Created on 02-25-2019 07:07 AM Edited on 06-09-2022 03:22 PM By Anonymous
Description
This article describes how to monitor routing protocols (BGP, OSPF) in multiple VDOMs via SNMP.
Scope
Consider a FortiGate is using two VDOMs; root (management) and VDOM_LAB. Both VDOMs are running BGP and OSPF.
In the following example, BGP is considered. Both the VDOMs have a BGP neighborship established.
(VDOM_LAB)# get router info bgp summary
BGP router identifier 3.3.3.3, local AS number 65500
BGP table version is 2
1 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.223.0.65 4 65500 4 6 1 0 0 00:01:20 2
Total number of neighbors 1
(root)# get router info bgp summary
BGP router identifier 2.2.2.2, local AS number 65500
BGP table version is 2
1 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.222.0.65 4 65500 8 9 1 0 0 00:03:33 2
Total number of neighbors 1
Solution
In order to run a SNMP query with community public on the root (management) VDOM, the following snmpwalk should be performed from the SNMP Manager.
snmpwalk –v2c –c public-root host OID
To get SNMP information from other VDOMs, use snmpwalk with the following syntax:
snmpwalk –v2c –c public-VDOM_NAME host OID
Examples:
Management VDOM root
root@debian:/usr/share/snmp/mibs# snmpwalk -v2c -c public-root 10.222.0.190 1.3.6.1.2.1.15
iso.3.6.1.2.1.15.1.0 = Hex-STRING: 10
iso.3.6.1.2.1.15.2.0 = INTEGER: 65500
iso.3.6.1.2.1.15.3.1.1.10.222.0.65 = IpAddress: 1.1.1.1
iso.3.6.1.2.1.15.3.1.2.10.222.0.65 = INTEGER: 6
iso.3.6.1.2.1.15.3.1.3.10.222.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.4.10.222.0.65 = INTEGER: 4
iso.3.6.1.2.1.15.3.1.5.10.222.0.65 = IpAddress: 10.222.0.190
iso.3.6.1.2.1.15.3.1.6.10.222.0.65 = INTEGER: 179
iso.3.6.1.2.1.15.3.1.7.10.222.0.65 = IpAddress: 10.222.0.65
iso.3.6.1.2.1.15.3.1.8.10.222.0.65 = INTEGER: 24094
iso.3.6.1.2.1.15.3.1.9.10.222.0.65 = INTEGER: 65500
iso.3.6.1.2.1.15.3.1.10.10.222.0.65 = INTEGER: 3
iso.3.6.1.2.1.15.3.1.11.10.222.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.12.10.222.0.65 = INTEGER: 23
iso.3.6.1.2.1.15.3.1.13.10.222.0.65 = INTEGER: 24
iso.3.6.1.2.1.15.3.1.14.10.222.0.65 = Hex-STRING: 00 00
iso.3.6.1.2.1.15.3.1.15.10.222.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.16.10.222.0.65 = Gauge32: 70
iso.3.6.1.2.1.15.3.1.17.10.222.0.65 = INTEGER: 120
iso.3.6.1.2.1.15.3.1.18.10.222.0.65 = INTEGER: 180
iso.3.6.1.2.1.15.3.1.19.10.222.0.65 = INTEGER: 60
iso.3.6.1.2.1.15.3.1.20.10.222.0.65 = INTEGER: 180
iso.3.6.1.2.1.15.3.1.21.10.222.0.65 = INTEGER: 60
iso.3.6.1.2.1.15.3.1.22.10.222.0.65 = INTEGER: 0
iso.3.6.1.2.1.15.3.1.23.10.222.0.65 = INTEGER: 30
iso.3.6.1.2.1.15.3.1.24.10.222.0.65 = Gauge32: 69
iso.3.6.1.2.1.15.4.0 = IpAddress: 2.2.2.2
iso.3.6.1.2.1.15.6.1.1.10.222.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.2.10.222.0.0.20.0.0.0.0 = INTEGER: 20
iso.3.6.1.2.1.15.6.1.3.10.222.0.0.20.0.0.0.0 = IpAddress: 10.222.0.0
iso.3.6.1.2.1.15.6.1.4.10.222.0.0.20.0.0.0.0 = INTEGER: 1
iso.3.6.1.2.1.15.6.1.5.10.222.0.0.20.0.0.0.0 = ""
iso.3.6.1.2.1.15.6.1.6.10.222.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.7.10.222.0.0.20.0.0.0.0 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.8.10.222.0.0.20.0.0.0.0 = INTEGER: 100
iso.3.6.1.2.1.15.6.1.9.10.222.0.0.20.0.0.0.0 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.10.10.222.0.0.20.0.0.0.0 = INTEGER: 0
iso.3.6.1.2.1.15.6.1.11.10.222.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.12.10.222.0.0.20.0.0.0.0 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.13.10.222.0.0.20.0.0.0.0 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.14.10.222.0.0.20.0.0.0.0 = ""
Non-management vdom VDOM_LAB:
root@debian:/usr/share/snmp/mibs# snmpwalk -v2c -c public-VDOM_LAB 10.222.0.190 1.3.6.1.2.1.15
iso.3.6.1.2.1.15.1.0 = Hex-STRING: 10
iso.3.6.1.2.1.15.2.0 = INTEGER: 65500
iso.3.6.1.2.1.15.3.1.1.10.223.0.65 = IpAddress: 1.1.1.1
iso.3.6.1.2.1.15.3.1.2.10.223.0.65 = INTEGER: 6
iso.3.6.1.2.1.15.3.1.3.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.4.10.223.0.65 = INTEGER: 4
iso.3.6.1.2.1.15.3.1.5.10.223.0.65 = IpAddress: 10.223.0.190
iso.3.6.1.2.1.15.3.1.6.10.223.0.65 = INTEGER: 179
iso.3.6.1.2.1.15.3.1.7.10.223.0.65 = IpAddress: 10.223.0.65
iso.3.6.1.2.1.15.3.1.8.10.223.0.65 = INTEGER: 8335
iso.3.6.1.2.1.15.3.1.9.10.223.0.65 = INTEGER: 65500
iso.3.6.1.2.1.15.3.1.10.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.11.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.12.10.223.0.65 = INTEGER: 21
iso.3.6.1.2.1.15.3.1.13.10.223.0.65 = INTEGER: 24
iso.3.6.1.2.1.15.3.1.14.10.223.0.65 = Hex-STRING: 00 00
iso.3.6.1.2.1.15.3.1.15.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.3.1.16.10.223.0.65 = Gauge32: 104
iso.3.6.1.2.1.15.3.1.17.10.223.0.65 = INTEGER: 120
iso.3.6.1.2.1.15.3.1.18.10.223.0.65 = INTEGER: 180
iso.3.6.1.2.1.15.3.1.19.10.223.0.65 = INTEGER: 60
iso.3.6.1.2.1.15.3.1.20.10.223.0.65 = INTEGER: 180
iso.3.6.1.2.1.15.3.1.21.10.223.0.65 = INTEGER: 60
iso.3.6.1.2.1.15.3.1.22.10.223.0.65 = INTEGER: 0
iso.3.6.1.2.1.15.3.1.23.10.223.0.65 = INTEGER: 30
iso.3.6.1.2.1.15.3.1.24.10.223.0.65 = Gauge32: 103
iso.3.6.1.2.1.15.4.0 = IpAddress: 3.3.3.3
iso.3.6.1.2.1.15.6.1.1.10.222.0.0.20.10.223.0.65 = IpAddress: 10.223.0.65
iso.3.6.1.2.1.15.6.1.1.10.223.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.1.10.223.0.0.20.10.223.0.65 = IpAddress: 10.223.0.65
iso.3.6.1.2.1.15.6.1.2.10.222.0.0.20.10.223.0.65 = INTEGER: 20
iso.3.6.1.2.1.15.6.1.2.10.223.0.0.20.0.0.0.0 = INTEGER: 20
iso.3.6.1.2.1.15.6.1.2.10.223.0.0.20.10.223.0.65 = INTEGER: 20
