[SNMP4J] SNMPv3 - Duplicate NE configurations including engineID and users

Tal Gendler TalG at Radware.com
Mon Dec 27 13:06:59 CET 2010 

The problem is that we can't change the engineID on the devices - we get it as is.
From your answer I assume there is no way to make it work in our current setup ? 
 
Is it possible to solve with several instances of snmp ? For example to hold a unique snmp object for each duplicated device ?

Thanks, 
Tal

On Mon, 2010-12-27 at 10:53 +0100, Frank Fock wrote: 

	
	Hi Tal,
	
	The SNMPv3 standard *requires* that each device has its own
	engine ID. That simple it is.
	As the device knows its IP address, it could derive
	a unique engine ID from that IP address. See the SNMPv3
	RFCs for details.
	
	Best regards,
	Frank
	
	On 27.12.2010 10:45, Tal Gendler wrote:
	> Hi All,
	>
	> We have a common practice with our network elements to duplicate their configuration in order to create a cluster.
	> By duplicate I mean they are exactly the same the only difference is their IP address. What bothers me is that they have the same engineID and SNMP user table.
	> While one of the devices is connected there is no problem with that, however when two devices with the same engineID are connected to the snmp agent we can't talk to both of them.
	> In our implementation we have only one instance of snmp object which is responsible to sending and receiving (listener) all info from devices (traps, responses...).
	> We are also doing to following which we think is sufficient to support multiple devices with one instance of snmp.
	>
	> 1) We first discover engineID by running : snmp.discoverAuthoritativeEngineID
	> 2) Add the discovered engineID to Messages Processing : MPv3.addEngineID(deviceAddress,discoveredEngineId);
	> 3) Add respective user to UsmUserTable : usm.addUser(usmUserName, contextEngineId, generateUsmUser(userInfo));
	>
	> All this is sufficient for us to work with multiple devices using snmpv3 running one instance of snmp. However it's not working when there are two devices (or more we haven't tested it) with the same engineID configured on them.
	>
	> What do you think we should add to support this ?
	>
	> Thanks,
	> Tal
	> _______________________________________________
	> SNMP4J mailing list
	> SNMP4J at agentpp.org
	> http://lists.agentpp.org/mailman/listinfo/snmp4j
	
	-- 
	AGENT++
	http://www.agentpp.com
	http://www.snmp4j.com
	http://www.mibexplorer.com
	http://www.mibdesigner.com
	
	_______________________________________________
	SNMP4J mailing list
	SNMP4J at agentpp.org
	http://lists.agentpp.org/mailman/listinfo/snmp4j

More information about the SNMP4J mailing list