Hi,
I found what sounds like a similar problem
on Red Hat 3.0 with the net-snmp-5.0.8-11 on Red Hat 3.0. The cause
was a miss-match in the index numbers in the mib interfaces and ip tables
for the index number assign to the ip address.
Check the Net Snmp agent "
interfaces.ifTable.ifEntry.ifIndex" numbering, if there
are 3 interface, they should be number 1,2,3. Then compare it with the
" ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex" . value for interface
assigned to the ipAddress. If the ip address is assign to a value other
than one of the ifIndex values, then netmon can not determine interfaces
status. In my case NetView acted just like to described.
If you use NetView's ping it brings device up, then when NetView's snmp
checks the status, it goes back down. See example below of what
interface and ip tables might look like.
We checked the problem by updating the
to net-snmp-5.0.9-2.30E.6 for Red Hat.
Maybe there is a similar problem with
your netSNMP agent.
interfaces.ifTable.ifEntry.ifIndex.1
: INTEGER: 1
interfaces.ifTable.ifEntry.ifIndex.2
: INTEGER: 2
interfaces.ifTable.ifEntry.ifIndex.3
: INTEGER: 3
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1
: INTEGER: 1
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.1nn.xx.mm..nn
: INTEGER: 4 <<<< here is the problem <<<<<<
no such physical interface
Mark F Sklenarik
IBM SWG Tivoli Solutions
BSM Quality Assurance - Business Impact Management and Event Correlation
Software Quality Engineer
| |
lucian.vanghele@bisnet.ro
Sent by: owner-nv-l@lists.us.ibm.com
09/17/2004 05:09 AM
|
|
To
| nv-l@lists.us.ibm.com
|
|
cc
|
|
|
Subject
| Re: [nv-l] NetView, Firewalls
and netSNMP |
|
hi there!
be sure that in netmon.seed the firewall is SNMP managed
only. also you have to be sure that the other two addresses are not polled
hope this help
Sincerely Yours / al Dvs.
Lucian Vanghele,
"Vidal, Chaz" <chaz.vidal@eds.com>
Sent by: owner-nv-l@lists.us.ibm.com
09/17/2004 15:44 ZE10
Please respond to nv-l@lists.us.ibm.com
|
To
|
"'nv-l@lists.us.ibm.com'" <nv-l@lists.us.ibm.com>
|
|
cc
|
|
|
bcc
|
|
|
Subject
|
[nv-l] NetView, Firewalls and netSNMP
|
|
| |
NetView 7.1.3 with Fixpack 3 on Solaris 8 system.
I am trying to monitor a firewall for status. The firewall is a gauntlet
firewall-1 running on a solaris box using netSNMP 5.1.1 as its agent.
SNMP has been opened between NetView and the firewall and snmpwalk runs
correctly. The firewall has 3 interfaces only 1 of which is accessible
from
the NetView system.
I place the firewall as unmanaged and then I manage it. The following shows
up in the trapd.log file:
1095384180 7 Fri Sep 17 11:23:00 2004 firewall_name
I Node
managed.
1095384180 4 Fri Sep 17 11:23:00 2004 firewall_name
N SNMP
Address Changed to "10.10.10.142"
1095384180 7 Fri Sep 17 11:23:00 2004 firewall_name
I Interface
qfe1 managed.
1095384180 7 Fri Sep 17 11:23:00 2004 firewall_name
I Interface
eri0 managed.
1095384180 7 Fri Sep 17 11:23:00 2004 firewall_name
I Interface
qfe0 managed.
1095384188 4 Fri Sep 17 11:23:08 2004 firewall_name
N SNMP
Address Changed to "192.168.96.172"
1095384188 3 Fri Sep 17 11:23:08 2004 firewall_name
N Interface
eri0 down.
1095384188 3 Fri Sep 17 11:23:08 2004 firewall_name
N Interface
qfe1 down.
1095384188 3 Fri Sep 17 11:23:08 2004 firewall_name
N Interface
qfe0 down.
1095384188 3 Fri Sep 17 11:23:08 2004 firewall_name
N Router
Down.
I have already set the flag in netmon.conf to ignore the SNMP address coming
from the firewall. The 10.10 address is the one reachable by netview. The
firewall has (2) 192.168 addresses that is not reachable at all. What
happens is that everytime I manage the router, it automatically becomes
down
in NetView even though I can reach it via SNMP.
Also, a funny thing is that in the next poll cycle, NetView will see that
the firewall is up and will then proceed to bring the whole router
up.
Then the next poll cycle happens and I think NetView then detects that
the
10.10 interface is down again and will mark the whole router as so.
I am reasonably certain that the problem lies in the SNMP agent as I am
monitoring several firewalls this way and most of them work.
I am hesitant to forward this to Tivoli support as it might be an SNMP
agent
problem and NetView is only working as expected.
Take note that I do not manage the firewalls directly and their is another
firewall team responsible for them.
Any ideas would be much appreciated.
cheers,
Chaz Vidal
EDS Australia
|