Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1076
  • Last Modified:

SNMP - 32 bit or 64 bit counters.

Hi,

I'm not sure if this is the right group for this, so if not, please advise on the proper group and I'll post there.

I have a number of scripts that I am using to poll our firewalls for various metric information. This info I then feed into a RRDtool database. My scripts make use of the snmpget.pl and snmpwalk.pl, which are part of the CPAN Net::Snmp package. I use these because I need the flexibility of specifying the target port...the Check Point SNMP agent is listening on port 260 rather than the traditional port 161.

A few of the OID's began returning some unexpected data. Two successive polling cycles, which are five minutes a part, returned 325535997 and -3964693308. These values are from counters that are counting the number of accepted packets. I had been specifying SNMP v 1 in my "get" commands, and I thought I would see if I received the same results if I used v 2c. When I attempted to execute the command, I get this:
# /usr/local/bin/snmpget.pl -v 2c -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
snmpget: No response from remote host '166.68.134.85'

However, if I specify v 1:
# /usr/local/bin/snmpget.pl -v 1 -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
1.3.6.1.4.1.2620.1.1.26.3.1.0 = INTEGER: -516928233

So, why can I not access the fw using v 2c? Is this setup in the agent configuration, and would the results I obtained trying to use v 2c imply that it was not active on the machine?

And how about counters? Are they a function of the OS or of the agent? Check Point's documentation doesn't state if the counters are 32 or 64 bit, but I'm beginning to think they may be 64bit, and that I need to use SNMP v 2c and not 1...or do I?

If anyone could shed some light on this I would greatly appreciate it. Oh, BTW these are all Solaris SPARC v9.

Thanks,
Jeff

0
jpetter
Asked:
jpetter
1 Solution
 
yuzhCommented:
I think SNMP v 1 only work with -v 1 , SNMPv3 work with  -v 3 etc.
see this doc:
http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/sma/net-snmp/README.snmpv3

Solaris 9, the default SNMP agent is SNMPV1

type in:

/path-to/snmpd -v

to find out.

For more info on this see "man snmpd.conf" and/or the Net-SNMP FAQ: http://www.net-snmp.org/docs/FAQ.html (scroll to the AGENT section)
0
 
jpetterAuthor Commented:
Thank you yuzh. This was exactly what I was looking for.

Thanks,
Jeff
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now