Mailing List Archive: loopback interface as source for snmp

loopback interface as source for snmp

Apr 14, 2005, 9:07 AM

Post #1 of 4 (2228 views)

hi there,

we're using big iron 4000 switches.

i'd like to receive and address all management data for/from the router
via one defined network interface. that's why i configured a loopback
interface and defined this interfacce as source.

ip router-id 10.10.1.1
snmp-server community ..... ro
snmp-server community ..... rw
no snmp-server pw-check
snmp-server trap-source loopback 1
snmp-server host 10.10.11.25
interface loopback 1
ip address 10.10.1.1 255.255.255.0
!
ip tftp source-interface loopback 1
ip sntp source-interface loopback 1

consequently, all snmp traps are send via loopback 1. that's fine so far.
but nonetheless, all snmpqueries, i.e. snmpwalk, from snmp managemnet
hosts are NOT answered by the loopback interface, but by the interface
of the shortest route, i.e.:

if i do a

# snmpwalk -v 1 -c public 10.10.1.1 system

i wont get an answer from 10.10.1.1 but from the interface with the
shortest route to the snmp workstation.

can anyone help? is there a way to bind the snmp answer to the loopback
interface?
thanks in advance for your help!

kind regards,
Mario Apitz

--

Mario Apitz . . . . . . . . Tel +49 30 5058 - 1853
System Architect. . . . . . . Fax +49 30 5058 - 1600
Pixelpark AG . . . . . . . . ICQ 34164059
Rotherstr. 8 . . . . . . . . Web http://pixelpark.com
10245 Berlin, Germany . . . . .

GnuPG Public Key: http://pixels.pixelpark.com/~apitz/pub.key

***********************************************************************

Der Gesch?ftsbereich Informationstechnologie der Pixelpark AG ist
spezialisiert auf:
- Web Services,
- Application-Hosting,
- Managed Hosting,
- Netzwerk-Management- und Service Level Management-L?sungen,
- Security L?sungen,
- Lasttests sowie
- Server- und Storagel?sungen.
N?here Informationen erhalten Sie unter: http://www.pixelpark.net

***********************************************************************
This e-mail has been sent by Pixelpark AG, Germany. It is intended for
the named recipient only. The information contained in this message and
any attachments hereto are confidential and may be legally privileged.
If you have received this e-mail in error or are not the intended
recipient, please immediately notify the sender by return e-mail and
delete this message and all attachments to it from your system without
keeping a copy. Thank you for your cooperation.
***********************************************************************

loopback interface as source for snmp [ In reply to ]

apitz at pixelpark

Apr 14, 2005, 10:17 AM

Post #2 of 4 (2165 views)

Permalink

hi mark,

yes i tried this. that's exactly how the bigiron behaves.
i sniffed the packets, because i was wondering about missing answers
from 10.10.1.1 .

snmptraps are working pretty fine, due to the
config line

snmp-server trap-source loopback 1

do you have any further ideas?

kind regards,

Mario

Mark Loveley wrote:
> On 4/14/05, Mario Apitz <apitz at pixelpark.com> wrote:
>
>>i wont get an answer from 10.10.1.1 but from the interface with the
>>shortest route to the snmp workstation.
>
>
> Have you tried this? AFAIK the snmpwalk program is making a connection
> using UDP, therefore you will get a response back from the address
> that you poll.
>
> snmptraps are generated from the bigiron and so you have the ability
> to set the source address.
>
> HTH
> Mark

--

Mario Apitz . . . . . . . . Tel +49 30 5058 - 1853
System Architect. . . . . . . Fax +49 30 5058 - 1600
Pixelpark AG . . . . . . . . ICQ 34164059
Rotherstr. 8 . . . . . . . . Web http://pixelpark.com
10245 Berlin, Germany . . . . .

GnuPG Public Key: http://pixels.pixelpark.com/~apitz/pub.key

***********************************************************************

Der Gesch?ftsbereich Informationstechnologie der Pixelpark AG ist
spezialisiert auf:
- Web Services,
- Application-Hosting,
- Managed Hosting,
- Netzwerk-Management- und Service Level Management-L?sungen,
- Security L?sungen,
- Lasttests sowie
- Server- und Storagel?sungen.
N?here Informationen erhalten Sie unter: http://www.pixelpark.net

***********************************************************************
This e-mail has been sent by Pixelpark AG, Germany. It is intended for
the named recipient only. The information contained in this message and
any attachments hereto are confidential and may be legally privileged.
If you have received this e-mail in error or are not the intended
recipient, please immediately notify the sender by return e-mail and
delete this message and all attachments to it from your system without
keeping a copy. Thank you for your cooperation.
***********************************************************************

loopback interface as source for snmp [ In reply to ]

Bruce.Rodger at strath

Apr 14, 2005, 11:19 AM

Post #3 of 4 (2177 views)

Permalink

Mario,

what version of code are you using?

