Theodore Wynnychenko | 12 Jun 01:45 2016

Net::snmp error when using snmpV3 with APC UPS network card

Hello

I am not a Perl programmer (or anything like one), and (honestly) am not
completely sure this is where I should post my observation/question; but, I
think the perl net::snmp module is where the problem lies, so I decided to try
here first.

In any case, I have recently decided to get snmp working on my network to be
used with icinga2 for monitoring.  To that end, I was going to use MRTG (via the
check_mrtgtraf monitoring plugin for nagios/icinga) to watch network interface
usage.

I have set up net-snmp and this is working.  I also have set up snmp on several
pieces of hardware that include snmp capabilities.  As a matter of principle, I
have enabled snmpV3 where available.

But, while I have had no problems with snmpV3 using net-snmp, for one class of
hardware (old APC UPS Network Management cards - Model AP9617 circa 2007), I
have no trouble getting snmp data using snmpV3 with net-snmp, but snmpV3 fails
with Perl's Net::snmp (although snmpV1 works).

So, MRTG uses Perl and Net::smnp to collect data.  There is a utility called
cfgmaker included.

First, as an example, with a non-problem piece of hardware (an old HP LaserJet
printer):

Using net-smnp tools:

# snmpwalk -v 3 -a MD5 -A <pass> -u <user> -x DES -X <pass> -l authPriv -n
(Continue reading)

Zvi Vered | 11 Jun 06:16 2016
Picon

snmpd - customize ifNumber

Hello,

My x86 is connected via PCIe to an Intel's device. This device(ASIC)
is an ethernet switch (fm10k)
Intel provides a linux library + device driver for managing the switch
(e.g: read port status, set port speed).
I want to run snmpd on the x86 and fill the TODO with the relevant Intel's API.

Intel does not provide any SNMP infrastructure for this device.

I think it will be great if the x86 will run snmpd with some
customization and will monitor\manage the switch device.
Is it possible ?

What SNMP agent runs in all commercial switches. Is it not snmpd ?

My first step is to understand how to "convince" snmpd that the switch
has 16 ports.
The default is 4 which is the number if etherent devices in the x86.
This is of course not relevant for my needs.

I also tried to run example_demon.c
But in my case I do not have new MIBs. Just the standard ones.

Thank you,
Zvika

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
(Continue reading)

Zvi Vered | 8 Jun 18:36 2016
Picon

snmpd.conf : interface group

Hello,

Do you have a sample of list of interface I can put in snmpd.conf ?

My x86 manages a switch. It runs snmpd. This x86 has few etherent devices.

I think (not sure) that by default, ifNumber is the number of those devices. 
Am I right ?

In my case the number of devices is 16 which are the number of ports in the 
switch.

Best regards,
Z.V 

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Simone Petrosino | 5 Jun 01:23 2016
Picon

Kill processes via hrSWRunStatus

 

Hi! I’m trying to kill processes setting to 4 the hrSWRunStatus but i Always receive the same message:

 

“Error in packet. Reason: not Writable(That Object does not support modification) Failed object iso.3.6.1.2.1.25.4.2.1.7.pid”

 

where “pid” is the pid of the process that i try to kill.

 

This is strange because on net-snmp documentations it’s written that the hrSWRunStatus is read-write.

 

This is a part of my configuration file

 

###############################################################################

#

#  ACCESS CONTROL

#

 

                                                 #  system + hrSystem groups only

view   systemonly  included   .1.3.6.1.2.1.1

view   systemonly  included   .1.3.6.1.2.1.25.1

 

                                                 #  Full access from the local host

rwcommunity public  localhost

 

rwcommunity ubuntulaptop

                                                 #  Default access to basic system info

rocommunity public  default    -V systemonly

                                                 #  rocommunity6 is for IPv6

rocommunity6 public  default   -V systemonly

 

                                                 #  Full access from an example network

                                                 #     Adjust this network address to match your local

                                                 #     settings, change the community string,

                                                 #     and check the 'agentAddress' setting above

#rocommunity secret  10.0.0.0/16

 

                                                 #  Full read-only access for SNMPv3

rouser   authOnlyUser

                                                 #  Full write access for encrypted requests

                                                 #     Remember to activate the 'createUser' lines above

#rwuser   authPrivUser   priv

 

#  It's no longer typically necessary to use the full 'com2sec/group/access' configuration

#  r[ow]user and r[ow]community, together with suitable views, should cover most requirements

 

 

 

###############################################################################

 

Anyone can help me ?

