Frank Fock | 17 Dec 20:11 2014

Re: Troubles with SET request

Hello Krystian,

There are several errors (misunderstandings) in the code you posted.
Please completely rewrite it. I suggest using AgenPro to generate
your stub code from a MIB to get a consistent implementation for
the corresponding MIB specification.

The major issues are:
1. The tables have illegal OIDs (regarding SMI standard).
2. The constructor "MOTable" does not exists and it does not take 
several MOAccess values.
3. A table where rows can be created, needs at least one column wiht 
READ_CREATE max. access right.
4. By default, only the SnmpRowStatus column (implementation of the 
RowStatus TC) has a ready-to-use implementation for creating new rows.
5. Adding a row with the same index (OID) as an existing row (or 
previously added row) will replace that row!

Best regards,

Am 17.12.2014 10:35, schrieb Krystian Powójski:
> Hello Frank,
> I'm using your SNMP4J library to create my own SNMP agent. I read a 
> lot of information and forums how to use it in order to create a snmp 
> table. There is no problem when I'm using a SNMP Client sending GET 
> request to my agent, but during sending a SET request there is a 
> Exception:
> "Error 'Unable to create object' generated at: 
(Continue reading)

smruti sagar panda | 11 Dec 16:16 2014

Snmp agent Listener can bind with to listen from different machine?

I am using SNMP4J for my snmp agent application.If my snmp agent and server
are running in same machine, that time my agent is able to listen binding
with But my agent is not able to listen if server is running in
remote machine.  If I will bind my agent with, then it can listen
from remote machine also.

But as per my security requirement I should not bind my process with .

Is there any way ,I can use or I can use machine IP(in this case
multiple NIC case will be there).
SNMP4J mailing list
SNMP4J <at>
smruti sagar panda | 5 Dec 17:13 2014

How to lock snmp agent if server is trying to connect with invalid credential(3 times)


My application is a snmp agent which is using SNMP4J . By default, all
validation of user name/password is done by SNMP4J . So if any server is
trying to connect with wrong credential to my application , it will fail by

But I need locking mechanism to support by my application .Means if any
server tried  3 times with wrong credential , then user should lock for 30

As validation is done by SNMP4J itself , My application is not able to find
when some user trying with wrong credential because processpdu(call back
method) never calls if validation is failed by SNMP4J itself.

Is there any api provided by SNMP4J which supports locking mechanism in
case of wrong credentials.

Or is there any other way , My application can know when validation failed
by SNMP4J , so My application can implement locking mechanism.

SNMP4J mailing list
SNMP4J <at>
David Corbin | 12 Nov 14:31 2014

PDU Encoding too big.

We've noticed our software is logging a bunch of PDU errors "PDU encoding
too big".  The ErrorStatus is always 1 and the ErrorIndex is 0.

Can someone explain this error to me in more detail (or point me at a
resource to do so)?

They're fairly frequent (15-20 an hour), given we've not seen them before.
We're certainly sending 10's of thousands if not an hour.  At this time, I
do not have enough context to say they're all related to a particular
device or anything like that. This IS on a network we've just solved a
problem with MTU and lost packets.

David Corbin
SNMP4J mailing list
SNMP4J <at>

forwarding traps to NMS via a proxy

How to implement IP spoofing for v2/v3 traps using SNMP4J?
I have a project requirement where we need to have a trap collector between the network element and NMS, so
the traps would be forwarded to NMS via this trap collector and not directly from this device.
But the NMS is not aware of this middle layer and should feel as if the trap is coming directly from the device.
For v1 traps, setAgentAddress() is available in snmp4j which maps the v1 trap to real device in NMS
But there is no such support for v2 and v3 traps. How to handle this v2/v3 trap forwarding via proxy?

Thanks in advance.


SNMP4J mailing list
SNMP4J <at>
George Bachus | 6 Nov 04:59 2014

Changing security level in v3


I am in the process of implementing an agent that will support both v2 and v3. I have the basic agent running
for both these versions. The problem I seem to be having is in v3, when I change the security level.
Once I change the security level, all requests to the agent from a manager [with new security level
settings], get an "unknown user names " error. Basically the authorization fails. 
Now if I restart the agent, then all is fine. The requests get processed and the response is sent correctly.

What i would like to know is that, is it necessary to restart the agent when the security level is changed or is
it that I am missing a step or two?
When the security level changes,  I am
* removing the groups from the VACM MIB
* removing the access using the old security level
* adding the groups back again with the new users
* adding the views back again with the new security level.

Any insights to this is helpful.

