Picon

SNMP v3 - with same user name on different devices is not working

Hi Frank,

I am trying to do SNMP v3  get request to 2 different devices with same
user name , always 1 device get successful, other get time out. I referred
earlier posts and tried all the solutions like localizing keys , nothing
works. Can you pls help me how to fix this.

Here my USM portion of code

private static USM usm;

static{
 		SecurityProtocols securityProtocols = SecurityProtocols.getInstance();
	    securityProtocols.addPrivacyProtocol(new PrivAES128());
	    securityProtocols.addPrivacyProtocol(new
PrivAES192With3DESKeyExtension());
	    securityProtocols.addPrivacyProtocol(new
PrivAES256With3DESKeyExtension());
	    securityProtocols.addPrivacyProtocol(new PrivDES());
	    securityProtocols.addPrivacyProtocol(new Priv3DES());

		 usm = new USM(securityProtocols, new
OctetString(MPv3.createLocalEngineID()), 0);
		 SecurityModels.getInstance().addSecurityModel(usm);

}

 public static String doGet1(String targetAddr,String securityName, OID
authenticationProtocol, String authenticationPassphrase,
		  OID privacyProtocol, String privacyPassphrase, String engineID, String
(Continue reading)

Pradipmaya Maharana | 23 Mar 23:49 2015
Picon

changing the community string at run-time?

I am writing a snmp agent based on the sample from snmp4j code. Everything
is working great as expected but once the agent is running, whats the right
way to change the community string at run time. I tried various things
without any luck.

Could someone please guide me with the correct approach.
_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Shraddha Herlekar | 23 Mar 19:13 2015

SNMP Agent's trap sending port

Hi,

Is there any way to force SNMP agent to use a particular port to send out
SNMP v2 traps?
By default, any random available port at agent side is used to send out
the trap.

Thank you,
Shraddha.

_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Geilfuss, Greg | 19 Mar 23:12 2015

rfc 6353 support

I'm investigating SNMP4J to determine if it's right for my application's needs. RFC 6353 support is required.

_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Pradipmaya Maharana | 17 Mar 18:14 2015

changing the community string at run-time?

I am writing a snmp agent based on the sample from snmp4j code. Everything
is working great as expected but once the agent is running, whats the right
way to change the community string at run time. I tried various things
without any luck.

Could someone please guide me with the correct approach.
_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Arun Viswanath | 5 Mar 17:17 2015
Picon

SNMP4j Support for IPv6 Link local Address

Hi All,

Does SNMP4j support IPv6 Link Local Address ?

I'm setting the PDUv1.agentAddress with IPv6 Link Local Address and this
address it converted to 0.0.0.0 after IpAddress.encode function.

 <at> Override
    public void encodeBER(OutputStream outputStream)
            throws java.io.IOException
    {
        final byte[] address = new byte[4];
        if (inetAddress instanceof Inet6Address)
        {
            final Inet6Address v6Addr = (Inet6Address) inetAddress;
            if (v6Addr.isIPv4CompatibleAddress())
            {
                final byte[] v6Bytes = inetAddress.getAddress();
                System.arraycopy(v6Bytes, v6Bytes.length - 5, address, 0,
4);
            }
        }
        else
        {
            System.arraycopy(inetAddress.getAddress(), 0, address, 0, 4);
        }
        BER.encodeString(outputStream, BER.IPADDRESS, address);
    }

From this code it seems like it support only IPv4 mapped IPv6 address.
(Continue reading)

Ali, Syed F | 4 Mar 02:30 2015

index value greater than max java 32-bit integer

Hi Frank,

Would snmp4j support issuing snmp get requests where one of the terms in the OID is larger than a signed
32-bit integer? From looking at the org.snmp4j.smi.OID class, each term in the OID has to fit into a
primitive int  supports only an array of int's.
If I had an ObjectID like 1.3.6.1.4.1.9.9.42.1.3.5.1.8.71105. 2447483647, would snmp4j support
querying such an object ?
Note that the value 2447483647 is greater than the signed 32-bit maximum integer which is 2147483647.

If this is not currently supported, are there plans to support this in a future version of snmp4j?

