Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1173
Views
0
Helpful
4
Replies

SNMPV3 walk is not working with Cisco router running version XR-7.6.2

mailatgk
Level 1
Level 1

‎10-15-2024 08:25 AM - edited ‎10-17-2024 07:20 AM

i am getting issue as below when i do snmpwalk to the node.

[root@k8sc-node1-1 ~]# snmpwalk -v3 -l authPriv -u auto -a md5 -A secureone -x AES128 -X privatetwo 13.20.234.89
SNMPv2-SMI::mib-2 = No more variables left in this MIB View (It is past the end of the MIB tree)

Node config:

RP/0/RP0/CPU0:NCS-1#configure t
Tue Oct 15 14:46:21.634 UTC
RP/0/RP0/CPU0:NCS(config)#snmp-server user auto auto v3 auth md5 secureone priv aes 128 privatetwo
RP/0/RP0/CPU0:NCS(config)#snmp-server group auto v3 priv notify auto read auto
RP/0/RP0/CPU0:NCS(config)#snmp-server community auto RW

Labels:
0 Helpful
4 Replies 4

Mark Elsen
Hall of Fame
Hall of Fame

‎10-15-2024 11:34 PM

 

         - FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy43949

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎10-15-2024 11:52 PM

You are running latest code that should not be an issue.

what Linux distro you trying SNMP walk ?  Have you tried configured SNMPv2 and see if that works 

Once SNMP v2 working, try simple config and see that works 

snmp-server group auto v3 priv

snmp-server user user auto v3 auth md5 “xxxxxxxxx” priv  aes 128 "yyyyyyyyyyyyyy" SystemOwner

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mailatgk
Level 1
Level 1
In response to balaji.bandi

‎10-17-2024 07:10 AM - edited ‎10-21-2024 07:53 AM

Thanks Balaji for your response.

I am trying from below linux version. Yes SNMPV2 is working fine for this router.

[root@s ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: RedHatEnterprise
Description: Red Hat Enterprise Linux release 8.8 (Ootpa)
Release: 8.8
Codename: Ootpa

Even SNMPV3 walk is working fine with Cisco router running version XRv-6.4.2 from this linux machine. We are facing this issue with other XR version 7.6.2 and 7.11.2.  Not sure where is the problem.

SNMP debug packet at Failing node :

RP/0/RP0/CPU0:cisco_7.11.2#RP/0/RP0/CPU0:Oct 16 19:20:58.791 IST: snmpd[1002]: t9049 Packet received via UDP from 13.49.211.81

RP/0/RP0/CPU0:Oct 16 19:20:58.791 IST: snmpd[1002]: t9049 RECV 64 bytes from 13.49.211.81:63161 to 192.16.6.98, vrfid 0x60000001, tblid 0xe0000001

RP/0/RP0/CPU0:Oct 16 19:20:58.792 IST: snmpd[1002]: t24283 SEND 106 bytes to 13.49.211.81-63161 from 192.16.6.98-161, req_id 2031726168 vrfid 0x60000001, tblid 0xe0000001

RP/0/RP0/CPU0:Oct 16 19:20:58.792 IST: snmpd[1002]: t24283 Packet sent via UDP to 13.49.211.81

RP/0/RP0/CPU0:Oct 16 19:20:58.792 IST: snmpd[1002]: t24283 No of nmsQ with zero element:3 No of nmsQ:3::STOP LOOPING

 

SNMP debug packet at working node:

 

RP/0/RP0/CPU0:XRV#RP/0/RP0/CPU0:Oct 16 19:57:52.929 UTC: snmpd[1002]: t7749 Packet received via UDP from 13.49.211.81

RP/0/RP0/CPU0:Oct 16 19:57:52.930 UTC: snmpd[1002]: t7749 RECV 64 bytes from 13.49.211.81:11665 to 101.121.34.107, vrfid 0x60000001, tblid 0xe0000001

RP/0/RP0/CPU0:Oct 16 19:57:52.930 UTC: snmpd[1002]: t7726 SEND 106 bytes to 13.49.211.81-11665 from 101.121.34.107-161, req_id 72343299 vrfid 0x60000001, tblid 0xe0000001

RP/0/RP0/CPU0:Oct 16 19:57:52.930 UTC: snmpd[1002]: t7726 Packet sent via UDP to 13.49.211.81

RP/0/RP0/CPU0:Oct 16 19:57:52.930 UTC: snmpd[1002]: t7726 No of nmsQ with zero element:2 No of nmsQ:2::STOP LOOPING

 

 

Tcpdump captured at Linux for failing node :Cisco XRV 7.11.2

 

We can see that payload is not received from router and only linux is sending the same to node.

