i would like to know whether i can use the getbulk command with SNMPv1. If yes please let me know its adv... in no then what are the drawbacks.
Thanks in advance.
Uday.
No. That is determined by the protocol stack (GET BULK was introduced in v2 stack), not by other factors.
If you want to use GET BULK, you have to use SNMP v2 and v3, not v1.
As others have stated, the GetBulkRequest was introduced in SNMPv2. However you may find it useful to know that a version 1 GetRequest PDU can be associated with multiple variable bindings. In doing so, the GetRequest response will contain a mapping of those OID objects and their current values (if the request was successful).
If you do not require the "walking" of the tree, and you have all the OID's in advance, then loading a GetRequest with all needed variable bindings may work for you.
If you are using Java, the SNMP4J API is compatible with SNMP v1, v2c and v3.
SNMP4J API
It's worth noting that GETBULK is in v2c, which is a minor upgrade to SNMPv1 and thus supported by nearly every device these days even if the vendor didn't go to the trouble of doing SNMPv3 entirely.
SNMPv1: uses communities with V1 PDUs
SNMPv2c: uses communities with V2 PDUs
SNMPv3: uses multiple security modules with V2 PDUs
And then the SMI version numbers (1 and 2) can be used with any protocol unless there are SMIv2 datatypes which can't be accessed with V1 PDUs (eg, counter64).
If you perform snmpbulkwalk using v1 then you will recieve the following error
bash# snmpbulkwalk -v 1 -Os -c demopublic test.net-snmp.org
No log handling enabled - using stderr logging
snmpbulkwalk: Cannot send V2 PDU on V1 session
as snmpbulkwalk introduced on v 2c, performing this will bring you the neat output, learn the concept
bash# snmpbulkwalk -v2c -Os -c demopublic test.net-snmp.org
sysDescr.0 = STRING: test.net-snmp.org
sysObjectID.0 = OID: netSnmpAgentOIDs.10
sysUpTimeInstance = Timeticks: (174391443) 20 days, 4:25:14.43
sysContact.0 = STRING: Net-SNMP Coders <net-snmp-coders#lists.sourceforge.net>
sysName.0 = STRING: test.net-snmp.org
sysLocation.0 = STRING: Undisclosed
sysORLastChange.0 = Timeticks: (7) 0:00:00.07
Related
With a friend we are currently working on a library to create and read SNMPv3 packet.
The idea is "only" to create the content of the packet and it will be sent independently.
I know that many libraries exist for that but not in the language that we need. Our major problem now is to specify the content of the different packets. Which part is mandatory? Which part comes in which type of request?
With some examples available on Wireshark's website and the RFCs we can have a beginning of an idea but as it is a protocol, we need to be very clear and sure of what is required in each type of request (get-request, set-request, get-bulk, trap, etc.).
Is there a way to know exactly how each type of packet is created or the only information sources are the RFCs?
First, I want to offer some clarification about the terminology. A UDP packet encodes an SNMP "message". The format of the message varies with the SNMP version, but in all cases, it contains a single PDU. I think when you say "packet", you really mean "PDU".
As for your question, there's no better source than the RFCs, and they are actually easier to read than you think, as long as you know which parts to read (that's the tricky part).
RFC 3416 specifies everything to do with PDUs, including the format (p. 8), a comprehensive list of PDU types (pp. 7-8), and an explanation of how each PDU is used (under section 4.2, starting on p. 10).
The format of all PDUs is the same (though the BulkPDU replaces error-status and error-index with two integer fields of different meanings):
PDU ::= SEQUENCE {
request-id INTEGER (-214783648..214783647),
error-status -- sometimes ignored
INTEGER {
noError(0),
tooBig(1),
noSuchName(2), -- for proxy compatibility
badValue(3), -- for proxy compatibility
readOnly(4), -- for proxy compatibility
genErr(5),
noAccess(6),
wrongType(7),
wrongLength(8),
wrongEncoding(9),
wrongValue(10),
noCreation(11),
inconsistentValue(12),
resourceUnavailable(13),
commitFailed(14),
undoFailed(15),
authorizationError(16),
notWritable(17),
inconsistentName(18)
},
error-index -- sometimes ignored
INTEGER (0..max-bindings),
variable-bindings -- values are sometimes ignored
VarBindList
}
I have implemented a SNMP Agent using pysnmp based on this example. This example demonstrates SNMP GET and GETNEXT queries. But I have found no pointer how can I implement SNMP SET and TRAP on top of this code. Examples I have found for SET and TRAP are completely different implementation. How can I implement SNMP SET and TRAP on top of this code?
