I have in my environment nine mostly identical Extreme Networks
switches. I'm monitoring them over SNMPv3. One of them, for reasons
unknown, times out on any SNMP query:
pfrost@nagios:~$ snmpget switch06 -v 3 -u initial SNMPv2-MIB::sysDescr.0
snmpget: Timeout (plaintext scopedPDU header type 00: s/b 30)
tcpdump indicates the switch is sending a reply (and the SNMP
query/response counters on the switch confirm):
pfrost@nagios:~$ sudo tcpdump -s 0 -i eth0 -vvv -i eth0 port snmp and
host switch06
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size
65535 bytes
11:08:22.717981 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 92)
nagios.macprofessionals.lan.52771 >
switch06.macprofessionals.lan.snmp: [udp sum ok] { SNMPv3 { F=r } { USM
B=0 T=0 U= } { ScopedPDU E= C= { GetRequest(14) R=98826882 } } }
11:08:22.719715 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 136)
switch06.macprofessionals.lan.snmp >
nagios.macprofessionals.lan.52771: [udp sum ok] { SNMPv3 { F= } { USM
B=-838860580 T=147167 U= } { ScopedPDU E=
0x800x000x070x7C0x030x000x040x960x520x4F0xBF C= { Report(32) R=98826882
S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=7351 } } }
[this exchange repeats a few times]
I've compared this against a working reply from a different switch, and
couldn't see any relevant differences:
pfrost@nagios:~$ sudo tcpdump -s 0 -i eth0 -vvv -i eth0 port snmp and
host switch05
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size
65535 bytes
11:19:42.913805 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 92)
nagios.macprofessionals.lan.58019 >
switch05.macprofessionals.lan.snmp: [udp sum ok] { SNMPv3 { F=r } { USM
B=0 T=0 U= } { ScopedPDU E= C= { GetRequest(14) R=699839334 } } }
11:19:42.917389 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 136)
switch05.macprofessionals.lan.snmp >
nagios.macprofessionals.lan.58019: [udp sum ok] { SNMPv3 { F= } { USM
B=13619213 T=835949 U= } { ScopedPDU E=
0x800x000x070x7C0x030x000x040x960x520x510x39 C= { Report(32) R=699839334
S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=5372 } } }
11:19:42.917586 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 140)
nagios.macprofessionals.lan.58019 >
switch05.macprofessionals.lan.snmp: [udp sum ok] { SNMPv3 { F=r } { USM
B=13619213 T=835949 U=initial } { ScopedPDU E=
0x800x000x070x7C0x030x000x040x960x520x510x39 C= { GetRequest(28)
R=699839333 system.sysDescr.0 } } }
11:19:42.927783 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
UDP (17), length 238)
switch05.macprofessionals.lan.snmp >
nagios.macprofessionals.lan.58019: [udp sum ok] { SNMPv3 { F= } { USM
B=13619213 T=835949 U=initial } { ScopedPDU E=
0x800x000x070x7C0x030x000x040x960x520x510x39 C= { GetResponse(125)
R=699839333 system.sysDescr.0="ExtremeXOS version 12.6.2.10
v1262b10-patch1-3 by release-manager on Mon Dec 12 08:50:30 EST 2011" } } }
Notably, if I enable SNMPv2c on switch06, it does work, though
ultimately I'd want to stick with v3.
NET-SNMP version 5.4.3, from Debian stable. Anyone have some idea what's
going on here?
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
