[SNMP4J] Agent timeout during snmpwalk/snmpget
J P
nojjer1986 at hotmail.com
Wed Jun 16 16:01:21 CEST 2010
Hi,
I am writing an SNMP agent which runs on a servlet running on apache-tomcat-6.0.20 and using the libraries snmp4j-1.11 and snmp4j-agent-1.4. The purpose of the SNMP agent is to get details of the servlet over SNMP.
It is configured to work over SNMPv1,2 and 3.
SNMPv3 authentication works so the agent is working to some extent. If I place an incorrect auth password in I get an authentication failure back from the agent:
[user at linux bin]$ snmpwalk -v 3 -a MD5 -A MD5AES256AthPassword -l authPriv -x AES -X MD5AES256AuthPassword -u MD5AES256 127.0.0.1 .1.3.6.1
snmpwalk: Authentication failure (incorrect password, community or key)
If the details are correct I get a time out:
[user at linux bin]$ snmpwalk -v 3 -a MD5 -A MD5AES256AuthPassword -l authPriv -x AES -X MD5AES256AuthPassword -u MD5AES256 127.0.0.1 .1.3.6.1
Timeout: No Response from 127.0.0.1
[user at linux bin]$ snmpwalk -v 3 -a MD5 -A MD5AES256AuthPassword -l authPriv -x AES -X MD5AES256AuthPassword -u MD5AES256 127.0.0.1 0.0
Timeout: No Response from 127.0.0.1
A wireshark trace shows the following for the authenticated snmpwalk on .1.3.6.1:
Manager Agent
-----------------get-next(with no engineID)---------------->
<------SNMP-USER-BASED-SM-MIB.usmStatsUnknownEngineIDs------
------------------get-next(with engineID)------------------> (I assume snmpwalk grabs the engineID from the report and resends here)
<------SNMP-USER-BASED-SM-MIB.usmStatsNotInTimeWindows------
------------------get-next(with engineID)------------------>
------------------get-next(with engineID)------------------>
------------------get-next(with engineID)------------------>
------------------get-next(with engineID)------------------>
What do I need to set in the agent to allow snmpwalk to do this successfully?
I tried using SNMPv1 and got the following back:
[user at linux bin]$ snmpwalk -v 1 -c public 127.0.0.1 .1.3.6.1
Error in packet.
Reason: (genError) A general failure occurred
Failed object: SNMPv2-SMI::org
It is the same story for snmpget. The trace for this gives no extra information.
Below i have put the Main class for the agent and the code used to start it up. What am i doing wrong?
========================AgentMain.java===========================
package snmp;
import java.io.File;
import java.io.IOException;
import javax.servlet.ServletContext;
import org.apache.log4j.Logger;
import org.snmp4j.TransportMapping;
import org.snmp4j.agent.BaseAgent;
import org.snmp4j.agent.CommandProcessor;
import org.snmp4j.agent.DuplicateRegistrationException;
import org.snmp4j.agent.mo.MOTableRow;
import org.snmp4j.agent.mo.snmp.RowStatus;
import org.snmp4j.agent.mo.snmp.SnmpCommunityMIB;
import org.snmp4j.agent.mo.snmp.SnmpNotificationMIB;
import org.snmp4j.agent.mo.snmp.SnmpTargetMIB;
import org.snmp4j.agent.mo.snmp.StorageType;
import org.snmp4j.agent.mo.snmp.TransportDomains;
import org.snmp4j.agent.mo.snmp.VacmMIB;
import org.snmp4j.agent.security.MutableVACM;
import org.snmp4j.mp.MPv3;
import org.snmp4j.mp.MessageProcessingModel;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.security.AuthMD5;
import org.snmp4j.security.PrivAES256;
import org.snmp4j.security.SecurityLevel;
import org.snmp4j.security.SecurityModel;
import org.snmp4j.security.USM;
import org.snmp4j.security.UsmUser;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.Integer32;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.UdpAddress;
import org.snmp4j.smi.Variable;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.TransportMappings;
import org.snmp4j.util.ThreadPool;
/**
* The Class agentMain.
