Re: [opennms-discuss] How to Receive V3-Traps in openNMS

[geajith <aji...@de...>]

Hi,

yes. Even I think the issue is with the Timeliness verfification of the snmp
messages. 

Just a thought on this SNMP V3 Trap authentication. The SNMP V3 manadates
that the traps should be received within the specified time window.

The following explanation would help...


 "  This is based on the snmpEngineBoots and snmpEngineTime. When an SNMP
engine is installed, both of the two values are set to zero. After the SNMP
engine has been started, snmpEngineTime is incremented once per second.
These values are placed in each outgoing message. The receiving management
node's SNMP-engine then determines whether or not the incoming message is in
the acceptable time window of 150 seconds. If the message doesn't fit the
time window, it is simply ignored."


Also in the SNMP 4J codebase, the UsmTimeTable.java; the CheckTime function
validates this behavior as well. 
snippet :


 if ((entry.getEngineBoots() < time.getEngineBoots())
                            || ((entry.getEngineBoots() == time
                                    .getEngineBoots()) &&
(time.getTimeDiff()
                                    + now > entry.getLatestReceivedTime() +
150))
                            || (time.getEngineBoots() == 2147483647)) {
                        if (logger.isDebugEnabled()) {
                            logger
                                    .debug("CheckTime: received message
outside time window (non authorative)");
                        }
                        return SnmpConstants.SNMPv3_USM_NOT_IN_TIME_WINDOW;

Hope this will help to get some insight on this.




--
View this message in context: http://opennms.530661.n2.nabble.com/How-to-Receive-V3-Traps-in-openNMS-tp6425566p7239236.html
Sent from the OpenNMS - discuss mailing list archive at Nabble.com.