Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2232
Views
0
Helpful
4
Replies

APIC SNMP engineID

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎08-01-2018 07:12 AM - edited ‎06-04-2019 02:40 AM

Hi folks,

 

for some reason my APIC does not reveal an SNMP engine ID:

 

 

apic1# show snmp summary 

Active Policy: SNMP-NAME, Admin State: enabled

Local SNMP engineID: [Hex] Not Found

----------------------------------------
Community Description 
----------------------------------------

------------------------------------------------------------
User Authentication Privacy 
------------------------------------------------------------
PRTG hmac-sha1-96 aes-128 

------------------------------------------------------------
Client-Group Mgmt-Epg Clients
------------------------------------------------------------
PRTG-SNMP default (Out-Of-Band) ###.###.###.###

------------------------------------------------------------
Host Port Version Level SecName 
------------------------------------------------------------
###.###.###.### 162 v2c noauth Public 
###.###.###.### 162 v2c noauth WHATEVER

 

 

SNMP ist configured and the fabric switches all have engine IDs...

Only for the controller I can't find a way to configure one. Searching the web I found  a couple of screenshots and examples where the APIC does indeed have an engine ID, so I guess mine is not supposed to be behaving the way it does.

What am I missing? Can I manually assign an ID somewhere? Shouldn't there be one by default?

 

Kind regards,
Nik

2 people had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎09-11-2018 06:51 AM

Sorry to answer my own question but maybe it'll be helpful to others.

 

So, as I already stated in an answer below the first thing one can do to get the SNMP engine ID on an APIC to show up is configure a Community Policy under the SNMP policy. This feels kind of counter-intuitive if one is using SNMPv3 but hey, it works.

However this does not mean, the APIC won't use an engine ID without a community. As a matter of fact, packet captures show that the APIC does indeed send it's engine ID in SNMP reports even if the community is not configured. It just doesn't show up in the CLI which is kind of unexpected.

This is also TAC-confirmed behavior. They said, SNMP simply works differently on the APICs than on the leaf and spine switches thus there are differences in the output as well. - Fine, I don't have to understand that but I definitely can live with it.

 

tl;dr

Configure a community and "show snmp engineid" will reveal the ID on the APIC

Leave the community or delete it, the engine ID stays the same and is sent in messages even if it's not presented in the output of aforementioned CLI command any more.

 

Kind regards,

Nik

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Ahmed Boujelben
Level 1
Level 1

‎09-03-2018 04:07 AM

Hi Nik,

 

We have issued the same problem. How did you resolve the issue ?

 

Regards,

Ahmed

0 Helpful

Go to solution
Nik Noltenius
Spotlight
Spotlight
In response to Ahmed Boujelben

‎09-03-2018 11:34 PM

Hi Ahmed,

unfortunately we haven't been able to resolve the issue yet. I will update the thread, if we ever find a solution...

Regards,
Nik

0 Helpful

Go to solution
Nik Noltenius
Spotlight
Spotlight
In response to Ahmed Boujelben

‎09-10-2018 12:03 AM

Hi Ahmed,

 

I wouldn't call it a solution per se, but we figured out, that the APICs generate an engine ID as soon as a community policy is configured under the SNMP policy.

We are only using SNMPv3 so from my understanding we wouldn't have required a community, but apparently it is a way to have an engine ID for the APICs. I'm not sure if there are any side-effects, though.

 

Regards,
Nik

0 Helpful

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎09-11-2018 06:51 AM

Sorry to answer my own question but maybe it'll be helpful to others.

 

So, as I already stated in an answer below the first thing one can do to get the SNMP engine ID on an APIC to show up is configure a Community Policy under the SNMP policy. This feels kind of counter-intuitive if one is using SNMPv3 but hey, it works.

However this does not mean, the APIC won't use an engine ID without a community. As a matter of fact, packet captures show that the APIC does indeed send it's engine ID in SNMP reports even if the community is not configured. It just doesn't show up in the CLI which is kind of unexpected.

This is also TAC-confirmed behavior. They said, SNMP simply works differently on the APICs than on the leaf and spine switches thus there are differences in the output as well. - Fine, I don't have to understand that but I definitely can live with it.

 

tl;dr

Configure a community and "show snmp engineid" will reveal the ID on the APIC

Leave the community or delete it, the engine ID stays the same and is sent in messages even if it's not presented in the output of aforementioned CLI command any more.

 

Kind regards,

Nik

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents