I have the following device and configuration:
Model: ex4300-32f
Junos: 17.3R3.10
# show groups
GLOBAL-SNMP {
snmp {
client-list MANAGERS {
10.8.9.0/28;
}
community TEST-COMMUNITY {
authorization read-only;
client-list-name MANAGERS;
}
trap-options {
source-address 10.8.7.2;
context-oid;
}
trap-group TEST-COMMUNITY {
version v2;
categories {
authentication;
link;
routing;
startup;
}
targets {
10.8.9.2;
}
}
}
}
# show apply-groups
## Last changed: 2019-02-28 09:36:59 UTC
apply-groups GLOBAL-SNMP;
# show switch-options
interface ge-0/0/31.0 {
interface-mac-limit {
24;
packet-action shutdown;
}
}
interface-shutdown-action hard-shutdown;
When MAC limit exceeded, the switch does send ifDown SNMP trap and I succesfully receive it. I expect from the switch to send the jnxSecAccessIfMacLimitExceed (.1.3.6.1.4.1.2636.3.40.1.2.1.1.2.1.4) SNMP trap as well. But I got only syslog messages:
L2ALD_MAC_LIMIT_REACHED_IF: Limit on learned MAC addresses reached for ge-0/0/31.0; current count is 24
L2ALD_MAC_LIMIT_EXCEEDED_BLOCK: Limit on learned MAC addresses exceeded for ge-0/0/31.0; current count is 24 SHUTTING THE INTERFACE
I can use the raise-trap, but I think I have missed something and the switch can do it more "natively".
How should I configure EX4300 to send the SNMP trap regarding MAC limit exceed ?