This occurs in the case of Cisco devices while monitoring response path tests where the Cisco agent
actually uses the sysUpTime from the device to keep running "buckets" in which to store data within a given
table. We first perform getNext's to identify the 'current bucket'. Then we use that bucket as part of
creating the OID, and issue GET requests using this OID. The current bucket is increased every hour, so
that new data can be stored, and old data can be purged, and hence sysUpTime is used to generate the bucket.
Since the value of sysUpTime is an unsigned integer (or in TimeTicks), it can actually exceed
2,147,483,647 - it's theoretical max limit is  4,294,967,294. So we notice this problem show up on devices
that have been running for greater than ~250 days.

Thanks,
Syed F. Ali

_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Frank Fock | 24 Feb 23:25 2015

Re: How to add OID to agent MIB


Hi Nitin,

You can find additional information in the SNMP4J-Agent FAQ at:
http://oosnmp.net/confluence/pages/viewpage.action?pageId=1441804

Best regards,
Frank

Am 18.02.2015 um 20:49 schrieb nitin sharma:
> hi Frank,
>
> thanks for your response.. I am still not sure how to proceed. if it 
> is not too much to ask then can you please put it as step by step 
> approach.
>
> Regards,
> Nitin Kumar Sharma.
>
>
> On Wed, Feb 18, 2015 at 1:08 PM, Frank Fock <fock <at> agentpp.com 
> <mailto:fock <at> agentpp.com>> wrote:
>
>     Hi Nitin,
>     SNMP4J-Agent includes a sample simulation agent whose content can
>     be set via SNMP. I think that is all you are looking for.
>     Best regards
>     Frank
>
>
(Continue reading)

nitin sharma | 17 Feb 22:51 2015
Picon

How to add OID to agent MIB

Hi All,

I am trying to build a SNMP simulator for my project and i have been given
some network traffic dump file (using wireshark) that has OID request
between real SNMP server and Device.

My job is to build a simulator that has same OIDs and it respond back to
the snmpget request from server.

I have build a simulator by downloading the sample code available on
internet but i am not sure how to add OIDs of my choice in the MIB. or in
short use my MIB structure instead.

Any help, documentation or sample code will be appreciated.. thanks in
advance

Regards,
Nitin Kumar Sharma.
_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Tihomir Meščić | 13 Feb 13:29 2015
Picon

Maven central

Hi everyone,

I was wondering why the latest version of snmp4j is not available on Maven
Central repository? We are using version 1.10.1, and having some problems,
so we would like to upgrade to the latest version (1.11.5), however that
version is not available on Maven Central repository (the latest one is
1.10.1). There is something called org.kaazing - snmp4j but I'm not sure
what that is.

Best regards,
Tihomir
_______________________________________________
SNMP4J mailing list
SNMP4J <at> agentpp.org
https://oosnmp.net/mailman/listinfo/snmp4j
Picon

Re: how to create IP packet using SNMP4J

Thanks for your reply Cris.
We need to use pcap in our project for IP spoofing as adding the extra varbind "snmpTrapAddress” is not
recognized by few NMS we have in our stack. But I am not sure how to convert SNMP4J pdu and community target in
some form that can be consumed by pcap API for sending the packet.

Regards,
Shivi

From: Chris Janicki [mailto:Chris.Janicki <at> Augur.com]
Sent: Thursday, February 12, 2015 8:19 PM
To: Shivi Goel -X (shivigoe - NICHEPRO TECHNOLOGIES PRIVATE LIMITED at Cisco)
Subject: Re: [SNMP4J] how to create IP packet using SNMP4J

Hi Shivi,

Years ago we tried pcap for spoofing and ran into headaches reliably routing the spoofed address through
the network, unless both the original and spoofing (proxy) machine's addresses were on the same subnet. 
Since we couldn't always guarantee that, we didn't go further.

Instead we've been following RFC 3584<https://tools.ietf.org/html/rfc3584> (see Section 3.1.4).  It
specifies an extra varbind "snmpTrapAddress" to hold the original/spoofed address.  This RFC was
written for converting v1 traps to v2/3, but the logic still works for spoofing since most NMS
applications can recognize snmpTrapAddress.

There may be a few NMS that don't automatically recognize snmpTrapAddress, but usually their rules can be
customized to handle it anyway.  (If not, you can tell your NMS vendor to read RFC 3584 to remind them that
they *should* handle it per the official SNMP standards!  :-)

If you're working on the project for fun or a custom project, I hope that's helpful.  But if you really just
need a solution, check out our TrapStation<http://www.augur.com> product... It's not free, but it is
(Continue reading)


Gmane