Theodore Wynnychenko
2016-06-11 23:45:32 UTC
Hello
I am not a Perl programmer (or anything like one), and (honestly) am not
completely sure this is where I should post my observation/question; but, I
think the perl net::snmp module is where the problem lies, so I decided to try
here first.
In any case, I have recently decided to get snmp working on my network to be
used with icinga2 for monitoring. To that end, I was going to use MRTG (via the
check_mrtgtraf monitoring plugin for nagios/icinga) to watch network interface
usage.
I have set up net-snmp and this is working. I also have set up snmp on several
pieces of hardware that include snmp capabilities. As a matter of principle, I
have enabled snmpV3 where available.
But, while I have had no problems with snmpV3 using net-snmp, for one class of
hardware (old APC UPS Network Management cards - Model AP9617 circa 2007), I
have no trouble getting snmp data using snmpV3 with net-snmp, but snmpV3 fails
with Perl's Net::snmp (although snmpV1 works).
So, MRTG uses Perl and Net::smnp to collect data. There is a utility called
cfgmaker included.
First, as an example, with a non-problem piece of hardware (an old HP LaserJet
printer):
Using net-smnp tools:
# snmpwalk -v 3 -a MD5 -A <pass> -u <user> -x DES -X <pass> -l authPriv -n
Jetdirect 10.0.128.250
SNMPv2-MIB::sysDescr.0 = STRING: HP ETHERNET MULTI-ENVIRONMENT,ROM
C.25.80,JETDIRECT,JD115,EEPROM V.28.06,CIDATE 04/27/2004
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.11.2.3.9.1
SNMPv2-MIB::sysUpTime.0 = Timeticks: (240889502) 27 days, 21:08:15.02
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: <name>
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 64
....ETC....
If I use MRTG's cfgmaker:
# /usr/local/bin/cfgmaker --ifref=eth --enablesnmpv3 --username <user>
--authpassword <pass> --authprotocol md5 --privprotocol des --privpassword
<pass> --contextengineid 0x0000000b00110abb64570001 --contextname Jetdirect
10.0.128.250:::::3
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on ***@10.0.128.250:::::3
--base: Vendor Id: hp
--base: Populating confcache
--base: Get Interface Info
--base: Walking ifIndex
--snpd: ***@10.0.128.250:::::3 -> 1 -> ifIndex = 1
--snpd: ***@10.0.128.250:::::3 -> 2 -> ifIndex = 2
....ETC....
If I try to use snmpv3 with the APC hardware, net-snmp works:
# snmpwalk -v 3 -a MD5 -A <pass> -u <user> -x DES -X <pass> -l authPriv
10.0.128.182
SNMPv2-MIB::sysDescr.0 = STRING: APC Web/SNMP Management Card (MB:v3.9.2
PF:v3.7.3 PN:apc_hw02_aos_373.bin AF1:v3.7.2 AN1:apc_hw02_sumx_372.bin MN:AP9617
HR:5 SN: JA0143000596 MD:10/24/2001) (Embedded PowerNet SNMP Agent SW v2.2
compatible)
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.318.1.3.2.8
SNMPv2-MIB::sysUpTime.0 = Timeticks: (19348130) 2 days, 5:44:41.30
SNMPv2-MIB::sysContact.0 = STRING: <***@my.com>
SNMPv2-MIB::sysName.0 = STRING: <name>
SNMPv2-MIB::sysLocation.0 = STRING: <location>
SNMPv2-MIB::sysServices.0 = INTEGER: 72
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::snmpModules.10.3.1.1
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::snmpModules.11.3.1.1
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::snmpModules.15.2.1.1
SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::snmpModules.16.2.1.1
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB Module from SNMPv2 entities
SNMPv2-MIB::sysORDescr.2 = STRING: SNMP Management Architecture MIB
SNMPv2-MIB::sysORDescr.3 = STRING: Message Processing and Dispatching MIB
SNMPv2-MIB::sysORDescr.4 = STRING: USM User MIB
SNMPv2-MIB::sysORDescr.5 = STRING: VACM MIB
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (0) 0:00:00.00
....ETC...
Also, I can connect to the hardware with snmpV1 via cfgmaker and Net::snmp:
# cfgmaker --ifref=eth ***@10.0.128.182
--base: Get Device Info on ***@10.0.128.182:
--base: Vendor Id: Unknown Vendor - 1.3.6.1.4.1.318.1.3.2.8
--base: Populating confcache
--base: Get Interface Info
--base: Walking ifIndex
--snpd: ***@10.0.128.182: -> 1 -> ifIndex = 1
--snpd: ***@10.0.128.182: -> 2 -> ifIndex = 2
...ETC...
But, with cfgmaker and smnpV3, I see:
# /usr/local/bin/cfgmaker --ifref=eth --enablesnmpv3 --username <user>
--authpassword <pass> --authprotocol md5 --privprotocol des --privpassword
<pass> --contextengineid 0x8000013E0300C0B764D02C 10.0.128.182:::::3
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on ***@10.0.128.182:::::3
Use of uninitialized value in pattern match (m//) at
/usr/local/libdata/perl5/site_perl/Net/SNMP.pm line 2620.
