summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2023-11-04 10:56:55 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2023-11-06 09:18:14 +0000
commit30a05ee1d447c6f92627162a506225f833a80f8c (patch)
treec4e8830f81a31912be62a8f037d7ebfafe47669d
parentd8a71978b4628e30b25346f4ff690e8705020408 (diff)
downloadvyos-1x-30a05ee1d447c6f92627162a506225f833a80f8c.tar.gz
vyos-1x-30a05ee1d447c6f92627162a506225f833a80f8c.zip
T5702: SNMP add interface-mib max-interfaces-number and prefix
- Allow to configure only required interface prefixes set service snmp mib interface 'eth' set service snmp mib interface 'bond' include_ifmib_iface_prefix eth bond Sets the interface name prefixes to include in the IF-MIB data collection. For servers with a large number of interfaces (ppp, dummy, bridge, etc) the IF-MIB processing will take a large chunk of CPU for ioctl calls. A set of space separated interface name prefixes will reduce the CPU load for IF-MIB processing. For example, configuring "include_ifmib_iface_prefix eth dummy lo" will include only interfaces with these prefixes and ignore all others for IF-MIB processing. - Allow to configure maximum interface number set service snmp mib interface-max '100' ifmib_max_num_ifaces NUM Sets the maximum number of interfaces included in IF-MIB data collection. For servers with a large number of interfaces (ppp, dummy, bridge, etc) the IF-MIB processing will take a large chunk of CPU for ioctl calls (on Linux). Setting a reasonable maximum for the CPU used will reduce the CPU load for IF-MIB processing. For example, configuring "ifmib_max_num_ifaces 500" will include only the first 500 interfaces based on ifindex and ignore all others for IF-MIB processing.
-rw-r--r--data/templates/snmp/etc.snmpd.conf.j210
-rw-r--r--interface-definitions/snmp.xml.in95
2 files changed, 105 insertions, 0 deletions
diff --git a/data/templates/snmp/etc.snmpd.conf.j2 b/data/templates/snmp/etc.snmpd.conf.j2
index 9d78d479a..3db8c4d7b 100644
--- a/data/templates/snmp/etc.snmpd.conf.j2
+++ b/data/templates/snmp/etc.snmpd.conf.j2
@@ -56,6 +56,16 @@ SysDescr {{ description }}
{% endif %}
agentaddress unix:/run/snmpd.socket{{ ',' ~ options | join(',') if options is vyos_defined }}
+{% if mib is vyos_defined %}
+# Interface MIB limits
+{% if mib.interface_max is vyos_defined %}
+ifmib_max_num_ifaces {{ mib.interface_max }}
+{% endif %}
+{% if mib.interface is vyos_defined %}
+include_ifmib_iface_prefix {{ mib.interface | join(' ') }}
+{% endif %}
+{% endif %}
+
# SNMP communities
{% if community is vyos_defined %}
{% for comm, comm_config in community.items() %}
diff --git a/interface-definitions/snmp.xml.in b/interface-definitions/snmp.xml.in
index 0851b8389..ec2151b98 100644
--- a/interface-definitions/snmp.xml.in
+++ b/interface-definitions/snmp.xml.in
@@ -79,6 +79,101 @@
</properties>
</leafNode>
#include <include/generic-description.xml.i>
+ <node name="mib">
+ <properties>
+ <help>Management information base (MIB)</help>
+ </properties>
+ <children>
+ <leafNode name="interface-max">
+ <properties>
+ <help>Sets the maximum number of interfaces included in IF-MIB data collection</help>
+ <valueHelp>
+ <format>u32:1-4294967295</format>
+ <description>Sets the maximum number of interfaces included in IF-MIB data collection</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-4294967295"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="interface">
+ <properties>
+ <help>Sets the interface name prefix to include in the IF-MIB data collection</help>
+ <completionHelp>
+ <list>br bond dum eth gnv macsec peth sstpc tun veth vti vtun vxlan wg wlan wwan</list>
+ </completionHelp>
+ <valueHelp>
+ <format>br</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>bond</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>dum</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>eth</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>gnv</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>macsec</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>peth</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>sstpc</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>tun</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>veth</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>vti</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>vtun</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>vxlan</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>wg</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>wlan</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <valueHelp>
+ <format>wwan</format>
+ <description>Allow prefix for IF-MIB data collection</description>
+ </valueHelp>
+ <constraint>
+ <regex>(br|bond|dum|eth|gnv|macsec|peth|sstpc|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)</regex>
+ </constraint>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<tagNode name="listen-address">
<properties>
<help>IP address to listen for incoming SNMP requests</help>