*/
public class AgentMain extends BaseAgent {
/** The logger. */
private static Logger logger = Logger.getLogger("servlet");
/** The mib. */
private Mib mib;
/** Number of threads per SNMP agent. */
private static final int NUM_THREADS = 4;
/** The local transport mapping address. */
private String address;
/**
* Sets the address.
*
* @param inAddress the new address
*/
public final void setAddress(final String inAddress) {
address = inAddress;
}
/**
* Adds a shutdown hook that saves the internal config into the config file
* when a SIGTERM (Ctrl-C) is terminating the agent.
*/
public final void addShutdownHook() {
Runtime.getRuntime().addShutdownHook(new Thread() {
public void run() {
saveConfig();
}
});
}
/**
* Finishes intialization of the agent by connecting server and command
* processor, setting up USM, VACM, notification targets, and finally sending
* a coldStart notification to configured targets.
*/
public final void finishInit() {
if (agentState < STATE_INIT_STARTED) {
logger.fatal("Agent initialization finish is called before "
+ "initialization, current state is " + agentState);
}
agent.setNotificationOriginator(notificationOriginator);
agent.addMOServer(server);
agent.setCoexistenceProvider(snmpCommunityMIB);
agent.setVacm(vacmMIB);
dispatcher.addCommandResponder(agent);
agentState = STATE_INIT_FINISHED;
}
/**
* @see org.snmp4j.agent.BaseAgent#sendColdStartNotification()
*/
public final void sendColdStartNotification() {
notificationOriginator.notify(new OctetString(), SnmpConstants.coldStart,
new VariableBinding[0]);
}
/**
* Instantiates a new agent.
*
* @param bootCounterFile the boot counter file
* @param configFile the config file
* @param sc the application context
* @param propFile the path to the SNMP properties file
* @throws ServletContextIsNullException the servlet contect cannot be null.
*/
public AgentMain(final File bootCounterFile, final File configFile, final ServletContext sc,
final String propFile) throws ServletContextIsNullException {
super(bootCounterFile, configFile,
new CommandProcessor(new OctetString(MPv3.createLocalEngineID())));
if (sc == null) {
throw new ServletContextIsNullException();
}
mib = new Mib(sc, propFile);
agent.setWorkerPool(ThreadPool.create("RequestPool", NUM_THREADS));
}
@Override
protected final void addCommunities(final SnmpCommunityMIB communityMIB) {
Variable[] com2sec = new Variable[] {
new OctetString("public"), // community name
new OctetString("cpublic"), // security name
getAgent().getContextEngineID(), // local engine ID
new OctetString("public"), // default context name
new OctetString(), // transport tag
new Integer32(StorageType.nonVolatile), // storage type
new Integer32(RowStatus.active) // row status
};
MOTableRow row =
communityMIB.getSnmpCommunityEntry().createRow(
new OctetString("public2public").toSubIndex(true), com2sec);
communityMIB.getSnmpCommunityEntry().addRow(row);
}
@Override
protected final void addNotificationTargets(final SnmpTargetMIB targetMIB,
final SnmpNotificationMIB notificationMIB) {
final int timeout = 200;
final int retries = 1;
targetMIB.addDefaultTDomains();
targetMIB.addTargetAddress(new OctetString("notificationv2cIPv6"),
TransportDomains.transportDomainUdpIpv6,
new OctetString(new UdpAddress("::1/128").getValue()),
timeout, retries,
new OctetString("notify"),
new OctetString("v2c"),
StorageType.permanent);
targetMIB.addTargetAddress(new OctetString("notificationV3IPv6"),
TransportDomains.transportDomainUdpIpv6,
new OctetString(new UdpAddress("::1/128").getValue()),
timeout, retries,
new OctetString("notify"),
new OctetString("v3notify"),
StorageType.permanent);
targetMIB.addTargetAddress(new OctetString("notificationV2cIPv4"),
TransportDomains.transportDomainUdpIpv4,
new OctetString(new UdpAddress("127.0.0.1/162").getValue()),
timeout, retries,
new OctetString("notify"),
new OctetString("v2c"),
StorageType.permanent);
targetMIB.addTargetAddress(new OctetString("notificationV3IPv4"),
TransportDomains.transportDomainUdpIpv4,
