如何给SNMP Trap通道加上同步机制

SNMP协议是在服务器以及硬件管理中通常都会用到的管理协议,其好处在于使用起来简单,然后又是标准化的,几乎所有的硬件设备都支持此协议。不过近期网络安全问题大家都比较关注,SNMP也饱受争议。
今天我们要讨论是是如何使用SNMP Trap发送同步消息。

SNMP TRAP是SNMP协议里面通常使用的通道(其他还有GET,SET),TRAP通常是使用UDP,且协议层没有消息确认机制的,所以如果你使用SNMP TRAP给服务器上报消息,那么你是不知道消息是否发送成功以否的。
最简答的SNMP例子可以参考《http://www.iteye.com/topic/308836》,这个是使用Java语言基于SNMP4J的例子。

你运行这个例子之后,你会发现,下面这个if,总是为false,也就是返回的respond总是null。
                // 向Agent发送PDU,并接收Response
                ResponseEvent respEvnt = snmp.send(pdu, target);

                // 解析Response
                if (respEvnt != null && respEvnt.getResponse() != null) {

这个就是刚才说到的SNMP TRAP的特性:无确认机制。
那么对于一些重要的信息,希望得到这些消息是否发送成功了,该怎么办?

我的建议是,如果是新开发的,那么建议这种场景不要使用SNMP,如果对端协议已经是SNMP了,那么建议将SNMP TRAP改为SNMP INFORM,这个改动是很小的。
只需要在行面的例子中,在TRAP接受端,增加如下代码即可:(不过INFORM的特性,需要SNMP协议的 V2 以及之后的版本才支持,SNMP V1是不支持的)。
        //send respond only if the pdu type is INFORM
        PDU src_pdu = respEvnt.getPDU();
        if (src_pdu.getType() == PDU.INFORM){
                PDU responsePDU = new PDU(src_pdu);
                responsePDU.setErrorIndex(0);
responsePDU.setErrorStatus(0);
responsePDU.setType(PDU.RESPONSE);
StatusInformation statusInfo = new StatusInformation();
StateReference stateRef = respEvnt.getStateReference();
try {
        respEvnt.getMessageDispatcher().returnResponsePdu(
                        respEvnt.getMessageProcessingModel(),
                        respEvnt.getSecurityModel(),
                        respEvnt.getSecurityName(),
                        respEvnt.getSecurityLevel(),
                        responsePDU,
                        respEvnt.getMaxSizeResponsePDU(),
stateRef,
statusInfo);

} catch (MessageException msgEx) {
msgEx.printStackTrace();
}
        }

你更改了协议之后,还会遇到向前兼容的问题,假设发送端为S,接收端为R,那么S使用TRAP发送,不论R是否发送respond,S端都收不到respond;如果S使用INFORM发送,那么如果R发送respond,S能够收到,如果R不发送respond,那么S收不到。

完整的代码如下:

MultiThreadedTrapReceiver
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Vector;

import org.snmp4j.CommandResponder;
import org.snmp4j.CommandResponderEvent;
import org.snmp4j.MessageDispatcherImpl;
import org.snmp4j.MessageException;
import org.snmp4j.PDU;
import org.snmp4j.Snmp;
import org.snmp4j.TransportMapping;
import org.snmp4j.mp.MPv1;
import org.snmp4j.mp.MPv2c;
import org.snmp4j.mp.MPv3;
import org.snmp4j.mp.StateReference;
import org.snmp4j.mp.StatusInformation;
import org.snmp4j.security.SecurityModels;
import org.snmp4j.security.SecurityProtocols;
import org.snmp4j.security.USM;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.TcpAddress;
import org.snmp4j.smi.UdpAddress;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.DefaultTcpTransportMapping;
import org.snmp4j.transport.DefaultUdpTransportMapping;
import org.snmp4j.util.MultiThreadedMessageDispatcher;
import org.snmp4j.util.ThreadPool;

/**
* 本类用于监听代理进程的Trap信息
*
* @author zhanjia
*
*/
public class MultiThreadedTrapReceiver implements CommandResponder {

        private MultiThreadedMessageDispatcher dispatcher;
        private Snmp snmp = null;
        private Address listenAddress;
        private ThreadPool threadPool;

        public MultiThreadedTrapReceiver() {
                // BasicConfigurator.configure();
        }

        private void init() throws UnknownHostException, IOException {
                threadPool = ThreadPool.create(“Trap”, 2);
                dispatcher = new MultiThreadedMessageDispatcher(threadPool,
                                new MessageDispatcherImpl());
                listenAddress = GenericAddress.parse(System.getProperty(
                                “snmp4j.listenAddress”, “udp:127.0.0.1/9999”)); // 本地IP与监听端口
                TransportMapping transport;
                // 对TCP与UDP协议进行处理
                if (listenAddress instanceof UdpAddress) {
                        transport = new DefaultUdpTransportMapping(
                                        (UdpAddress) listenAddress);
                } else {
                        transport = new DefaultTcpTransportMapping(
                                        (TcpAddress) listenAddress);
                }
                snmp = new Snmp(dispatcher, transport);
                snmp.getMessageDispatcher().addMessageProcessingModel(new MPv1());
                snmp.getMessageDispatcher().addMessageProcessingModel(new MPv2c());
                snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3());
                USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(MPv3
                                .createLocalEngineID()), 0);
                SecurityModels.getInstance().addSecurityModel(usm);
                snmp.listen();
        }

        
        public void run() {
                try {
                        init();
                        snmp.addCommandResponder(this);
                        System.out.println(“开始监听Trap信息!”);
                } catch (Exception ex) {
                        ex.printStackTrace();
                }
        }

