All,
Just in case : AIX 4.3.3 ML 9 + NV 6.0
I'm trying to understand why the trapd.logs of a NetView server
contain 1000s authenticationFailure traps per day. These traps
are sent by both MLMs and network devices although the read
and write communities *are* OK.
I suspect they are caused by the community used in traps.
Has anyone a clear understanding of how the MLMs and NetView
handle communities in traps ?
Q1 : does the MLM check the community in a trap it receives
from a network device ?
Q2 : does the MLM assume the "public" community ?
Q3 : if not, where is the expected community defined in the MLM ?
snmpd.conf ? I could find no field in the APM policy windows.
Q4 : does the MLM replace the trap community when forwarding
a trap to the NetView server ?
Q5 : where is this new community defined in the MLM ?
snmpd.conf ? which statement(s) ?
Q6 : does the NetView server check the community in a trap
it receives from an MLM ? (it could be considered that
the MLM-NV TCP connection provides enough security [?] )
Q7 : does the NetView server check the community in a trap
it receives from a network device ?
Q8 : does the NetView server assume the "public" community ?
any difference between the Q6 and Q7 cases ?
Q9 : where in the NetView server is/are the expected trap
communities defined ? snmpd.conf ? which statements ?
Quite some questions I'm afraid ! Thanks in advance.
Best regards,
Philippe.
- - -
Philippe MÉNARD
Networking Delivery Support Center
Mail : pme@fr.ibm.com
Phone : +33 (0)4 92 11 54 21
Fax : +33 (0)4 93 24 49 07
|