Request/responses with proxy forwarder

Ram Krishnaswamy RKrishnaswamy____pathfire.com
Wed Dec 12 20:54:35 CET 2001 

Hello,

I was trying to come up with a better subject but could not for the simple
reason that I am trying to tackle a very interesting problem in our
environment. I have asked this list many questions and I have got
replies/solutions for each one of them - especially from Frank and Jochen.
Thanks. I hope that I will get a solution to this unique situation too.

The problem has to do with our environment. We have a one-way satellite
channel from the manager station to the agent and a return through a dialup
or a LAN which is also one-way. To route the responses/traps through the
back-channel, I had to add code to snmp++ (thanks to Jochen) so that all
requests are forwarded to our back-channel manager. The back-channel manager
listens for a tcp connection and I have to supply to it the ip address and
port for each packet that is sent (what a waste of time??? - I did not
design it.). It will buffer it, dial the RAS connection if it is not up, and
then send the packet. Everything works fine if the manager station sends a
request to the agent. But if the manager station wants to send a request to
a proxy agent (we have some Dell snmp agents, satellite receivers snmp
agents etc.) then the manager station times out. Upon further investigation
I noticed that the requests by the proxy forwarder are forwarded to the
back-channel manager who then forwards it to the right proxy agent. Since
the back-channel manager is a one-way communication vehicle it cannot get
the reply back from the proxy agent. The proxy agent is sending a response
to the entity that sent the request - in this case the back-channel manager.
The packet gets dropped. 

The reason for all of this is we want only one application
controlling/patrolling the back-channel connection because of security
concerns and also firewall issues. 

One solution that I was thinking of was to let SNMP++ code know that the
request is for a proxy agent (thereby bypassing back-channel manager). But
the question I have is what happens to the response from the proxy agent?
How do I differentiate between proxy agent request/response versus sending
the response to back-channel manager? If this is possible, how can this be
done? Any other ideas would be greatly appreciated.

Thanks.

Ram Krishnaswamy
x1671

More information about the AGENTPP mailing list