RE: snmptrap v3 problem

> From: net-snmp-users-bounces@lists.sourceforge.net
> [mailto:net-snmp-users-bounces@lists.sourceforge.net] On
> Behalf Of Jeddylyn A. Ortilla
> Sent: Sunday, September 02, 2007 9:01 PM

> 1. snmpinform -d -Ddump -e 0x0102030405 -v 3 -c public -u
> myuser -a MD5
> -A mypasswd -l authNoPriv -x DES -X myotherpasswd localhost ""
> .1.3.6.1.6.3.1.1.5.1
> Result:
> - snmpinform: Timeout
> - trap is not logged in syslog

Rule of thumb: send traps before attempting informs. There are ways that informs can fail that traps cannot.

> 2. snmptrap -d -Ddump -e 0x0102030405 -v 3 -c public -u
> myuser -a MD5 -A
> mypasswd -l authNoPriv -x DES -X myotherpasswd localhost ""
> .1.3.6.1.6.3.1.1.5.1
> Result:
> - snmpinform: Timeout
> - trap is not logged in syslog

Problems:

1) You are specifying a community string for v3. This is harmless but silly.

2) You are specifying priv parameters for authNoPriv security. This is harmless but silly.

3) You are specifying sysUpTime as "". This may or may not cause problems.

4) (the biggie) You are getting a timeout from the snmptrap command. Looks like you've got it aliased to "snmpinform", as that's how it reports its name back.

> --------------------------
> Configuration Files.
> 1. Contents of snmpd.conf
> ...
> rocommunity public
> rwcommunity public
> rwuser myuser
> rouser myuser
> ...

Do not give both "rwuser" and "rouser" directives for the same user. Either the user can write or not - not both.

> 2. Contents of snmptrapd.conf
> #traphandle settings
> ignoreauthfailure no
> disableAuthorization no
> authcommunity log,execute,net public

You will need authUser directives to receive v3 traps.

There is a sizable gap between v1/v2c traps and v3 notifications. There's a good starting point in the tutorials:

http://net-snmp.sourceforge.net/wiki...nmptrap_SNMPv3

Note that sending and receiving v3 notifications is easily the most challenging aspect of SNMP, and often frustrates veterans, so take your time. I highly recommend you take as many of the tutorials as possible, and also read RFCs 2570 and 2571, which explain the v3 architecture, which differs radically from its predecessors.


HTH,

Mike

P.S. Don't send questions like this to the coders list.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/...net-snmp-users