I got a very prompt response from the net-snmp list on this issue. See the
details below. Apparently there is a problem handling 32-bit request IDs in
the lwIP 1.3.0 SNMP agent.
Regards,
Jesus Alvarez
-----Original Message-----
From: Dave Shield
Sent: Wednesday, February 18, 2009 10:53 AM
To: Jesus Alvarez
Cc: address@hidden
Subject: Re: Discrepancy in queries to lwIP
2009/2/18 Jesus Alvarez <address@hidden>:
Using net-snmp 5.4.2.1 under Windows a simple query to sysLocation.0
works.
Yet the same query fails from net snmp 5.4.1 under Debian Linux. The UDP
query and response is included below for both cases.
It appears that the lwIP SNMP agent is processing one of the queries
incorrectly but I can't identify what portion of the ASN-1 encoded
response
packet is causing the rejection. I also don't understand why the content
of
the query packets is different on the two versions. Any suggestions would
be
appreciated.
The first (successful) query is using a 16-bit request ID.
This is handled correctly by the remote agent,
which returns a response with the same ID:
Sending 41 bytes to UDP: [0.0.0.0]->[192.168.1.222]:161
0000: 30 27 02 01 00 04 06 70 75 62 6C 69 63 A0 1A 02
0'.....publicá..
0016: 02 32 0B...
Received 54 bytes from UDP: [0.0.0.0]->[192.168.1.222]:161
0000: 30 34 02 01 00 04 06 70 75 62 6C 69 63 A2 27 02
04.....publicó'.
0016: 02 32 0B...
Note that the last four octets are the same in both cases:
04 02 32 0B
The second (failing) query is using a 32-bit request ID.
This is perfectly valid, but the remote agent is mangling it,
and only returning the lower 16-bits in the response:
Sending 43 bytes to UDP: [192.168.1.222]:161
0000: 30 29 02 01 00 04 06 70 75 62 6C 69 63 A0 1C 02
0).....public...
0016: 04 1C 7B EC CB....
Received 55 bytes from UDP: [192.168.1.222]:161
0000: 30 35 02 01 00 04 06 70 75 62 6C 69 63 A2 28 02
05.....public.(.
0016: 03 00 EC CB....
Note: 02 04 1C 7B EC EB
becomes 02 03 00 EC CB
The client notes that the request ID in the response doesn't
match the original one, so discards the message.
This is a bug in the remote agent. Complain to the lwIP people.
As a workaround:
$ man snmp.conf
16bitIDs yes
restricts requestIDs, etc to 16-bit values.
The SNMP specifications define these ID fields as 32-bit
quantities, and the Net-SNMP library typically ini-
tialises them to random values for security. However
certain (broken) agents cannot handle ID values greater
than 2^16 - this option allows interoperability with such
agents.
[Note: this goes in snmp.conf, *not* snmpd.conf]
Dave
_______________________________________________
lwip-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/lwip-users