LinuxQuestions.org

LinuxQuestions.org (http://www.linuxquestions.org/questions/index.php)
-   Linux - Networking (http://www.linuxquestions.org/questions/forumdisplay.php?f=3)
-   -   SNMPGET Timeout: No Response from (http://www.linuxquestions.org/questions/showthread.php?t=4175461157)

limdel 05-08-2013 09:43 AM

SNMPGET Timeout: No Response from
 
Hi,
I'm running crasy. i just finish a nagios installation.
Everything run fine until i decide to monitor my AS400.

I'm getting the following error when i run the following command from my Nagios server (CentOS 6.4 64bit, SElinux disabled):
Code:

[root@nagios ~]# /usr/bin/snmpget -c public -t 5 -v 1 10.84.1.11:161 .1.3.6.1.2.1.2.2.1.8.2
Timeout: No Response from 10.84.1.11:161.

The same command on a switch , it's ok
Code:

[root@nagios ~]# /usr/bin/snmpget -c public -v 1 10.84.0.13:161 .1.3.6.1.2.1.2.2.1.8.2
IF-MIB::ifOperStatus.2 = INTEGER: up(1)

From my windows station i get a positive reply:
Code:

C:\robot>snmpget -r:10.84.1.11 -t:1 -v:1 -c:public  -o:.1.3.6.1.2.1.2.2.1.8.2
SnmpGet v1.01 - Copyright (C) 2009 SnmpSoft Company
[ More useful network tools on http://www.snmpsoft.com ]

OID=.1.3.6.1.2.1.2.2.1.8.2
Type=Integer
Value=1

The AS400 return a filtered UDP port on 161 from nmap but i don't thing it should be an issue since i get an answer from my windows workstation.
Code:

C:\robot>nmap 10.84.1.11 -sU -p161

Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-07 18:31 SE Asia Standard Time
Nmap scan report for 10.84.1.11
Host is up (0.00s latency).
PORT    STATE        SERVICE
161/udp open|filtered snmp
MAC Address: 00:xx:xx:xx:xx:xx (IBM)

I also try to poweroff my nagios and set my windows station with the ip of Nagios...and it's work !

All hosts are on the same LAN, the only difference is that Nagios is hosted on VMware ESXi 4.1.

Any idea would be gratefully appreciated !

Laurent

unSpawn 05-08-2013 01:54 PM

Quote:

Originally Posted by limdel (Post 4947241)
SElinux disabled):

No need for that.


Quote:

Originally Posted by limdel (Post 4947241)
Code:

[root@nagios ~]# /usr/bin/snmpget

No need for being root either.


Quote:

Originally Posted by limdel (Post 4947241)
I also try to poweroff my nagios

No need to do that either...


Quote:

Originally Posted by limdel (Post 4947241)
The AS400 return a filtered UDP port on 161 from nmap

Firewall on the AS400?

limdel 05-08-2013 06:29 PM

Hi unSpawn,

i wanted to make it functional first then run as is should be, and at it was at first (permissive SElinux, logged as user).

If it were a firewall issue on the AS400, then i shouldn't be able to run a snmpget command from another box that had, temporally, the same IP of my nagios box ? am i right ?
Well as i said, when i tryed with my windows box, it's work !
AS400 IP: 10.84.1.11/22
original Nagios IP: 10.84.1.39/22
Windows box IP: 10.84.3.232/22

i did:
1-poweroff nagios
2-change windows box from 10.84.3.232/22 to 10.84.1.39/22
3-run the following command from my windows box and get a result:
Code:

snmpget -r:10.84.1.11 -t:1 -v:1 -c:public  -o:.1.3.6.1.2.1.2.2.1.8.2
OID=.1.3.6.1.2.1.2.2.1.8.2
Type=Integer
Value=1

4-change back windows box to original from 10.84.1.39/22 to 10.84.3.232/22
5-start my nagios box, run again the command and get this result:
Code:

/usr/bin/snmpget -c public -t 5 -v 1 10.84.1.11:161 .1.3.6.1.2.1.2.2.1.8.2
Timeout: No Response from 10.84.1.11:161.

I will test today with 2 other distro (Fedora and Debian) from the same LAN.

Laurent

unSpawn 05-09-2013 06:38 AM

Quote:

Originally Posted by limdel (Post 4947491)
If it were a firewall issue on the AS400, then i shouldn't be able to run a snmpget command from another box

How about selective IP filtering then? ;-p After all "filtered" means filtered. (Dunno if snmpd would honour tcp wrappers or if your AS/400 has any.) Maybe check and describe what access restrictions your AS/400 actually has (if any) instead of doing remote checks only?

limdel 05-10-2013 10:16 PM

Quote:

Originally Posted by unSpawn (Post 4947801)
How about selective IP filtering then? ;-p After all "filtered" means filtered. (Dunno if snmpd would honour tcp wrappers or if your AS/400 has any.) Maybe check and describe what access restrictions your AS/400 actually has (if any) instead of doing remote checks only?

Hi unSpawn, Thanks for the feedback.
I check and the AS400 do have a trap setup with a public community. I even created a new one 'nagios' setting up the ip of my nagios box. but still dramatically failed from my nagios box and success from my windows box.
I test also the snmpget from another workstation, feroda 18 and centos 6.4, but still failed, even i give them the ip of my windows box.

so, following your advise, i found this link , i will carefully read it and check those setting on my AS400.

"i'll be back"

limdel 05-19-2013 04:54 AM

Solved
 
I finally found the reason why i did have the time out while querying SNMP on my AS400.
First the nagios OS firewall was still ON while i thought i did actually stop it for the test.
Second point the AS400 did not actually reply to SNMP using the port UDP:161.

I realized that when i wanted to analyzed the network packet from my nagios box to the AS400 using tcpdump.
i get this at first:
Code:

tcpdump -nn host 10.84.1.11
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:53:28.468284 IP 10.84.1.39.48542 > 10.84.1.11.161:  GetRequest(28)  .1.3.6.1.2.1.1.1.0
08:53:28.563727 IP 10.84.1.11.5100 > 10.84.1.39.48542: UDP, length 60
08:53:28.563786 IP 10.84.1.39 > 10.84.1.11: ICMP host 10.84.1.39 unreachable - admin prohibited, length 96

I saw that the AS400(10.84.1.11) reply to the SNMP query using a different UDP port than 161, while other device replied to UDP:161, like this one:
Code:

tcpdump -nn host 10.84.0.13
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:51:08.350249 IP 10.84.1.39.58205 > 10.84.0.13.161:  GetRequest(28)  .1.3.6.1.2.1.1.1.0
08:51:08.353217 IP 10.84.0.13.161 > 10.84.1.39.58205:  GetResponse(119)  .1.3.6.1.2.1.1.1.0="HP J4865A ProCurve Switch 4108GL, revision G.07.109, ROM G.05.02 (/sw/code/build/gamo(m03))"

Solution: i temporally add a new input rule on the nagios box iptables that allow any incoming UDP packet from my AS400 IP Address.

Code:

iptables -I INPUT 6 -p udp -m udp -s 10.84.1.11 -j ACCEPT
Now i have to found out why my AS400 do not reply from the port UDP:161.
Thanks to all for the reply anyway.


All times are GMT -5. The time now is 05:31 AM.