SNMPv3 traps discarded by the Trap forwarder / processor
search cancel

SNMPv3 traps discarded by the Trap forwarder / processor

book

Article ID: 412810

calendar_today

Updated On:

Products

VMware Smart Assurance Network Observability

Issue/Introduction

Trap processing seems to fail on multiple devices with following error on logs (SNMP-Trace Enabled Logs)

OCTET-STRING (0x04), 8 bytes == *Error!*  Mangled value.

Environment

Smarts-10.X , 24.3.X

Cause

With Smarts, EngineID is not necessary for device discovery, (as it retrieves it during the discovery process).
However, if seedfile is used to populate sm_trapd with snmp v3 credentials for trap processing, then the EngineID is needed and is required to be unique as per the RFC standards (external link: rfc3411). 
Hence, the same EngineID's for three devices appears to be an issue here and does not adhere with RDC standards

Resolution

Steps to enable SNMP-Trace on the trap processor are:

  • Enable Trace
        <SAM-Dir>/smarts/bin/dmctl -s <Trap Domain> invoke SNMP_TrapManager::SNMP-Trap-Manager setTrace
  • Disable Trace
        <SAM-Dir>/smarts/bin/dmctl -s <Trap Domain> invoke SNMP_TrapManager::SNMP-Trap-Manager clearTrace

Please evaluate if the EngineID's configured on the devices and the seedfile entries for the same are unique for each device. 

Additional Information

Sample Snippet of logs with highlights (Device1 versus Device2) to check the parameters:

[<Date & Time>] t@<epoch> SNMP_TrapsHandler [<localhost IP or 0.0.0.0>:<Trap Processor Port>] Processor
SNMP_MSG-*-RECEIVED1BYTESFROM2-Received 499 bytes from <Device-1 IPAddress>, port <Port>.
 
[<Date & Time>] t@<epoch> SNMP_TrapsHandler [<localhost IP or 0.0.0.0>:<Trap Processor Port>] Processor
SNMP_MSG-*-TRACERDUMP-SNMP Tracer dump
SNMP Message:
    0:  packet ->
        SEQUENCE (0x30), 495 bytes:
    4:    version ->
          INTEGER-32 (0x02), 1 bytes == 3 <v3>
    7:    header-data ->
          SEQUENCE (0x30), 17 bytes:
    9:      message-id ->
            INTEGER-32 (0x02), 4 bytes == <Value>
   15:      max-message-size ->
            INTEGER-32 (0x02), 3 bytes == <Value>
   20:      msg-flags ->
            OCTET-STRING (0x04), 1 bytes == (hex) <Value>
   23:      security-model ->
            INTEGER-32 (0x02), 1 bytes == 3 <UsmSecurity>
   26:    security-parameters ->
          OCTET-STRING (0x04), 58 bytes ==
   28:      usm-security-parameters ->
            SEQUENCE (0x30), 56 bytes:
   30:        authorizing-engine-id ->
              OCTET-STRING (0x04), 5 bytes == (hex) <Authorizing EngineID configured in seedfile & device>                                                    ###Compare the EngineIDs here
   37:        engine-boots ->
              INTEGER-32 (0x02), 1 bytes == <Value>
   40:        engine-time ->
              INTEGER-32 (0x02), 3 bytes == <Value>
   45:        username ->
              OCTET-STRING (0x04), 15 bytes == <SNMPV3 Username>
   62:        usm-authentication-parameters ->
              OCTET-STRING (0x04), 12 bytes == (hex) <USM Auth Parameters>
   76:        usm-privacy-parameters ->
              OCTET-STRING (0x04), 8 bytes == *Error!*  Mangled value.
00086:        Remainder of the bad packet follows.
{      <bad packet data>.............
==================================================================================================================================================================================================
==================================================================================================================================================================================================
[<Date & Time>] t@<epoch> SNMP_TrapsHandler [<localhost IP or 0.0.0.0>:<Trap Processor Port>] Processor
SNMP_MSG-*-RECEIVED1BYTESFROM2-Received 499 bytes from <Device-2 IPAddress>, port <Port>.
 
[<Date & Time>] t@<epoch> SNMP_TrapsHandler [<localhost IP or 0.0.0.0>:<Trap Processor Port>] Processor
SNMP_MSG-*-TRACERDUMP-SNMP Tracer dump
SNMP Message:
    0:  packet ->
        SEQUENCE (0x30), 495 bytes:
    4:    version ->
          INTEGER-32 (0x02), 1 bytes == 3 <v3>
    7:    header-data ->
          SEQUENCE (0x30), 17 bytes:
    9:      message-id ->
            INTEGER-32 (0x02), 4 bytes == <Value>
   15:      max-message-size ->
            INTEGER-32 (0x02), 3 bytes == <Value>
   20:      msg-flags ->
            OCTET-STRING (0x04), 1 bytes == (hex) <Value>
   23:      security-model ->
            INTEGER-32 (0x02), 1 bytes == 3 <UsmSecurity>
   26:    security-parameters ->
          OCTET-STRING (0x04), 58 bytes ==
   28:      usm-security-parameters ->
            SEQUENCE (0x30), 56 bytes:
   30:        authorizing-engine-id ->
              OCTET-STRING (0x04), 5 bytes == (hex) <Authorizing EngineID configured in seedfile & device>                                                  ###Compare the EngineIDs here
   37:        engine-boots ->
              INTEGER-32 (0x02), 1 bytes == <Value>
   40:        engine-time ->
              INTEGER-32 (0x02), 3 bytes == <Value>
   45:        username ->
              OCTET-STRING (0x04), 15 bytes == <SNMPV3 Username>
   62:        usm-authentication-parameters ->
              OCTET-STRING (0x04), 12 bytes == (hex) <USM Auth Parameters>
   76:        usm-privacy-parameters ->
              OCTET-STRING (0x04), 8 bytes == *Error!*  Mangled value.
00086:        Remainder of the bad packet follows.
{      <bad packet data>.............
Powered by Wolken Software