WILLIAM> Currently I am trying to set up a Linux 4.2 Red Hat box to
WILLIAM> receive and display a snmp trap stream from several pieces of
WILLIAM> equipment.
[snip]
WILLIAM> While this was running I had tcpdump running on the interface
WILLIAM> with these results for the above two traps.
WILLIAM> 10:56:25.786667 scpe1.1047 > kahn.snmp-trap:
WILLIAM> C=[np=PES.net=11.ncc=E1 NCC2 2] Trap(61) E:303.3.1.1.2.1
WILLIAM> [xx.xx.xxx.xx] enterpriseSpecific[specific-trap(1)!=0]
WILLIAM> 117849100 E:303.3.4.1.1.0=2 .iso.org.dod=[|snmp]
WILLIAM> 10:56:27.956667 scpe1.1047 > kahn.snmp-trap:
WILLIAM> C=[np=PES.net=11.ncc=E1 NCC2 2] Trap(61) E:303.3.1.1.2.1
WILLIAM> [xx.xx.xxx.xx] enterpriseSpecific[specific-trap(1)!=0]
WILLIAM> 117849300 E:303.3.4.1.1.0=2 .iso.org.dod=[|snmp]
[snip]
WILLIAM> I had thought there was a problem with community but I can't
WILLIAM> seem to find anything on community in the above traps. The
WILLIAM> configuration guide for the software that produces the traps
WILLIAM> makes no mention of community. The MIB supplied by the vendor
WILLIAM> loaded into tkined with no problem. I'm stumped.
The tcpdump output shows that the traps are send with the community
string "np=PES.net=11.ncc=E1 NCC2 2". Scotty currently filters all
traps that do not match the community string of the receiving SNMP
session. Please configure the receiving SNMP session to use the
`right' community string. I am pretty sure that things will start to
work once you have made this change.
It is an interesting question whether the current strategie to drop
all traps that do not match the community string of the receiving SNMP
session is reasonable or not. Community string are sometimes used to
indicate the context for a varbind list and there are cases where you
do not know all possible community strings in advance. In these cases,
it would be better to pass all incoming traps to all trap handler and
to let the receiving scripts filter the traps they do not like to
process.
It is likely that the next major version of the Tnm extension will
replace the current strategie with the strategie described above.
Juergen
Juergen Schoenwaelder schoenw@ibr.cs.tu-bs.de http://www.cs.tu-bs.de/~schoenw
Technical University Braunschweig, Dept. Operating Systems & Computer Networks
Bueltenweg 74/75, 38106 Braunschweig, Germany. (Tel. +49 531 / 391 3283)
-- !! This message is brought to you via the `tkined & scotty' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>. !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.