SNMP Traps

If SNMP-capable devices in the network are configured to send traps to Meridian, these traps are transformed into events according to preconfigured rules. The Trapd service daemon, which lets Meridian receive SNMP traps, is enabled by default.

Disabling the Trapd service daemon will render Meridian incapable of receiving SNMP traps.

Event definitions are included with Meridian for traps from many vendors' equipment.

Traps Forwarded via Proxy

When SNMP traps are forwarded through a proxy using SNMPv2c or SNMPv3, preserving the original source IP address is a challenge due to the lack of an agent-addr field in the TRAP-V2 PDU used in those protocol versions. RFC 3584 defines an optional varbind snmpTrapAddress (.1.3.6.1.6.3.18.1.3.0) that can be added to forwarded traps to convey the original source IP address.

To configure Meridian to honor snmpTrapAddress when present, set use-address-from-varbind="true" in the top-level element of ${OPENNMS_HOME}/etc/trapd-configuration.xml and restart Meridian.

Configuration example for using RFC 3584 helper varbinds in forwarded traps
<trapd-configuration snmp-trap-port="1162"(1)
                     new-suspect-on-trap="false"(2)
                     use-address-from-varbind="true" />(3)
1 Set the SNMP trap daemon listening port to 1162/udp
2 Don’t create new nodes when receiving a SNMP Trap with an uknown source IP address
3 Try using the identifier source IP address from the snmpTrapAddress varbind instead of the UDP source IP address