new OctetString(new UdpAddress("127.0.0.1/162").getValue()),
timeout, retries,
new OctetString("notify"),
new OctetString("v3notify"),
StorageType.permanent);
targetMIB.addTargetParams(new OctetString("v2c"),
MessageProcessingModel.MPv2c,
SecurityModel.SECURITY_MODEL_SNMPv2c,
new OctetString("cpublic"),
SecurityLevel.AUTH_PRIV,
StorageType.permanent);
targetMIB.addTargetParams(new OctetString("v3notify"),
MessageProcessingModel.MPv3,
SecurityModel.SECURITY_MODEL_USM,
new OctetString("v3notify"),
SecurityLevel.NOAUTH_NOPRIV,
StorageType.permanent);
notificationMIB.addNotifyEntry(new OctetString("default"),
new OctetString("notify"),
SnmpNotificationMIB.SnmpNotifyTypeEnum.trap,
StorageType.permanent);
}
@Override
protected final void addUsmUser(final USM usm) {
UsmUser user = new UsmUser(new OctetString("v3notify"),
null,
null,
null,
null);
usm.addUser(user.getSecurityName(), null, user);
user = new UsmUser(new OctetString("MD5AES256"),
AuthMD5.ID,
new OctetString("MD5AES256AuthPassword"),
PrivAES256.ID,
new OctetString("MD5AES256PrivPassword"));
usm.addUser(user.getSecurityName(), usm.getLocalEngineID(), user);
}
@Override
protected final void addViews(final VacmMIB vacm) {
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv1,
new OctetString("cpublic"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c,
new OctetString("cpublic"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_USM,
new OctetString("v3notify"),
new OctetString("v3group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_USM,
new OctetString("MD5AES256"),
new OctetString("v3group"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v1v2group"), new OctetString("cpublic"),
SecurityModel.SECURITY_MODEL_ANY,
SecurityLevel.NOAUTH_NOPRIV,
MutableVACM.VACM_MATCH_EXACT,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v3group"), new OctetString(),
SecurityModel.SECURITY_MODEL_USM,
SecurityLevel.AUTH_PRIV,
MutableVACM.VACM_MATCH_EXACT,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullReadView"), new OID("1.3.6.1"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullWriteView"), new OID("1.3.6.1"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullNotifyView"), new OID("1.3.6.1"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
}
/**
*
* Initialise the transport mappings.
*
* @throws IOException throws IOException if the program cannot open the
* config file.
*/
protected final void initTransportMappings() throws IOException {
transportMappings = new TransportMapping[1];
Address addr = GenericAddress.parse(address);
TransportMapping tm =
TransportMappings.getInstance().createTransportMapping(addr);
transportMappings[0] = tm;
}
@Override
protected final void registerManagedObjects() {
try {
mib.registerMOs(server, null);
} catch (DuplicateRegistrationException e) {
logger.warn("The MIB has been registered than once", e);
}
}
@Override
protected final void unregisterManagedObjects() {
mib.unregisterMOs(server, null);
}
}
======================AgentMain.java End=========================
=========================Startup Code============================
try {
LOG.info("Instantiating snmpAgent");
String address = "0.0.0.0/161";
AgentMain snmpAgent = new AgentMain(snmpCounterFile, snmpConfigFile,
context, snmpPropertiesFileName);
LOG.info("Starting snmpAgent");
snmpAgent.setAddress(address);
snmpAgent.init();
snmpAgent.loadConfig(ImportModes.REPLACE_CREATE);
snmpAgent.addShutdownHook();
snmpAgent.getServer().addContext(new OctetString("public"));
snmpAgent.finishInit();
snmpAgent.run();
snmpAgent.sendColdStartNotification();
LOG.info("Done");
} catch (ServletContextIsNullException e1) {
LOG.error("",e1);
} catch (IOException e) {
LOG.error("",e);
}
=======================Startup Code End==========================
Thanks,
John Payce
_________________________________________________________________
http://clk.atdmt.com/UKM/go/195013117/direct/01/
We want to hear all your funny, exciting and crazy Hotmail stories. Tell us now
More information about the SNMP4J
mailing list