aFleX Policy to Redirect a Specific SNMP OID

[Deleted User]

Posted by bmeckley

I am looking for an aFleX example that can redirect an SNMP OID of ".1.3.6.1.9.9.41.2.0.1" to a specific server. This particular OID will contain syslog messages that will be sent to a Syslog server. All other SNMP traps will be directed to specific SNMP servers using a PBSLB policy.

Thank-you

[Deleted User]

Posted by ddesmidt

Hi,

aFleX does not provide "snmp" commands yet.
That said, aFleX can reply to your need today

Indeed aFleX can look at the UDP payload and check the payload does contain the SNMP OID ".1.3.6.1.9.9.41.2.0.1".

To know what is the payload for that OID and where is that OID in the payload, please look at a trace (using wireshark for instance).
Note: If you give me the trace, I can help.

On my side to validate the aFleX below is correct, I used the SNMP trap OID "1.3.6.1.4.1.22613.2.4.3.12.2.2.4"
Note: FYI that's the SNMP trap AX generates when a server goes down. I configured an AX1 to send traps to another AX2 that has the aFleX

Looking at wireshark, I've been able to see:
. that OID "1.3.6.1.4.1.22613.2.4.3.12.2.2" is in the UDP payload from byte 19 and is 14 bytes long (and its HEX value is "2b0601040181b0520204030c0202")
. that load OID digit ".4" is in the UDP payload from byte 44 and is 1 byte long (its HEX value is "04")


And the following aFleX did the job:

Code:

when CLIENT_DATA { # collect the snmp trap # it's in bytes from 19 (14 bytes long) + byte 44 set payload_trap1 [UDP::payload 19 14] binary scan $payload_trap1 H* payload_trap1_hex #log "payload_trap1_hex = $payload_trap1_hex" set payload_trap2 [UDP::payload 44 1] binary scan $payload_trap2 H* payload_trap2_hex #log "payload_trap2_hex = $payload_trap2_hex" if { ($payload_trap1_hex equals "2b0601040181b0520204030c0202") and ($payload_trap2_hex equals "04")} { log "snmp trap for that OID" pool sg_snmp1 } else { log "snmp trap NOT for that OID" pool sg_snmp2 } }

Dimitri