iso.3.6.1.2.1.15.6.1.3.10.222.0.0.20.10.223.0.65 = IpAddress: 10.222.0.0
iso.3.6.1.2.1.15.6.1.3.10.223.0.0.20.0.0.0.0 = IpAddress: 10.223.0.0
iso.3.6.1.2.1.15.6.1.3.10.223.0.0.20.10.223.0.65 = IpAddress: 10.223.0.0
iso.3.6.1.2.1.15.6.1.4.10.222.0.0.20.10.223.0.65 = INTEGER: 1
iso.3.6.1.2.1.15.6.1.4.10.223.0.0.20.0.0.0.0 = INTEGER: 1
iso.3.6.1.2.1.15.6.1.4.10.223.0.0.20.10.223.0.65 = INTEGER: 1
iso.3.6.1.2.1.15.6.1.5.10.222.0.0.20.10.223.0.65 = ""
iso.3.6.1.2.1.15.6.1.5.10.223.0.0.20.0.0.0.0 = ""
iso.3.6.1.2.1.15.6.1.5.10.223.0.0.20.10.223.0.65 = ""
iso.3.6.1.2.1.15.6.1.6.10.222.0.0.20.10.223.0.65 = IpAddress: 10.223.0.65
iso.3.6.1.2.1.15.6.1.6.10.223.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.6.10.223.0.0.20.10.223.0.65 = IpAddress: 10.223.0.65
iso.3.6.1.2.1.15.6.1.7.10.222.0.0.20.10.223.0.65 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.7.10.223.0.0.20.0.0.0.0 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.7.10.223.0.0.20.10.223.0.65 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.8.10.222.0.0.20.10.223.0.65 = INTEGER: 100
iso.3.6.1.2.1.15.6.1.8.10.223.0.0.20.0.0.0.0 = INTEGER: 100
iso.3.6.1.2.1.15.6.1.8.10.223.0.0.20.10.223.0.65 = INTEGER: 100
iso.3.6.1.2.1.15.6.1.9.10.222.0.0.20.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.9.10.223.0.0.20.0.0.0.0 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.9.10.223.0.0.20.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.10.10.222.0.0.20.10.223.0.65 = INTEGER: 0
iso.3.6.1.2.1.15.6.1.10.10.223.0.0.20.0.0.0.0 = INTEGER: 0
iso.3.6.1.2.1.15.6.1.10.10.223.0.0.20.10.223.0.65 = INTEGER: 0
iso.3.6.1.2.1.15.6.1.11.10.222.0.0.20.10.223.0.65 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.11.10.223.0.0.20.0.0.0.0 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.11.10.223.0.0.20.10.223.0.65 = IpAddress: 0.0.0.0
iso.3.6.1.2.1.15.6.1.12.10.222.0.0.20.10.223.0.65 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.12.10.223.0.0.20.0.0.0.0 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.12.10.223.0.0.20.10.223.0.65 = INTEGER: -1
iso.3.6.1.2.1.15.6.1.13.10.222.0.0.20.10.223.0.65 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.13.10.223.0.0.20.0.0.0.0 = INTEGER: 2
iso.3.6.1.2.1.15.6.1.13.10.223.0.0.20.10.223.0.65 = INTEGER: 1
iso.3.6.1.2.1.15.6.1.14.10.222.0.0.20.10.223.0.65 = ""
iso.3.6.1.2.1.15.6.1.14.10.223.0.0.20.0.0.0.0 = ""
iso.3.6.1.2.1.15.6.1.14.10.223.0.0.20.10.223.0.65 = ""
The same logic is applicable for OSPF monitoring with multiple VDOMs.
Related documents.
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/783526/dhcp-server
https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/783526/dhcp-server
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.