Hi all, I am running snmpd on Fedora Core 3. I am trying to make snmpd open port 161 for listening for both TCP and UDP and for both IPv4 and IPv6. I am getting error messages:
[EMAIL PROTECTED] .libs]# /usr/local/sbin/snmpd udp:161 tcp:161 udp6:161 tcp6:161 -f -L -d
Error opening specified endpoint "tcp6:161"
Server Exiting with code 1
[EMAIL PROTECTED] .libs]#
When I remove one of either tcp6:161 or tcp:161 it works fine.
When trying to use two processes to to the same:
[EMAIL PROTECTED] .libs]# /usr/local/sbin/snmpd udp:161 tcp:161 udp6:161 -f -L -d ---- Works fine.
From another window:
[EMAIL PROTECTED] net-snmp-5.2]# /usr/local/sbin/snmpd tcp6:161 -f -L -d
Error opening specified endpoint "tcp6:161"
Additional Information
When I run snmpwalk on the snmpd after running it for the following option:
/usr/local/sbin/snmpd udp:161 tcp:161 udp6:161 -f -L -d
It has succeeded for both TCP and TCP6.
What I Think is Happening
The bind for listening for any TCP IPv6 address port 161 is also automatically listening to any IPv4 address.
My questions are::
1. Is there a way to configure the agent to listen to any IPv6 address but not any IPv4 address?
2. Is that a limitation of the OS socket interface?
3. Is that specific to the Fedora OS or we will see the same behavior on other platforms?
4. Having unnecessary port open (TCP IPv4 161) in the case when a system wants to listen to only IPv6 addresses is not a good practice. Security is one of the top priorities these days. Are there any plans to fix this?
Thanks,
Shuki Sasson
Principal Engineer, Network Storage Group
EMC�
where information lives
Fax: 508 305 9026
Phone: 508 305 8515
Cell: 617 834 4258
Pager: 877 919 0794
Email: [EMAIL PROTECTED]
