Discussion:
Query on Linux support of if-mib (old ifTable implementation vs new)
Murali Karicheri
2016-11-08 15:18:59 UTC
Permalink
Does Linux support if-mib (new version of ifTable) or do we have to use old version (mibII/interfaces?
--
Murali Karicheri
Linux Kernel, Keystone
Murali Karicheri
2016-11-09 17:14:38 UTC
Permalink
Hi, Users,
Post by Murali Karicheri
Does Linux support if-mib (new version of ifTable) or do we have to use old version (mibII/interfaces?
From the README.agent-mibs, I gather the following:-
IF-MIB
ifNumber.0 U $2 ~3.2 O mibII/interfaces.c
ifTableLastChange.0 ---
ifTable (old) U $2 ~3.5 O mibII/interfaces.c
ifTable (new) L 5.2 M if-mib/ifTable/*
ifTable (new) FOS 5.4 M if-mib/ifTable/*
ifXTable L 5.2 M if-mib/ifXTable/*
ifXTable FOS 5.4 M if-mib/ifXTable/*
ifStackLastChange.0 ---
ifStackTable ---
ifTestTable ---
ifRcvAddressTable ---


So it looks like ifTable (new) and ifXTable are supported in Linux. Also by running
the net-snmp manually using -Dmib_init -H, I can see IF-MIB is getting loaded.

Some reason, a query to the target from a Linux PC returns me no MIB. I see following
logs at the Linux PC:-

snmpwalk -v 2c -c public <IP address of target board> interfaces 2>/dev/null
IF-MIB::interfaces = No more variables left in this MIB View (It is past the end of the MIB tree)


At the target I invoked snmpd with -d option to see the packets coming in and going out as
below. Also made sure the ifTable and ifXTable MIBs are loaded. Do you know what else is
missing to allow querying IF-MIB..

Also updated the /etc/snmp/snmpd.conf to enable access to the specific MIBs as below. I am
assuming my snmpd.conf is not setup properly to allow this query to go through, but I can't
figure what is wrong. I appreciate any suggestions to get this functional on my board.

Here is my /etc/snmp/snmpd.conf

# sec.name source community
com2sec paranoid default public
#com2sec readonly default public
#com2sec readwrite default private

####
# Second, map the security names into group names:

# sec.model sec.name
group MyROSystem v1 paranoid
group MyROSystem v2c paranoid
group MyROSystem usm paranoid
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
group MyRWGroup v1 readwrite
group MyRWGroup v2c readwrite
group MyRWGroup usm readwrite

####
# Third, create a view for us to let the groups have rights to:

# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
view intf included .iso.org.dod.internet.mgmt.mib-2.31
view intfold included .iso.org.dod.internet.mgmt.mib-2.interfaces

####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:

# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROSystem "" any noauth exact intf none none
access MyROSystem "" any noauth exact intfold none none
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none


Here is the hex dump of messages for the query.

NET-SNMP version 5.7.3

Received 41 byte packet from UDP: [158.218.103.164]:50197->[158.218.103.63]:161
0000: 30 27 02 01 01 04 06 70 75 62 6C 69 63 A1 1A 02 0'.....public...
0016: 04 31 F3 56 84 02 01 00 02 01 00 30 0C 30 0A 06 .1.V.......0.0..
0032: 06 2B 06 01 02 01 02 05 00 .+.......


Sending 41 bytes to UDP: [158.218.103.164]:50197->[158.218.103.63]:161
0000: 30 27 02 01 01 04 06 70 75 62 6C 69 63 A2 1A 02 0'.....public...
0016: 04 31 F3 56 84 02 01 00 02 01 00 30 0C 30 0A 06 .1.V.......0.0..
0032: 06 2B 06 01 02 01 02 82 00 .+.......

Also verified if-mib (ifTable and ifXTable) is loaded by invoking..

