Good morning,

We have some SNMP devices that do not respond to queries where the 
number of OIDs is over a certain limit. That is, they do respond to 
queries with N OIDs in the request, but return no response to queries 
with N+1 and more OIDs.

We have originally discussed the issue on #net-snmp IRC channel, but 
since there was no definite conclusion, we are moving the discussion 
here on the mailing list.

Let me summarize what we have already talked about on IRC.

First, we walk a device to obtain a list of OIDs it supports:

$ snmpwalk -v 2c -c public 192.168.1.1 > walk.txt

Then, we query a number of OIDs from that walk in a single GET request:

$ head -29 walk.txt | cut -d' ' -f1 | xargs snmpget -d -r 0 -v 2c -c 
public 192.168.1.1

This responds normally with a 650 byte packet from UDP containing values 
for 29 variables.

However, if we replace "29" in the above command with "30", then there 
is no response: "Timeout: No Response from 192.168.1.1."

The problem might have to do with the fact that devices might have a 
limit on the size of the message they can produce. However, in that case 
we would expect the device to send a response with "tooBig" error code. 
Indeed, one of the devices we have does that:

$ head -100 walk.txt | cut -d' ' -f1 | xargs snmpget -r 0 -v 1 -c public 
192.168.1.2
Error in packet
Reason: (tooBig) Response message would have been too large.

Apparently, the device at 192.168.1.1 does not respond with "tooBig" and 
we wish to understand why. Is it a common behavior for devices and does 
it conform to some sort of specification? Maybe there is an object in 
one of the MIBs that controls it?

For instance, it was suggested on IRC that SNMPv2-MIB::snmpSilentDrops 
might give a clue, but there is no such OID on this device, which is a 
respectable D-Link firewall:

$ snmpget -v 2c -c public 192.168.1.1 SNMPv2-MIB::snmpSilentDrops
SNMPv2-MIB::snmpSilentDrops = No Such Object available on this agent at 
this OID

Another interesting observation is that using "snmpbulkget" can elicit a 
response with size much larger than the one "snmpget" fails at:

$ head -29 walk.txt | cut -d' ' -f1 | xargs snmpbulkget -d -r 0 -v 2c -c 
public -Cn29 -Cr0 192.168.1.1

This works and we receive a response with 622 byte packet from UDP. 
Similar to "snmpget", replacing "29" with "30" gives no response.

However, using "max-repetitions" instead of "non-repeaters" allows to 
get more values:

$ head -1 walk.txt | cut -d' ' -f1 | xargs snmpbulkget -d -r 0 -v 2c -c 
public -Cn0 -Cr47 192.168.1.1

This works, too, and response of size 1020 bytes is received. Similarly, 
replacing "47" with "48" gives a timeout.

If you could share your thoughts on the topic, that would be wonderful.

Thank you,
Aleksandrs

------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to