SNMPopen failed: Time synchronization failed during discovery
at /usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 1580.
Net_SNMP_util::snmpopen("public\@10.0.128.182:::::3:v4only", 0,
ARRAY(0x1e34855688f8)) called at
/usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 1690
Net_SNMP_util::snmpwalk_flg("public\@10.0.128.182:::::3:v4only", undef,
HASH(0x1e34dcbad868), "1.3.6.1.2.1.1") called at
/usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 786
Net_SNMP_util::snmpwalk("public\@10.0.128.182:::::3:v4only",
HASH(0x1e34dcbad868), "1.3.6.1.2.1.1") called at /usr/local/bin/cfgmaker line
951
main::DeviceInfo("public\@10.0.128.182:::::3", HASH(0x1e34da908af0),
HASH(0x1e34dcbad868)) called at /usr/local/bin/cfgmaker line 142
main::main() called at /usr/local/bin/cfgmaker line 160
SNMPWALK Problem for ***@10.0.128.182:::::3:v4only at /usr/local/bin/cfgmaker
line 951.
WARNING: Skipping ***@10.0.128.182:::::3 as no info could be retrieved
Use of uninitialized value $comment_sysdescr in substitution (s///) at
/usr/local/bin/cfgmaker line 379.
Use of uninitialized value $sysname in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $comment_sysdescr in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $syscontact in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $syslocation in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
....ETC...
Now, it seems to me that the failure is not with MRTG's cfgmaker, but within
Net::snmp.
Not really knowing what I am talking about, it appears that cfgmaker calls
Net::snmp; then Net::snmp tries to establish a snmpV3 connection with the
hardware, but fails: "Use of uninitialized value in pattern match (m//) at
/usr/local/libdata/perl5/site_perl/Net/SNMP.pm line 2620."
This initial failure with Net::snmp then leads to a lack of data, and all the
subsequent errors.
The problem could be with the hardware, but that seems unlikely since net-snmp
tools work with it. Also, the problem does not seem to lie within MRTG's
cfgmaker, since the error appears to occur when control has been passed to
Net::snmp to establish a snmpV3 connection, but is unable to.
Exactly why this may be, I have no idea.
But, again, on principle, I would like to get this working. If anyone has any
ideas on what I could do to get this working, please let me know.
Thanks in advance.
Ted
I am not a Perl programmer (or anything like one), and (honestly) am not
completely sure this is where I should post my observation/question; but, I
think the perl net::snmp module is where the problem lies, so I decided to try
here first.
In any case, I have recently decided to get snmp working on my network to be
used with icinga2 for monitoring. To that end, I was going to use MRTG (via the
check_mrtgtraf monitoring plugin for nagios/icinga) to watch network interface
usage.
I have set up net-snmp and this is working. I also have set up snmp on several
pieces of hardware that include snmp capabilities. As a matter of principle, I
have enabled snmpV3 where available.
But, while I have had no problems with snmpV3 using net-snmp, for one class of
hardware (old APC UPS Network Management cards - Model AP9617 circa 2007), I
have no trouble getting snmp data using snmpV3 with net-snmp, but snmpV3 fails
with Perl's Net::snmp (although snmpV1 works).
So, MRTG uses Perl and Net::smnp to collect data. There is a utility called
cfgmaker included.
First, as an example, with a non-problem piece of hardware (an old HP LaserJet
printer):
Using net-smnp tools:
# snmpwalk -v 3 -a MD5 -A <pass> -u <user> -x DES -X <pass> -l authPriv -n
Jetdirect 10.0.128.250
SNMPv2-MIB::sysDescr.0 = STRING: HP ETHERNET MULTI-ENVIRONMENT,ROM
C.25.80,JETDIRECT,JD115,EEPROM V.28.06,CIDATE 04/27/2004
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.11.2.3.9.1
SNMPv2-MIB::sysUpTime.0 = Timeticks: (240889502) 27 days, 21:08:15.02
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: <name>
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 64
....ETC....
If I use MRTG's cfgmaker:
# /usr/local/bin/cfgmaker --ifref=eth --enablesnmpv3 --username <user>
--authpassword <pass> --authprotocol md5 --privprotocol des --privpassword
<pass> --contextengineid 0x0000000b00110abb64570001 --contextname Jetdirect
10.0.128.250:::::3
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on ***@10.0.128.250:::::3
--base: Vendor Id: hp
--base: Populating confcache
--base: Get Interface Info
--base: Walking ifIndex
--snpd: ***@10.0.128.250:::::3 -> 1 -> ifIndex = 1
--snpd: ***@10.0.128.250:::::3 -> 2 -> ifIndex = 2
....ETC....