Assuming you want to combine SNMP CommandResponder (which you have already implemented) with SNMP NotificationReceiver, look at this example. You basically can join both examples within the same Python module around a single I/O loop (e.g. transport dispatcher).
However, typically, NotificationReceiver resides at the NMS while CommandResponder is SNMP agent running inside the managed software/device.
Supporting SNMP SET within your existing code would require refactoring the way how your MIB objects are stored. With current example they are kept in a non-writeable storage (tuple) and the MIB objects are not designed to change their stored value (they return a constant). So you need to change that one way or the other.
Otherwise supporting SNMP SET is simple - just add condition like this:
...
elif reqPDU.isSameTypeWith(pMod.SetRequestPDU()):
for oid, val in pMod.apiPDU.getVarBinds(reqPDU):
if oid in mibInstrIdx:
# put your MIB instrumentation update code here
# smith like this, but not exactly:
mibInstrIdx[oid] = mibInstrIdx[oid].clone(val)
varBinds.append((oid, mibInstrIdx[oid](msgVer)))
else:
# No such instance
varBinds.append((oid, val))
pendingErrors.append(
(pMod.apiPDU.setNoSuchInstanceError, errorIndex)
)
break
into your cbFun.
I'm working with SNMP and was given a command to use. However, I'm trying to break it down into its components so I can understand if I need to change anything. I've found documentation on pretty much everything except for the last part.
The command has this structure:
snmpwalk -v 2c -c communityname address.com .1
From my understanding the meaning of this structure is:
snmpwalk - command
-v 2c - specifies that the version is 2c, options are 1, 2c, 3
-c communityname - specifies the community name, which is like a password to an extent
address.com - the address of the computer in question
.1 - What is this ? I can't seem to find much documentation on it.
man snmpwalk and snmpwalk -h should give you the info you need on the various parameters.
The .1 is the OID and it is an optional parameter to that command, and it pinpoints a point in the hierarchical SNMP MIB on the SNMP agent host. The walk will retrieve all OIDs "below" that point.
Have a read at http://www.net-snmp.org and get a SNMP book to learn about SNMP and MIBs and OIDs; but quoting from SNMP wikipedia article:
SNMP itself does not define which information (which variables) a
managed system should offer. Rather, SNMP uses an extensible design,
where the available information is defined by management information
bases (MIBs). MIBs describe the structure of the management data of a
device subsystem; they use a hierarchical namespace containing object
identifiers (OID). Each OID identifies a variable that can be read or
set via SNMP.
EDIT: Here is image to show the OID tree with ".1" i.e. ISO just below the root.
I'm currently using net-snmp snmptranslate to translate the EnterpriseOID of
the traps received by my custom coded trap receiver using the following command:
snmptranslate -M. -mALL .1.3.6.1.2.1.39.2.2
Now, I am receiving SNMP v1 traps with
generic = enterpriseSpecific (6)
so I need to decode the specific trap number, e.g. 10003 to the 'full numeric' OID. Is there a way to do this using snmptranslate? I already have the MIB file associated with the traps.
I found out that I can convert an SNMP v1 specific number to OID using combining the enterprise OID, with a 0, followed by the specific trap number, e.g.
EnterpriseOID + '0' + SpecificTrap
snmpget -v 2c -c public myDevice usmUserSecurity
Returns:
SNMP-USER-BASED-SM-MIB::usmUserSecurityName.".q...s...."."__internal__" = STRING: __internal__
instead of NoSuchObject/Instance.
The same behaviour happens for all the other columns in usmUserTable.
Looks like the get requests act as getNext in this case. I am trying to fix this, but I can't seem to find the relevant part of code ( in the net-snmp code base ) which deals with these requests. Can someone assist?
You'd better capture the network packets and then see if the captured packets are special. As Net-SNMP is so "old" and stable, it is least likely that you discover a new bug.