Open dennis-vinh opened 3 years ago
Hello everybody, Thank you in advance for your time!
My setup: World <---> E-interface: 10.0.2.6 <---> snmpfwd-server (agent) < trunking to > snmpfwd-client (manager) <--- E-interface 192.168.1.100 ---> Private device IP 192.168.1.200 (SNMP agent enabled)
Would like to do: Filter and isolate a private device IP 192.168.1.200
To test: snmpget -d -v1 -c public 10.0.2.6:1161 sysLocation.0
snmpfwd-server and snmpfwd-client are invoked as followed:
snmpfwd-client.py --config-file=client.conf --debug-snmp=all --logging-method=file:client.log --log-level=debug --process-user=user1 --process-group=user1 --daemonize snmpfwd-server.py --config-file=server.conf --debug-snmp=all --logging-method=file:server.log --log-level=debug --process-user=user1 --process-group=user1 --daemonize
Problem: Timeout: No Response from 10.0.2.6:1161
server.log contains prepareDataElements: received PDU request-id 56621979 replaced with unique ID 15051338 prepareDataElements: cached by new stateReference 5799256 receiveMessage: MP succeded receiveMessage: PDU GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 value=ObjectSyntax: simple=SimpleSyntax: empty= receiveMessage: pduType <TagSet object, tags 128:32:0> v1ToV2: v1Pdu GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 value=ObjectSyntax: simple=SimpleSyntax: empty= v1ToV2: v2Pdu GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 =_BindValue: unSpecified=
processPdu: stateReference 5799256, varBinds [(<ObjectName value object, tagSet <TagSet object, tags 0:0:6>, payload [1.3.6.1.2.1.1.6.0]>, <Null value object, tagSet <TagSet object, tags 0:0:5>, subtypeSpec <ConstraintsIntersection object, consts <SingleValueConstraint object, consts b''>>, encoding iso-8859-1, payload []>)] 2021-09-14T12:09:18.21 snmpfwd-server: ERROR Test: no route configured - ID1 callflow-id=a3700716ca snmp-engine-id=0x0102030405070809 snmp-transport-domain=1.3.6.1.6.1.1.100 snmp-bind-address=10.0.2.6 snmp-bind-port=1161 snmp-security-model=1 snmp-security-level=1 snmp-security-name=public snmp-credentials-id= snmp-context-engine-id=0x0102
Content of server.conf config-version: 2 program-name: snmpfwd-server
snmp-credentials-group { snmp-transport-domain: 1.3.6.1.6.1.1.100 snmp-bind-address: 10.0.2.6:1161 snmp-engine-id: 0x0102030405070809 snmp-community-name: public snmp-security-name: public snmp-security-model: 2 snmp-security-level: 1 snmp-credentials-id: snmp-credentials }
context-group { snmp-context-engine-id-pattern: .? snmp-context-name-pattern: .? snmp-context-id: any-context }
content-group { snmp-pdu-type-pattern: (GET|SET|GETNEXT|GETBULK) snmp-pdu-oid-prefix-pattern-list: .*? snmp-content-id: any-content }
peers-group { snmp-transport-domain: 1.3.6.1.6.1.1.100 snmp-bind-address-pattern-list: .? snmp-peer-address-pattern-list: .? snmp-peer-id: 100 }
plugin-modules-path-list: /home/user1/.local/snmpfwd/plugins/
plugin-group { plugin-module: oidfilter plugin-options: config=/home/user1/.local/snmpfwd/plugins/oidfilter.conf log-denials=true plugin-id: permit-system-branch }
trunking-group { trunk-bind-address: 127.0.0.1 trunk-peer-address: 127.0.0.1:30301 trunk-ping-period: 60 trunk-connection-mode: client
trunk-id: trunk-1 }
routing-map { matching-snmp-context-id-list: any-context matching-snmp-content-id-list: any-content matching-snmp-credentials-id-list: snmp-credentials matching-snmp-peer-id-list: 100 using-plugin-id-list: permit-system-branch using-trunk-id-list: trunk-1 }
Content of client.conf config-version: 2 program-name: snmpfwd-client
peers-group { snmp-engine-id: 0x0102030405070809 snmp-transport-domain: 1.3.6.1.6.1.1.1 snmp-bind-address: 0.0.0.0:0 snmp-peer-timeout: 100 snmp-peer-retries: 0 snmp-community-name: public snmp-security-name: public snmp-security-model: 2 snmp-security-level: 1 snmp-peer-address: 192.168.1.200:161 snmp-peer-id: private-device }
trunking-group { trunk-bind-address: 127.0.0.1:30301 trunk-ping-period: 60 trunk-connection-mode: server trunk-id: }
original-snmp-peer-info-group { orig-snmp-bind-address-pattern: .? orig-snmp-context-name-pattern: .? orig-snmp-pdu-type-pattern: .? orig-snmp-oid-prefix-pattern: .? orig-snmp-engine-id-pattern: .? orig-snmp-context-engine-id-pattern: .? orig-snmp-transport-domain-pattern: .? orig-snmp-peer-address-pattern: .? orig-snmp-security-level-pattern: .? orig-snmp-security-name-pattern: .? orig-snmp-security-model-pattern: .*? orig-snmp-peer-id: manager-1 }
server-classification-group { server-snmp-credentials-id-pattern: .? server-snmp-context-id-pattern: .? server-snmp-content-id-pattern: .? server-snmp-peer-id-pattern: .? server-classification-id: any-classification }
routing-map { matching-trunk-id-list: trunk-1 matching-orig-snmp-peer-id-list: manager-1 matching-server-classification-id-list: any-classification using-snmp-peer-id-list: private-device }
Hello all: I think I know the root cause of my issue. Let me fix my issue and report back. Thanks, Dennis
Hello everybody, Thank you in advance for your time!
