Issue with snmp for SRX firewall devices modeled in Spectrum

search cancel

Issue with snmp for SRX firewall devices modeled in Spectrum

book

Article ID: 244459

calendar_today

Updated On:

Products

CA Spectrum DX NetOps

Issue/Introduction

We have devices SRX firewall devices modeled in Spectrum that are having problems with communicating with snmp.

Environment

Release : Any

Component : Discovery and modeling

Cause

This is an issue with the SRX devices as described in Juniper Problem Report ID PR1616775 (attached) as follows:

This issue can be seen on SRX Series devices for SNMP poll queries and traps on multi routing-instance environment.

If the SNMP query ingresses SRX on one routing-instance while the polled interface exists in a different routing-instance, then the SNMPD will drop that SNMP query.

For example: the SNMP packet ingress on routing-instance A while the polled interface is part of routing-instance B.

This occurs due to kernel inserting incorrect routing-instance ID (B instead of A) in the SNMP packet before sending to SNMPD.

Resolution

The issue is resolved in Junos releases 20.4R3-S2 and 22.1R1.

Attachments

1655922601940__The SNMP packet (traps or polls) will be dropped if it crosses multiple routing-instances on.pdf get_app

Feedback

thumb_up Yes

thumb_down No