[SNMP4J] TCP Socket in SYN_RECV when sending V3 traps
Neeraj Vaidya
neeraj.vaidya at yahoo.co.in
Wed Jun 21 01:32:56 CEST 2017
Thanks Frank. As mentioned in my previous email my issue is now resolved. I did not specify any engineID on the SnmpRequest command line.
Also, when sending TRAP in v3, I am using my own implementation of the TcpTransportMapping by using non-NIO socket operations.
Regards,
Neeraj
> On 21 Jun 2017, at 03:05, Frank Fock <fock at agentpp.com> wrote:
>
> Hi Neeraj,
>
> As I wrote before, you first have to understand the engine ID concept.
> Otherwise, you will not get it running (unless by accident).
>
> For INFORM you have to specify the engine ID of the NET-SNMP target engine as authoritative engine ID.
> You first have to discover it or let SNMP4J discover it.
>
> Best regards,
> Frank
>
>
>> On 19. Jun 2017, at 04:37, Neeraj Vaidya <neeraj.vaidya at yahoo.co.in> wrote:
>>
>> Thanks Frank. So how do I get the authoritativeEngineId at runtime ?
>>
>> The remote snmptrap collector has provided me with a user id of myuser and engine id of 0102030405. This is via an email correspondence which I had with the administrators of the remote system.
>>
>> When I use the SnmpRequest tool bundled as part of snmp4j, which engineId parameters do I need to set when sending an INFORM ?
>> -l , -e , -E ?
>>
>> I tried setting just the -e flag with 0102030405 on the command line of this tool and still at the receiving end i.e. in the logs of the net-snmp trap collector I see a message of "no match on engineID (80 00 88 .....)"
>> Basically, the snmptrapd collector is not using 0102030405 for USM engine ID matching purposes.
>>
>> If I were to send just a coldStart trap with the SnmpRequest tool bundled in snmp4j distribution, what command line do I need to use ?
>> My engine ID which I can successfully specify as the authoritativeEngineId via -e flag is 0102030405, when using the snmptrap utility.
>> I was of the opinion that the same -e flag can be used in SnmpRequest utility as well.
>>
>> Regards,
>> Neeraj
>>
>> --------------------------------------------
>> On Mon, 19/6/17, Frank Fock <fock at agentpp.com> wrote:
>>
>> Subject: Re: [SNMP4J] TCP Socket in SYN_RECV when sending V3 traps
>> To: "Neeraj Vaidya" <neeraj.vaidya at yahoo.co.in>
>> Cc: snmp4j at agentpp.org
>> Date: Monday, 19 June, 2017, 8:31 AM
>>
>> Hi Neeraj,
>>
>> Please make sure, that you have understand the
>> engine ID and context
>> engine ID terms and
>> usages.
>> It seems that you mix up things.
>> Your example below cannot work for
>> INFORM
>> PDUs, because
>> you need to specify the
>> authoritative engine ID as context engine ID
>> then. This is the
>> INFORM
>> *receivers* engine ID.
>> Instead, you use the
>> senders engine ID. The receiver should drop/ignore
>> such an INFORM message with
>> unknownPduHandles counter increased.
>>
>> Best regards,
>> Frank
>>
>> Am
>> 16.06.2017 um 22:41 schrieb Neeraj Vaidya:
>>> Hi Frank,
>>> Coming back
>> to this conversation as I have been away from this task due
>> to other project commitments.
>>> In the
>> example below, I have also noticed that if I change the PDU
>> type to INFORM, the receiving snmptrap collector (which is
>> net-snmp snmptrapd) fails to match the engine id. It picks
>> up something totally different from what I am setting
>> below.
>>> Is there some other place where
>> I need to set the engineId ?
>>>
>>> Regards,
>>> Neeraj
>>>
>>> Sent from my
>> iPhone
>>>
>>> On 24 May
>> 2017, at 16:44, Frank Fock <fock at agentpp.com>
>> wrote:
>>>
>>>>>
>> ------------------------------------------------ Code Start
>> ------------------------------------------------
>>>>>
>>>>>
>> Address address =
>> GenericAddress.parse("tcp:rhelhost1/1163");
>>>>>
>>>>>
>> try {
>>>>>
>> TransportMapping transportMapping = new
>> DefaultTcpTransportMapping();
>>>>>
>> transportMapping.listen();
>>>>>
>>>>> Snmp snmp = new
>> Snmp(transportMapping);
>>>>>
>>>>> USM usm = new
>> USM(SecurityProtocols.getInstance(),
>>>>>
>> new
>> OctetString(MPv3.createLocalEngineID()), 0);
>>>>>
>>>>>
>> SecurityModels.getInstance().addSecurityModel(usm);
>>>>>
>>>>>
>> //snmp.listen(); ----> Do I need to use this
>> invocation ??
>>>>>
>>>>> byte[] b = (new
>> BigInteger("0102030405",16)).toByteArray();
>>>>>
>>>>>
>> snmp.getUSM().addUser(new
>> OctetString("snmp4j"),
>>>>> new
>> UsmUser(new OctetString("snmp4j"), AuthMD5.ID, new
>> OctetString("snmp4j"), PrivDES.ID, new
>> OctetString("snmp4j")));
>>>>>
>>>>> UserTarget
>> target = new UserTarget();
>>>>>
>>
>>>>>
>> target.setAddress(address);
>>>>>
>> target.setRetries(1);
>>>>>
>> target.setTimeout(5000);
>>>>>
>> target.setVersion(SnmpConstants.version3);
>>>>>
>> target.setSecurityLevel(SecurityLevel.AUTH_NOPRIV);
>>>>>
>> target.setSecurityName(new
>> OctetString("snmp4j"));
>>>>>
>>>>> // create the
>> PDU
>>>>> ScopedPDU
>> pdu = new ScopedPDU();
>>>>>
>> long sysUpTime =
>> Instant.now().getEpochSecond();
>>>>> //pdu.add(new
>> VariableBinding(SnmpConstants.sysUpTime),new OctetString(new
>> Date().toString()));
>>>>>
>> pdu.setType(ScopedPDU.TRAP);
>>>>> pdu.add(new
>> VariableBinding(SnmpConstants.sysUpTime, new
>> TimeTicks(sysUpTime)));
>>>>>
>> pdu.add(new
>> VariableBinding(SnmpConstants.snmpTrapOID,
>> SnmpConstants.linkUp));
>>>>>
>> pdu.setContextEngineID(new
>> OctetString().fromByteArray(b));
>>>>>
>> snmp.setLocalEngine(b, 0, 0);
>>>>>
>> // send the PDU
>>>>>
>>>>> ResponseEvent
>> response = null;
>>>>>
>>>>> response =
>> snmp.send(pdu, target);
>>>>>
>>>>>
>> Thread.sleep(10); // This Sleep somehow allows the entire
>> TCP 3-way handshake to occur without terminating the
>> program
>>>>>
>>>>> snmp.close();
>>>>>
>>>>>
>> } catch (IOException e) {
>>>>>
>> e.printStackTrace();
>>>>>
>> } catch (InterruptedException e) {
>>>>>
>> e.printStackTrace();
>>>>>
>> }
>>>>>
>> ------------------------------------------------ Code End
>> -----------------------------------------------
>>
>> --
>> ---
>> AGENT++
>> Maximilian-Kolbe-Str.
>> 10
>> 73257 Koengen, Germany
>> https://agentpp.com
>> Phone: +49 7024 8688230
>> Fax:
>> +49 7024 8688231
>>
>>
>
More information about the SNMP4J
mailing list