Skip to main content

5. Identification of Management Targets in Notification Originators

A notification originator application uses the snmpTargetAddrTable and the snmpTargetParamsTable for identifying the management targets to which notifications should be sent, and for determining which SNMP version and security parameters should be used when sending notifications.

When an event occurs that triggers the generation of a notification, the notification originator:

  1. Consults the snmpNotifyTable to determine which notification tags should be used for this notification. Each entry in the snmpNotifyTable associates a tag value with a notification type (trap or inform).

  2. Selects target addresses from the snmpTargetAddrTable by matching the notification tags. For each entry in the snmpTargetAddrTable:

    a. The snmpTargetAddrTagList object contains a list of tag values.

    b. If any of the tag values in snmpTargetAddrTagList match a tag specified in the snmpNotifyTable, this target address is selected.

  3. Retrieves transport parameters for each selected target address:

    a. The snmpTargetAddrTDomain specifies the transport domain (e.g., snmpUDPDomain, snmpTCPDomain).

    b. The snmpTargetAddrTAddress specifies the transport address (e.g., IP address and port).

  4. Retrieves SNMP parameters for each selected target address:

    a. The snmpTargetAddrParams object references an entry in the snmpTargetParamsTable.

    b. From the referenced snmpTargetParamsTable entry, the notification originator retrieves:

    • snmpTargetParamsMPModel (message processing model)
    • snmpTargetParamsSecurityModel (security model)
    • snmpTargetParamsSecurityName (security name)
    • snmpTargetParamsSecurityLevel (security level)

  5. Generates and sends the notification for each selected management target using the retrieved parameters.

Example Configuration

Consider a notification originator that needs to send a linkDown notification. The configuration might include:

snmpNotifyTable Entry:

  • snmpNotifyName: "linkDownNotify"
  • snmpNotifyTag: "criticalDevices"
  • snmpNotifyType: trap(1)

snmpTargetAddrTable Entries:

Entry 1:

  • snmpTargetAddrName: "mgmtStation1"
  • snmpTargetAddrTDomain: snmpUDPDomain
  • snmpTargetAddrTAddress: 192.0.2.1:162
  • snmpTargetAddrTagList: "criticalDevices monitoring"
  • snmpTargetAddrParams: "snmpv3Params"

Entry 2:

  • snmpTargetAddrName: "mgmtStation2"
  • snmpTargetAddrTDomain: snmpUDPDomain
  • snmpTargetAddrTAddress: 192.0.2.2:162
  • snmpTargetAddrTagList: "criticalDevices"
  • snmpTargetAddrParams: "snmpv2cParams"

snmpTargetParamsTable Entries:

Entry snmpv3Params:

  • snmpTargetParamsMPModel: 3 (SNMPv3)
  • snmpTargetParamsSecurityModel: 3 (USM)
  • snmpTargetParamsSecurityName: "operator"
  • snmpTargetParamsSecurityLevel: authPriv(3)

Entry snmpv2cParams:

  • snmpTargetParamsMPModel: 1 (SNMPv2c)
  • snmpTargetParamsSecurityModel: 2 (SNMPv2c)
  • snmpTargetParamsSecurityName: "public"
  • snmpTargetParamsSecurityLevel: noAuthNoPriv(1)

When a linkDown event occurs:

  1. The notification originator consults the snmpNotifyTable and finds that notifications with tag "criticalDevices" should be sent as traps.

  2. It scans the snmpTargetAddrTable and finds two entries with "criticalDevices" in their tag lists: "mgmtStation1" and "mgmtStation2".

  3. For mgmtStation1, it sends an SNMPv3 trap to 192.0.2.1:162 using USM security with authPriv level and security name "operator".

  4. For mgmtStation2, it sends an SNMPv2c trap to 192.0.2.2:162 with community string "public".

Timeout and Retry for Inform Requests

When the notification type is inform (InformRequest-PDU), the snmpTargetAddrTable also provides timeout and retry parameters:

  • snmpTargetAddrTimeout: Specifies the time (in hundredths of a second) to wait for a response before considering the request timed out.

  • snmpTargetAddrRetryCount: Specifies the number of times to retry sending the inform request if no response is received.

The notification originator uses these parameters to implement reliable notification delivery for inform requests.

For example, if snmpTargetAddrTimeout is 1500 (15 seconds) and snmpTargetAddrRetryCount is 3, the notification originator will:

  1. Send the inform request.
  2. Wait up to 15 seconds for a response.
  3. If no response is received, retry up to 3 additional times.
  4. Give up after 4 total attempts (initial + 3 retries) or 60 seconds (4 × 15 seconds), whichever comes first.

Security Considerations for Management Target Identification

When identifying management targets for notifications:

  1. Authentication of Configuration: The configuration of management targets (snmpTargetAddrTable, snmpTargetParamsTable, and snmpNotifyTable) should be protected by access control to prevent unauthorized modification.

  2. Sensitive Information: Security names, especially when used with SNMPv1 or SNMPv2c (community strings), should be protected from disclosure. The snmpTargetParamsTable should only be accessible to authorized users.

  3. Notification Filtering: Without proper notification filtering (described in the next section), all configured management targets will receive all notifications, potentially exposing sensitive information to unauthorized recipients.

  4. Tag Selection: The use of tags allows flexible grouping of management targets, but care should be taken to ensure that tags are applied correctly to prevent misdirected notifications.

Last updated on