[Packetfence-users] 1.9.0 - 2950 - trap handling problem - wrong type

rafal wiosna Mon, 11 Oct 2010 04:33:38 -0700

        I'm having problem with 2950 switch and some users. I had this before,
but this happens very rarely and, since my users do not change ports
often, for two months I didn't encounter this problem.


        Basicallym, when a MAC violation trap comes in, it's not processes by
PF. Here's port config:

Switch-B#sh run int fa0/7                 
Building configuration...

Current configuration : 272 bytes
!
interface FastEthernet0/7
 description pf (dlask 5)
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security violation restrict
 switchport port-security mac-address 0200.0000.0007
 no cdp enable
 spanning-tree portfast
end

        A violation is caused by a connecting computer:

22:04:28: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation
occurred, caused by MAC address e0cb.4ec4.cb26 on port FastEthernet0/7.
22:05:19: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation
occurred, caused by MAC address e0cb.4ec4.cb26 on port FastEthernet0/7.

        Now, in PF log I get this:

Oct 11 12:42:24 pfsetvlan(0) DEBUG: adding trapline 2010-10-11|10:42:21|
UDP: [192.168.251.35]:56975|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE
0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 
= Timeticks: (7984291) 22:10:42.91|.1.3.6.1.6.3.1.1.4.1.0 =
OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.7 = Wrong Type
(should be INTEGER): Gauge32: 7|.1.3.6.1.2.1.2.2.1.2.7 = STRING: FastEth
ernet0/7|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.7 = STRING: "��N��&" END
VARIABLEBINDINGS to queued trapList (main::addTrapLineToQueue)
Oct 11 12:42:24 pfsetvlan(24) DEBUG: retrieved raw trapline 2010-10-11|

10:42:21|UDP: [192.168.251.35]:56975|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN
SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.
1.1.3.0 = Timeticks: (7984291) 22:10:42.91|.1.3.6.1.6.3.1.1.4.1.0 =
OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.7 = Wrong Type
(should be INTEGER): Gauge32: 7|.1.3.6.1.2.1.2.2.1.2.7 = STRING:
 FastEthernet0/7|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.7 = STRING: "��N��&"
END VARIABLEBINDINGS from trapList_queued at position 0
(main::signalHandlerTrapListQueued)
Oct 11 12:42:24 pfsetvlan(24) DEBUG: calling parseTrap for 2010-10-11|

10:42:21|UDP: [192.168.251.35]:56975|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN
SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1
.1.3.0 = Timeticks: (7984291) 22:10:42.91|.1.3.6.1.6.3.1.1.4.1.0 =
OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.7 = Wrong Type
(should be INTEGER): Gauge32: 7|.1.3.6.1.2.1.2.2.1.2.7 = STRING: 
FastEthernet0/7|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.7 = STRING: "��N��&" END
VARIABLEBINDINGS (main::signalHandlerTrapListQueued)

Oct 11 12:42:24 pfsetvlan(24) DEBUG: parsing trap 2010-10-11|10:42:21|
UDP: [192.168.251.35]:56975|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE
0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = 
Timeticks: (7984291) 22:10:42.91|.1.3.6.1.6.3.1.1.4.1.0 =
OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.7 = Wrong Type
(should be INTEGER): Gauge32: 7|.1.3.6.1.2.1.2.2.1.2.7 = STRING:
FastEthernet0/7|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.7 = STRING: "��N��&" END
VARIABLEBINDINGS (main::parseTrap)

Oct 11 12:42:24 pfsetvlan(24) DEBUG: creating new
pf::SNMP::Cisco::Catalyst_2950 object (pf::SwitchFactory::instantiate)

Oct 11 12:42:24 pfsetvlan(24) INFO: ignoring unknown trap: 2010-10-11|
10:42:21|UDP: [192.168.251.35]:56975|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN
SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1
.1.3.0 = Timeticks: (7984291) 22:10:42.91|.1.3.6.1.6.3.1.1.4.1.0 =
OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.7 = Wrong Type
(should be INTEGER): Gauge32: 7|.1.3.6.1.2.1.2.2.1.2.7 = STRING: 
FastEthernet0/7|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.7 = STRING: "��N��&" END
VARIABLEBINDINGS (main::parseTrap)

        From what I understand, PF expects INTEGER instead of GUAGE32, right?
Strangely, when I snmpwalk the switch, I get:

# snmpwalk -Os -c read_ME -v 1 192.168.251.35 .1.3.6.1.2.1.2.2.1.7
ifAdminStatus.1 = INTEGER: up(1)
ifAdminStatus.2 = INTEGER: up(1)
ifAdminStatus.3 = INTEGER: up(1)
ifAdminStatus.4 = INTEGER: up(1)
ifAdminStatus.5 = INTEGER: up(1)
ifAdminStatus.6 = INTEGER: up(1)
ifAdminStatus.7 = INTEGER: up(1)
ifAdminStatus.8 = INTEGER: up(1)
ifAdminStatus.9 = INTEGER: up(1)

        It IS integer. What's wrong?

        I didn't try 1.9.1 yet and I don't know if such an upgrade will fix
this but searching "wrong type" within PF's Mantis didn't bring a thing.

        It seems that this happens for this particular computer/MAC only. The
switch's Cisco 2950:

Switch-B#sh tech

------------------ show version ------------------

Cisco Internetwork Operating System Software IOS (tm) C2950 Software
(C2950-I6K2L2Q4-M), Version 12.1(22)EA9, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 01-Dec-06 18:22 by weiliu
Image text-base: 0x80010000, data-base: 0x8067A000

ROM: Bootstrap program is C2950 boot loader

Model number: WS-C2950-24

-- 
Rafał Wiosna



------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2 & L3.
Spend less time writing and  rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[Packetfence-users] 1.9.0 - 2950 - trap handling problem - wrong type

Reply via email to