[snmp] Recieved Engine ID is not correct

Birgit Arkesteijn birgit at westhawk.co.uk
Tue Apr 3 19:16:54 BST 2007 

Hi Tausif,

The discovery process is done in two steps:
- engineId
- timeline info (boots & timestamp), only when using authentication.

When a message comes in, the engineId is checked first. If the engineId
doesn't correspond, the stack throws an DecodingException, just like you
have reported.

The timeliness information is only checked when engineId is correct.

I'm sure your server (or the process that simulates a server) will
increment engineBoots and set timeStamp to zero. However, that doesn't
matter one way or another in this case.

The only thing that matters is that whilst the stack is running and done
a discovery of your server, the engineId should not change.
There is no such thing as a "re discovery" mechanisme in SNMPv3.

Hope this helps,

Cheers, Birgit


On Fri, Mar 30, 2007 at 05:38:24AM -0000, tausif tausif wrote:
>   
> Hi  Birgit,
> 
> Thanks for the reply.
> I have few more doubts regarding the same. 
> I think after re-installation of snmp engine it is possible of getting
> set the different engineid. and in this case the engine boots value
> will get assign to 1 and time must be zero? (please correct me if I'm
> wrong) i have not seen the time-stamp value in NET-SNMP's conf files
> though.
> 
> in this case my snmp-manager should not treat it as unauthorized
> packet/call and should process my request. I checked the
> TimeWindow.isEngineIdOK() code which just match the engineid and does
> not bother about the engineBoots and timeStamp. Shouldn't it check
> these variables as well? I think if we check these variables as well,
> our code should work fine?
> 
> Waiting for your response
> Thanks & regards
> Tausif
> 
> 
> 
> On Mon, 26 Mar 2007 Birgit Arkesteijn wrote :
> >Hi Tausif,
> >
> >When using SNMPv3, the stack discovers the engineId by asking the
> >authoritative engine for it. If authentication or privacy is used, it
> >will then ask for the timeline details as well.
> >
> >It does this once at the beginning. (It will repeat it only when
> >unsuccessful.) The details are stored for the remaining of the stack
> >lifetime.
> >
> >In your case, the stack complains that the discovered engineId and the
> >one sent (by the authoritative engine) as part of a subsequent request
> >are not the same.
> >
> >However, you said so yourself: there is a mis-match.
> >
> >The engineId is supposed to uniquely identify an authoritative engine,
> >i.e. it's not supposed to change.
> >
> >The only option I see is to stop/start the stack.
> >
> >If that doesn't work:
> >Call AsnObject.setDebug(5), the stack will then print the engineId (and
> >timeline details if using authentication or privacy) it stores.  See
> >what you get when doing discovery.
> >
> >Cheers, Birgit

-- 
-- Birgit Arkesteijn, birgit at westhawk.co.uk,
-- Westhawk Ltd, Albion Wharf, 19 Albion Street, Manchester M1 5LN, UK
-- Company no: 1769350
-- Registered Office: 
-- 15 London Road, Stockton Heath, Warrington WA4 6SJ. UK.
-- tel.: +44 (0)161 237 0660
-- <URL: http://www.westhawk.co.uk>

More information about the snmp mailing list