On Sat, Nov 07, 2020 at 01:53:00PM -0000, Stuart Henderson wrote: > On 2020-11-06, Winfred Harrelson <[email protected]> wrote: > > I am running OpenBSD 6.7 and am having a strange issue with snmpd(8). > > > > The issue is that it doesn't have all the arp entries but this was > > working before. I don't know exactly when this started happening > > but I just noticed today. > > > > Here is the machine in question and what I get: > > > > wharrels@styx1:/home/wharrels$ uname -a > > OpenBSD styx1 6.7 GENERIC.MP#3 amd64 > > > > wharrels@styx1:/home/wharrels$ arp -a | wc -l > > 985 > > > > Box is acting as a firewall so that is normal. Actually normal to > > have many more than that. But if I do a query from another machine > > via snmpwalk I get a completely different number of machines in > > the arp table: > > > > [wharrels@newtron ~]$ snmpwalk -v2c -c public styx1 > > ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress | wc -l > > 456 > > > > Not even close to the same number of machines. The above OID translates to > > 1.3.6.1.2.1.4.22.1.2 if you want to try this and see what you get. > > > > Should I be using a different OID to get the arp table or is there > > another way to do this? It might be that this was not working quite > > right before but I don't remember it being off like this. > > > > Any help would be appreciated, thanks. > > > > Winfred > > > > > > If you have set "filter-routes yes" then this is expected as it will > stop snmpd from seeing route updates and thus new additions to the > ARP table.
I do not have that in my config file. Man page says the default is "no" so this should not be it correct? I will try adding the line with a "no" just to see if that changes anything though. > If you have not then I'd say this is a bug and best reported to > bugs@ rather than misc@. I am running 6.7 on this box so I may wait until I can get it updated to 6.8 before reporting to bugs@. > BTW you can see this table in a nicer output format: > > $ snmptable -v2c -c pulic host ip.ipNetToMediaTable I did not know that, thanks for the info. Doesn't look to be much different though. Winfred
