如何给SNMP Trap通道加上同步机制

 SNMP协议是在服务器以及硬件管理中通常都会用到的管理协议,其好处在于使用起来简单,然后又是标准化的,几乎所有的硬件设备都支持此协议。不过近期网络安全问题大家都比较关注,SNMP也饱受争议。
今天我们要讨论是是如何使用SNMP Trap发送同步消息。

SNMP TRAP是SNMP协议里面通常使用的通道(其他还有GET,SET),TRAP通常是使用UDP,且协议层没有消息确认机制的,所以如果你使用SNMP TRAP给服务器上报消息,那么你是不知道消息是否发送成功以否的。
最简答的SNMP例子可以参考《http://www.iteye.com/topic/308836》,这个是使用Java语言基于SNMP4J的例子。

你运行这个例子之后,你会发现,下面这个if,总是为false,也就是返回的respond总是null。
// 向Agent发送PDU,并接收Response
ResponseEvent respEvnt = snmp.send(pdu, target);

// 解析Response
if (respEvnt != null && respEvnt.getResponse() != null) {

这个就是刚才说到的SNMP TRAP的特性:无确认机制。
那么对于一些重要的信息,希望得到这些消息是否发送成功了,该怎么办?

我的建议是,如果是新开发的,那么建议这种场景不要使用SNMP,如果对端协议已经是SNMP了,那么建议将SNMP TRAP改为SNMP INFORM,这个改动是很小的。
只需要在行面的例子中,在TRAP接受端,增加如下代码即可:(不过INFORM的特性,需要SNMP协议的 V2 以及之后的版本才支持,SNMP V1是不支持的)。
//send respond only if the pdu type is INFORM
PDU src_pdu = respEvnt.getPDU();
if (src_pdu.getType() == PDU.INFORM){
PDU responsePDU = new PDU(src_pdu);
responsePDU.setErrorIndex(0);
responsePDU.setErrorStatus(0);
responsePDU.setType(PDU.RESPONSE);
StatusInformation statusInfo = new StatusInformation();
StateReference stateRef = respEvnt.getStateReference();
try {
respEvnt.getMessageDispatcher().returnResponsePdu(
respEvnt.getMessageProcessingModel(),
respEvnt.getSecurityModel(),
respEvnt.getSecurityName(),
respEvnt.getSecurityLevel(),
responsePDU,
respEvnt.getMaxSizeResponsePDU(),
stateRef,
statusInfo);

} catch (MessageException msgEx) {
msgEx.printStackTrace();
}
}

你更改了协议之后,还会遇到向前兼容的问题,假设发送端为S,接收端为R,那么S使用TRAP发送,不论R是否发送respond,S端都收不到respond;如果S使用INFORM发送,那么如果R发送respond,S能够收到,如果R不发送respond,那么S收不到。

完整的代码如下:

MultiThreadedTrapReceiver
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Vector;

import org.snmp4j.CommandResponder;
import org.snmp4j.CommandResponderEvent;
import org.snmp4j.MessageDispatcherImpl;
import org.snmp4j.MessageException;
import org.snmp4j.PDU;
import org.snmp4j.Snmp;
import org.snmp4j.TransportMapping;
import org.snmp4j.mp.MPv1;
import org.snmp4j.mp.MPv2c;
import org.snmp4j.mp.MPv3;
import org.snmp4j.mp.StateReference;
import org.snmp4j.mp.StatusInformation;
import org.snmp4j.security.SecurityModels;
import org.snmp4j.security.SecurityProtocols;
import org.snmp4j.security.USM;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.TcpAddress;
import org.snmp4j.smi.UdpAddress;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.DefaultTcpTransportMapping;
import org.snmp4j.transport.DefaultUdpTransportMapping;
import org.snmp4j.util.MultiThreadedMessageDispatcher;
import org.snmp4j.util.ThreadPool;

/**
* 本类用于监听代理进程的Trap信息
*
* @author zhanjia
*
*/
public class MultiThreadedTrapReceiver implements CommandResponder {

private MultiThreadedMessageDispatcher dispatcher;
private Snmp snmp = null;
private Address listenAddress;
private ThreadPool threadPool;

public MultiThreadedTrapReceiver() {
// BasicConfigurator.configure();
}

private void init() throws UnknownHostException, IOException {
threadPool = ThreadPool.create(“Trap”, 2);
dispatcher = new MultiThreadedMessageDispatcher(threadPool,
new MessageDispatcherImpl());
listenAddress = GenericAddress.parse(System.getProperty(
“snmp4j.listenAddress”, “udp:127.0.0.1/9999″)); // 本地IP与监听端口
TransportMapping transport;
// 对TCP与UDP协议进行处理
if (listenAddress instanceof UdpAddress) {
transport = new DefaultUdpTransportMapping(
(UdpAddress) listenAddress);
} else {
transport = new DefaultTcpTransportMapping(
(TcpAddress) listenAddress);
}
snmp = new Snmp(dispatcher, transport);
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv1());
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv2c());
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3());
USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(MPv3
.createLocalEngineID()), 0);
SecurityModels.getInstance().addSecurityModel(usm);
snmp.listen();
}


public void run() {
try {
init();
snmp.addCommandResponder(this);
System.out.println(“开始监听Trap信息!”);
} catch (Exception ex) {
ex.printStackTrace();
}
}