Thanks

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Zvi Vered | 4 Jun 05:20 2016
Picon

Compile snmpd from source

Hello,

Under Centos 6.4 I installed snmpd. It runs from /usr/sbin

Then I installed the sources (in my case net-snmp 5.5) and installed them with:
./configure
make
make install

The snmpd binary was installed in /usr/local

Running: "service snmpd restart" running the original /usr/snmpd

When I tried to: "cp /usr/local/snmpd /usr/sbin" and run the snmpd I got:

....
Warning: no access control information configured.
  It's unlikely this agent can serve any useful purpose in this state.
  Run "snmpconf -g basic_setup" to help you configure the snmpd.conf
file for this agent.
NET-SNMP version 5.5

And the agent is not responding to the MIB browser.

Can you please help ?

Thank you,
Zvi Vered

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Vesta | 4 Jun 02:34 2016
Picon

How to set octed string in Hex bytes in SET command?

Net-snmp-5.5-1.x86.exe for Win32

I need set IP addreess in HEX format, separated by whitespace, using NET-SNMP set command. 
For example, an IP address 192.168.100.100 converted to Hex format is 0xC0A86464

192.168.100.100 > 0xC0A86464

The correctly set value should return the following value when check with snmpget:

xxx-xxx-xxx-MIB::docsDevServerAddress.0 = Hex-STRING: C0 A8 64 64

I tried
snmpset -v 1 -c private 192.168.100.5 docsDevServerAddress.0 x 0xC0 A8 64 64

But when I using this format to set HEX address, I always got errors like this: 'A8: Bad object type: 6', or
'00xA8 Bad object type: 0', and so on, depending on representation of hex format I tried.
According to NET-SNMP manual, 'x' is octet string in hex bytes, separated by whitespace.

What is correct input format for SNMPSET to set Hex values I need?

Best Regards,

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Zvi Vered | 2 Jun 23:32 2016
Picon

Customize snmpd to monitr an 8 ports switch

Hello,

I compiled net-snmp for Centos 6.4 and ran MIB browser.

I noticed that only 4 ports are monitored.

For example, upon request for ifSpeed, I got 4 values.

How can I customize snmpd to support 8 ports ?

Thank you,
Z.V

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

on@LEFerguson.com | 30 May 03:21 2016

SNMP Perl question: Limits on gettable?

Is this an appropriate venue to ask about the perl SNMP routines?

 

I am using the package version 5.7.3 on Ubuntu 15.40.

 

Generally it is working, but I have one routine that attempts to query a cisco table as below, and in most cases it works, but for one large ASA with a lot of tunnels, it fails to return all rows in the table, returning what appears to be a random subset of about half  of them.  Using the snmpwalk command works fine.

 

The code is as follows:

 

    my %snmpparms;

    $snmpparms{Community} = $community;

    $snmpparms{DestHost} = inet_ntoa(inet_aton($IP));

    $snmpparms{Version} = "2";

    $snmpparms{UseSprintValues} = '1';

    $snmpparms{UseEnums} = '0';

    $snmpparms{UseNumeric} = '0';

    $snmpparms{NonIncreasing} = '1';

    $snmpparms{Timeout}=10000000;   # need long timeout for large tables over WAN

    $sess = new SNMP::Session(%snmpparms);

 

    # Now pull in the correlation table so we know which are real tunnels

    my $RtnCorrHash = ( $sess->gettable('CISCO-IPSEC-FLOW-MONITOR-MIB::cikePeerCorrTable') );

 

 

I've tried various combinations of the options in the session parameters without any change.  I've also tried placing a column list on the gettable without any change.

 

I had this same problem with another large table and just converted it to specific calls to getbulk, but I rather liked using gettable in this case.

 

There is no error returned from the gettable call.  The data returned is correct just incomplete. 

