Forum Discussion

daboochmeister's avatar
Oct 22, 2015

Controlling which VS do/don't trigger SNMP traps

Env: LTM 11.5.3, GTM 11.5.3

 

Hey all - on our F5s we co-manage both production and test/QA virtual servers. The test/QA variety are naturally less stable, as the teams bring down real servers for updates etc.

 

We have SNMP traps being issued on each "VS down" or "VS up" event, and of course want that for production. But for the test/QA VSs, it's like watching popcorn pop, they go up and down so much.

 

Is there any way to manage this situation such that only the production VSs end up triggering traps?

 

thx!

 

  • My recommendation would be to put those environments in separate BIG-IP:s because there is a solution but it's kind of icky. What you would need to do is to disable the default trap in /etc/alertd/alert.conf, and then add custom traps for all the VS:es that you do want traps for in /config/user_alert.conf.

     

    Read more about adding custom traps here:

     

    https://support.f5.com/kb/en-us/solutions/public/3000/700/sol3727.html?sr=48907127

     

    The reason why I say it's icky is because F5 does not recommend that you actually edit /etc/alertd/alert.conf, and it's a bit of a hassle to make sure that you have all the important VS:es covered by custom traps, but it is possible.

     

  • another potential solution is to go ahead and enable the default trap, but make your snmp destination address a vip on the same device, then use an iRule that compares the trap string with a data group listing the vips you want to receive traps for. This brings your telemetry data onto the data plane, however, so it might not be advisable depending on your traffic loads.