/**
* 实现CommandResponder的processPdu方法, 用于处理传入的请求、PDU等信息
* 当接收到trap时,会自动进入这个方法
*
* @param respEvnt
*/
public void processPdu(CommandResponderEvent respEvnt) {
//send respond pdu
if (respEvnt != null && respEvnt.getPDU() != null) {
//send respond only if the pdu type is INFORM
PDU src_pdu = respEvnt.getPDU();
if (src_pdu.getType() == PDU.INFORM){
PDU responsePDU = new PDU(src_pdu);
responsePDU.setErrorIndex(0);
responsePDU.setErrorStatus(0);
responsePDU.setType(PDU.RESPONSE);
StatusInformation statusInfo = new StatusInformation();
StateReference stateRef = respEvnt.getStateReference();
try {
respEvnt.getMessageDispatcher().returnResponsePdu(
respEvnt.getMessageProcessingModel(),
respEvnt.getSecurityModel(),
respEvnt.getSecurityName(),
respEvnt.getSecurityLevel(),
responsePDU,
respEvnt.getMaxSizeResponsePDU(),
stateRef,
statusInfo);

} catch (MessageException msgEx) {
msgEx.printStackTrace();
}
}

//retrive the pdu
Vector recVBs = respEvnt.getPDU().getVariableBindings();
for (int i = 0; i < recVBs.size(); i++) {
VariableBinding recVB = recVBs.elementAt(i);
System.out.println(recVB.getOid() + ” : “ + recVB.getVariable());
}
}
}

public static void main(String[] args) {
MultiThreadedTrapReceiver multithreadedtrapreceiver = new MultiThreadedTrapReceiver();
multithreadedtrapreceiver.run();
}

}

SnmpUtilSendTrap
import java.io.IOException;
import java.util.Vector;

import org.snmp4j.CommunityTarget;
import org.snmp4j.PDU;
import org.snmp4j.Snmp;
import org.snmp4j.TransportMapping;
import org.snmp4j.event.ResponseEvent;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.DefaultUdpTransportMapping;

/**
* 本类用于向管理进程发送Trap信息
*
* @author zhanjia
*
*/
public class SnmpUtilSendTrap {

private Snmp snmp = null;

private Address targetAddress = null;

public void initComm() throws IOException {

// 设置管理进程的IP和端口
targetAddress = GenericAddress.parse(“udp:127.0.0.1/9999″);
TransportMapping transport = new DefaultUdpTransportMapping();


snmp = new Snmp(transport);
transport.listen();

}

/**
* 向管理进程发送Trap报文
*
* @throws IOException
*/
public void sendPDU() throws IOException {

// 设置 target
CommunityTarget target = new CommunityTarget();
target.setAddress(targetAddress);

// 通信不成功时的重试次数
target.setRetries(2);
// 超时时间
target.setTimeout(1500);
// snmp版本
target.setVersion(SnmpConstants.version2c);

// 创建 PDU
PDU pdu = new PDU();
pdu.add(new VariableBinding(new OID(“.1.3.6.1.2.3377.10.1.1.1.1″),
new OctetString(“SnmpTrap”)));
pdu.add(new VariableBinding(new OID(“.1.3.6.1.2.3377.10.1.1.1.2″),
new OctetString(“JavaEE”)));
pdu.setType(PDU.INFORM);

// 向Agent发送PDU,并接收Response
ResponseEvent respEvnt = snmp.send(pdu, target);

// 解析Response
if (respEvnt != null && respEvnt.getResponse() != null) {
Vector recVBs = respEvnt.getResponse()
.getVariableBindings();
for (int i = 0; i < recVBs.size(); i++) {
VariableBinding recVB = recVBs.elementAt(i);
System.out.println(“received respond pdu from server. “ + recVB.getOid() + ” : “ + recVB.getVariable());
}
}
}

public static void main(String[] args) {
try {
SnmpUtilSendTrap util = new SnmpUtilSendTrap();
util.initComm();
util.sendPDU();
} catch (IOException e) {
e.printStackTrace();
}
}

}



你可能感兴趣的:(snmp)