Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

MFD agent and agentX

142 views
Skip to first unread message

Shawn McManus

unread,
May 10, 2007, 4:43:39 AM5/10/07
to
Hi,

I'm trying to finish out a simple mfd agent, and I've hit a hole
(probably in my head). I'm working with 5.3 on 32-bit FC5, using the
Fedora RPMs. My goal is to implement the standard IF-MIB with a bunch
of spoofed data, so a linux box can appear to be an arbitrarily complex
network device, like an enterprise router.

I worked through the mib2c tutorial, implemented a local store to feed
into the agent. The resulting ifTable agent works as advertised, if I
run

% ifTable -M -L -f -DifTable myhost:161

I'm able to walk the tablea dn find all my made-up data. I'd now like
to connect my fake table into the master agent, my pref (gut feel only)
is to use agentX. I've enabled agentX in the snmpd (I see the message
"Turning on AgentX master support."). I run the ifTable agent and see
in the output:

NET-SNMP version 5.3 AgentX subagent connected
registering pdu failed: 263!

When I walk the master agent, I see the mib-2 info, but to ifTable data.
I've scanned through the tutorial, which helped me get the table up and
running, but I can't find the info where the rest of the MIB (like
ifNumber) gets implemented through mib2c. My guess is the MIB data
outside of my table implementation is missing, and that's why the master
agent isn't passing down the getnext commands.

Thanks.


This message (including any attachments) contains confidential
and/or proprietary information intended only for the addressee.
Any unauthorized disclosure, copying, distribution or reliance on
the contents of this information is strictly prohibited and may
constitute a violation of law. If you are not the intended
recipient, please notify the sender immediately by responding to
this e-mail, and delete the message from your system. If you
have any questions about this e-mail please notify the sender
immediately.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Net-snmp-users mailing list
Net-snm...@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Dave Shield

unread,
May 10, 2007, 5:17:10 AM5/10/07
to
On 09/05/07, Shawn McManus <shawn....@flukenetworks.com> wrote:
> I'd now like
> to connect my fake table into the master agent, my pref (gut feel only)
> is to use agentX.

That sounds sensible.

> I run the ifTable agent and see
> in the output:
>
> NET-SNMP version 5.3 AgentX subagent connected
> registering pdu failed: 263!

That's most likely due to an existing registration for the ifTable
in the master agent. If there are two identical registrations, then
the second one will be rejected as a duplicate.

If you run the master agent but *don't* start your subagent,
can you walk the ifTable anyway?
(Just to be sure, can you walk any of the other network-related
tables, such as the udp or tcp groups?)


> My guess is the MIB data
> outside of my table implementation is missing, and that's why the master
> agent isn't passing down the getnext commands.

What happens if you try a GET request for ifTable data that you know is
valid? It might be worth turning on packet dumps in your subagent,
and see whether it receives anything or not.


Dave

> This message (including any attachments) contains confidential
> and/or proprietary information intended only for the addressee.
> Any unauthorized disclosure, copying, distribution or reliance on
> the contents of this information is strictly prohibited and may
> constitute a violation of law. If you are not the intended
> recipient, please notify the sender immediately by responding to
> this e-mail, and delete the message from your system. If you
> have any questions about this e-mail please notify the sender
> immediately.


This message (which has no attachments) contains no confidential
or proprietary information, and is intended for anyone who might find
it useful. Declaration, copying or distribution of the contents of this
information [sic] is encouraged. Reliance on the contents of this
information [still sic] is unwise. If you are not the intended recipient,
simply delete the message from your system (or not, as you see fit).
Do *not* notify the sender - I'm not interested. If you have any
questions about this e-mail [disclaimer] - tough, I'm still not interested.

Shawn McManus

unread,
May 10, 2007, 11:29:03 AM5/10/07
to
On Thu, 2007-05-10 at 10:14 +0100, Dave Shield wrote:
> On 09/05/07, Shawn McManus <shawn....@flukenetworks.com> wrote:
> > I run the ifTable agent and see
> > in the output:
> >
> > NET-SNMP version 5.3 AgentX subagent connected
> > registering pdu failed: 263!
>
> That's most likely due to an existing registration for the ifTable
> in the master agent. If there are two identical registrations, then
> the second one will be rejected as a duplicate.
>
> If you run the master agent but *don't* start your subagent,
> can you walk the ifTable anyway?
> (Just to be sure, can you walk any of the other network-related
> tables, such as the udp or tcp groups?)

