[erlang-questions] SNMP usm discovery
Dániel Szoboszlay
dszoboszlay@REDACTED
Wed May 21 17:20:15 CEST 2014
I see. Unfortunately it looks like you can perform a discovery from an agent, but the discovery code for the manager is commented out in the sources. It doesn’t mean it’s impossible (at least I think in NETSim we had an Erlang manager that could connect to arbitrary agents), but I don’t know the details.
I’d suggest to turn on logging to see where do things go wrong and maybe to implement a custom user module for the agent, hopefully it will get enough data from the reply PDU to continue.
BR,
Daniel
On 2014 May 21, at 15:26 , Dominik Pawlak <dominik_pawlak@REDACTED> wrote:
> Actually in that example user name and engineID are given in configuration files for both agent and manager. User name is 'simple_user' and engineID is 'agent's engine'. So there is no discovery there, the manager has engineID hard coded in his configuration. I am only developing the manager node, the agents are on third party devices.
>
> --
> Cheers,
> Dominik
>
> On Wednesday, 21 May 2014, 9:40, Dániel Szoboszlay <dszoboszlay@REDACTED> wrote:
>
>
> Hi,
>
> I think the agent will perform the discovery automatically, so you need to configure it with the actual security level and user name, password etc. that can be used to access the agent.
>
> There’s a nice example here on how to set up and use a v3 agent + manager pair: http://erlangcentral.org/wiki/index.php?title=SNMP_Quick_Start The empty user name is not used anywhere explicitly, discovery happens behind the scenes.
>
> Regards,
> Daniel
>
> On 2014 May 20, at 15:45 , Dominik Pawlak <dominik_pawlak@REDACTED> wrote:
>
>> I'm trying to find a way to perform a snmpEngineID discovery process as defined in RFC3414 chapter 4 in a manager.
>>
>> The process is pretty simple: you send a v3, usm Request message with security level: noAuthNoPriv, empty user name, endineID and varbinds. The agent then sends a report containing his engineID.
>>
>> I tried registering agent with empty or no security name defined, but when I try to send the Request message I get:
>> snmpm:register_agent("u", "a", [{engine_id,[]},{address,[x,x,x,x]},{version,v3},{sec_model,usm},{sec_name,""},{sec_level,noAuthNoPriv}]).
>> snmpm:sync_get("u", "a", "auth", [], 1000).
>>
>> {error,{send_failed,1440625960,unknownSecurityName}}
>> =ERROR REPORT==== 20-May-2014::11:12:57 ===
>> [ snmp : manager : snmpm_mpd : <0.55.0> ]
>> MPD: CONFIG ERROR: unknownSecurityName (message: {message,'version-3',
>> {v3_hdr,996332938,484,
>> [4],
>> 3,undefined,undefined},
>> [48,24,4,0,4,4,97,117,116,
>> 104,160,14,2,4,85,222,53,
>> 40,2,1,0,2,1,0,48,0]})
>>
>> I also tried registering a usm user with an empty (one space) name:
>> snmpm:register_usm_user(" ", " ", [{sec_name, "initial"}]).
>> snmpm:register_agent("u", "a", [{engine_id, " "},{address,[x,x,x,x]},{version,v3},{sec_model,usm},{sec_name,"initial"},{sec_level,noAuthNoPriv}]).
>>
>> This time the message is sent, and the agent does respond with a message containing his engineID, but this information is not provided to the snmpm_user module:
>>
>> =INFO REPORT==== 20-May-2014::12:21:45 ===
>> SNMPM default user callback received handle_error:
>> ReqId: -1
>> Reason: {failed_processing_message,
>> {securityError,usmStatsUnknownEngineIDs}}
>> UserData: undefined
>> {error,{timeout,1440625963}}
>>
>> What is the proper way of doing this?
>> --
>> Cheers,
>> Dominik Pawlak
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140521/d102396d/attachment.htm>
More information about the erlang-questions
mailing list