Description
This article describes how to verify whether or not link state traps are being processed. This can be done using events logged in the appliance.
Scope
Version: 8.x, 9.x
Solution
1) Enable Events:
Version 8.x: Navigate to Logs -> Event Management.
Version 9.x: Navigate to Logs -> Events & Alarms > Management.
Enable Port Link Up and Port Link Down events. 'Right-click' on each event and select Log Internal.
Once enabled, any link state traps processed will generate an event.
2) Review Events.
Version 8.x: Navigate to Logs >- Events.
Version 9.x and above: Navigate to Logs -> Events & Alarms -> Events.
- From Add Filter drop-down menu, select Event.
- From Event drop-down menu, select the either Port Link Up or Port Link Down.
- Set any additional desired filters (such as date and time), then click Update.
- Once troubleshooting is complete, disable the event.
Version 8.x: Navigate to Logs > Event Management.
Version 9.x: Navigate to Logs > Events & Alarms > Management.
Disable Port Link Up and Port Link Down events. 'Right-click' on each event and select Disable.
Events are not generating:
Run the tcpdump CLI tool in the appliance to confirm whether or not the traps are being received...
1) Login to appliance CLI as root and type:
cd /bsc/logs
2) Start a tcpdump to verify traps are received from switch:
tcpdump -nni any host <switch ip> and port 162
3) Connect device to switch.
4) Wait 10 seconds.
5) Disconnect device from switch.
6) Ctrl_C to stop tcpdump.
If packet capture does not show any traps received, check the following:
- Switch is configured properly. Traps should be sent to the eth0 IP address of the appliance.
- UDP port 162 is not being blocked in the network.
If packet capture shows traps are being received:
1) Cisco devices and configured for SNMPv3: Verify context values for every VLAN created in the switch are defined. For tips on configuring and validating Cisco SNMPv3, see KB article Configure and validate Cisco SNMPv3.
2) Enable debugging. Type:
nacdebug –name BridgeManager true
nacdebug –name SnmpV1 true
3) Run packet capture and save as a .cap file viewable using Wireshark.
- Login to appliance CLI as root and type:
cd /bsc/logs
- Start packet capture and create a .cap file. Note: Once <ENTER> is hit, there will not be any output to the screen.
tcpdump -s 0 -w MACtrap.cap -i any '(ip host <device ip> and port 162)'
- Connect device to switch.
- Wait 10 seconds.
- Disconnect device from switch.
- Ctrl_C to stop tcpdump.
The resulting .cap file can be downloaded from the appliance using WinSCP or a similar program.
4) Disable debugging. Type:
nacdebug –name BridgeManager false
nacdebug –name SnmpV1 false
Contact Support for further assistance. Open a support ticket and provide the following:
- Software version (x.x.x.x).
- Switch IP address.
- Switch Model.
- Detailed description of behavior.
- Troubleshooting steps taken.
- MAC address of test client.
- Timeframe behavior was reproduced.
- Packet capture.
- System logs (For instructions see KB article 190755).
Related Article:
Technical Note: Confirming MAC Notification traps via Administration UI