Without my subagent, I can't see anything in the IF-MIB, nor tcp or udp.
The out-of-the-box config on FC5 gives a very basic mib2 list:

SNMPv2-MIB::sysDescr.0
SNMPv2-MIB::sysObjectID.0
DISMAN-EVENT-MIB::sysUpTimeInstance
SNMPv2-MIB::sysContact.0
SNMPv2-MIB::sysName.0
SNMPv2-MIB::sysLocation.0
SNMPv2-MIB::sysORLastChange.0
SNMPv2-MIB::sysORID.1
SNMPv2-MIB::sysORID.2
SNMPv2-MIB::sysORID.3
SNMPv2-MIB::sysORID.4
SNMPv2-MIB::sysORID.5
SNMPv2-MIB::sysORID.6
SNMPv2-MIB::sysORID.7
SNMPv2-MIB::sysORID.8
SNMPv2-MIB::sysORDescr.1
SNMPv2-MIB::sysORDescr.2
SNMPv2-MIB::sysORDescr.3
SNMPv2-MIB::sysORDescr.4
SNMPv2-MIB::sysORDescr.5
SNMPv2-MIB::sysORDescr.6
SNMPv2-MIB::sysORDescr.7
SNMPv2-MIB::sysORDescr.8
SNMPv2-MIB::sysORUpTime.1
SNMPv2-MIB::sysORUpTime.2
SNMPv2-MIB::sysORUpTime.3
SNMPv2-MIB::sysORUpTime.4
SNMPv2-MIB::sysORUpTime.5
SNMPv2-MIB::sysORUpTime.6
SNMPv2-MIB::sysORUpTime.7
SNMPv2-MIB::sysORUpTime.8
HOST-RESOURCES-MIB::hrSystemUptime.0
HOST-RESOURCES-MIB::hrSystemUptime.0

> What happens if you try a GET request for ifTable data that you know is
> valid? It might be worth turning on packet dumps in your subagent,
> and see whether it receives anything or not.

When I enable -Dall in the ifTable agent, I don't see packets coming
from the master. I see the agentX registration, but no packets.

I'm starting to suspect a master agent config issue. When I run snmpd
from the command line and then do an snmpwalk, the agent dumps:

Connection from UDP: [localhost]:33291

for each getnext. But when I try

snmpget -v2c -c public localhost IF-MIB::ifIndex.0

I don't see the "connection" message at the master agent. If I run that
same command when the ifTable agent is connected to port 161, I see the
"connection" message and the get works.

Shawn


This message (including any attachments) contains confidential
and/or proprietary information intended only for the addressee.
Any unauthorized disclosure, copying, distribution or reliance on
the contents of this information is strictly prohibited and may
constitute a violation of law. If you are not the intended
recipient, please notify the sender immediately by responding to
this e-mail, and delete the message from your system. If you
have any questions about this e-mail please notify the sender
immediately.

-------------------------------------------------------------------------

Dave Shield

unread,
May 10, 2007, 11:33:22 AM5/10/07
to
On 10/05/07, Shawn McManus <shawn....@flukenetworks.com> wrote:
> Without my subagent, I can't see anything in the IF-MIB, nor tcp or udp.
> The out-of-the-box config on FC5 gives a very basic mib2 list:
>
> SNMPv2-MIB::sysDescr.0
:
> SNMPv2-MIB::sysORUpTime.8
> HOST-RESOURCES-MIB::hrSystemUptime.0
> HOST-RESOURCES-MIB::hrSystemUptime.0

That's the default access control settings.
See the FAQ entry:
I can see the system group, but nothing else. Why?
(http://www.net-snmp.org/wiki/index.php/FAQ:Applications_05)

You need to fix this before you do anything else.
Otherwise nothing will ever be passed on to your subagent.

Dave

Shawn McManus

unread,
May 11, 2007, 3:54:24 AM5/11/07
to
On Thu, 2007-05-10 at 16:29 +0100, Dave Shield wrote:
> On 10/05/07, Shawn McManus <shawn....@flukenetworks.com> wrote:
> That's the default access control settings.
> See the FAQ entry:
> I can see the system group, but nothing else. Why?
> (http://www.net-snmp.org/wiki/index.php/FAQ:Applications_05)
>
> You need to fix this before you do anything else.
> Otherwise nothing will ever be passed on to your subagent.

Wow. I read that section of the man page at least twice, did not
correlate it to adding more OIDs to the master. I'm thicker than I
thought.

Thanks for the great support.


This message (including any attachments) contains confidential
and/or proprietary information intended only for the addressee.
Any unauthorized disclosure, copying, distribution or reliance on
the contents of this information is strictly prohibited and may
constitute a violation of law. If you are not the intended
recipient, please notify the sender immediately by responding to
this e-mail, and delete the message from your system. If you
have any questions about this e-mail please notify the sender
immediately.

-------------------------------------------------------------------------

0 new messages