I'm building a SNMP agent and now working on the trap message. Before I begin to write the code of the trap message, I have question:
In SNMPv1 what is the specific trap code ? Everywhere I searched I get just superficial definition and I want to get a deep definition with the possibilities of what it can contain.
An SNMPv1 trap PDU contains the following items:
OID of type NOTIFICATION-TYPE)The generic trap data items 0-5 are defined explicitly in the spec as to what they mean, once you hit 6 (enterprise), then it is completely up to the definition supplied in the enterprise MIB. Unless you're actually loading and interpreting the content of the MIB that defines what the value means you can't actually understand what it means. If we look at the UCD-SNMP-MIB, it defines two trap types:
ucdTraps OBJECT IDENTIFIER ::= { ucdavis 251 }
ucdStart NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This trap could in principle be sent when the agent start"
::= { ucdTraps 1 }
ucdShutdown NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This trap is sent when the agent terminates"
::= { ucdTraps 2 }
These correspond to OIDs .1.3.6.1.4.1.2021.251.1 and .1.3.6.1.4.1.2021.251.2 respectively.
The OID is interpreted as .1.3.6.1.4.1 == enterprises base, 2021 == UC Davis, 251 == ucdTraps and the trailing 1 or 2 is for usdStartup and usdShutdown respectively.
These traps would set the trap data type to 6 and, as they don't specify any content of the enterprise data field, it would not be interpretable.
Finally for variable data, it's a sequence of OID, value pairs, and needs to be unwrapped as specified ASN.1 data.
The coldStart OID is .1.3.6.1.6.3.1.1.5.1 - the base definitions are in the SNMPv2 MIB file for coldStart, warmStart and authenticationFailure, the definitions of linkDown and linkUp can be found in RFC2863.
to be honest, I wouldn't bother trying to interpret the data unless I was armed with the spec for the trap as without it you would have no way of understanding what it means.