[SNMP4J] RE: How to test the TestAgent for SNMPv3 Request?
Bryan Chung
bryanc at nortel.com
Fri Jan 5 21:45:29 CET 2007
OK. I figured it out how to test the TestAgent for SNMPv3 Request by looking at some archive. I need to change the TestAgent as follows:
public TestAgent(File bootCounterFile, File configFile) throws IOException {
super(bootCounterFile, configFile,
new CommandProcessor(
OctetString.fromHexString("00:00:00:00:00:00:02", ':')));
agent.setThreadPool(ThreadPool.create("RequestPool", 4));
}
I guess it will work even without this change if I run the SNMP4J to do the request from another machine that has the agent running.
On the other hand, I still cannot figure out how to get around the exception I have when running the TestAgent the second or subsequent time when the cfg files are present.
Regards,
Bryan Chung
> _____________________________________________
> From: Chung, Bryan (RICH1:B630)
> Sent: Friday, January 05, 2007 11:37 AM
> To: 'snmp4j at agentpp.org'
> Subject: How to test the TestAgent for SNMPv3 Request?
>
> I have attempted several ways to try to test walking the MIB for the TestAgent but with no luck.
>
> First, I tried to use the SNMP4J tool, following the snmp4j_usage.txt, I run the following command:
>
> SNMP4J -a SHA -A maplesyrup -u TEST -x DES -P maplesyrup -p GETBULK -Ow 127.0.0.1/9161
>
> The response I received is:
> Jan 5, 2007 11:11:10 AM org.snmp4j.log.JavaLogAdapter log
> INFO: UDP receive buffer size for socket 47.102.244.159/0 is set to: 8192
> Jan 5, 2007 11:11:11 AM org.snmp4j.log.JavaLogAdapter log
> WARNING: 1.3.6.1.6.3.15.1.1.2.0 = 1
> Jan 5, 2007 11:11:11 AM org.snmp4j.log.JavaLogAdapter log
> WARNING: 1.3.6.1.6.3.15.1.1.2.0 = 2
>
> Total requests sent: 1
> Total objects received: 0
> Total walk time: 2023 milliseconds
> Request timed out.
>
> I have tried the following command and get the same result:
> java -classpath ../SNMP4JAgent/lib/log4j-1.2.9.jar -classpath
> dist/lib/SNMP4J.jar org.snmp4j.tools.console.SnmpRequest -a TEST -A
> maplesyrup -u SHA -p GETNEXT 127.0.0.1/10161 1.3.6
>
>
> The debug log printed out in the agent side is as follow:
>
> 8723 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Received message from /127.0.0.1/1366 with length 61:
> 30:3b:02:01:03:30:11:02:04:1d:c4:15:cd:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30
> :0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a5:0b:02:01:00:0
> 2:01:00:02:01:0a:30:00
> 8723 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - SNM
> Pv3 header decoded: msgId=499389901, msgMaxSize=65535, msgFlags=04, secModel=3
> 8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.2.3 Unknown engine ID:
> 8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Add
> ing cache entry: StateReference[msgID=499389901,pduHandle=PduHandle[172682989],s
> ecurityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,sec
> urityLevel=1,contextEngineID=,contextName=]
> 8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Rem
> oved cache entry: StateReference[msgID=499389901,pduHandle=PduHandle[172682989],
> securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,se
> curityLevel=1,contextEngineID=,contextName=]
> 8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.1.4.b Outgoing message is not encrypted
> 8733 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Sending message to 127.0.0.1/1366 with length 87: 30:5
> 5:02:01:03:30:11:02:04:1d:c4:15:cd:02:03:00:ff:ff:04:01:00:02:01:03:04:19:30:17:
> 04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:00:04:00:04:00:30:22:04:00
> :04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:0
> 1:04:00:41:01:01
> 8763 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch>
> erImpl - 1.3.6.1.6.3.15.1.1.4.0 = 1
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Received message from /127.0.0.1/1366 with length 117:
> 30:73:02:01:03:30:11:02:04:1d:c4:15:ce:02:03:00:ff:ff:04:01:07:02:01:03:04:31:3
> 0:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:0c:
> e9:ed:09:e7:4f:59:5d:18:71:de:ba:de:04:08:00:00:00:00:52:9a:a0:56:04:28:49:1c:d8
> :d8:e3:6f:67:1f:3f:8e:03:23:bb:4c:ae:7c:89:43:87:6f:1a:f4:12:a9:d9:8f:80:96:19:d
> 2:18:5c:05:db:1e:79:bd:49:ec:39
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - SNM
> Pv3 header decoded: msgId=499389902, msgMaxSize=65535, msgFlags=07, secModel=3
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.UsmTi
> meTable - CheckTime: received message outside time window (authorative):engineB
> oots differ
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.2.7.a Not in time window; engineID='80:00:13:70:01:2f:66:f4:9f', en
> gineBoots=0, engineTime=0
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Add
> ing cache entry: StateReference[msgID=499389902,pduHandle=PduHandle[172682990],s
> ecurityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.USM
> @1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Rem
> oved cache entry: StateReference[msgID=499389902,pduHandle=PduHandle[172682990],
> securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.US
> M at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 9213 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.1.4.b Outgoing message is not encrypted
> 9223 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Sending message to 127.0.0.1/1366 with length 103: 30:
> 65:02:01:03:30:11:02:04:1d:c4:15:ce:02:03:00:ff:ff:04:01:01:02:01:03:04:29:30:27
> :04:09:80:00:13:70:01:2f:66:f4:9f:02:01:01:02:01:09:04:04:54:45:53:54:04:0c:1d:6
> c:f8:74:2a:c6:f0:b5:6b:55:f5:b9:04:00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:
> 02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:01:02:00:41:01:01
> 9223 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch
> erImpl - 1.3.6.1.6.3.15.1.1.2.0 = 1
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Received message from /127.0.0.1/1366 with length 117:
> 30:73:02:01:03:30:11:02:04:1d:c4:15:cf:02:03:00:ff:ff:04:01:07:02:01:03:04:31:3
> 0:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:01:04:04:54:45:53:54:04:0c:
> 1d:9c:84:6f:36:a6:a6:73:29:a9:18:fa:04:08:00:00:00:00:52:9a:a0:57:04:28:c5:41:29
> :9b:57:67:c8:1f:f1:0c:6d:72:e5:89:0d:d5:5c:c8:79:42:f8:72:e9:62:89:89:c1:52:4b:5
> 0:e3:4c:97:b6:31:8f:cc:68:d7:ef
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - SNM
> Pv3 header decoded: msgId=499389903, msgMaxSize=65535, msgFlags=07, secModel=3
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.UsmTi
> meTable - CheckTime: received message outside time window (authorative):engineB
> oots differ
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.2.7.a Not in time window; engineID='80:00:13:70:01:2f:66:f4:9f', en
> gineBoots=0, engineTime=1
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Add>
> ing cache entry: StateReference[msgID=499389903,pduHandle=PduHandle[172682991],s
> ecurityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.USM
> @1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - Rem
> oved cache entry: StateReference[msgID=499389903,pduHandle=PduHandle[172682991],
> securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.US
> M at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.1.4.b Outgoing message is not encrypted
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.Defa
> ultUdpTransportMapping - Sending message to 127.0.0.1/1366 with length 103: 30:
> 65:02:01:03:30:11:02:04:1d:c4:15:cf:02:03:00:ff:ff:04:01:01:02:01:03:04:29:30:27
> :04:09:80:00:13:70:01:2f:66:f4:9f:02:01:01:02:01:09:04:04:54:45:53:54:04:0c:9c:4
> 2:46:6b:27:b7:95:09:9a:63:e5:9f:04:00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:
> 02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01:01:02:00:41:01:02
> 9724 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispatch
> erImpl - 1.3.6.1.6.3.15.1.1.2.0 = 2
>
> I think it fails because the mismatch of engine boot time and engine ID, but how could I set it and know what values they should be set?
>
> Then I tried to use the Snmp to write my own code to do the Snmpv3 Request following the example in the javadoc of Snmp, my code is as follow:
>
> Address targetAddress = GenericAddress.parse("udp:127.0.0.1/9161");
> TransportMapping transport = new DefaultUdpTransportMapping();
> Snmp snmp = new Snmp(transport);
> MPv3 mpv3 = (MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3);
> USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(mpv3.createLocalEngineID(OctetString.fromHexString("80:00:13:70:01:2f:66:f4:9f"))), 0);
> SecurityModels.getInstance().addSecurityModel(usm);
> transport.listen();
>
> // add user to the USM
> snmp.getUSM().addUser(new OctetString("TEST"),
> new UsmUser(new OctetString("TEST"),
> AuthMD5.ID,
> new OctetString("maplesyrup"),
> PrivDES.ID,
> new OctetString("maplesyrup")));
> // create the target
> UserTarget target = new UserTarget();
> target.setAddress(targetAddress);
> target.setRetries(1);
> target.setTimeout(5000);
> target.setVersion(SnmpConstants.version3);
> target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
> target.setSecurityName(new OctetString("TEST"));
>
> // create the PDU
> PDU pdu = new ScopedPDU();
> pdu.add(new VariableBinding(new OID("1.3.6")));
> pdu.setType(PDU.GET);
>
> // send the PDU
> ResponseEvent response = snmp.send(pdu, target);
> // extract the response PDU (could be null if timed out)
> PDU responsePDU = response.getResponse();
> VariableBinding[] v = responsePDU.toArray();
> System.out.println("no. of varbind:" + v.length);
> for (int i=0; i<v.length; i++)
> {
> System.out.println(v[i].getVariable().toString());