 

[root@~k8sc-node1-1]# tcpdump -i ens3 port 161

dropped privs to tcpdump

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes

21:53:38.106074 IP k8sc-node1-1 > 13.49.217.93.snmp:  F=r U="" E= C="" GetRequest(14)

21:53:38.107457 IP 13.49.217.93.snmp > k8sc-node1-1:  F= U="" E=_00_00_00_09_03_00_fa_16_3e_ff_76_94 C="" Report(31)  S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=28

21:53:38.107842 IP k8sc-node1-1 > 13.49.217.93.snmp:  F=apr U="auto" [!scoped PDU]68_11_43_46_3a_65_a0_83_ef_0a_a6_1c_93_68_45_84_b2_2a_c1_d5_7d_ca_72_36_46_fc_67_af_0b_0f_a0_66_7f_f8_44_f6_97_a3_17_d9_d9_62_6f_9e_45

21:53:39.108509 IP k8sc-node1-1 > 13.49.217.93.snmp:  F=apr U="auto" [!scoped PDU]2f_59_b5_33_f6_75_22_74_22_c4_ee_d7_e2_39_a6_c6_f3_a7_ce_77_bb_c3_ea_38_c5_72_1f_5b_81_ff_bc_61_29_65_71_3f_51_fe_66_be_f0_69_cc_1f_ec

21:53:40.109497 IP 2311-k8-node1-1.cluster.local.45184 > 13.49.217.93.snmp:  F=apr U="auto" [!scoped PDU]5a_fb_7f_61_2c_33_43_ca_08_42_b1_4c_c0_63_29_7a_a5_19_85_02_09_6b_0c_fe_cf_89_73_49_25_ad_2e_08_05_e4_a9_fc_3b_a7_d9_c8_e1_41_ce_45_34

21:53:40.832765 IP 2311-k8sc-node1-1.cluster.local.8259 > 13.49.217.93.snmp:  F=apr U="auto" [!scoped PDU]a9_05_00_8c_c5_90_92_bb_92_46_1e_a1_59_1e_b5_91_5d_27_6d_c7_d5_04_5b_a0_31_66_ca_c2_b2_89_19_aa_11_4e_d2_19_44_8a_12_4f_84_0c_f6_7b_94_5b_00_22_aa_bd_f9_20

21:53:40.834209 IP 135.249.217.93.snmp > 2311-k8sc-node1-1.cluster.local.8259:  F= U="auto" E=_00_00_00_09_03_00_fa_16_3e_ff_76_94 C="" Report(32)  S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsWrongDigests.0=9366

21:53:41.110476 IP k8sc-node1-1 > 135.249.217.93.snmp:  F=apr U="auto" [!scoped PDU]62_5f_f7_c2_fc_bc_55_d8_ee_4b_86_44_9e_69_1b_bd_78_3e_0a_67_76_ca_0a_b2_c1_02_af_c0_a8_09_9f_25_20_ae_37_52_66_84_c5_cc_52_1a_7e_d1_68

21:53:42.111818 IP k8sc-node1-1 > 135.249.217.93.snmp:  F=apr U="auto" [!scoped PDU]68_19_09_3e_49_5c_05_95_95_be_32_ac_a3_9d_c2_92_1b_31_87_0c_b0_f1_e5_2a_33_ad_73_15_8a_63_75_8f_16_ed_46_dd_98_77_89_4e_bc_72_5e_51_8a

21:53:43.112511 IP k8sc-node1-1 > 135.249.217.93.snmp:  F=apr U="auto" [!scoped PDU]99_5d_f1_e6_f6_7a_14_ff_3f_78_aa_3c_c1_69_70_15_71_b4_06_97_37_60_ca_4d_d5_26_8e_2f_f6_1f_6f_ea_be_da_b3_10_96_9e_23_00_d4_6b_42_05_c1

 

Tcpdump captured at Linux for working node: Cisco XRV 6.4.2

 

We can see payload from both router and Linux here .