SNMP4J mailing list
SNMP4J <at>
Narendra Pathai | 3 Nov 12:59 2014

How can we contribute to SNMP4J


I wanted to find out how can we contribute to SNMP4J? We use some other 
library but wanted to switch to a better option. It would be great if we can
provide helping hand in future releases.

SNMP4J mailing list
SNMP4J <at>
R U | 24 Oct 14:30 2014

Looking for clarification on SNMP4J USM.getUser() implementation

  I am resending an e-mail I had sent at the beginning of October.  It doesn't appear to have been received by the
mailing list.  I have a question regarding a possible bug in USM.getUser(OctetString engineID,
OctetString securityName).  If this method is called and an entry exists in the USM without an engine ID,
the code will create a new entry based on the currently present user information.  However, the old entry is
not removed from the userTable.   Shouldn't the original entry be removed so that there are no two entries in
the userTable for the same securityName?

Thank you
SNMP4J mailing list
SNMP4J <at>
Peter Verthez | 23 Oct 12:34 2014

SNMPv3 problem with unhandled responses

Hi Frank,

One of our customers has reported a problem with SNMPv3.  The version of 
our application that they use is using SNMP4J 2.0.1.  For the particular 
SNMP request that has the problem, the agent is known to respond very 
slowly, so the timeout model for that particular request has been set to:
- a first timeout after 30 seconds, then a retransmission
- a second timeout after 60 seconds (so 90 seconds after the original 
request), then a retransmission
- a third timeout after 120 seconds (210 seconds after the original request)

Now, we observe the following behavior (you can also see that in the 
logs that I'm pasting below):

2014-10-22 10:42:33,428 => Original request
2014-10-22 10:43:03,430 => 1st retransmission
2014-10-22 10:43:37,444 => Response to original request (rejected)
2014-10-22 10:44:03,440 => 2nd retransmission
2014-10-22 10:44:41,466 => Response to 1st retransmission (rejected)
2014-10-22 10:45:45,539 => Response to 2nd retransmission (accepted)

So the problem that we see is that the first response (the response to 
the original request) is not accepted for some reason.   This looks 
similar to the problem SFJ-43, but that was fixed in SNMP4J 2.0.0 
according to the change log.   We are in the process of trying to 
reproduce it on SNMP4J 2.3.0, but I see no relevant change in the change 
log, so I guess there will be no difference.

The logs are the following (with some sensitive information removed):

(Continue reading)

Frank Fock | 20 Oct 23:57 2014

Released: AgenPro 4.0, SNMP4J-SMI 1.5.2, SNMP4J-Agent 2.3


AgenPro 4.0 has been released with a lot new features and usability 
The 4.0 version is the basis for the SNMP client code generation 
templates (for SNMP4J-Model 1.0)
which will be added in version 4.1 which - as usual - will be a free 
upgrade to all 4.x users!

I hope you will enjoy the new version. All AgenPro 3.x users who 
purchased their license in 2014
will rceive the free upgrade license key within the next 48 hours on 
their registered
email address.

SNM4J-Agent 2.3 and SNMP4J-SMI-PRO 1.5.2 have been released too. Both
versions provide bug fixes in the first place. In SNMP4J-Agent the MOFactory
interface had to be extended to fix a bug with the AgenPro code generation.


AgenPro  4.0

* Improved: MIB Editor view with new error stripe and quick search panel.
* Added: Simulation Agent Data panel to directly enter simulation data
   which can be even synchronized with Properties to generate intialization
* Added: Nimbus look&feel support.
* Improved [AGEN-26]: Sign JLNP files for even more secure WebStart feature.
* Added [AGEN-22]: TLS support for the built-in simulation agent.
(Continue reading)

Mátyás Kuti | 15 Oct 10:20 2014

Re: SNMP4J Digest, Vol 93, Issue 1


Thanks for your answer Frank!
The goal of the whole thing was to create an SNMP agent that accepts
GETNEXT requests from multiple clients. We built a response cache on the
first request for each client and based on the request ID of an incoming
request the proper response was sent. The response itself was determined by
the request ID. We expected that each ID would be in the range of (First
ID, First ID+Number of fields to send) but since the IDs are not always
incremented by 1 this solution would mess things up a bit... It works
perfectly when tested by hand using the snmpwalk command on Linux but when
we wrote the automatic tests in Java using SNMP4J the tests failed. Do you
have any idea how to solve the problem of concurrent GETNEXT requests?


2014-10-14 12:00 GMT+02:00 <snmp4j-request <at>>:

> Send SNMP4J mailing list submissions to
>         snmp4j <at>
> To subscribe or unsubscribe via the World Wide Web, visit
> or, via email, send a message with subject or body 'help' to
>         snmp4j-request <at>
> You can reach the person managing the list at
>         snmp4j-owner <at>
(Continue reading)