[j-nsp] potential bug in SNMP engine on JunOS 13.3R6.5

Drew Weaver drew.weaver at thenap.com
Mon Nov 30 13:37:27 EST 2015 

Ah, turns out that there is something doing NAT between the NMS and the router that appears to be mangling the UDP packet.

-----Original Message-----
From: Drew Weaver 
Sent: Monday, November 30, 2015 12:03 PM
To: Drew Weaver <drew.weaver at thenap.com>; 'juniper-nsp at puck.nether.net' <juniper-nsp at puck.nether.net>
Subject: RE: potential bug in SNMP engine on JunOS 13.3R6.5

Here is a little bit of additional information.

I figured out that it doesn't actually have anything to do with the pfxcnt being 0.

If I do this locally in junos it works fine:

show snmp mib walk decimal 1.3.6.1.2.1.15.3.1

but if I do snmpwalk -v2c -c {community} {ip} 1.3.6.1.2.1.15.3.1 it times out halfway through (only with the third peer established, though}.

-Drew

-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Drew Weaver
Sent: Monday, November 30, 2015 11:33 AM
To: 'juniper-nsp at puck.nether.net' <juniper-nsp at puck.nether.net>
Subject: [j-nsp] potential bug in SNMP engine on JunOS 13.3R6.5

Howdy,

I am trying to monitor the status of a BGP session that has no prefixes using SNMP:

admin at MX80> show bgp summary
Groups: 2 Peers: 3 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       2          2          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
169.254.255.1          xxxx      81677      87593       0      11     3w6d11h 1/1/1/0              0/0/0/0
169.254.255.57         xxxx      81677      87595       0      10     3w6d11h 1/1/1/0              0/0/0/0
172.16.0.10           65003          3          6       0       1          59 0/0/0/0              0/0/0/0

if I snmpwalk 1.3.6.1.2.1.15.3 (notice the timeout at the end)

[root at linuxweb html]# snmpwalk -v2c -c yyyy xxxx 1.3.6.1.2.1.15.3
SNMPv2-SMI::mib-2.15.3.1.1.169.254.255.1 = IpAddress: 169.254.255.1
SNMPv2-SMI::mib-2.15.3.1.1.169.254.255.57 = IpAddress: 169.254.255.57
SNMPv2-SMI::mib-2.15.3.1.1.172.16.0.10 = IpAddress: 209.190.5.162
SNMPv2-SMI::mib-2.15.3.1.2.169.254.255.1 = INTEGER: 6
SNMPv2-SMI::mib-2.15.3.1.2.169.254.255.57 = INTEGER: 6
SNMPv2-SMI::mib-2.15.3.1.2.172.16.0.10 = INTEGER: 6
SNMPv2-SMI::mib-2.15.3.1.3.169.254.255.1 = INTEGER: 2
SNMPv2-SMI::mib-2.15.3.1.3.169.254.255.57 = INTEGER: 2
SNMPv2-SMI::mib-2.15.3.1.3.172.16.0.10 = INTEGER: 2
SNMPv2-SMI::mib-2.15.3.1.4.169.254.255.1 = INTEGER: 4
SNMPv2-SMI::mib-2.15.3.1.4.169.254.255.57 = INTEGER: 4
SNMPv2-SMI::mib-2.15.3.1.4.172.16.0.10 = INTEGER: 4
SNMPv2-SMI::mib-2.15.3.1.5.169.254.255.1 = IpAddress: 169.254.255.2
SNMPv2-SMI::mib-2.15.3.1.5.169.254.255.57 = IpAddress: 169.254.255.58
Timeout: No Response from yyyy

if I snmpwalk the specific OID I need:

[root at linuxweb html]# snmpwalk -v2c -c xxxx yyyy 1.3.6.1.2.1.15.3.1.7
SNMPv2-SMI::mib-2.15.3.1.7.169.254.255.1 = IpAddress: 169.254.255.1
SNMPv2-SMI::mib-2.15.3.1.7.169.254.255.57 = IpAddress: 169.254.255.57
Timeout: No Response from yyyy

Anyone know a way around this? the BGP session with no prefixes is a backup tunnel and the prefixes will only activate when the primary goes offline. I would still like to monitor the bgp session between the two devices however.

Thanks.

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list