7
0128: 2E 31 30 30  30 14 06 0A  2B 06 01 04  01 CE 53 01    .1000...+.....S.
0144: 03 03 04 06  53 79 73 74  65 6D 30 16  06 0A 2B 06    ....System0...+.
0160: 01 04 01 CE  53 01 03 04  04 08 41 72  63 68 69 76    ....S.....Archiv
0176: 65 72 30 70  06 0A 2B 06  01 04 01 CE  53 01 03 05    er0p..+.....S...
0192: 04 62 53 4E  4D 50 20 61  67 65 6E 74  20 6F 66 20    .bSNMP agent of 
0208: 4C 61 74 69  74 75 64 65  20 61 70 70  6C 69 63 61    Latitude applica
0224: 74 69 6F 6E  20 41 72 63  68 69 76 65  72 20 61 74    tion Archiver at
0240: 20 4E 56 52  2D 50 48 31  2D 37 53 51  44 43 37 32     NVR-PH1-7SQDC72
0256: 20 69 73 20  61 6C 69 76  65 20 73 69  6E 63 65 20     is alive since 
0272: 32 2F 32 35  2F 32 30 31  39 20 31 3A  31 34 3A 35    2/25/2019 1:14:5
0288: 33 20 50 4D  30 28 06 0A  2B 06 01 04  01 CE 53 01    3 PM0(..+.....S.
0304: 03 06 04 1A  32 30 31 39  2D 32 2D 32  35 2C 31 33    ....2019-2-25,13
0320: 3A 31 34 3A  35 33 2E 33  2C 2B 35 3A  33 30          :14:53.3,+5:30

2019-02-27 16:51:03 UDP: [10.1.7.100]:161->[10.7.254.1]:162 [UDP: [10.1.7.100]:161->[10.7.254.1]:162]:
.1.3.6.1.2.1.1.3.0 = Timeticks: (18574091) 2 days, 3:35:40.91   .1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.10067.1.3    .1.3.6.1.4.1.10067.1.3.1 = STRING: "NVR-PH1-7SQDC72"    .1.3.6.1.4.1.10067.1.3.2 = STRING: "10.1.7.100" .1.3.6.1.4.1.10067.1.3.3 = STRING: "System" .1.3.6.1.4.1.10067.1.3.4 = STRING: "Archiver"   .1.3.6.1.4.1.10067.1.3.5 = STRING: "SNMP agent of Latitude application Archiver at NVR-PH1-7SQDC72 is alive since 2/25/2019 1:14:53 PM" .1.3.6.1.4.1.10067.1.3.6 = STRING: "2019-2-25,13:14:53.3,+5:30"
Received 67 byte packet from UDP: [10.12.90.1]:62459->[10.7.254.1]:162
0000: 30 41 02 01  00 04 06 70  75 62 6C 69  63 A4 34 06    0A.....public.4.
0016: 08 2B 06 01  04 01 81 B7  43 40 04 0A  0C 5A 01 02    [email protected]..
0032: 01 06 02 01  03 43 01 00  30 19 30 17  06 0A 2B 06    .....C..0.0...+.
0048: 01 04 01 81  B7 43 01 02  04 09 4B 65  65 70 61 6C    .....C....Keepal
0064: 69 76 65                                              ive

2019-02-27 16:51:02 10.12.90.1(via UDP: [10.12.90.1]:62459->[10.7.254.1]:162) TRAP, SNMP v1, community public
    .1.3.6.1.4.1.23491 Enterprise Specific Trap (3) Uptime: 0:00:00.00
    .1.3.6.1.4.1.23491.1.2 = STRING: "Keepalive"

As you see 10.128.255.194, this IP traps won't get logged, only showing the raw packets no trap got logged. While raw packets and traps from other IP are absolutely fine.

Please look in to the issue and let me know what's going wrong.

Original Q&A

TechQA.

SNMPTRAPD receiving raw packets but the actual trap won't get logged or listen

There are 0 answers

Related Questions in SNMP

Related Questions in NET-SNMP

Related Questions in SNMP-TRAP

Related Questions in SNMPTRAPD

Popular Questions

Popular Tags

Trending Questions