> System.out.println(v[i].getVariable().getSyntaxString());
>
> }
>
> // extract the address used by the agent to send the response:
> Address peerAddress = response.getPeerAddress();
>
> System.out.println("---> v3 response:" + responsePDU);
>
>
> The output for the request is:
> no. of varbind:1
> 1
> Counter
> ---> v3 response:REPORT[reqestID=0, errorStatus=0, errorIndex=0, VBS[1.3.6.1.6.3
> .15.1.1.5.0 = 1]]
>
> The debug log in the agent is:
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De>
> faultUdpTransportMapping - Received message from /127.0.0.1/1384 with length 61
> : 30:3b:02:01:03:30:11:02:04:7d:09:b3:d8:02:03:00:ff:ff:04:01:04:02:01:03:04:10:
> 30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a0:0b:02:01:00
> :02:01:00:02:01:00:30:00
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - S
> NMPv3 header decoded: msgId=2097787864, msgMaxSize=65535, msgFlags=04, secModel=
> 3
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.2.3 Unknown engine ID:
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - A
> dding cache entry: StateReference[msgID=2097787864,pduHandle=PduHandle[172682992
> ],securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=,
> securityLevel=1,contextEngineID=,contextName=]
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - R
> emoved cache entry: StateReference[msgID=2097787864,pduHandle=PduHandle[17268299
> 2],securityEngineID=,securityModel=org.snmp4j.security.USM at 1632c2d,securityName=
> ,securityLevel=1,contextEngineID=,contextName=]
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.1.4.b Outgoing message is not encrypted
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
> faultUdpTransportMapping - Sending message to 127.0.0.1/1384 with length 87: 30
> :55:02:01:03:30:11:02:04:7d:09:b3:d8:02:03:00:ff:ff:04:01:00:02:01:03:04:19:30:1
> 7:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:00:04:00:04:00:30:22:04:
> 00:04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01:06:03:0f:01
> :01:04:00:41:01:02
> 477547 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispat
> cherImpl - 1.3.6.1.6.3.15.1.1.4.0 = 2
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
> faultUdpTransportMapping - Received message from /127.0.0.1/1384 with length 11
> 7: 30:73:02:01:03:30:11:02:04:7d:09:b3:d9:02:03:00:ff:ff:04:01:07:02:01:03:04:31
> :30:2f:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:0
> c:03:39:f8:84:66:36:17:31:a3:bf:d7:31:04:08:00:00:00:00:60:ad:29:a3:04:28:e3:20:
> 3e:19:2b:ed:1b:d9:f7:da:01:0d:01:15:3c:0f:34:78:f2:8a:5c:7b:d6:59:19:c4:42:51:7c
> :fe:fd:03:e0:cf:f9:55:73:a9:c4:b3
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - S
> NMPv3 header decoded: msgId=2097787865, msgMaxSize=65535, msgFlags=07, secModel=
> 3
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - getUser(engineID=80:00:13:70:01:2f:66:f4:9f, securityName=TEST)
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.2.6 Wrong digest -> authentication failure: 03:39:f8:84:66:36:17:
> 31:a3:bf:d7:31
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - A
> dding cache entry: StateReference[msgID=2097787865,pduHandle=PduHandle[172682993
> ],securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security.
> USM at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.mp.MPv3 - R
> emoved cache entry: StateReference[msgID=2097787865,pduHandle=PduHandle[17268299
> 3],securityEngineID=80:00:13:70:01:2f:66:f4:9f,securityModel=org.snmp4j.security
> .USM at 1632c2d,securityName=TEST,securityLevel=3,contextEngineID=,contextName=]
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.security.USM
> - RFC3414 º3.1.4.b Outgoing message is not encrypted
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] DEBUG org.snmp4j.transport.De
> faultUdpTransportMapping - Sending message to 127.0.0.1/1384 with length 91: 30
> :59:02:01:03:30:11:02:04:7d:09:b3:d9:02:03:00:ff:ff:04:01:00:02:01:03:04:1d:30:1>
> b:04:09:80:00:13:70:01:2f:66:f4:9f:02:01:00:02:01:00:04:04:54:45:53:54:04:00:04:
> 00:30:22:04:00:04:00:a8:1c:02:01:00:02:01:00:02:01:00:30:11:30:0f:06:0a:2b:06:01
> :06:03:0f:01:01:05:00:41:01:01
> 478018 [DefaultUDPTransportMapping_127.0.0.1/9161] WARN org.snmp4j.MessageDispat
> cherImpl - 1.3.6.1.6.3.15.1.1.5.0 = 1
>
> It shows that authentication failed and I believe that it is related to the wrong engine ID. Again, I don't know how to specify the engine ID if it is really the problem.
>
> Does anyone have a straightforward way to test the TestAgent to see if it process the SNNPv3 Request?
>
> I also find another issue running the TestAgent which is I get an exception when the cfg files are already exist. I will open up another thread to seek help.
>
> Any help is appreciated. Thanks!
>
> Regards,
> Bryan Chung
More information about the SNMP4J
mailing list