 

There are 54 items in the table, and each one looks sort of like this; only 25 rows were returned the last few times I tried (I am not sure if it always stops at 25 or not):

 

          '1.13.51.56.46.49.52.48.46.49.51.52.46.49.56.1.11.53.48.46.50.52.49.46.50.46.55.55.500.25126' => {

                                                                                                             'cikePeerCorrIntIndex' => '500',

                                                                                                             'cikePeerCorrRemoteValue' => '50.xxx.xxx.77',

                                                                                                             'cikePeerCorrRemoteType' => '1',

                                                                                                             'cikePeerCorrSeqNum' => '25126',

                                                                                                             'cikePeerCorrIpSecTunIndex' => '25126',

                                                                                                             'cikePeerCorrLocalValue' => '38.xxx.xxx.18',

                                                                                                             'cikePeerCorrLocalType' => '1'

                                                                                                           },

 

The Cisco device is fairly new and on a high speed LAN; snmpwalk returns data very quickly, so I do not think this is some kind of timeout issue or anything related to packet fragmentation.  I am pulling a lot of data from it via zabbix and all those queries work fine.

 

Any ideas why it will not return all values?

 

Linwood

 

 

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Nilanjan Sarkar | 27 May 10:25 2016

Error in agentx unregister_int_index()

Hi,

 

We are getting error during unregister_int_index() as indexNotAllocated (261) even if index allocation was successful.

 

we are using agentX api register_int_index() to allocate few indexes before registration in standard hrstorage table. Index allocation and registration was successful. But index deallocation was failing. We are using unregister_int_index(). Is there any limitation of using that API. The error we are getting is Resp. error: indexNotAllocated (261). But if we try to allocate the same index again the error we get Resp. error: indexNoneAvailable (260).

 

Is there any known issue with unregister_int_index()? Or is there any example usage for unregister_int_index(). We are following the documentation in agentX source code, but like to check whether the usage is correct.

 

Regards,

Nilanjan

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
alessandro macuz | 26 May 11:13 2016
Picon

SNMPv3 on Windows servers and Win 7 - which is the right latest bundle?

Hi all,

I'm struggling in getting SNMP executable work on Windows servers and Win 7.

I'm a bit confused at where to find the right net-snmp executables and the right openssl installation.

I tried many combination of net-snmp and openssl (below 1.0.0) and the result is exception while running or "snmp-get stopped working".
Here I read that net-snmp executables are only built against OpenSSL version 0.9.8r but I don't seem to find that particular version.

Could anybody point me (in terms of links) at the latest executables for Windows and OpenSSL that will work together, please?

I cannot use anything else than SNMPv3 and now it's week that I'm working on it with a bit of frustration. If only I could run it on Linux but... unfortnately I cannot :( The environments dictates to use Windows products.

Thanks a lot in advance,

Alex
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Vesta | 23 May 21:51 2016
Picon

How to set Hex string in Net-SNMP command?


I have net-snmp-5.5-1.x86.exe for Win32

I need set IP addreess to hex format, separated by whitespace using NET-SNMP set command. For example, an IP
address 192.168.100.100 converted to Hex format is 0xC0A86464

192.168.100.100 > 0xC0A86464

The correctly set value should return the following value when check with snmpget:

xxx-xxx-xxx-MIB::docsDevServerAddress.0 = Hex-STRING: C0 A8 64 64 

I tried
snmpset -v 1 -c private 192.168.100.5 docsDevServerAddress.0 x 0xC0 A8 64 64

According to NET-SNMP manual, 'x' is octet string in hex bytes, separated by whitespace. But when I using
this format to set HEX address, I always got errors like this: 'A8: Bad object type: 6', or '00xA8 Bad object
type: 0', and so on, depending on representation of hex format I tried. 

I tried also convert Hex value to binary:

0xC0A86464 > 11000000101010000110010001100100

I tried to use this binary representation of hex string:

snmpset -v 1 -c private 192.168.100.5 docsDevServerAddress.0 x 11000000101010000110010001100100

but it returns Hex-STRING: 11 00 00 00

How to set correct input format for snmpset to get Hex values I need?

Best Regards

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users


Gmane