That sounds quite possible.
The "client" (i.e. the proxying system) needs to synchronise with the
internal clock on the "server" for the SNMPv3 request to succeed.
This is handled automatically, but may well take longer than the
timeout for the original management app.
One possibility might be to insert a dummy MIB module,
which sent a query to the remote system when the proxy
server first starts up.

Hi Dave,

I added a '-e' flag to the proxy line in snmpd.conf:

proxy -e 80001370010A00002A -v 3 ...as before...

However, I've just realised that regardless of whether or not the engine
ID is specified, it's only my /first/ request that fails. Subsequent
requests are fine. Obviously in my previously testing I didn't have
time to issue /two/ requests in a row! :)

Attaching a packet sniffer it looks like, when the first request is
sent, there's a whole series of exchanges between net-snmp and my other
agent (over a period of around 4 seconds), which culminates in my other
agent returning the requested value. However, by this time, the snmpget
request has returned "NULL". The next request is fine (and seems to
only involve a single get/response pair - presumably net-snmp is now
able to maintain the details of the second agent):

$ /etc/init.d/snmpd restart
$ snmpget -v3 -lauthNoPriv -aMD5 -Apassword -uuser localhost
.1.3.6.1.4.1.162.etc
(returns almost immediately)
SNMPv2-SMI::enterprises.162.etc = NULL
$ snmpget -v3 -lauthNoPriv -aMD5 -Apassword -uuser localhost
.1.3.6.1.4.1.162.etc
(returns almost immediately)
SNMPv2-SMI::enterprises.162.etc = INTEGER: 1

So the problem is not what I first thought - but it looks like the
request that is being made to net-snmp is being sent a response before
net-snmp has finished negotiating with the second agent.

This is not such a big deal (there's a pretty simple workaround), but it
does seem curious.

Cheers,


Alistair.


-----Original Message-----
From: ***@googlemail.com [mailto:***@googlemail.com] On
Behalf Of Dave Shield
Sent: 12 March 2009 16:17
To: Young, Alistair
Cc: net-snmp-***@lists.sourceforge.net
Subject: Re: net-snmp proxy configuration
That would be my first approach, certainly.
How exactly did you try to do this?


Dave


Please help Logica to respect the environment by not printing this email / Merci d'aider Logica � pr�server l'environnement en �vitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente n�o imprimindo este correio electr�nico.



This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.