NetView 7.1.3 AIX 4.3.3
I am working on some AIX 5.2 nodes trying to get a "golden" SNMP
configuration. I have performed some tests and I have one thing holding me
back. I am getting a LOT of Authentication Failure traps coming into my
NetView server from these "test" AIX machines. I set up packet sniffing on
one of the machines for the SNMP protocols and I see that there are attempts
to "talk" to the SNMP agent using the "public" community name from the lo0
localhost interface. Our community name for readOnly is not "public". I have
looked at the snmpd.log and it looks like before these Authentication
Failure traps are sent there is some SMUX activity. Is there a configuration
for SMUX where the community name needs to be set?
Here is a sample of the packet where the "public" community name is used:
====( 71 bytes transmitted on interface lo0 )==== 14:37:03.919638085
OTHER packet (IP)
IP header breakdown:
< SRC = 156.81.227.74 > (pbsxst00001.fritolay.pvt)
< DST = 156.81.227.74 > (pbsxst00001.fritolay.pvt)
ip_v=4, ip_hl=20, ip_tos=0, ip_len=71, ip_id=6432, ip_off=0
ip_ttl=30, ip_sum=0, ip_p = 17 (UDP)
UDP header breakdown:
<source port=32896, <destination port=161(snmp) >
[ udp length = 51 | udp checksum = 4adf ]
00000000 30290201 00040670 75626c69 63a01c02 |0).....public...|
00000010 01010201 00020100 3011300f 060b2b06 |........0.0...+.|
00000020 01040102 02010101 000500 |........... |
Thanks again,
Scott Bursik
|