cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7931
Views
0
Helpful
7
Replies

Query of SNMP device times out, wireshark shows response

malweth
Level 1
Level 1

I am using EEM 4.0 on IOS 15.3.3M1 (universal) on a 2951 router.

I have snmp-server manager set.

I'm trying this two ways, one with just EEM Action statements, the other as an EEM Tcl Policy. Both are registered to "none."

EEM code:

action 001.0 info type snmp oid <oid> set-type int 1 community PRIVATE ipaddr 10.1.1.2

action 002.0 info type snmp oid <oid2> get-type exact community PUBLIC ipaddr 10.1.1.2

action 003.0 syslog msg $_info_snmp_value

Tcl code:

::cisco::eem::event_register_none
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*

set myOID <oid>

set myOID2 <oid2>

array set snmp_res [sys_reqinfo_snmp oid $myOID set_any int 1 community PRIVATE ipaddr 10.1.1.2]
array set snmp_res2 [sys_reqinfo_snmp oid $myOID2 get_type exact community PUBLIC ipaddr 10.1.1.2]

action_syslog msg "Value received $snmp_res2(value)"

Both send the SNMP query then receive an SNMP message. This repeats, then times out. The SNMP message received does not appear to be parsed or used, but wireshark shows a valid SNMP v2c response from the device. When configured to query a Cisco switch (using different OIDs), the same problem occurs in the same way.

With debug snmp packets The output received is:
SNMP: Packet send via UDP to 10.1.1.2.161
SNMP: Packet received via UDP from 10.1.1.2 on GigabitEthernet2/0.42
SNMP: Set request, reqid 1, errstat 0, errindex 0

SNMP: Packet send via UDP to 10.1.1.2.161

SNMP: Packet received via UDP from 10.1.1.2 on GigabitEthernet2/0.42

SNMP: Set request, reqid 2, errstat 0, errindex 0

<oid> = 1

%HA_EM-7-FMFD_SNMP_RESP_TIMEOUT: fh_fd_do_snmp_request_remote: SNMP response has timed out

SNMP: Packet send via UDP to 10.1.1.2.161
SNMP: Packet received via UDP from 10.1.1.2 on GigabitEthernet2/0.42
SNMP: Get request, reqid 3, errstat 0, errindex 0
SNMP: Packet send via UDP to 10.1.1.2.161
SNMP: Packet received via UDP from 10.1.1.2 on GigabitEthernet2/0.42
SNMP: Get request, reqid 4, errstat 0, errindex 0
<oid2> = NULL TYPE/VALUE
%HA_EM-7-FMFD_SNMP_RESP_TIMEOUT: fh_fd_do_snmp_request_remote: SNMP response has timed out

1 Accepted Solution

Accepted Solutions

Do you have the SNMP agent enabled on your sending device?  You need that.  Try configuring:

snmp-server community PUBLIC RO

View solution in original post

7 Replies 7

Joe Clarke
Cisco Employee
Cisco Employee

It would be useful to see the actual OIDs as well as the time it takes for the response.  Posting the sniffer trace would be helpful, too.

We are testing this with a cisco router (as configured in the original post) on 10.1.1.254 and cisco switch (embedded 3750) on 10.1.1.253.

The OID we're using is the ifAlias corresponding to GigabitEthernet0/1 on the switch. The description was set to "UNUSED" was changed to "TEST" and the wireshark capture shows the original, the successful change, and the verification of the change.

Here's the event manager policy we're using for this test:

event manager applet swtest
event none maxrun 120
action 000.0 info type snmp oid 1.3.6.1.2.1.31.1.1.1.18.10101 get-type exact community PUBLIC ipaddr 10.1.1.253
action 001.0 info type snmp oid 1.3.6.1.2.1.31.1.1.1.18.10101 set-type string TEST community PUBLIC ipaddr 10.1.1.253
action 002.0 info type snmp oid 1.3.6.1.2.1.31.1.1.1.18.10101 get-type exact community PUBLIC ipaddr 10.1.1.253
action 003.0 syslog msg "$_info_snmp_value"
!

The router output (timestamped) is in "snmp_debugs.txt"

The wireshark capture is in "SNMP_wireshark_capture.txt"

The switch is configured with:

snmp-server community PUBLIC RW

I had also read that SNMP SET was now supported in the Cisco Tcl EEM Library. Is documentation available for this? What is the command? The Tcl code version of this script works in the exact same way except that the SET operation command is invalid.

Thank you!

Can you enable and capture the following debugs as well:

debug event manager detector snmp

debug snmp timer

debug snmp header

Joseph,

I have enabled the debugs and kept the original debug snmp packets running. The output is attached along with the wireshark output from this particular run.

Thank you for the help.

Do you have the SNMP agent enabled on your sending device?  You need that.  Try configuring:

snmp-server community PUBLIC RO

Thank you! That was the exact problem. We don't normally run v2c.

Why does the router need to be set up as a server on that community string when it is acting as a client? The end device is a server using that string.

Thanks again!!

The manager and agent are very tightly integrated.  It doesn't surprise me there is a requirement to be running the SNMP Server.

Review Cisco Networking for a $25 gift card