***@am57xx-evm:~# snmpd -f -Le -d -Dmib_init -H
registered debug token mib_init, 1
mib_init: initializing: usmConf
mib_init: initializing: iquery
mib_init: initializing: vacm_conf
mib_init: initializing: snmpMPDStats_5_5
mib_init: initializing: usmStats_5_5
mib_init: initializing: snmpEngine
mib_init: initializing: usmUser
mib_init: initializing: snmp_mib_5_5
mib_init: initializing: system_mib
mib_init: initializing: sysORTable
mib_init: initializing: vacm_vars
mib_init: initializing: setSerialNo
mib_init: initializing: at
mib_init: initializing: ip
mib_init: initializing: tcp
mib_init: initializing: icmp
mib_init: initializing: udp
mib_init: initializing: ipv6
mib_init: initializing: disk_hw
mib_init: initializing: proc
mib_init: initializing: versioninfo
mib_init: initializing: pass
mib_init: initializing: pass_persist
mib_init: initializing: loadave
mib_init: initializing: extend
mib_init: initializing: errormib
mib_init: initializing: file
mib_init: initializing: dlmod
mib_init: initializing: proxy
mib_init: initializing: logmatch
mib_init: initializing: memory
mib_init: initializing: vmstat
mib_init: initializing: snmpNotifyTable
mib_init: initializing: snmpNotifyFilterProfileTable
mib_init: initializing: notification_log
mib_init: initializing: target_counters_5_5
mib_init: initializing: snmpTargetAddrEntry
mib_init: initializing: snmpTargetParamsEntry
mib_init: initializing: nsTransactionTable
mib_init: initializing: nsModuleTable
mib_init: initializing: nsDebug
mib_init: initializing: nsCache
mib_init: initializing: nsLogging
mib_init: initializing: nsVacmAccessTable
mib_init: initializing: mteScalars
mib_init: initializing: mteTrigger
mib_init: initializing: mteTriggerTable
mib_init: initializing: mteTriggerDeltaTable
mib_init: initializing: mteTriggerExistenceTable
mib_init: initializing: mteTriggerBooleanTable
mib_init: initializing: mteTriggerThresholdTable
mib_init: initializing: mteTriggerConf
mib_init: initializing: mteEvent
mib_init: initializing: mteEventTable
mib_init: initializing: mteEventSetTable
mib_init: initializing: mteEventNotificationTable
mib_init: initializing: mteEventConf
mib_init: initializing: mteObjects
mib_init: initializing: mteObjectsTable
mib_init: initializing: mteObjectsConf
mib_init: initializing: schedCore
mib_init: initializing: schedConf
mib_init: initializing: schedTable
mib_init: initializing: override
mib_init: initializing: hrh_storage
mib_init: initializing: hrh_filesys
mib_init: initializing: hrSWInstalledTable
mib_init: initializing: hrSWRunTable
mib_init: initializing: hr_system
mib_init: initializing: hr_device
mib_init: initializing: hr_other
mib_init: initializing: hr_proc
mib_init: initializing: hr_network
mib_init: initializing: hr_print
mib_init: initializing: hr_disk
mib_init: initializing: hr_partition
mib_init: initializing: ifTable
mib_init: initializing: ifTable
mib_init: initializing: ifXTable
mib_init: initializing: ifXTable
mib_init: initializing: tcpConnectionTable
mib_init: initializing: tcpConnectionTable
mib_init: initializing: tcpListenerTable
mib_init: initializing: tcpListenerTable
mib_init: initializing: udpEndpointTable
mib_init: initializing: udpEndpointTable
mib_init: initializing: vacm_context
mib_init: initializing: var_route
mib_init: initializing: tcpTable
mib_init: initializing: udpTable
mib_init: initializing: ip_scalars
mib_init: initializing: snmpNotifyFilterTable
mib_init: initializing: snmpNotifyFilterTable
mib_init: initializing: swinst
mib_init: initializing: swrun
mib_init: initializing: hrSWRunPerfTable
mib_init: initializing: interface
mib_init: initializing: ipAddressTable
mib_init: initializing: ipAddressTable
mib_init: initializing: ipAddressPrefixTable
mib_init: initializing: ipAddressPrefixTable
mib_init: initializing: ipDefaultRouterTable
mib_init: initializing: ipDefaultRouterTable
mib_init: initializing: inetNetToMediaTable
mib_init: initializing: inetNetToMediaTable
mib_init: initializing: ipSystemStatsTable
mib_init: initializing: ipSystemStatsTable
mib_init: initializing: ipv6ScopeZoneIndexTable
mib_init: initializing: ipv6ScopeZoneIndexTable
mib_init: initializing: ipIfStatsTable
mib_init: initializing: ipIfStatsTable
mib_init: initializing: ipCidrRouteTable
mib_init: initializing: ipCidrRouteTable
mib_init: initializing: inetCidrRouteTable
mib_init: initializing: inetCidrRouteTable
mib_init: initializing: hw_fsys
mib_init: initializing: hw_mem
mib_init: initializing: cpu
mib_init: initializing: cpu_linux
Configuration directives understood:

=== cut rest of the logs =========
--
Murali Karicheri
Linux Kernel, Keystone
Bill Fenner
2016-11-13 06:17:18 UTC
Permalink
I think your problem is that you are trying to apply three different views
to one group:

# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROSystem "" any noauth exact intf none none
access MyROSystem "" any noauth exact intfold none none

You can only apply a single view to a given group; you have to create a
view that represents what you want that group to be able to see and map the
group to that view.