 

[root@2311-k8sc-node1-1 ~]# tcpdump -i ens3 port 161

dropped privs to tcpdump

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes

22:07:59.871608 IP 2311-k8sc-node1-1.cluster.local.38147 > 101.121.34.107.snmp:  F=r U="" E= C="" GetRequest(14)

22:07:59.873813 IP 101.121.34.107.snmp > 2311-k8sc-node1-1.cluster.local.38147:  F= U="" E=_00_00_00_09_03_00_52_54_00_0e_4e_c2 C="" Report(31)  S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=5

22:07:59.873969 IP 2311-k8sc-node1-1.cluster.local.38147 > 10.12.34.107.snmp:  F=apr U="auto" [!scoped PDU]33_d6_ba_dc_37_0b_2e_c4_51_a5_45_03_ee_77_a7_12_4e_e2_10_e8_aa_b1_80_c5_f2_8b_aa_f0_34_60_cb_a8_41_d2_a7_9a_b4_d0_2c_1d_2c_a5_13_07_d1

22:07:59.875675 IP 101.121.34.107.snmp > 2311-k8sc-node1-1.cluster.local.38147:  F=ap U="auto" [!scoped PDU]c0_b3_d4_37_cb_b6_c4_4c_25_28_65_aa_60_a7_68_e2_51_42_a6_bf_9c_35_8e_2a_84_40_8c_ae_8e_a0_fc_42_f8_81_80_fa_da_a9_85_3a_45_89_03_c8_51_9f_4f_7c_03_49_18_ec_84_f0_70_aa_be_27_c2_4c_70_57_fd_d9_b0_b4_1d_cd_ce_67_85_2e_46_ca_ab_fd_cc_c8_2e_14_3c_a7_48_a6_c0_e3_e7_36_7d_41_9f_bf_94_0e_fd_8f_e1_54_98_bf_e2_8b_12_84_39_50_09_09_20_19_5b_15_b8_de_99_87_f3_b9_a8_94_9f_4f_4e_43_f5_eb_5c_ac_aa_89_8c_fc_ef_ba_5a_2b_d9_b9_33_df_5a_4e_db_db_e0_d2_c0_b4

22:07:59.875853 IP 2311-k8sc-node1-1.cluster.local.38147 > 101.121.34.107.snmp:  F=apr U="auto" [!scoped PDU]91_01_2d_1d_65_ef_00_66_a2_0f_a1_63_a2_5f_f8_ee_13_01_ed_30_9e_fd_e4_61_99_cb_99_4a_c4_19_e4_c5_52_65_55_63_db_4e_59_e3_05_e4_e6_4b_de_16_bd_db

22:07:59.877164 IP 101.121.34.107.snmp > 2311-k8sc-node1-1.cluster.local.38147:  F=ap U="auto" [!scoped PDU]d4_29_77_37_d1_12_ba_b0_4b_51_65_f2_09_1a_c4_01_eb_3f_8f_ed_84_ed_24_bc_7b_f7_2a_f4_ab_b1_71_2f_c5_38_12_30_95_66_d7_f9_5f_81_94_2f_f9_67_62_4d_82_ab_40_b8_17_68_3d_cd_07

22:07:59.877322 IP 2311-k8sc-node1-1.cluster.local.38147 > 101.121.34.107.snmp:  F=apr U="auto" [!scoped PDU]b1_cf_f6_52_63_65_d3_de_9b_63_3f_8b_87_9f_23_5e_73_68_bb_bb_a0_f5_31_e8_b8_3a_1c_ce_ff_51_76_90_3a_21_ac_15_c7_34_84_aa_08_e2_f3_5f_d2_da_d0_e6

22:07:59.878543 IP 101.121.34.107.snmp > 2311-k8sc-node1-1.cluster.local.38147:  F=ap U="auto" [!scoped PDU]ae_42_2b_81_26_2c_15_c8_3b_b1_11_b9_80_83_3a_75_53_3e_eb_ed_11_71_1c_ee_7b

I am getting timed out.

[root@k8sc-node1-1 ~]# snmpwalk -v3 -l authPriv -u auto -a md5 -A secureone -x AES128 -X privatetwo 13.49.217.93
Timeout: No Response from 13.49.217.93

 

 

 

0 Helpful

mailatgk
Level 1
Level 1
In response to mailatgk

‎10-21-2024 07:49 AM

Hi @balaji.bandi ,

Did you get chance to check on this issue ?

Regards

Karuppiah

0 Helpful
Customers Also Viewed These Support Documents