Solved

SNMP - 32 bit or 64 bit counters.

Posted on 2006-11-13
2
987 Views
Last Modified: 2013-12-27
Hi,

I'm not sure if this is the right group for this, so if not, please advise on the proper group and I'll post there.

I have a number of scripts that I am using to poll our firewalls for various metric information. This info I then feed into a RRDtool database. My scripts make use of the snmpget.pl and snmpwalk.pl, which are part of the CPAN Net::Snmp package. I use these because I need the flexibility of specifying the target port...the Check Point SNMP agent is listening on port 260 rather than the traditional port 161.

A few of the OID's began returning some unexpected data. Two successive polling cycles, which are five minutes a part, returned 325535997 and -3964693308. These values are from counters that are counting the number of accepted packets. I had been specifying SNMP v 1 in my "get" commands, and I thought I would see if I received the same results if I used v 2c. When I attempted to execute the command, I get this:
# /usr/local/bin/snmpget.pl -v 2c -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
snmpget: No response from remote host '166.68.134.85'

However, if I specify v 1:
# /usr/local/bin/snmpget.pl -v 1 -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
1.3.6.1.4.1.2620.1.1.26.3.1.0 = INTEGER: -516928233

So, why can I not access the fw using v 2c? Is this setup in the agent configuration, and would the results I obtained trying to use v 2c imply that it was not active on the machine?

And how about counters? Are they a function of the OS or of the agent? Check Point's documentation doesn't state if the counters are 32 or 64 bit, but I'm beginning to think they may be 64bit, and that I need to use SNMP v 2c and not 1...or do I?

If anyone could shed some light on this I would greatly appreciate it. Oh, BTW these are all Solaris SPARC v9.

Thanks,
Jeff

0
Comment
Question by:jpetter
2 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 17936055
I think SNMP v 1 only work with -v 1 , SNMPv3 work with  -v 3 etc.
see this doc:
http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/sma/net-snmp/README.snmpv3

Solaris 9, the default SNMP agent is SNMPV1

type in:

/path-to/snmpd -v

to find out.

For more info on this see "man snmpd.conf" and/or the Net-SNMP FAQ: http://www.net-snmp.org/docs/FAQ.html (scroll to the AGENT section)
0
 

Author Comment

by:jpetter
ID: 17937443
Thank you yuzh. This was exactly what I was looking for.

Thanks,
Jeff
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now