[SNMP4J] How to test the TestAgent for SNMPv3 Request?

Bryan Chung bryanc at nortel.com
Fri Jan 5 18:36:59 CET 2007 

I have attempted several ways to try to test walking the MIB for the TestAgent but with no luck.

First, I tried to use the SNMP4J tool, following the snmp4j_usage.txt, I run the following command:

SNMP4J -a SHA -A maplesyrup -u TEST -x DES -P maplesyrup -p GETBULK -Ow 127.0.0.1/9161

The response I received is:
Jan 5, 2007 11:11:10 AM org.snmp4j.log.JavaLogAdapter log
INFO: UDP receive buffer size for socket 47.102.244.159/0 is set to: 8192
Jan 5, 2007 11:11:11 AM org.snmp4j.log.JavaLogAdapter log
WARNING: 1.3.6.1.6.3.15.1.1.2.0 = 1
Jan 5, 2007 11:11:11 AM org.snmp4j.log.JavaLogAdapter log
WARNING: 1.3.6.1.6.3.15.1.1.2.0 = 2

Total requests sent:    1
Total objects received: 0
Total walk time:        2023 milliseconds
Request timed out.

I have tried the following command and get the same result:
java -classpath ../SNMP4JAgent/lib/log4j-1.2.9.jar -classpath
dist/lib/SNMP4J.jar org.snmp4j.tools.console.SnmpRequest -a TEST -A
maplesyrup -u SHA -p GETNEXT 127.0.0.1/10161 1.3.6


The debug log printed out in the agent side is as follow:

8723 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Received message from /127.0.0.1/1366 with length 61:
30:3b:02:01:03:30:11:02:04:1d:c4:15:cd:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30
:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a5:0b:02:01:00:0
2:01:00:02:01:0a:30:00
8723 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - SNM
Pv3 header decoded: msgId=499389901, msgMaxSize=65535, msgFlags=04, secModel=3
8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.2.3 Unknown engine ID:
8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Add
ing cache entry: StateReference[msgID=499389901,pduHandle=PduHandle[172682989],s
ecurityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,sec
urityLevel=1,contextEngineID=,contextName=]
8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Rem
oved cache entry: StateReference[msgID=499389901,pduHandle=PduHandle[172682989],
securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,se
curityLevel=1,contextEngineID=,contextName=]
8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.1.4.b Outgoing message is not encrypted
8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Sending message to 127.0.0.1/1366 with length 87: 30:5
5:02:01:03:30:11:02:04:1d:c4:15:cd:02:03:00:ff:ff:04:01:00:02:01:03:04:19:30:17:
04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:00:04:00:04:00:30:22:04:00
:04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:0
1:04:00:41:01:01
8763 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch
erImpl  - 1.3.6.1.6.3.15.1.1.4.0 = 1
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Received message from /127.0.0.1/1366 with length 117:
 30:73:02:01:03:30:11:02:04:1d:c4:15:ce:02:03:00:ff:ff:04:01:07:02:01:03:04:31:3
0:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:0c:
e9:ed:09:e7:4f:59:5d:18:71:de:ba:de:04:08:00:00:00:00:52:9a:a0:56:04:28:49:1c:d8
:d8:e3:6f:67:1f:3f:8e:03:23:bb:4c:ae:7c:89:43:87:6f:1a:f4:12:a9:d9:8f:80:96:19:d
2:18:5c:05:db:1e:79:bd:49:ec:39
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - SNM
Pv3 header decoded: msgId=499389902, msgMaxSize=65535, msgFlags=07, secModel=3
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.UsmTi
meTable  - CheckTime: received message outside time window (authorative):engineB
oots differ
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.2.7.a Not in time window; engineID='80:00:13:70:01:2f:66:f4:9f', en
gineBoots=0, engineTime=0
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Add
ing cache entry: StateReference[msgID=499389902,pduHandle=PduHandle[172682990],s
ecurityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.USM
@1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Rem
oved cache entry: StateReference[msgID=499389902,pduHandle=PduHandle[172682990],
securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.US
M at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.1.4.b Outgoing message is not encrypted
9223 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Sending message to 127.0.0.1/1366 with length 103: 30:
65:02:01:03:30:11:02:04:1d:c4:15:ce:02:03:00:ff:ff:04:01:01:02:01:03:04:29:30:27
:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:01:02:01:09:04:04:54:45:53:54:04:0c:1d:6
c:f8:74:2a:c6:f0:b5:6b:55:f5:b9:04:00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:
02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:01:02:00:41:01:01
9223 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch
erImpl  - 1.3.6.1.6.3.15.1.1.2.0 = 1
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Received message from /127.0.0.1/1366 with length 117:
 30:73:02:01:03:30:11:02:04:1d:c4:15:cf:02:03:00:ff:ff:04:01:07:02:01:03:04:31:3
0:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:01:04:04:54:45:53:54:04:0c:
1d:9c:84:6f:36:a6:a6:73:29:a9:18:fa:04:08:00:00:00:00:52:9a:a0:57:04:28:c5:41:29
:9b:57:67:c8:1f:f1:0c:6d:72:e5:89:0d:d5:5c:c8:79:42:f8:72:e9:62:89:89:c1:52:4b:5
0:e3:4c:97:b6:31:8f:cc:68:d7:ef
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - SNM
Pv3 header decoded: msgId=499389903, msgMaxSize=65535, msgFlags=07, secModel=3
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.UsmTi
meTable  - CheckTime: received message outside time window (authorative):engineB
oots differ
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.2.7.a Not in time window; engineID='80:00:13:70:01:2f:66:f4:9f', en
gineBoots=0, engineTime=1
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Add
ing cache entry: StateReference[msgID=499389903,pduHandle=PduHandle[172682991],s
ecurityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.USM
@1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - Rem
oved cache entry: StateReference[msgID=499389903,pduHandle=PduHandle[172682991],
securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.US
M at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
- RFC3414 º3.1.4.b Outgoing message is not encrypted
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
ultUdpTransportMapping  - Sending message to 127.0.0.1/1366 with length 103: 30:
65:02:01:03:30:11:02:04:1d:c4:15:cf:02:03:00:ff:ff:04:01:01:02:01:03:04:29:30:27
:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:01:02:01:09:04:04:54:45:53:54:04:0c:9c:4
2:46:6b:27:b7:95:09:9a:63:e5:9f:04:00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:
02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:01:02:00:41:01:02
9724 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch
erImpl  - 1.3.6.1.6.3.15.1.1.2.0 = 2

