Per Thomas Anders:
> I'd start with describing your desired change(s) in detail and see
> whether it attracts anyone to do the work. If no-one picks it up
> immediately, I'd submit a feature request at
> Patches should be submitted to www.net-snmp.org/patches .
---
Folks,
I need to specify the SOURCE IP address in both my polling / agent environment. This is very similar to the -I option in the PING command. This is needed because I monitor specific devices that live on my customers networks. However, I have no administrative or addressing control of those networks. Often the customer network has duplicate addresses, networks or at the very least, overlapping networks with other customers. 192.168.1.0 /24 behind a DSL/Cable modem firewall is a very common situation.
Standard IP routing cant handle this situation as IPROUTE makes it's decisions based on the destination address. In my case, I would have two customers with the same network address pointed to two different tunnels. To currently solve this, I'm using server virtualization and creating different instances of Linux. But this does not scale well due to memory overhead for Linux. In fact, it limits me to about a dozen customers to a high end server - not a financially sustainable model. If I can specify the source address in the command line, I can then use policy routing and direct the traffic based upon the source address instead of the destination address. This would allow for a single instance of Linux and my management software to monitor 80 to 100 customers per high end server. A much better cost structure.
While I'm not a coder.... I assume that much of the PING source could be reused to make the required changes. I understand that the impacted call would be to the bind() command which would need to be done before the connect().
The resulting behaviour that I would like to see would be for my poller (Cacti) to be able to specify the source IP address in a script when it sets up the polling instance. I know I will need changes in Cacti as well but that cant happen till Net-SNMP supports this feature. If this can be done, then the policy based routing will send the packets to the appropriate tunnel for the appropriate customer. Additionally, the poller should listen on that same IP address for the return information. This would be more of the SNMP get / walk etc commands.
Likewise, on an agent sending alerts, I would like to specify the source of the alert to be a loopback interface. This would allow me to use a loopback interface to identify my Linux routers as those addresses are tied into DNS. If I'm correct, once the code is developed for one of the snmp commands, it could be reused across all commands and the agents as well. This would allow each command to have a single, common command line option. I would recommend the -I or -i or --interface option but that is can be changed as well. I'm not picky on the implementation.
Nice to have but not required:
It would be nice if there was a check on the option to make sure that the source address specified was of the right format, if not the standard 4 octect format, do a DNS lookup on the name provided. Lastly, one other nice feature as it would help with security, would be to check and see if the resulting IP address is one of the interfaces on the local host and return an error if not.
Anyone willing to take this on?
David Lott
President
JDMS, LLC
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
