-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm running several debian etch systems with net-snmp 5.2.3, and have
run into an issue with secondary IP addresses.
Most of my boxes are configured with multiple IP addresses, and if I run
snmpd with the default agentaddress any snmp queries sent to secondary
IP addresses are responded to with the *PRIMARY* IP address of the
interface in the response packet. This doesn't break snmpwalk, but does
break other snmp clients (like OpenNMS).
I have found that I can work around this problem by explicitly
specifying *ALL* IP addresses configured on the box via agentaddress in
the configuration file, but this is cumbersome to say the least.
Has anyone else encountered this before? Is there a reason the default
0/0 listen address should send replies from a different IP address than
the query was sent to (ie: maybe a goof in my low-level network setup)?
Any suggestions for a better solution or work-around?
Configuration details follow:
Linux network configuration:
- ----------------------------
# ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:50:04:bd:2e:75 brd ff:ff:ff:ff:ff:ff
inet 199.79.203.62/24 brd 199.79.203.255 scope global eth0
inet 199.79.203.49/32 scope global eth0
inet 199.79.203.50/32 scope global eth0
inet 199.79.203.51/32 scope global eth0
inet 199.79.203.52/32 scope global eth0
inet 199.79.203.53/32 scope global eth0
inet 199.79.203.54/32 scope global eth0
inet 199.79.203.55/32 scope global eth0
inet 199.79.203.56/32 scope global eth0
inet 199.79.203.57/32 scope global eth0
inet 199.79.203.58/32 scope global eth0
inet 199.79.203.59/32 scope global eth0
inet 199.79.203.60/32 scope global eth0
inet 199.79.203.61/32 scope global eth0
# ip route show
199.79.203.0/24 dev eth0 proto kernel scope link src 199.79.203.62
default via 199.79.203.1 dev eth0
Broken snmpd setup (using default listen address):
- --------------------------------------------------
/etc/snmp/snmpd.conf: no agentaddress setting
# netstat -lnp | grep 161
udp 0 0 0.0.0.0:161 0.0.0.0:* 8002/snmpd
# tcpdump -nvi eth0 port 161 | head
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes
19:34:22.118633 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 73) 199.79.203.4.54415 > 199.79.203.59.161: { SNMPv1
C=xxx { GetNextRequest(25) R=2133930328 .1.3.6.1.2.1 } }
19:34:22.120104 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 138) 199.79.203.62.161 > 199.79.203.4.54415: { SNMPv1
C=xxx { GetResponse(90) R=2133930328 .1.3.6.1.2.1.1.1.0=[|snmp] } }
- - Note wrong IP address for return packet!!! Reply source IP does not
match query destination IP!!!
- - ...but queries to the main IP work:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes
19:35:30.027887 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 73) 199.79.203.4.54424 > 199.79.203.62.161: { SNMPv1
C=xxx { GetNextRequest(25) R=1194446227 .1.3.6.1.2.1 } }
19:35:30.028331 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 138) 199.79.203.62.161 > 199.79.203.4.54424: { SNMPv1
C=xxx { GetResponse(90) R=1194446227 .1.3.6.1.2.1.1.1.0=[|snmp] } }
Working snmpd setup (agentaddress specifies all IPs on eth0):
- -------------------------------------------------------------
/etc/snmp/snmpd.conf: agentaddress
199.79.203.62:161,199.79.203.61:161,199.79.203.60:161,199.79.203.59:161,199.79.203.58:161,199.79.203.57:161,199.79.203.56:161,199.79.203.55:161,199.79.
203.54:161,199.79.203.53:161,199.79.203.52:161,199.79.203.51:161,199.79.203.50:161,199.79.203.49:161
# netstat -lnp | grep 161
udp 0 0 199.79.203.49:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.50:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.51:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.52:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.53:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.54:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.55:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.56:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.57:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.58:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.59:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.60:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.61:161 0.0.0.0:* 8092/snmpd
udp 0 0 199.79.203.62:161 0.0.0.0:* 8092/snmpd
# tcpdump -nvi eth0 port 161 | head -n 2
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes
19:40:53.481081 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 73) 199.79.203.4.54450 > 199.79.203.59.161: { SNMPv1
C=xxx { GetNextRequest(25) R=1027121299 .1.3.6.1.2.1 } }
19:40:53.483336 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto:
UDP (17), length: 138) 199.79.203.59.161 > 199.79.203.4.54450: { SNMPv1
C=xxx { GetResponse(90) R=1027121299 .1.3.6.1.2.1.1.1.0=[|snmp] } }
- - Note reply source IP address is now correct, and matches IP request
was sent to!
- --
Charles Steinkuehler
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGiEpZenk4xp+mH40RAj6wAJ9gI7xN/TBCZCZ35RMRmWiASuoi0QCeND5B
TI+G7uMJI/MDirW5p5aEV2I=
=e0K/
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