        /**
         * 实现CommandResponder的processPdu方法, 用于处理传入的请求、PDU等信息
         * 当接收到trap时,会自动进入这个方法
         *
         * @param respEvnt
         */
        public void processPdu(CommandResponderEvent respEvnt) {
                //send respond pdu
if (respEvnt != null && respEvnt.getPDU() != null) {
        //send respond only if the pdu type is INFORM
        PDU src_pdu = respEvnt.getPDU();
        if (src_pdu.getType() == PDU.INFORM){
                PDU responsePDU = new PDU(src_pdu);
                responsePDU.setErrorIndex(0);
responsePDU.setErrorStatus(0);
responsePDU.setType(PDU.RESPONSE);
StatusInformation statusInfo = new StatusInformation();
StateReference stateRef = respEvnt.getStateReference();
try {
        respEvnt.getMessageDispatcher().returnResponsePdu(
                        respEvnt.getMessageProcessingModel(),
                        respEvnt.getSecurityModel(),
                        respEvnt.getSecurityName(),
                        respEvnt.getSecurityLevel(),
                        responsePDU,
                        respEvnt.getMaxSizeResponsePDU(),
stateRef,
statusInfo);

} catch (MessageException msgEx) {
msgEx.printStackTrace();
}
        }
        
        //retrive the pdu
        Vector<VariableBinding> recVBs = respEvnt.getPDU().getVariableBindings();
        for (int i = 0; i < recVBs.size(); i++) {
        VariableBinding recVB = recVBs.elementAt(i);
        System.out.println(recVB.getOid() + ” : “ + recVB.getVariable());
                }
                }
        }

        public static void main(String[] args) {
                MultiThreadedTrapReceiver multithreadedtrapreceiver = new MultiThreadedTrapReceiver();
                multithreadedtrapreceiver.run();
        }

}

SnmpUtilSendTrap
import java.io.IOException;
import java.util.Vector;

import org.snmp4j.CommunityTarget;
import org.snmp4j.PDU;
import org.snmp4j.Snmp;
import org.snmp4j.TransportMapping;
import org.snmp4j.event.ResponseEvent;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.DefaultUdpTransportMapping;

/**
* 本类用于向管理进程发送Trap信息
*
* @author zhanjia
*
*/
public class SnmpUtilSendTrap {

        private Snmp snmp = null;

        private Address targetAddress = null;

        public void initComm() throws IOException {

                // 设置管理进程的IP和端口
                targetAddress = GenericAddress.parse(“udp:127.0.0.1/9999”);
                TransportMapping transport = new DefaultUdpTransportMapping();
                snmp = new Snmp(transport);
                transport.listen();

        }

        /**
         * 向管理进程发送Trap报文
         *
         * @throws IOException
         */
        public void sendPDU() throws IOException {

                // 设置 target
                CommunityTarget target = new CommunityTarget();
                target.setAddress(targetAddress);

                // 通信不成功时的重试次数
                target.setRetries(2);
                // 超时时间
                target.setTimeout(1500);
                // snmp版本
                target.setVersion(SnmpConstants.version2c);

                // 创建 PDU
                PDU pdu = new PDU();
                pdu.add(new VariableBinding(new OID(“.1.3.6.1.2.3377.10.1.1.1.1”),
                                new OctetString(“SnmpTrap”)));
                pdu.add(new VariableBinding(new OID(“.1.3.6.1.2.3377.10.1.1.1.2”),
                                new OctetString(“JavaEE”)));
                pdu.setType(PDU.INFORM);

                // 向Agent发送PDU,并接收Response
                ResponseEvent respEvnt = snmp.send(pdu, target);

                // 解析Response
                if (respEvnt != null && respEvnt.getResponse() != null) {
                        Vector<VariableBinding> recVBs = respEvnt.getResponse()
                        .getVariableBindings();
                        for (int i = 0; i < recVBs.size(); i++) {
                                VariableBinding recVB = recVBs.elementAt(i);
                                System.out.println(“received respond pdu from server. “ + recVB.getOid() + ” : “ + recVB.getVariable());
                        }
                }
        }

        public static void main(String[] args) {
                try {
                        SnmpUtilSendTrap util = new SnmpUtilSendTrap();
                        util.initComm();
                        util.sendPDU();
                } catch (IOException e) {
                        e.printStackTrace();
                }
        }

}

本文链接:http://www.yunweipai.com/2586.html

原创文章,作者:kepupublish,如若转载,请注明出处:https://blog.ytso.com/53188.html

(0)
上一篇 2021年8月6日
下一篇 2021年8月6日

相关推荐

发表回复

登录后才能评论