Re: [lwip-users] Discrepancy in SNMP GET responses

[address@hidden]

Thanks for reporting this, especially for the detailed report from the 
snmp-net list! When discovering a bug which such a good report at what's 
wrong, it is always best to create a new entry in the bugtracker at 
http://savannah.nongnu.org/bugs/?group=lwip to prevent the bug getting 
lost. I'll do that now.

Simon


Jesus Alvarez wrote:
> I got a very prompt response from the net-snmp list on this issue. See the
> details below. Apparently there is a problem handling 32-bit request IDs in
> the lwIP 1.3.0 SNMP agent.
>
> Regards,
> Jesus Alvarez
>
> -----Original Message-----
> From: Dave Shield
> Sent: Wednesday, February 18, 2009 10:53 AM
> To: Jesus Alvarez
> Cc: address@hidden
> Subject: Re: Discrepancy in queries to lwIP
>
> 2009/2/18 Jesus Alvarez <address@hidden>:
>   
> > Using net-snmp 5.4.2.1 under Windows a simple query to sysLocation.0
> >     
> works.
>   
> > Yet the same query fails from net snmp 5.4.1 under Debian Linux. The UDP
> > query and response is included below for both cases.
> >     
>
>   
> > It appears that the lwIP SNMP agent is processing one of the queries
> > incorrectly but I can't identify what portion of the ASN-1 encoded
> >     
> response
>   
> > packet is causing the rejection. I also don't understand why the content
> >     
> of
>   
> > the query packets is different on the two versions. Any suggestions would
> >     
> be
>   
> > appreciated.
> >     
>
> The first (successful) query is using a 16-bit request ID.
> This is handled correctly by the remote agent,
> which returns a response with the same ID:
>
>
>   
> > Sending 41 bytes to UDP: [0.0.0.0]->[192.168.1.222]:161
> > 0000: 30 27 02 01  00 04 06 70  75 62 6C 69  63 A0 1A 02
> >     
> 0'.....publicá..
>   
> > 0016: 02 32 0B...
> >     
>
>   
> > Received 54 bytes from UDP: [0.0.0.0]->[192.168.1.222]:161
> > 0000: 30 34 02 01  00 04 06 70  75 62 6C 69  63 A2 27 02
> >     
> 04.....publicó'.
>   
> > 0016: 02 32 0B...
> >     
>
> Note that the last four octets are the same in both cases:
>    04 02 32 0B
>
>
> The second (failing) query is using a 32-bit request ID.
> This is perfectly valid, but the remote agent is mangling it,
> and only returning the lower 16-bits in the response:
>
>   
> > Sending 43 bytes to UDP: [192.168.1.222]:161
> > 0000: 30 29 02 01  00 04 06 70  75 62 6C 69  63 A0 1C 02
> >     
> 0).....public...
>   
> > 0016: 04 1C 7B EC  CB....
> >     
>
>   
> > Received 55 bytes from UDP: [192.168.1.222]:161
> > 0000: 30 35 02 01  00 04 06 70  75 62 6C 69  63 A2 28 02
> >     
> 05.....public.(.
>   
> > 0016: 03 00 EC CB....
> >     
>
>
> Note:    02 04 1C 7B EC EB
> becomes  02 03 00 EC CB
>
> The client notes that the request ID in the response doesn't
> match the original one, so discards the message.
>
> This is a bug in the remote agent.   Complain to the lwIP people.
>
> As a workaround:
>
>     $ man snmp.conf
>
>            16bitIDs yes
>               restricts requestIDs, etc to 16-bit values.
>
>               The SNMP specifications define these ID fields as  32-bit
>               quantities,  and  the  Net-SNMP  library  typically  ini-
>               tialises them to random  values  for  security.   However
>               certain  (broken)  agents cannot handle ID values greater
>               than 2^16 - this option allows interoperability with such
>               agents.
>
>
> [Note: this goes in snmp.conf, *not* snmpd.conf]
>
> Dave
>
>
>
>
> _______________________________________________
> lwip-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/lwip-users
>
>