Re: What is the correct encoding for SNMP type Unsigned32?

Tue, 29 May 2012 01:35:51 -0700 

On 29 May 2012 08:39, Jan Willamowius <j...@willamowius.de> wrote:
>> First question - are they actually different,
>> or are they simply being reported differently?
>
> They actually are slighly different.


> From Net-SNMP based agent: (decoded as Gauge32 by Wireshark)
>
> Received 48 byte packet from UDP: [192.168.1.189]:161->[0.0.0.0]:54767
> 0000: 30 2E 02 01  01 04 06 70  75 62 6C 69  63 A2 21 02    0......public¢!.
> 0016: 04 7A CB 78  0E 02 01 00  02 01 00 30  13 30 11 06    .zËx.......0.0..
> 0032: 0C 2B 06 01  04 01 81 DA  22 0B 01 03  00 42 01 00    .+.....Ú"....B..

The important bit here is the last three octets:
     42    type = (ASN_APPLICATION | 2)
     01    len   = 1
     00    value = 0

This comes from RFC 1902:
          -- this doesn't wrap
          Gauge32 ::=
              [APPLICATION 2]
                  IMPLICIT INTEGER (0..4294967295)

          -- an unsigned 32-bit quantity
          -- indistinguishable from Gauge32
          Unsigned32 ::=
              [APPLICATION 2]
                  IMPLICIT INTEGER (0..4294967295)



> From the Windows agent: (decoded as Unsigned32 by Wireshark)
>
> Received 48 byte packet from UDP: [192.168.1.100]:161->[0.0.0.0]:40864
> 0000: 30 2E 02 01  01 04 06 70  75 62 6C 69  63 A2 21 02    0......public¢!.
> 0016: 04 6A 67 E6  37 02 01 00  02 01 00 30  13 30 11 06    .jgæ7......0.0..
> 0032: 0C 2B 06 01  04 01 81 DA  22 0B 01 03  00 47 01 00    .+.....Ú"....G..

     47    type = (ASN_APPLICATION | 7)
     01    len   = 1
     00    value = 0

This comes from RFC 1442:

          -- this doesn't wrap
          Gauge32 ::=
              [APPLICATION 2]
                  IMPLICIT INTEGER (0..4294967295)

           -- an unsigned 32-bit quantity
          UInteger32 ::=
              [APPLICATION 7]
                  IMPLICIT INTEGER (0..4294967295)

RFC 1442 was obsoleted by RFC 1902  in 1996.

Dave

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to