My setup: World <---> E-interface: 10.0.2.6 <---> snmpfwd-server (agent) < trunking to > snmpfwd-client (manager) <--- E-interface 192.168.1.100 ---> Private device IP 192.168.1.200 (SNMP agent enabled)
Would like to do: Filter and isolate a private device IP 192.168.1.200
To test: snmpget -d -v1 -c public 10.0.2.6:1161 sysLocation.0
snmpfwd-server and snmpfwd-client are invoked as followed:
Problem: Timeout: No Response from 10.0.2.6:1161
server.log contains prepareDataElements: received PDU request-id 56621979 replaced with unique ID 15051338 prepareDataElements: cached by new stateReference 5799256 receiveMessage: MP succeded receiveMessage: PDU GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 value=ObjectSyntax: simple=SimpleSyntax: empty= receiveMessage: pduType <TagSet object, tags 128:32:0> v1ToV2: v1Pdu GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 value=ObjectSyntax: simple=SimpleSyntax: empty= v1ToV2: v2Pdu GetRequestPDU: request-id=15051338 error-status=noError error-index=0 variable-bindings=VarBindList: VarBind: name=1.3.6.1.2.1.1.6.0 =_BindValue: unSpecified=
processPdu: stateReference 5799256, varBinds [(<ObjectName value object, tagSet <TagSet object, tags 0:0:6>, payload [1.3.6.1.2.1.1.6.0]>, <Null value object, tagSet <TagSet object, tags 0:0:5>, subtypeSpec <ConstraintsIntersection object, consts <SingleValueConstraint object, consts b''>>, encoding iso-8859-1, payload []>)] 2021-09-14T12:09:18.21 snmpfwd-server: ERROR Test: no route configured - ID1 callflow-id=a3700716ca snmp-engine-id=0x0102030405070809 snmp-transport-domain=1.3.6.1.6.1.1.100 snmp-bind-address=10.0.2.6 snmp-bind-port=1161 snmp-security-model=1 snmp-security-level=1 snmp-security-name=public snmp-credentials-id= snmp-context-engine-id=0x0102
Content of server.conf config-version: 2 program-name: snmpfwd-server
snmp-credentials-group { snmp-transport-domain: 1.3.6.1.6.1.1.100 snmp-bind-address: 10.0.2.6:1161 snmp-engine-id: 0x0102030405070809 snmp-community-name: public snmp-security-name: public snmp-security-model: 2 snmp-security-level: 1 snmp-credentials-id: snmp-credentials }
context-group { snmp-context-engine-id-pattern: .? snmp-context-name-pattern: .? snmp-context-id: any-context }
content-group { snmp-pdu-type-pattern: (GET|SET|GETNEXT|GETBULK) snmp-pdu-oid-prefix-pattern-list: .*? snmp-content-id: any-content }
peers-group { snmp-transport-domain: 1.3.6.1.6.1.1.100 snmp-bind-address-pattern-list: .? snmp-peer-address-pattern-list: .? snmp-peer-id: 100 }
plugin-modules-path-list: /home/user1/.local/snmpfwd/plugins/
plugin-group { plugin-module: oidfilter plugin-options: config=/home/user1/.local/snmpfwd/plugins/oidfilter.conf log-denials=true plugin-id: permit-system-branch }
trunking-group { trunk-bind-address: 127.0.0.1 trunk-peer-address: 127.0.0.1:30301 trunk-ping-period: 60 trunk-connection-mode: client
trunk-id: trunk-1 }
routing-map { matching-snmp-context-id-list: any-context matching-snmp-content-id-list: any-content matching-snmp-credentials-id-list: snmp-credentials matching-snmp-peer-id-list: 100 using-plugin-id-list: permit-system-branch using-trunk-id-list: trunk-1 }
Content of client.conf config-version: 2 program-name: snmpfwd-client
peers-group { snmp-engine-id: 0x0102030405070809 snmp-transport-domain: 1.3.6.1.6.1.1.1 snmp-bind-address: 0.0.0.0:0 snmp-peer-timeout: 100 snmp-peer-retries: 0 snmp-community-name: public snmp-security-name: public snmp-security-model: 2 snmp-security-level: 1 snmp-peer-address: 192.168.1.200:161 snmp-peer-id: private-device }
trunking-group { trunk-bind-address: 127.0.0.1:30301 trunk-ping-period: 60 trunk-connection-mode: server trunk-id:
}
original-snmp-peer-info-group { orig-snmp-bind-address-pattern: .? orig-snmp-context-name-pattern: .? orig-snmp-pdu-type-pattern: .? orig-snmp-oid-prefix-pattern: .? orig-snmp-engine-id-pattern: .? orig-snmp-context-engine-id-pattern: .? orig-snmp-transport-domain-pattern: .? orig-snmp-peer-address-pattern: .? orig-snmp-security-level-pattern: .? orig-snmp-security-name-pattern: .? orig-snmp-security-model-pattern: .*? orig-snmp-peer-id: manager-1 }
server-classification-group { server-snmp-credentials-id-pattern: .? server-snmp-context-id-pattern: .? server-snmp-content-id-pattern: .? server-snmp-peer-id-pattern: .? server-classification-id: any-classification }
routing-map { matching-trunk-id-list: trunk-1 matching-orig-snmp-peer-id-list: manager-1 matching-server-classification-id-list: any-classification using-snmp-peer-id-list: private-device }