[SNMP4J] Question about receiving SNMPv3 traps

Frank Fock fock at agentpp.com
Tue Jan 8 02:24:51 CET 2019 

Hello Girish,

You can use approach (1) with autoDiscoveryEnabled.
if it is not enabled, you will have to use approach (2).

Having a different user ID (you mean securityName) for each trap sender won’t help,
because the SNMPv3 USM lookup uses the engineID anyway.

Best regards,
Frank  

> On 7. Jan 2019, at 01:11, Girish Venkatasubramanian <girishvs at gmail.com> wrote:
> 
> Hello
> I am seeking some clarification about receiving SNMPv3 traps using SNMP4J.
> 
> In my setup, I have a few network devices configured for SNMPv3. They all
> use the *same* userName and auth and priv keys. They are configured to use
> authentication and privacy when sending traps.
> 
> In my trap receiver, which I plan to write using SNMP4J, the userName and
> credentials are known.
> 
> 1) In order to receive the traps from these devices, is it sufficient to
> add an entry in the USM cache of my TrapReceiver as below  ?
> 
> *snmp*.getUSM().addUser( *new *OctetString(username),
> 
>                       *new *UsmUser(*new *OctetString(username), AuthMD5.
> *ID*, *new *OctetString(authpassphrase), PrivAES128.*ID*, *new *
> OctetString(privacypassphrase)));
> 
> 
> From this email thread,
> http://oosnmp.net/pipermail/snmp4j/2013-April/005042.html I quote
> "
> 
> If you set the autoDiscovery property of the USM to true, then it is
> even easier.
> You do not have to add localized USM users (thus you do not have to know the
> engineIDs of the notification senders), you simply add the users without
> engineID.
> 
> "
> To clarify, do I need to set the autoDiscovery property on the USM of the
> trap receiver ?
> 
> 2) If I have to add a localized user for each of these trap senders, then
> should Snmp.discoverAuthoritativeEngineID(..) be used and then a
> per-trap-sender target be added using this engine ID ? That is, the key
> localization approach as shown
> https://doc.snmp.app/pages/viewpage.action?pageId=1441800
> 
> Ideally, I would like to avoid having to discover the authoritative engine
> ID as that will restrict the ability of my trap receiver to receive traps
> only from known targets . Would having a different userName (but same
> authentication and privacy keys) for each of the trap sender help ?
> 
> Any clarifications on these would be greatly appreciated.
> Thanks
> Girish
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> https://oosnmp.net/mailman/listinfo/snmp4j

More information about the SNMP4J mailing list