It's a bug. It didn't exist in the 7.7 code train, but was there in 7.8.0a

It is resolved in 7.8.0d

From my dialogue with Foundry:

"The 7.8.00d is released now the bug is #33598 .The description of the
bug is different, but this issue " SNMP uses a different interface IP
while responding to a get request " has been addressed in this issue. I
verified the issue has been fixed in 7800d code."

Bruce.

On Thu, 14 Apr 2005, Mario Apitz wrote:

> hi there,
>
> we're using big iron 4000 switches.
>
> i'd like to receive and address all management data for/from the router
> via one defined network interface. that's why i configured a loopback
> interface and defined this interfacce as source.
>
>
> ip router-id 10.10.1.1
> snmp-server community ..... ro
> snmp-server community ..... rw
> no snmp-server pw-check
> snmp-server trap-source loopback 1
> snmp-server host 10.10.11.25
> interface loopback 1
> ip address 10.10.1.1 255.255.255.0
> !
> ip tftp source-interface loopback 1
> ip sntp source-interface loopback 1
>
>
> consequently, all snmp traps are send via loopback 1. that's fine so far.
> but nonetheless, all snmpqueries, i.e. snmpwalk, from snmp managemnet
> hosts are NOT answered by the loopback interface, but by the interface
> of the shortest route, i.e.:
>
> if i do a
>
> # snmpwalk -v 1 -c public 10.10.1.1 system
>
> i wont get an answer from 10.10.1.1 but from the interface with the
> shortest route to the snmp workstation.
>
>
> can anyone help? is there a way to bind the snmp answer to the loopback
> interface?
> thanks in advance for your help!
>
>
>
> kind regards,
> Mario Apitz
>
>

--
Bruce Rodger |Bruce.Rodger at strath.ac.uk PGP key available
Network Manager, IT Services |http://www.strath.ac.uk/IT/People/bruce.html
The University of Strathclyde | +44 (0)141 548 3300
Glasgow G4 0LN, Scotland. | Fax 553 4100

loopback interface as source for snmp [ In reply to ]

apitz at pixelpark

Apr 15, 2005, 3:22 AM

Post #4 of 4 (2157 views)

Permalink

hi bruce,

thanks a lot. i am using:

Compressed Pri Code size = 3637669, Version 07.8.00bT53 (b2r07800b.bin)

i'll try the version 7.8.0d and hope this helps.

kind regards,
Mario

Bruce Rodger wrote:
> Mario,
>
> what version of code are you using?
>
> It's a bug. It didn't exist in the 7.7 code train, but was there in 7.8.0a
>
> It is resolved in 7.8.0d
>
> From my dialogue with Foundry:
>
>
> "The 7.8.00d is released now the bug is #33598 .The description of the
> bug is different, but this issue " SNMP uses a different interface IP
> while responding to a get request " has been addressed in this issue. I
> verified the issue has been fixed in 7800d code."
>
> Bruce.

--

Mit freundlichen Gr?ssen

Mario Apitz . . . . . . . . Tel +49 30 5058 - 1853
System Architect. . . . . . . Fax +49 30 5058 - 1600
Pixelpark AG . . . . . . . . ICQ 34164059
Rotherstr. 8 . . . . . . . . Web http://pixelpark.com
10245 Berlin, Germany . . . . .

GnuPG Public Key: http://pixels.pixelpark.com/~apitz/pub.key

***********************************************************************

Der Gesch?ftsbereich Informationstechnologie der Pixelpark AG ist
spezialisiert auf:
- Web Services,
- Application-Hosting,
- Managed Hosting,
- Netzwerk-Management- und Service Level Management-L?sungen,
- Security L?sungen,
- Lasttests sowie
- Server- und Storagel?sungen.
N?here Informationen erhalten Sie unter: http://www.pixelpark.net

***********************************************************************
This e-mail has been sent by Pixelpark AG, Germany. It is intended for
the named recipient only. The information contained in this message and
any attachments hereto are confidential and may be legally privileged.
If you have received this e-mail in error or are not the intended
recipient, please immediately notify the sender by return e-mail and
delete this message and all attachments to it from your system without
keeping a copy. Thank you for your cooperation.
***********************************************************************