If I try to use snmpv3 with the APC hardware, net-snmp works:
# snmpwalk -v 3 -a MD5 -A <pass> -u <user> -x DES -X <pass> -l authPriv
10.0.128.182
SNMPv2-MIB::sysDescr.0 = STRING: APC Web/SNMP Management Card (MB:v3.9.2
PF:v3.7.3 PN:apc_hw02_aos_373.bin AF1:v3.7.2 AN1:apc_hw02_sumx_372.bin MN:AP9617
HR:5 SN: JA0143000596 MD:10/24/2001) (Embedded PowerNet SNMP Agent SW v2.2
compatible)
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.318.1.3.2.8
SNMPv2-MIB::sysUpTime.0 = Timeticks: (19348130) 2 days, 5:44:41.30
SNMPv2-MIB::sysContact.0 = STRING: <***@my.com>
SNMPv2-MIB::sysName.0 = STRING: <name>
SNMPv2-MIB::sysLocation.0 = STRING: <location>
SNMPv2-MIB::sysServices.0 = INTEGER: 72
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::snmpModules.10.3.1.1
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::snmpModules.11.3.1.1
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::snmpModules.15.2.1.1
SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::snmpModules.16.2.1.1
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB Module from SNMPv2 entities
SNMPv2-MIB::sysORDescr.2 = STRING: SNMP Management Architecture MIB
SNMPv2-MIB::sysORDescr.3 = STRING: Message Processing and Dispatching MIB
SNMPv2-MIB::sysORDescr.4 = STRING: USM User MIB
SNMPv2-MIB::sysORDescr.5 = STRING: VACM MIB
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (0) 0:00:00.00
....ETC...
Also, I can connect to the hardware with snmpV1 via cfgmaker and Net::snmp:
# cfgmaker --ifref=eth ***@10.0.128.182
--base: Get Device Info on ***@10.0.128.182:
--base: Vendor Id: Unknown Vendor - 1.3.6.1.4.1.318.1.3.2.8
--base: Populating confcache
--base: Get Interface Info
--base: Walking ifIndex
--snpd: ***@10.0.128.182: -> 1 -> ifIndex = 1
--snpd: ***@10.0.128.182: -> 2 -> ifIndex = 2
...ETC...
But, with cfgmaker and smnpV3, I see:
# /usr/local/bin/cfgmaker --ifref=eth --enablesnmpv3 --username <user>
--authpassword <pass> --authprotocol md5 --privprotocol des --privpassword
<pass> --contextengineid 0x8000013E0300C0B764D02C 10.0.128.182:::::3
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on ***@10.0.128.182:::::3
Use of uninitialized value in pattern match (m//) at
/usr/local/libdata/perl5/site_perl/Net/SNMP.pm line 2620.
SNMPopen failed: Time synchronization failed during discovery
at /usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 1580.
Net_SNMP_util::snmpopen("public\@10.0.128.182:::::3:v4only", 0,
ARRAY(0x1e34855688f8)) called at
/usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 1690
Net_SNMP_util::snmpwalk_flg("public\@10.0.128.182:::::3:v4only", undef,
HASH(0x1e34dcbad868), "1.3.6.1.2.1.1") called at
/usr/local/libdata/perl5/site_perl/Net_SNMP_util.pm line 786
Net_SNMP_util::snmpwalk("public\@10.0.128.182:::::3:v4only",
HASH(0x1e34dcbad868), "1.3.6.1.2.1.1") called at /usr/local/bin/cfgmaker line
951
main::DeviceInfo("public\@10.0.128.182:::::3", HASH(0x1e34da908af0),
HASH(0x1e34dcbad868)) called at /usr/local/bin/cfgmaker line 142
main::main() called at /usr/local/bin/cfgmaker line 160
SNMPWALK Problem for ***@10.0.128.182:::::3:v4only at /usr/local/bin/cfgmaker
line 951.
WARNING: Skipping ***@10.0.128.182:::::3 as no info could be retrieved
Use of uninitialized value $comment_sysdescr in substitution (s///) at
/usr/local/bin/cfgmaker line 379.
Use of uninitialized value $sysname in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $comment_sysdescr in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $syscontact in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
Use of uninitialized value $syslocation in concatenation (.) or string at
/usr/local/bin/cfgmaker line 412.
....ETC...
Now, it seems to me that the failure is not with MRTG's cfgmaker, but within
Net::snmp.
Not really knowing what I am talking about, it appears that cfgmaker calls
Net::snmp; then Net::snmp tries to establish a snmpV3 connection with the
hardware, but fails: "Use of uninitialized value in pattern match (m//) at
/usr/local/libdata/perl5/site_perl/Net/SNMP.pm line 2620."
This initial failure with Net::snmp then leads to a lack of data, and all the
subsequent errors.
The problem could be with the hardware, but that seems unlikely since net-snmp
tools work with it. Also, the problem does not seem to lie within MRTG's
cfgmaker, since the error appears to occur when control has been passed to
Net::snmp to establish a snmpV3 connection, but is unable to.
Exactly why this may be, I have no idea.
But, again, on principle, I would like to get this working. If anyone has any
ideas on what I could do to get this working, please let me know.
Thanks in advance.
Ted