Menu

#33 Expose Net::SNMP maxmsgsize and maxrepetitions in ThisSite.pm

Next_Release_(example)
open
nobody
None
5
2016-08-11
2016-08-11
Stuart Kendrick
No

BACKGROUND
MaxMsgSize and MaxRepetitions influence how large the responses to GETBULK Requests are.

Under some conditions, the result can be a GETBULK Response which exceeds MTU somewhere along the path, resulting in dropped frames. SwitchMap has no mechanism for failing back to SNMPv1 GETNEXT Requests (as a substitute for failing GETBULK Requests), so the result is that SwitchMap does not receive the contents of whatever table it is requesting.

Alternatively, the response may fit into MTU but exceed SwitchMap's hard-coded MaxMsgSize of 5000 (see lines 399 and 442 in SwitchUtils.pm).

For example, the various GETBULK Requests which GetArp.pl emit, to populate MacLIst and from there the IP Address and DNS columns in the GUI.

USE CASES
(1) Consider a Data Center in which the network devices are configured to support Jumbo Frames. But the virtual farm in which SwitchMap is hosted is not. Some network devices (e.g. Nexus 9000) do not support independently setting their in-band / EOBC MTU -- it tracks the system maximum. Thus, SwitchMap emits GETBULK Requests with MaxRepetitions set to 85, the Nexus 9000 returns a multi-kilobyte frame, which the NICs servicing the virtual farm drop.

(2) Consider any number of scenarios in which a network-breaking device (firewall, VPN, load-balancer ...) is dinking with MTU.

(3) Consider devices returning large tables (more than the hard-coded 5000 bytes).

--sk

Related

Feature Requests: #33

Discussion

  • Stuart Kendrick

    Stuart Kendrick - 2016-08-11

    Changes in SwitchUtils.pm might look something like this:
    LIne 222
    my $Table = $Session->get_table(
    -baseoid => $TableOid,
    -maxrepetitions => $MaxReps,
    );

    Line 398
    ($Session, $Error) = Net::SNMP->session(
    -version => 'snmpv2c',
    -timeout => 5,
    -hostname => $DeviceName,
    -community => $Community,
    -maxmsgsize => $MaxMsgSize,
    -translate => [-octetstring => 0x0]
    )

    Line 437
    ($Session, $Error) = Net::SNMP->session(
    -version => 'snmpv3',
    -username => $secName,
    -authprotocol => $authProtocol,
    -authpassword => $authPassword,
    -privprotocol => $privProtocol,
    -privpassword => $privPassword,
    -timeout => 5,
    -hostname => $DeviceName,
    -maxmsgsize => $MaxMsgSize,
    -translate => [-octetstring => 0x
    0]
    );

     

  • Pete Siemsen

    Pete Siemsen - 2016-08-11

    Thanks Stuart. I've made the changes in the current code, so they'll be
    available in the next release of SwitchMap.

    On Thu, Aug 11, 2016 at 11:42 AM, Stuart Kendrick skendric@users.sf.net
    wrote:

    Status: open
    Group: Next_Release_(example)
    Created: Thu Aug 11, 2016 05:42 PM UTC by Stuart Kendrick
    Last Updated: Thu Aug 11, 2016 05:42 PM UTC
    Owner: nobody

    BACKGROUND
    MaxMsgSize and MaxRepetitions influence how large the responses to GETBULK
    Requests are.

    Under some conditions, the result can be a GETBULK Response which exceeds
    MTU somewhere along the path, resulting in dropped frames. SwitchMap has no
    mechanism for failing back to SNMPv1 GETNEXT Requests (as a substitute for
    failing GETBULK Requests), so the result is that SwitchMap does not receive
    the contents of whatever table it is requesting.

    Alternatively, the response may fit into MTU but exceed SwitchMap's
    hard-coded MaxMsgSize of 5000 (see lines 399 and 442 in SwitchUtils.pm).

    For example, the various GETBULK Requests which GetArp.pl emit, to
    populate MacLIst and from there the IP Address and DNS columns in the GUI.

    USE CASES
    (1) Consider a Data Center in which the network devices are configured to
    support Jumbo Frames. But the virtual farm in which SwitchMap is hosted is
    not. Some network devices (e.g. Nexus 9000) do not support independently
    setting their in-band / EOBC MTU -- it tracks the system maximum. Thus,
    SwitchMap emits GETBULK Requests with MaxRepetitions set to 85, the Nexus
    9000 returns a multi-kilobyte frame, which the NICs servicing the virtual
    farm drop.

    (2) Consider any number of scenarios in which a network-breaking device
    (firewall, VPN, load-balancer ...) is dinking with MTU.

    (3) Consider devices returning large tables (more than the hard-coded 5000
    bytes).

    --sk

    Sent from sourceforge.net because you indicated interest in
    https://sourceforge.net/p/switchmap/feature-requests/33/

    To unsubscribe from further messages, please visit
    https://sourceforge.net/auth/subscriptions/

     

    Related

    Feature Requests: #33

    alternate

Anonymous
Anonymous

Add attachments
Cancel