Ethernet Switching
Highlighted
Ethernet Switching

snmp statistics and logs

[ Edited ]
‎08-14-2019 09:49 PM

Hi all,

There is a attached logs related to snmp -statistics and snmpd log from traceoptions.

1-) There is a "NoSuchInstance" in the snmpd log. can I ask what it is? and how to investigate further?

2-) What concerns from the snmp statistics must be taken into troubleshooting?

3-)I have also the following log messages. how to  fix these very persisting logs?

 

snmpd[1329]: SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from 10.10.13.20 to 172.30.30.1 (NYN4577TOy_ytr12)
snmpd[1329]: SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from 10.10.13.20 to 172.30.30.1 (NYN4577TOy_ytr12)
snmpd[1329]: SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from 10.10.13.20 to 172.30.30.1 (NYN4577TOy_ytr12)
snmpd[1329]: SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from 10.10.13.20 to 172.30.30.1 (swer10aiu4)
last message repeated 2 times
...
....

snmpd[1329]: LIBJSNMP_NS_LOG_WARNING: WARNING: AgentX session, /var/run/mib2d-11, noticed request timeout. Request PDUs: 34322139, Response PDUs: 34316056, Request variables: 501019578, Response variables: 500791027, Average response time: 893.84, Maximum response time: 32218.01

......

.........

4-) how to determine  duplucated Get, GetBulk and GetNext requests from snmp server to agent that running junos? And how to block them at junos device point or snmp server point? 

 

Thx

a.

Attachments

1 REPLY 1
Highlighted
Ethernet Switching

Re: snmp statistics and logs

‎08-15-2019 06:01 AM

Hello Arix,

 

I faced similar situations, so I shall try to answer your questions to the extent I can:

 

1. NoSuchInstance : Usually when a commit is in a process and if the SNMP server polls registered OIDs, the device might send the noSuchInstance value in some get-responses to SNMP server and it might cause false-positive alarm.

 

If it's persistent, kill the SNMP and MIB2D process to check if its resolve the issue. Alternately try considering to upgrade the device to JTAC recommended version.

Refer this kb to check the recommended versions:

https://kb.juniper.net/InfoCenter/index?page=content&id=KB21476&pmv=print&actp=search&searchid=&type...

 

2. In general I would suggest you to take a read the below for a flow of SNMP troubleshooting:

https://kb.juniper.net/InfoCenter/index?page=content&id=KB26078&cat=T_SERIES&actp=LIST

 

3. These messages I believe is mostly due to a configuration issue:


In the SNMP configuration, the routing-instance name is required under the community stanza and routing-instance-access. In order to access MIB objects and perform SNMP operations for the routing-instances, SNMP v1 and v2c clients must encode the routing-instance name in the community string in their SNMP requests.

The format is:

routing-instance name@community string

 

See the below for an example:
Incorrect Community String
community "Nam3" { <----- Incorrect Community String
authorization read-write;
routing-instances TEST { ## Warning: 'routing-instances' is deprecated
clients {
0.0.0.0/0;
}
}
}

This configuration will cause SNMP polling to fail and generate the log message referenced above.


Correct Community String:
The proper configuration is:

community "TEST@Nam3" { <----- Correct Community String
authorization read-write;
routing-instances TEST { ## Warning: 'routing-instances' is deprecated
clients {
0.0.0.0/0;
}
}
}

 

4. To enable filtering of duplicate SNMP requests in JUNOS, include the "filter-duplicates" statement at the [edit snmp] hierarchy level:


[edit snmp]
filter-duplicates;
 
I suppose I have given you an approach at how we can look at the issue towards a resolution...
 
Do hit kudos, mark "accept as a solution" so other enthusiasts are directed to this post without them having to repost!! 🙂
 
//Nex
Feedback