SNMP Agent IP field empty in SNMP v1 traps

Article Id: 167839
Status: Published
Updated On: 13-05-2017 10:52
Legacy Id: TECH243845
Products:
XOS
Issue/Introduction:

This article describes an issue in which the "Agent IP" or "agent-addr" field in SNPM v1 traps contain the empty IP address value "0.0.0.0".XOS 9.x versions prior to 9.5.6 and 9.6.2 populate the Agent IP or agent-addr field in SNMP v1 traps with an empty ("0.0.0.0") IP address. This causes issues with some software that processes SNMP traps.

Cause:

Problem:

Certain software solutions (e.g. eHealth Trap Exploder) use the SNMP v1 "agent-addr" (also known as "Agent IP") field to determine the source of the trap. If the field is filled with 0.0.0.0, it causes problems for such software solutions.

Example:

Decoded SNPM v1 packet (UDP header and partial payload only):

User Datagram Protocol, Src Port: 35337 (35337), Dst Port: snmptrap (162)
Simple Network Management Protocol
    version: version-1 (0)
    community: public
    data: trap (4)
        trap
            enterprise: 1.3.6.1.2.1.11 (iso.3.6.1.2.1.11)
            agent-addr: 0.0.0.0 (0.0.0.0)
            generic-trap: linkUp (3)
            specific-trap: 0
            time-stamp: 68422613
...

Resolution:

This issue has been corrected in XOS V9.6.2 and XOS V9.5.6.

To resolve this issue, upgrade to XOS V9.6.2 or later, or to XOS V9.5.6 or later.

Workaround

There is no known workaround.