I think it fails because the mismatch of engine boot time and engine ID, but how could I set it and know what values they should be set?

Then I tried to use the Snmp to write my own code to do the Snmpv3 Request following the example in the javadoc of Snmp, my code is as follow:

     Address targetAddress = GenericAddress.parse("udp:127.0.0.1/9161");
     TransportMapping transport = new DefaultUdpTransportMapping();
     Snmp snmp = new Snmp(transport);
     MPv3 mpv3 =  (MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3);
     USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(mpv3.createLocalEngineID(OctetString.fromHexString("80:00:13:70:01:2f:66:f4:9f"))), 0);
     SecurityModels.getInstance().addSecurityModel(usm);
     transport.listen();

     // add user to the USM
     snmp.getUSM().addUser(new OctetString("TEST"),
                         new UsmUser(new OctetString("TEST"),
                                     AuthMD5.ID,
                                     new OctetString("maplesyrup"),
                                     PrivDES.ID,
                                     new OctetString("maplesyrup")));
    // create the target
    UserTarget target = new UserTarget();
    target.setAddress(targetAddress);
    target.setRetries(1);
    target.setTimeout(5000);
    target.setVersion(SnmpConstants.version3);
    target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
    target.setSecurityName(new OctetString("TEST"));

    // create the PDU
    PDU pdu = new ScopedPDU();
    pdu.add(new VariableBinding(new OID("1.3.6")));
    pdu.setType(PDU.GET);

    // send the PDU
    ResponseEvent response = snmp.send(pdu, target);
    // extract the response PDU (could be null if timed out)
    PDU responsePDU = response.getResponse();
    VariableBinding[] v = responsePDU.toArray();
    System.out.println("no. of varbind:" + v.length);
    for (int i=0; i<v.length; i++)
    {
        System.out.println(v[i].getVariable().toString());
        System.out.println(v[i].getVariable().getSyntaxString());