Bill
Post by Murali Karicheri
Hi, Users,
Post by Murali Karicheri
Does Linux support if-mib (new version of ifTable) or do we have to use
old version (mibII/interfaces?
Post by Murali Karicheri
From the README.agent-mibs, I gather the following:-
IF-MIB
ifNumber.0 U $2 ~3.2 O mibII/interfaces.c
ifTableLastChange.0 ---
ifTable (old) U $2 ~3.5 O mibII/interfaces.c
ifTable (new) L 5.2 M if-mib/ifTable/*
ifTable (new) FOS 5.4 M if-mib/ifTable/*
ifXTable L 5.2 M if-mib/ifXTable/*
ifXTable FOS 5.4 M if-mib/ifXTable/*
ifStackLastChange.0 ---
ifStackTable ---
ifTestTable ---
ifRcvAddressTable ---
So it looks like ifTable (new) and ifXTable are supported in Linux. Also by running
the net-snmp manually using -Dmib_init -H, I can see IF-MIB is getting loaded.
Some reason, a query to the target from a Linux PC returns me no MIB. I see following
logs at the Linux PC:-
snmpwalk -v 2c -c public <IP address of target board> interfaces 2>/dev/null
IF-MIB::interfaces = No more variables left in this MIB View (It is past
the end of the MIB tree)
At the target I invoked snmpd with -d option to see the packets coming in and going out as
below. Also made sure the ifTable and ifXTable MIBs are loaded. Do you know what else is
missing to allow querying IF-MIB..
Also updated the /etc/snmp/snmpd.conf to enable access to the specific MIBs as below. I am
assuming my snmpd.conf is not setup properly to allow this query to go through, but I can't
figure what is wrong. I appreciate any suggestions to get this functional on my board.
Here is my /etc/snmp/snmpd.conf
# sec.name source community
com2sec paranoid default public
#com2sec readonly default public
#com2sec readwrite default private
####
# sec.model sec.name
group MyROSystem v1 paranoid
group MyROSystem v2c paranoid
group MyROSystem usm paranoid
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
group MyRWGroup v1 readwrite
group MyRWGroup v2c readwrite
group MyRWGroup usm readwrite
####
# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
view intf included .iso.org.dod.internet.mgmt.mib-2.31
view intfold included .iso.org.dod.internet.mgmt.mib-2.interfaces
####
# Finally, grant the 2 groups access to the 1 view with different
# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROSystem "" any noauth exact intf none none
access MyROSystem "" any noauth exact intfold none none
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
Here is the hex dump of messages for the query.
NET-SNMP version 5.7.3
Received 41 byte packet from UDP: [158.218.103.164]:50197->[158.
218.103.63]:161
0000: 30 27 02 01 01 04 06 70 75 62 6C 69 63 A1 1A 02
0'.....public...
0016: 04 31 F3 56 84 02 01 00 02 01 00 30 0C 30 0A 06
.1.V.......0.0..
0032: 06 2B 06 01 02 01 02 05 00 .+.......
Sending 41 bytes to UDP: [158.218.103.164]:50197->[158.218.103.63]:161
0000: 30 27 02 01 01 04 06 70 75 62 6C 69 63 A2 1A 02
0'.....public...
0016: 04 31 F3 56 84 02 01 00 02 01 00 30 0C 30 0A 06
.1.V.......0.0..
0032: 06 2B 06 01 02 01 02 82 00 .+.......
Also verified if-mib (ifTable and ifXTable) is loaded by invoking..
registered debug token mib_init, 1
mib_init: initializing: usmConf
mib_init: initializing: iquery
mib_init: initializing: vacm_conf
mib_init: initializing: snmpMPDStats_5_5
mib_init: initializing: usmStats_5_5
mib_init: initializing: snmpEngine
mib_init: initializing: usmUser
mib_init: initializing: snmp_mib_5_5
mib_init: initializing: system_mib
mib_init: initializing: sysORTable
mib_init: initializing: vacm_vars
mib_init: initializing: setSerialNo
mib_init: initializing: at
mib_init: initializing: ip
mib_init: initializing: tcp
mib_init: initializing: icmp
mib_init: initializing: udp
mib_init: initializing: ipv6
mib_init: initializing: disk_hw
mib_init: initializing: proc
mib_init: initializing: versioninfo
mib_init: initializing: pass
mib_init: initializing: pass_persist
mib_init: initializing: loadave
