Hi all,
Is it possible to 'not' fragment the replies to an snmpbulkget request?
Some switches in the network I am working in drop fragmented pacakges.
If I do a snmpbulkget to an host behind such a switch, I get no respones:
$> snmpbulkget -v2c -c ******** hostB .interfaces.ifTable.ifEntry.ifDescr
Timeout: No Response from hostB
This is because the fragments that hostB is sending will be dropped,
which makes it unable to the snmpbulkget to reassemble the packet.
See both a snoop and a tcpdump output below
* tcpdump output from the snmpbulkget sender host (hostA)
hostA.57914 > hostB.snmp: C=******* GetBulk(29) N=0 M=100 interfaces.ifTable.ifEntry.ifDescr (DF)
hostB.snmp > hostA.57914: C=******* GetResponse(34) interfaces.ifTable.ifEntry.ifDescr.1="lo" (frag 40145:[EMAIL PROTECTED])
* snoop output from the snmpbulkget receiving host (hostB)
hostA -> hostB UDP D=161 S=57914 LEN=53
hostB -> hostA UDP IP fragment ID=40145 Offset=0 MF=1
hostB -> hostA UDP IP fragment ID=40145 Offset=1480 MF=0
Is there a possibility that hostB will send out 2 packets instead of 1
packet with fragments? Or is this a limitation of the snmp protocol?
I see this behaviour in ucd-snmp 4.2.4 and net-snmp 5.1.1
Regards,
Jeffrey Koetsier
---
This message is confidential and may be privileged. Any review, retransmission, dissemination or other use of, or taking any action with reference to this information by persons other than the intended recipient is prohibited. If you received this message in error, please notify the sender by reply e-mail and delete this message from all computers. Please note that e-mails are susceptible to change. The sender will not accept liability for the improper or incomplete transmission of the information contained in this message.
