In Spectrum 10.2.2 the SpectroSERVER was processing traps for some devices using the address in the IP Header instead of the address
inside of the agent-addr field of a v1 Trap. After upgrading to Spectrum 10.4.x this is no longer the case, the SpectroSERVER is only looking
at the agent-addr address.
Scenario: A Cisco 9000 series device was discovered and modeled within Spectrum. The device was discovered using a NAT'd address and
the IP Address assigned to the management interface (mgmt0) was not picked up by Spectrum due to the address not being listed
in the ipAdEndAddr table. In Spectrum 10.2.2 the SpectroSERVER was processing the traps even though the management interface address
being sent in the agent-addr field did not exist in Spectrum. In 10.4.x the trap is not processed and a 0x10802 trap from an unknown device
event is generated on the VNM model.
Release : 10.2.2 - 10.4.1, 10.4.2
Component : Spectrum Core / SpectroSERVER
The SpectroSERVER has a feature option that allows it to process traps using the IP Address in the IP Header for RMON enabled devices. In
Spectrum 10.2.2 this feature was being defaulted to on and therefore the SpectroSERVER was able to process the trap even though the
management agent IP address did not exist in the SSdb. In Spectrum 10.2.3+ this seems to have been fix and the feature defaults to off BUT
another bug is present in that the SpectroSERVER does not read/check for the existence of the setting in the .vnmrc properly
Spectrum 10.4.1 - 10.04.01.PTF_10.4.131
This fix corrects the check on the rmonapp_register_ip_header setting in the .vnmrc file. The value defaults to false if not present and
the SpectroSERVER will correctly read the entry and set the state if present
- Stop the SpectroSERVER
- Apply Spectrum_10.04.01.PTF_10.4.131
- Edit $SPECROOT/SS/.vnmrc
rmonapp_register_ip_header=true
- Start the SpectroSERVER
This should now enable the feature and the SS will behave as the 10.2.2 version had when it was defaulting this to true.
1. SNMP v2 and v3 traps do not have an agent-addr property, they should (not all apps/scripts send it) have a varbind that contains the agent address.
SNMP-COMMUNITY-MIB::snmpTrapAddress.0 xxx.xxx.xxx.xxx
(1.3.6.1.6.3.1.1.4.1.0)
2. This fix should hopefully be included in the second BMP fix for 10.4.1 due out towards the end of October 2020.
3. This fix should be included in Spectrum 10.5