Monitor STP port state of a switch

Grolfskin · September 15, 2022, 7:51am

Hi, a newbie here.

I am trying to figure a way to monitor my switch port state when a loop occurs. My switch is an Aruba 2930F. When I test and create a loop on purpose my switch ports change their Port State BpduError.

This is exactly what I want to monitor when a port change it’s state to BpduError.

So far I have tried to create a custom rule for OID STP - 1.3.6.1.2.1.17.2.15.1.3 but it’s either timeout or could not get data.

check_snmp -H 192.168.11.19 -p public -o 1.3.6.1.2.1.17.2.15.1.3

Any tips will be helpful.

Yggy · September 15, 2022, 8:56am

Following is working for me for gettting serial info on my printer:
check_snmp -H $HOSTADDRESS$ -o 1.3.6.1.4.1.1347.43.5.1.1.28.1 -P 2c -C public

Main difference with yours, -P 2c -C, not sure what all the parameters do.

Grabbed the command from:

Yggy · September 15, 2022, 9:14am

I did check_snmp -h

For mine:
-H $HOSTADDRESS$ Host name, IP Address, or unix socket (must be an absolute path) and using macro
-o 1.3.6.1.4.1.1347.43.5.1.1.28.1 Object identifier(s) or SNMP variables whose value you wish to query
-P 2c SNMP protocol version, expects: 1, 2c or 3
-C public Optional community string for SNMP communication (default is “public”)

For yours:
assuming public had to be prefixed with -C
and maybe missing portnr for -p --port=INTEGER Port number (default: 161)

andreas-doehler · September 15, 2022, 9:29am

I have here only a plugin for STP changes.

If not only the BPDU counter is affected it is possible that this also shows the problem.
Or you can adapt the STP plugin für the BPDU counter.
This plugin uses the same table as your counter only another value.

Grolfskin · September 15, 2022, 10:22am

I changed my query and now the I am getting: SNMP OK - No Such Object available on this agent at this OID.

This is my query:
check_snmp -H 192.168.11.19 -C public -P 2c -o iso.1.3.6.1.2.1.17.2.15.1.3

Yggy · September 15, 2022, 11:23am

Your OID can’t be found. Assuming the iso. prefix is at fault.
So command should probably be:
check_snmp -H 192.168.11.19 -C public -P 2c -o 1.3.6.1.2.1.17.2.15.1.3

If not, go to the host status page of your switch. From the host icon hamburger menu there is an option to download the SNMP walk.

When you download that, it will give you all available OID and their current status of your switch. Check if your OID can be found there.
I mostly search for values in the SNMP device own status & config site to look for those that are interesting in the walk export and so try to find OIDs belonging to it.

In the walk export the OIDs have a prefix point, in the command you should omit that prefix point.

Grolfskin · September 15, 2022, 11:49am

Thanks. I did SNMP walk and downloaded the file. Unfortunately the OID i am looking for is not available. I guess what I want to do, is not that simple?

Yggy · September 15, 2022, 12:02pm

I have no knowledge about Aruba, STP and that error, but maybe download the walk when the BpduError is active, so you can search for it in the walk export and find the correct OID.

Grolfskin · September 15, 2022, 12:13pm

That was exactly what I was looking for when I downloaded the walk. I have compared my switch log when the loop occurred and the walk, need to cross check them once again.

Yggy · September 15, 2022, 12:18pm

Possibly the BpduError isn’t the real error output, but some code that gets translated in your switch log to make it more human readable. If the Aruba has a web browser interface, the error can be found there as well and give hints where or what to look for.

thl-cmk · September 15, 2022, 6:22pm

@andreas-doehler thanks for mentioning my little plugin

I had a short look at the OID. It’s part of the BRIDGE-MIB::dot1dStpPortTable. So you get a value for each (UP) port.

BRIDGE-MIB::dot1dStpPortState.8 = INTEGER: forwarding(5)
BRIDGE-MIB::dot1dStpPortState.11 = INTEGER: forwarding(5)

From the description of this OID I can not see that it will report the BpduError state, but only the usual STP states.