mib_init: initializing: extend
mib_init: initializing: errormib
mib_init: initializing: file
mib_init: initializing: dlmod
mib_init: initializing: proxy
mib_init: initializing: logmatch
mib_init: initializing: memory
mib_init: initializing: vmstat
mib_init: initializing: snmpNotifyTable
mib_init: initializing: snmpNotifyFilterProfileTable
mib_init: initializing: notification_log
mib_init: initializing: target_counters_5_5
mib_init: initializing: snmpTargetAddrEntry
mib_init: initializing: snmpTargetParamsEntry
mib_init: initializing: nsTransactionTable
mib_init: initializing: nsModuleTable
mib_init: initializing: nsDebug
mib_init: initializing: nsCache
mib_init: initializing: nsLogging
mib_init: initializing: nsVacmAccessTable
mib_init: initializing: mteScalars
mib_init: initializing: mteTrigger
mib_init: initializing: mteTriggerTable
mib_init: initializing: mteTriggerDeltaTable
mib_init: initializing: mteTriggerExistenceTable
mib_init: initializing: mteTriggerBooleanTable
mib_init: initializing: mteTriggerThresholdTable
mib_init: initializing: mteTriggerConf
mib_init: initializing: mteEvent
mib_init: initializing: mteEventTable
mib_init: initializing: mteEventSetTable
mib_init: initializing: mteEventNotificationTable
mib_init: initializing: mteEventConf
mib_init: initializing: mteObjects
mib_init: initializing: mteObjectsTable
mib_init: initializing: mteObjectsConf
mib_init: initializing: schedCore
mib_init: initializing: schedConf
mib_init: initializing: schedTable
mib_init: initializing: override
mib_init: initializing: hrh_storage
mib_init: initializing: hrh_filesys
mib_init: initializing: hrSWInstalledTable
mib_init: initializing: hrSWRunTable
mib_init: initializing: hr_system
mib_init: initializing: hr_device
mib_init: initializing: hr_other
mib_init: initializing: hr_proc
mib_init: initializing: hr_network
mib_init: initializing: hr_print
mib_init: initializing: hr_disk
mib_init: initializing: hr_partition
mib_init: initializing: ifTable
mib_init: initializing: ifTable
mib_init: initializing: ifXTable
mib_init: initializing: ifXTable
mib_init: initializing: tcpConnectionTable
mib_init: initializing: tcpConnectionTable
mib_init: initializing: tcpListenerTable
mib_init: initializing: tcpListenerTable
mib_init: initializing: udpEndpointTable
mib_init: initializing: udpEndpointTable
mib_init: initializing: vacm_context
mib_init: initializing: var_route
mib_init: initializing: tcpTable
mib_init: initializing: udpTable
mib_init: initializing: ip_scalars
mib_init: initializing: snmpNotifyFilterTable
mib_init: initializing: snmpNotifyFilterTable
mib_init: initializing: swinst
mib_init: initializing: swrun
mib_init: initializing: hrSWRunPerfTable
mib_init: initializing: interface
mib_init: initializing: ipAddressTable
mib_init: initializing: ipAddressTable
mib_init: initializing: ipAddressPrefixTable
mib_init: initializing: ipAddressPrefixTable
mib_init: initializing: ipDefaultRouterTable
mib_init: initializing: ipDefaultRouterTable
mib_init: initializing: inetNetToMediaTable
mib_init: initializing: inetNetToMediaTable
mib_init: initializing: ipSystemStatsTable
mib_init: initializing: ipSystemStatsTable
mib_init: initializing: ipv6ScopeZoneIndexTable
mib_init: initializing: ipv6ScopeZoneIndexTable
mib_init: initializing: ipIfStatsTable
mib_init: initializing: ipIfStatsTable
mib_init: initializing: ipCidrRouteTable
mib_init: initializing: ipCidrRouteTable
mib_init: initializing: inetCidrRouteTable
mib_init: initializing: inetCidrRouteTable
mib_init: initializing: hw_fsys
mib_init: initializing: hw_mem
mib_init: initializing: cpu
mib_init: initializing: cpu_linux
=== cut rest of the logs =========
--
Murali Karicheri
Linux Kernel, Keystone
------------------------------------------------------------
------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Net-snmp-users mailing list
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Loading...