Hi. I'm having trouble with some of the SNMPv3 traps sent by snmpd being
rejected, and I think it's because of the SNMPv3 replay protection mechanism.
It looks like when some event causes a reconfigure of snmpd, then maybe
registered callbacks are run. One of these may be engineBoots_conf(). It gets
run, incrementing the engineBoots count. But the snmpEngineTime value is not
reset, so the trap receiver may think subsequent traps are outside the 150
second window.
An example is this:
snmpv3 1 engineBoots: 40, traced from within engineBoots_conf()
snmpv3 engineBoots: 41 after increment
snmpv3 post_config engineBoots: 41 time 3
snmpv3_store engineBoots: 41
NET-SNMP version 5.6.1
IfIndex of an interface changed. Such interfaces will appear multiple times in
IF-MIB.
Reconfiguring daemon - message logged, involves receive(), SnmpdReconfig()
NET-SNMP version 5.6.1 restarted
snmpv3 1 engineBoots: 41
snmpv3 engineBoots: 42
snmpv3 post_config engineBoots: 42 time 376
Has anyone seen issues like this, or know if it's been addressed in other
releases? Do practical trap receivers just ignore the replay protection
window? I could add code to reset the engineTime in engineBoots_conf() but
would like to use a more general solution if possible.
Thanks-I'd appreciate any insight to this. I'm running version 5.6.1, but the
code in this area looks the same as for 5.7.2.1.
Gary
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
