Child pages
  • SNMP v3 Troubleshooting

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

We has a problem adding a new device (APC UPS Model: Smart-UPS X 3000 with Web/SNMP Management Card) to MNIS using SNMP v3.

Testing our connection details using "snmpwalk " was successful, here we can see the output:

...

As part of the debug process, we are using the following script to test the interaction between Net::SNMP and the device.SNMP test script 

We also made sure that  "Crypt::DES" and "Digest::HMAC" packages were installed on our server.

SNMP Test script:

Code Block
languageperl
themeMidnight
titlesnmpTest.pl
linenumberstrue
#!/usr/bin/perl

use strict;
use warnings;
use Net::SNMP;
use Data::Dumper;

my $hostname = 'APC_UPS_SMART_X_3000'; # IP or hostname
my $username =  'myUserName';
my $authpasswd = 'myAuthPassword';
my $authproto = 'SHA';   # SHA | MD5
my $privpasswd ='myPrivPassword';
my $privproto = 'DES';   # DES | AES

my $port = '161';
my $maxmsgsize = '1472'; #range (484..65535)

(my $session, my $error) = Net::SNMP->session(
	                        -hostname      => $hostname,
	                        -port          => $port,
	                        -version       => 3,
	                        #-community	   => $community,   # v1/v2c
	                        -username      => $username,    # v3
	                        -authpassword  => $authpasswd,  # v3
	                        -authprotocol  => $authproto,   # v3
	                        -privpassword  => $privpasswd,  # v3
	                        -privprotocol  => $privproto,   # v3
	                        -debug		   => '0x10',
	                        -maxmsgsize    => $maxmsgsize,
);

if (!defined $session) {
printf "ERROR %s.\n", $error;
exit 1;
}

for (my $i=1; $i<10; $i++){
	print Dumper($session->get_next_request(-varbindlist => ["1.3.6.1.2.1.1.$i"]));
}

...


The Net::SNMP module uses the procedure outline before to perform the discovery. 
In this case it looks like the APC UPS  does not enforce timeliness checking and is not responding with a usmStatsNotInTimeWindows Report-PDU during the discovery process. Causing the discovery process to return the error message and terminate the communication.

...

  1. User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) - https://tools.ietf.org/html/rfc3414
  2. Bug #75191 for Net-SNMP: Synchronize in SNMPv3 - https://rt.cpan.org/Public/Bug/Display.html?id=75191 
  3. Bug #55088 for Net-SNMP: SNMPv3 Synchronization hangs with some agents and has one unnecessary packet exchange with net-snmp agent - https://rt.cpan.org/Public/Bug/Display.html?id=55088
  4. Reference record for OID 1.3.6.1.6.3.15.1.1.4 - http://oidref.com/1.3.6.1.6.3.15.1.1.4

Related Information: