[SNMP4J] TCP Socket in SYN_RECV when sending V3 traps [RESOLVED]
Neeraj Vaidya
neeraj.vaidya at yahoo.co.in
Tue Jun 20 16:19:40 CEST 2017
Hi Frank
My issue is resolved. Thanks for your guidance.
All I had to do was to not use any engine Id at all and thus allow engine id discovery.
On the net snmp trap Collector side I had to create a separate user for sending informs, which did not have any specific engine Id in the createUser directive.
Regards,
Neeraj
> On 19 Jun 2017, at 12:37, Neeraj Vaidya <neeraj.vaidya at yahoo.co.in> wrote:
>
> Thanks Frank. So how do I get the authoritativeEngineId at runtime ?
>
> The remote snmptrap collector has provided me with a user id of myuser and engine id of 0102030405. This is via an email correspondence which I had with the administrators of the remote system.
>
> When I use the SnmpRequest tool bundled as part of snmp4j, which engineId parameters do I need to set when sending an INFORM ?
> -l , -e , -E ?
>
> I tried setting just the -e flag with 0102030405 on the command line of this tool and still at the receiving end i.e. in the logs of the net-snmp trap collector I see a message of "no match on engineID (80 00 88 .....)"
> Basically, the snmptrapd collector is not using 0102030405 for USM engine ID matching purposes.
>
> If I were to send just a coldStart trap with the SnmpRequest tool bundled in snmp4j distribution, what command line do I need to use ?
> My engine ID which I can successfully specify as the authoritativeEngineId via -e flag is 0102030405, when using the snmptrap utility.
> I was of the opinion that the same -e flag can be used in SnmpRequest utility as well.
>
> Regards,
> Neeraj
>
> --------------------------------------------
> On Mon, 19/6/17, Frank Fock <fock at agentpp.com> wrote:
>
> Subject: Re: [SNMP4J] TCP Socket in SYN_RECV when sending V3 traps
> To: "Neeraj Vaidya" <neeraj.vaidya at yahoo.co.in>
> Cc: snmp4j at agentpp.org
> Date: Monday, 19 June, 2017, 8:31 AM
>
> Hi Neeraj,
>
> Please make sure, that you have understand the
> engine ID and context
> engine ID terms and
> usages.
> It seems that you mix up things.
> Your example below cannot work for
> INFORM
> PDUs, because
> you need to specify the
> authoritative engine ID as context engine ID
> then. This is the
> INFORM
> *receivers* engine ID.
> Instead, you use the
> senders engine ID. The receiver should drop/ignore
> such an INFORM message with
> unknownPduHandles counter increased.
>
> Best regards,
> Frank
>
> Am
> 16.06.2017 um 22:41 schrieb Neeraj Vaidya:
>> Hi Frank,
>> Coming back
> to this conversation as I have been away from this task due
> to other project commitments.
>> In the
> example below, I have also noticed that if I change the PDU
> type to INFORM, the receiving snmptrap collector (which is
> net-snmp snmptrapd) fails to match the engine id. It picks
> up something totally different from what I am setting
> below.
>> Is there some other place where
> I need to set the engineId ?
>>
>> Regards,
>> Neeraj
>>
>> Sent from my
> iPhone
>>
>> On 24 May
> 2017, at 16:44, Frank Fock <fock at agentpp.com>
> wrote:
>>
>>>>
> ------------------------------------------------ Code Start
> ------------------------------------------------
>>>>
>>>>
> Address address =
> GenericAddress.parse("tcp:rhelhost1/1163");
>>>>
>>>>
> try {
>>>>
> TransportMapping transportMapping = new
> DefaultTcpTransportMapping();
>>>>
> transportMapping.listen();
>>>>
>>>> Snmp snmp = new
> Snmp(transportMapping);
>>>>
>>>> USM usm = new
> USM(SecurityProtocols.getInstance(),
>>>>
> new
> OctetString(MPv3.createLocalEngineID()), 0);
>>>>
>>>>
> SecurityModels.getInstance().addSecurityModel(usm);
>>>>
>>>>
> //snmp.listen(); ----> Do I need to use this
> invocation ??
>>>>
>>>> byte[] b = (new
> BigInteger("0102030405",16)).toByteArray();
>>>>
>>>>
> snmp.getUSM().addUser(new
> OctetString("snmp4j"),
>>>> new
> UsmUser(new OctetString("snmp4j"), AuthMD5.ID, new
> OctetString("snmp4j"), PrivDES.ID, new
> OctetString("snmp4j")));
>>>>
>>>> UserTarget
> target = new UserTarget();
>>>>
>
>>>>
> target.setAddress(address);
>>>>
> target.setRetries(1);
>>>>
> target.setTimeout(5000);
>>>>
> target.setVersion(SnmpConstants.version3);
>>>>
> target.setSecurityLevel(SecurityLevel.AUTH_NOPRIV);
>>>>
> target.setSecurityName(new
> OctetString("snmp4j"));
>>>>
>>>> // create the
> PDU
>>>> ScopedPDU
> pdu = new ScopedPDU();
>>>>
> long sysUpTime =
> Instant.now().getEpochSecond();
>>>> //pdu.add(new
> VariableBinding(SnmpConstants.sysUpTime),new OctetString(new
> Date().toString()));
>>>>
> pdu.setType(ScopedPDU.TRAP);
>>>> pdu.add(new
> VariableBinding(SnmpConstants.sysUpTime, new
> TimeTicks(sysUpTime)));
>>>>
> pdu.add(new
> VariableBinding(SnmpConstants.snmpTrapOID,
> SnmpConstants.linkUp));
>>>>
> pdu.setContextEngineID(new
> OctetString().fromByteArray(b));
>>>>
> snmp.setLocalEngine(b, 0, 0);
>>>>
> // send the PDU
>>>>
>>>> ResponseEvent
> response = null;
>>>>
>>>> response =
> snmp.send(pdu, target);
>>>>
>>>>
> Thread.sleep(10); // This Sleep somehow allows the entire
> TCP 3-way handshake to occur without terminating the
> program
>>>>
>>>> snmp.close();
>>>>
>>>>
> } catch (IOException e) {
>>>>
> e.printStackTrace();
>>>>
> } catch (InterruptedException e) {
>>>>
> e.printStackTrace();
>>>>
> }
>>>>
> ------------------------------------------------ Code End
> -----------------------------------------------
>
> --
> ---
> AGENT++
> Maximilian-Kolbe-Str.
> 10
> 73257 Koengen, Germany
> https://agentpp.com
> Phone: +49 7024 8688230
> Fax:
> +49 7024 8688231
>
>
More information about the SNMP4J
mailing list