On 23 November 2011 08:02, <[email protected]> wrote: > Can you please explain why the call-back function is triggered twice in the > successful “snmp_async_send”. > > First one is shows as “SNMP_MSG_REPORT” > While second one is the correct “SNMP_MSG_RESPONSE”
We talked yesterday about the need to probe the remote agent in order to determine the correct engineID for SNMPv3 requests. In fact this probe is used to determine both the engineID, *and* the "timestamp" information (engineBoots/engineUpTime pair). This latter is used to detect and protect against replay attacks. Even if you are specifying the engineID manually, the client application still needs to know the correct boot/uptime values to use. When you first send the query, it typically doesn't know this information (so uses values of 0), and the request is rejected - that's the MSG_REPORT. But this report message includes the necessary boot/uptime info, so the client application can re-send the request with the correct values, which then succeeds - MSG_RESPONSE OK? Dave ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