1 : disabled
2 : blocking
3 : listening
4 : learning
5 : forwarding
6 : broken

Here a sample walk for one port of the BRIDGE-MIB::dot1dStpPortTable

BRIDGE-MIB::dot1dStpPort.8 = INTEGER: 8
BRIDGE-MIB::dot1dStpPortPriority.8 = INTEGER: 128
BRIDGE-MIB::dot1dStpPortState.8 = INTEGER: forwarding(5)
BRIDGE-MIB::dot1dStpPortEnable.8 = INTEGER: enabled(1)
BRIDGE-MIB::dot1dStpPortPathCost.8 = INTEGER: 19
BRIDGE-MIB::dot1dStpPortDesignatedRoot.8 = Hex-STRING: 80 01 70 69 5A 8C AF F1 
BRIDGE-MIB::dot1dStpPortDesignatedCost.8 = INTEGER: 0
BRIDGE-MIB::dot1dStpPortDesignatedBridge.8 = Hex-STRING: 80 01 70 69 5A 8C AF F1 
BRIDGE-MIB::dot1dStpPortDesignatedPort.8 = Hex-STRING: 80 08 
BRIDGE-MIB::dot1dStpPortForwardTransitions.8 = Counter32: 1

The output is from a Cisco device, but as this is a standard MIB this sould be the same for Aruba devices.

Grolfskin · September 16, 2022, 8:34am

I made progress. I think the problem is in Check_mk itself. As I said when executing the following command:

check_snmp -H 192.168.11.19 -C [STRING] -P 2c -o .1.3.6.1.2.1.16.9.2.1.4.840

It returns the following:

But when I execute a raw snmp query from Linux terminal to the switch I got the information I need.

snmpwalk -t 10 -v 2c -c [STRING] 192.168.11.19 .1.3.6.1.2.1.16.9.2.1.4.840

RMON-MIB::logDescription.840.7 = STRING: W 09/15/22 09:42:49 00840 stp: port 5 disabled - BPDU received on protected port.
RMON-MIB::logDescription.840.8 = STRING: W 09/15/22 09:42:49 00840 stp: port 4 disabled - BPDU received on protected port.

Then I tried to execute the raw snmp query from the Check MK but I got the following message.

SNMPv2-SMI::mib-2.16.9.2.1.4.840 = No Such Intance currently exists at this OID.

Not sure how to proceed from here. Maybe I need to upload the switch MiB to check_mk?

How exactly can I do it? Any pointers?

andreas-doehler · September 16, 2022, 8:57am

The problem is really simple. You first command is an “snmpget” on a table OID. This must fail.
And you manual check is an “snmpwalk”, this should work.

check_snmp is only usable on single OIDs not on tables.

Grolfskin · September 16, 2022, 11:37am

Okay. I understand now. But when I try to execute from Check_MK:

snmpwalk -t 10 -v 2c -c [STRING] 192.168.11.19 .1.3.6.1.2.1.16.9.2.1.4.840

I get:

How can I query the whole table then?

andreas-doehler · September 16, 2022, 11:44am

There is no possibility to fetch a complete snmp table with the classic Nagios checks.

andreas-doehler · September 16, 2022, 3:48pm

Why do you try to fetch the device log file here?

Before you tried the BRIDGE-MIB what makes more sense.

Grolfskin · September 29, 2022, 7:36am

It’s because the BRIDGE-MIB/rfc4188.mib for some reason is missing the OID which I need. I have even uploaded the rfc4188.mib to in /opt/omd/sites/v2testing/local/share/check_mk/mibs and still when I try to use it it gives me the No Such Instance currently exists at this OID.

Maybe I need to load the MIB first? I am not sure. Any pointers?

andreas-doehler · September 29, 2022, 5:53pm

MIB files are only for you to get readable descriptions instead of OID’s.
If you device don’t provide the OID’s you want then you have bad luck.
The monitoring system don’t need any MIB file for the monitoring it is only used inside CMK to translate the OID’s inside the EventConsole.

system · September 29, 2023, 5:53pm

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.