Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
870
Views
0
Helpful
0
Comments

TOTD: HOW TO SQUELCH SNMP TRAPS & SYSLOG MESSAGES FOR FAULTS F0532 ON LEAF NODES?

Tomas de Leon
Cisco Employee
Cisco Employee

‎05-31-2017 02:42 PM - edited ‎03-01-2019 06:06 AM

HOW TO SQUELCH SNMP TRAPS & SYSLOG MESSAGES FOR FAULTS F0532 ON LEAF NODES?

The following technote is written against Application Policy Infrastructure Controller Version 2.2(2i) Maintenance Release. The following is a use case scenario that was asked by a customer.

QUESTION

After looking at the Cisco Documentation and Technotes online regarding SNMP & SYSLOG configurations for ACI, I do not see a way to suppress sending external data collector messages for the Faults with code F0532 from the ACI Leaf & Spine nodes. Is this possible with switches in ACI mode? 

ANSWER

The Customer is seeing the following faults with the code F0532 in their ACI Fabric.  The Fault F0532 is generated when an interface or port is being reported as "down".  A SNMP Trap or SYSLOG Message will be sent if the external data collectors for these protocols are configured.  Under certain conditions and configurations, an excessive amount of traps and messages may be sent to the external data collector servers.  Some customer want to disable or squelch such messages for all interfaces or a group of interfaces.

In ACI, there is no equivalent CLI command "no snmp trap link-status" for individual or group of interfaces. SNMP in ACI currently does not support disabling/enabling of individual traps. By default, all supported traps are enabled. The same restrictions apply for SYSLOG messaging.

That said, there is a workaround where you can squelch these faults and hence prevent sending SNMP traps or SYSLOG Messages for Faults with code F0532.  

Fault Code Identifiers:

# fault.Inst

code             : F0532

cause            : interface-physical-down

descr            : Port is down, reason:noOperMembers(connected), used by:EPG

domain           : access

rn               : fault-F0532

rule             : ethpm-if-port-down-infra-epg

severity         : critical

subject          : port-down

Note: This workaround only applies to the front panel ports on the "Leaf" nodes.  Fabric ports and Spine ports will continue to send SNMP traps & SYSLOG messages for these faults.  This should not be an issue since this ports should not be transitioning as often or as frequently as the Leaf front panel ports.

Steps to “Squelch” SNMP Traps & SYSLOG Messages for F0532 Faults 

To configure this workaround for squelching the faults with the code F0532 that SNMP traps & SYSLOG messages on the front panel ports of Leaf Nodes, you will need to add custom Monitoring Destinations for SNMP & SYSLOG External Data Collectors. You will also need to add a custom Fabric Access Monitoring Policy.  

TASK:  Create custom Monitoring Destinations for SNMP & SYSLOG External Data Collectors

TASK:  Create custom Monitoring Policy to be used for Squelching SNMP & SYSLOG messages for F0532 Faults to External Data Collectors

TASK:  Once the custom Monitoring Policy to be used for Squelching SNMP & SYSLOG messages for F0532 Faults to External Data Collectors is configured, you will need to assign this Monitoring Policy to the desired “INTERFACE POLICY GROUP(s)”


<< DETAILS OF THIS EXAMPLE IS IN THE ATTACHED .PDF FILE >>

 

#ACI

#SNMP

#TRAP

#SYSLOG

#SQUELCH

#LEAF

 

Labels:
Preview file
2025 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card