    }

    // extract the address used by the agent to send the response:
    Address peerAddress = response.getPeerAddress();

    System.out.println("---> v3 response:" + responsePDU);


The output for the request is:
no. of varbind:1
1
Counter
---> v3 response:REPORT[reqestID=0, errorStatus=0, errorIndex=0, VBS[1.3.6.1.6.3
.15.1.1.5.0 = 1]]

The debug log in the agent is:
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
faultUdpTransportMapping  - Received message from /127.0.0.1/1384 with length 61
: 30:3b:02:01:03:30:11:02:04:7d:09:b3:d8:02:03:00:ff:ff:04:01:04:02:01:03:04:10:
30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a0:0b:02:01:00
:02:01:00:02:01:00:30:00
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - S
NMPv3 header decoded: msgId=2097787864, msgMaxSize=65535, msgFlags=04, secModel=
3
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
  - RFC3414 º3.2.3 Unknown engine ID:
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - A
dding cache entry: StateReference[msgID=2097787864,pduHandle=PduHandle[172682992
],securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,
securityLevel=1,contextEngineID=,contextName=]
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - R
emoved cache entry: StateReference[msgID=2097787864,pduHandle=PduHandle[17268299
2],securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=
,securityLevel=1,contextEngineID=,contextName=]
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
  - RFC3414 º3.1.4.b Outgoing message is not encrypted
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
faultUdpTransportMapping  - Sending message to 127.0.0.1/1384 with length 87: 30
:55:02:01:03:30:11:02:04:7d:09:b3:d8:02:03:00:ff:ff:04:01:00:02:01:03:04:19:30:1
7:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:00:04:00:04:00:30:22:04:
00:04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01
:01:04:00:41:01:02
477547 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispat
cherImpl  - 1.3.6.1.6.3.15.1.1.4.0 = 2
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
faultUdpTransportMapping  - Received message from /127.0.0.1/1384 with length 11
7: 30:73:02:01:03:30:11:02:04:7d:09:b3:d9:02:03:00:ff:ff:04:01:07:02:01:03:04:31
:30:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:0
c:03:39:f8:84:66:36:17:31:a3:bf:d7:31:04:08:00:00:00:00:60:ad:29:a3:04:28:e3:20:
3e:19:2b:ed:1b:d9:f7:da:01:0d:01:15:3c:0f:34:78:f2:8a:5c:7b:d6:59:19:c4:42:51:7c
:fe:fd:03:e0:cf:f9:55:73:a9:c4:b3
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - S
NMPv3 header decoded: msgId=2097787865, msgMaxSize=65535, msgFlags=07, secModel=
3
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
  - getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
  - RFC3414 º3.2.6 Wrong digest -> authentication failure: 03:39:f8:84:66:36:17:
31:a3:bf:d7:31
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - A
dding cache entry: StateReference[msgID=2097787865,pduHandle=PduHandle[172682993
],securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.
USM at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3  - R
emoved cache entry: StateReference[msgID=2097787865,pduHandle=PduHandle[17268299
3],securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security
.USM at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
  - RFC3414 º3.1.4.b Outgoing message is not encrypted
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
faultUdpTransportMapping  - Sending message to 127.0.0.1/1384 with length 91: 30
:59:02:01:03:30:11:02:04:7d:09:b3:d9:02:03:00:ff:ff:04:01:00:02:01:03:04:1d:30:1
b:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:00:04:
00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01
:06:03:0f:01:01:05:00:41:01:01
478018 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispat
cherImpl  - 1.3.6.1.6.3.15.1.1.5.0 = 1

It shows that authentication failed and I believe that it is related to the wrong engine ID. Again, I don't know how to specify the engine ID if it is really the problem.

Does anyone have a straightforward way to test the TestAgent to see if it process the SNNPv3 Request?

I also find another issue running the TestAgent which is I get an exception when the cfg files are already exist. I will open up another thread to seek help.

Any help is appreciated. Thanks!

Regards,
Bryan Chung

More information about the SNMP4J mailing list