Server-centric message routing#
In some use-cases it may be desirable to perform peer classification at the server side and let client(s) re-using the outcome of server classification. The example configuration explains server-based classification design.
For more information please refer to the client configuration documentation.
Server configuration#
Server is configured to:
listen on UDP socket at localhost
respond to queries performed over SNMPv2c
serve two distinct SNMP community names
forward all queries to snmpfwd client through an unencrypted trunk connection running in client mode
#
# SNMP forwarder: Agent part configuration
#
config-version: 2
program-name: snmpfwd-server
snmp-credentials-group {
snmp-transport-domain: 1.3.6.1.6.1.1.100
snmp-bind-address: 127.0.0.1:1161
snmp-engine-id: 0x0102030405070809
snmp-community-name: public
snmp-security-name: public
snmp-security-model: 2
snmp-security-level: 1
customer-1 {
snmp-community-name: public-123
snmp-security-name: public-123
snmp-credentials-id: customer-1
}
customer-2 {
snmp-community-name: public-321
snmp-security-name: public-321
snmp-credentials-id: customer-2
}
}
context-group {
snmp-context-engine-id-pattern: .*?
snmp-context-name-pattern: .*?
snmp-context-id: any-context
}
content-group {
snmp-pdu-type-pattern: .*?
snmp-pdu-oid-prefix-pattern-list: .*?
snmp-content-id: any-content
}
peers-group {
snmp-transport-domain: 1.3.6.1.6.1.1.100
snmp-bind-address-pattern-list: .*?
snmp-peer-address-pattern-list: .*?
snmp-peer-id: 100
}
trunking-group {
trunk-bind-address: 127.0.0.1
trunk-peer-address: 127.0.0.1:30301
trunk-ping-period: 60
trunk-connection-mode: client
trunk-id: trunk-1
}
routing-map {
matching-snmp-context-id-list: any-context
matching-snmp-content-id-list: any-content
matching-snmp-credentials-id-list: customer-1 customer-2
matching-snmp-peer-id-list: 100
using-trunk-id-list: trunk-1
}
Download server configuration file.
Client configuration#
Client is configured to:
listen on server-mode unencrypted trunk connection
process all incoming SNMP messages in the same way
route inbound SNMP PDUs into either of two backend SNMP agents (at demo.pysnmp.com) chosen based on server-classification-id option.
#
# SNMP forwarder: Manager part configuration
#
config-version: 2
program-name: snmpfwd-client
peers-group {
snmp-engine-id: 0x0102030405070809
snmp-transport-domain: 1.3.6.1.6.1.1.1
snmp-bind-address: 0.0.0.0:0
# time out SNMP request in 1 second
snmp-peer-timeout: 100
snmp-peer-retries: 0
snmp-community-name: public
snmp-security-name: public
snmp-security-model: 2
snmp-security-level: 1
agent-1 {
snmp-peer-address: 104.236.166.95:161
snmp-peer-id: snmplabs-agent-1
}
agent-2 {
snmp-peer-address: 104.236.166.95:1161
snmp-peer-id: snmplabs-agent-2
}
}
trunking-group {
trunk-bind-address: 127.0.0.1:30301
trunk-ping-period: 60
trunk-connection-mode: server
trunk-id: <discover>
}
original-snmp-peer-info-group {
orig-snmp-bind-address-pattern: .*?
orig-snmp-context-name-pattern: .*?
orig-snmp-pdu-type-pattern: .*?
orig-snmp-oid-prefix-pattern: .*?
orig-snmp-engine-id-pattern: .*?
orig-snmp-context-engine-id-pattern: .*?
orig-snmp-transport-domain-pattern: .*?
orig-snmp-peer-address-pattern: .*?
orig-snmp-security-level-pattern: .*?
orig-snmp-security-name-pattern: .*?
orig-snmp-security-model-pattern: .*?
orig-snmp-peer-id: any-manager
}
server-classification-group {
server-snmp-context-id-pattern: .*?
server-snmp-content-id-pattern: .*?
server-snmp-peer-id-pattern: .*?
customer-1 {
server-snmp-credentials-id-pattern: customer-1
server-classification-id: customer-1-classification
}
customer-2 {
server-snmp-credentials-id-pattern: customer-2
server-classification-id: customer-2-classification
}
}
routing-map {
matching-trunk-id-list: trunk-1
matching-orig-snmp-peer-id-list: any-manager
agent-1 {
matching-server-classification-id-list: customer-1-classification
using-snmp-peer-id-list: snmplabs-agent-1
}
agent-2 {
matching-server-classification-id-list: customer-2-classification
using-snmp-peer-id-list: snmplabs-agent-2
}
}
Download client configuration file.