Problem with snmpaggentaddress and vrf

[yestoeWPH]

Hello

When I'm configure snmpagentaddress for use VRF this don't work, becouse jinja template "snmpd.conf.j2" don't correctly prepere config. This should be "agentAddress {{ protocol(agentip) }}:[{{ agentip }}]{% if vrf %}%{{ vrf }}{% endif %}{% if port %}:{{ port }}{% endif %}{{ "" }}"

instand of agentAddress {{ protocol(agentip) }}:[{{ agentip }}]{% if port %}:{{ port }}{% endif %}{% if vrf %}%{{ vrf }}{% endif %}{{ "" }}

Steps to reproduce the issue:

1. config snmpagentaddress add 1.1.1.1 -p 161 -v mgmt

Describe the results you received:

This preper config: agentAddress udp:[10.3.101.160]:161%mgmt

Describe the results you expected:

This shoul be agentAddress udp:[10.3.101.160]%mgmt-vrf:161

Output of show version:

SONiC Software Version: SONiC.202305.0-dirty-20230816.131614 SONiC OS Version: 11 Distribution: Debian 11.7 Kernel: 5.10.0-18-2-amd64 Build commit: 4c160ffbe Build date: Wed Aug 16 15:31:59 UTC 2023 Built by: dkokoszka@dkokoszka-test-2

Platform: x86_64-mlnx_msn2700-r0 HwSKU: Mellanox-SN2700 ASIC: mellanox ASIC Count: 1 Serial Number: MT1646X05383 Model Number: MSN2700-CS2R Hardware Revision: A1 Uptime: 09:41:39 up 8 min, 1 user, load average: 0.69, 1.35, 0.95 Date: Thu 17 Aug 2023 09:41:39

Docker images: REPOSITORY TAG IMAGE ID SIZE docker-teamd 202305.0-dirty-20230816.131614 791dcbfce56f 317MB docker-teamd latest 791dcbfce56f 317MB docker-orchagent 202305.0-dirty-20230816.131614 65183342161c 328MB docker-orchagent latest 65183342161c 328MB docker-fpm-frr 202305.0-dirty-20230816.131614 3d84d57ac3f2 346MB docker-fpm-frr latest 3d84d57ac3f2 346MB docker-sflow 202305.0-dirty-20230816.131614 57a3d232f783 318MB docker-sflow latest 57a3d232f783 318MB docker-nat 202305.0-dirty-20230816.131614 d696d49f3732 319MB docker-nat latest d696d49f3732 319MB docker-macsec latest d3adebde56d6 319MB docker-iccpd 202305.0-dirty-20230816.131614 793f10f7af91 316MB docker-iccpd latest 793f10f7af91 316MB docker-syncd-mlnx 202305.0-dirty-20230816.131614 b0b4f8b8f2c7 734MB docker-syncd-mlnx latest b0b4f8b8f2c7 734MB docker-dhcp-relay latest 264e14189365 306MB docker-sonic-telemetry 202305.0-dirty-20230816.131614 7551deba5767 599MB docker-sonic-telemetry latest 7551deba5767 599MB docker-snmp 202305.0-dirty-20230816.131614 aeb5d3b61357 338MB docker-snmp latest aeb5d3b61357 338MB docker-eventd 202305.0-dirty-20230816.131614 753d2204a835 299MB docker-eventd latest 753d2204a835 299MB docker-platform-monitor 202305.0-dirty-20230816.131614 adbd1f9c128e 732MB docker-platform-monitor latest adbd1f9c128e 732MB docker-router-advertiser 202305.0-dirty-20230816.131614 df26cd2ffea6 299MB docker-router-advertiser latest df26cd2ffea6 299MB docker-sonic-restapi 202305.0-dirty-20230816.131614 4fa5879493e5 317MB docker-sonic-restapi latest 4fa5879493e5 317MB docker-sonic-p4rt 202305.0-dirty-20230816.131614 498f1b2722fc 870MB docker-sonic-p4rt latest 498f1b2722fc 870MB docker-mux 202305.0-dirty-20230816.131614 7f2f4ad25955 348MB docker-mux latest 7f2f4ad25955 348MB docker-lldp 202305.0-dirty-20230816.131614 7386f49f929f 341MB docker-lldp latest 7386f49f929f 341MB docker-database 202305.0-dirty-20230816.131614 8c40d12bd264 299MB docker-database latest 8c40d12bd264 299MB docker-sonic-mgmt-framework 202305.0-dirty-20230816.131614 0e1d67306a7f 415MB docker-sonic-mgmt-framework latest 0e1d67306a7f 415MB

[brholmes1]

I also just stumbled upon this issue, and from what I experienced it may be related to using the '%' as the separator between the IP address and VRF.

I modified the "snmpd.conf.j2" file to use an '@' for the separator instead and that resolved the issue. I was able to start the snmpd service and successfully connect via snmpwalk.

admin@sonic:~$ docker exec -it snmp bash

root@sonic:/# grep -i agentaddress /usr/share/sonic/templates/snmpd.conf.j2 
agentAddress {{ agentip }}{% if port %}:{{ port }}{% endif %}{% if vrf %}@{{ vrf }}{% endif %}{{ "" }}

root@sonic:/# grep -i agentad /etc/snmp/snmpd.conf 
agentAddress 1.1.1.1@mgmt

Line in question: https://github.com/sonic-net/sonic-buildimage/blob/6c96b294846a279972525c605b983c1f6d263c4b/dockers/docker-snmp/snmpd.conf.j2#L29

[yestoeWPH]

Yes this is also work, but when you declare port number, snmp wrong parse this. Snmpd expects vrf name after ip address not port number https://github.com/net-snmp/net-snmp/issues/4

[brholmes1]

Good catch, I did not declare the port in my testing due to it already using the standard UDP/161 out of the gate. It looks like a combination of using the '@' separator and your parameter order may provide a solution in the interim. Thanks!

agentAddress {{ agentip }}{% if vrf %}@{{ vrf }}{% endif %}{% if port %}:{{ port }}{% endif %}{{ "" }}

[SuvarnaMeenakshi]

@yestoeWPH @brholmes1 thank you, was this working before https://github.com/sonic-net/sonic-buildimage/pull/15487 Is there any VRF related test case in sonic-mgmt, can there be a new test added to check if snmpd comes up fine with vrf configuration?

[brholmes1]

@SuvarnaMeenakshi - I've only been testing with builds from the 202305 branch and it appears to be broken before and after #15487.

Unfortunately, I have not had time to look into the testing outlined in sonic-mgmt yet.

Thanks!

Working syntax from my experience:

agentAddress 1.1.1.1@mgmt:161
or
agentAddress udp:[1.1.1.1]@mgmt:161

Tested Builds:

SONiC Software Version: SONiC.master.288529-40eb97c2f
SONiC OS Version: 11
Distribution: Debian 11.7
Kernel: 5.10.0-18-2-amd64
Build commit: 40eb97c2f
Build date: Tue Jun  6 14:37:38 UTC 2023
Built by: AzDevOps@vmss-soni0018SE

and

SONiC Software Version: SONiC.202305.345731-875b81e40
SONiC OS Version: 11
Distribution: Debian 11.7
Kernel: 5.10.0-18-2-amd64
Build commit: 875b81e40
Build date: Thu Aug 24 14:30:45 UTC 2023
Built by: AzDevOps@vmss-soni001UMZ