Solved

SNMP - 32 bit or 64 bit counters.

Posted on 2006-11-13
2
990 Views
Last Modified: 2013-12-27
Hi,

I'm not sure if this is the right group for this, so if not, please advise on the proper group and I'll post there.

I have a number of scripts that I am using to poll our firewalls for various metric information. This info I then feed into a RRDtool database. My scripts make use of the snmpget.pl and snmpwalk.pl, which are part of the CPAN Net::Snmp package. I use these because I need the flexibility of specifying the target port...the Check Point SNMP agent is listening on port 260 rather than the traditional port 161.

A few of the OID's began returning some unexpected data. Two successive polling cycles, which are five minutes a part, returned 325535997 and -3964693308. These values are from counters that are counting the number of accepted packets. I had been specifying SNMP v 1 in my "get" commands, and I thought I would see if I received the same results if I used v 2c. When I attempted to execute the command, I get this:
# /usr/local/bin/snmpget.pl -v 2c -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
snmpget: No response from remote host '166.68.134.85'

However, if I specify v 1:
# /usr/local/bin/snmpget.pl -v 1 -c public -p 260 166.68.134.85 1.3.6.1.4.1.2620.1.1.26.3.1.0
1.3.6.1.4.1.2620.1.1.26.3.1.0 = INTEGER: -516928233

So, why can I not access the fw using v 2c? Is this setup in the agent configuration, and would the results I obtained trying to use v 2c imply that it was not active on the machine?

And how about counters? Are they a function of the OS or of the agent? Check Point's documentation doesn't state if the counters are 32 or 64 bit, but I'm beginning to think they may be 64bit, and that I need to use SNMP v 2c and not 1...or do I?

If anyone could shed some light on this I would greatly appreciate it. Oh, BTW these are all Solaris SPARC v9.

Thanks,
Jeff

0
Comment
Question by:jpetter
2 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 17936055
I think SNMP v 1 only work with -v 1 , SNMPv3 work with  -v 3 etc.
see this doc:
http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/sma/net-snmp/README.snmpv3

Solaris 9, the default SNMP agent is SNMPV1

type in:

/path-to/snmpd -v

to find out.

For more info on this see "man snmpd.conf" and/or the Net-SNMP FAQ: http://www.net-snmp.org/docs/FAQ.html (scroll to the AGENT section)
0
 

Author Comment

by:jpetter
ID: 17937443
Thank you yuzh. This was exactly what I was looking for.

Thanks,
Jeff
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now