SwitchMap does not support SNMPv3. To speak SNMP to routers and switches,
SwitchMap uses two libraries: mostly Net::SNMP and a little bit of
SNMP::Info. Both those libraries support SNMPv3, but when calling the
library functions, SwitchMap doesn't pass in any SNMPv3 arguments.
It's a feature that someone could add. We don't use SNMPv3 at my site, so I
don't personally have an incentive to add it.
Status: open Group: v1.0_(example) Labels: SNMPv3 Created: Thu Aug 22, 2019 01:44 PM UTC by Anonymous Last Updated: Thu Aug 22, 2019 01:44 PM UTC Owner: nobody
Would it be possible to make the use of SNMPv3 better or to explain in
more detail how to use it?
We just recently switched everything to SNMPv3, and ran into some issues.. But I'm curious about why you say that Switchmap doesn't support SNMPv3? Its a configuration option in ThisSite.pm, and for our Cisco gear, SNMPv3 seems to work just fine.
The place we ran into issues is with our H3C gear, when trying to access our H3C equipment from Switchmap via SNMPv3, it fails. After some debugging, and digging around, I found that this is because Switch.pm is only setup to pass SNMPv2 credentials to SNMP::Info.. (Line 264ish)
Switchmap doesn't seem to need to use SNMP::Info for our Cisco switches, so I think this is why it works fine with our Cisco gear.
Anyways, below is the SNMPv3 changes that I made to the Switch.pm file. I just hardcoded the SNMPv3 info in there.
my$session=newSNMP::Info(AutoSpecify=>1,Debug=>0,# note: setting this to 1 is interestingDestHost=>$SwitchName,SecName=>'YouUsernameHere',SecLevel=>'authPriv',AuthProto=>'SHA',AuthPass=>'YourPassPhraseHere',PrivProto=>'AES',PrivPass=>'YourPassPhraseHere',MibDirs=>['/usr/local/netdisco-mibs/cisco','/usr/local/netdisco-mibs/rfc','/usr/local/netdisco-mibs/juniper','/usr/local/netdisco-mibs/foundry','/usr/local/netdisco-mibs/h3c'],Version=>3);
I'm not a programmer, so I have no idea how to correct the program to have it dynamically read the SNMPv3 info from ThisSite.pm. Trying to see if we have any developers internally that know Perl enough to help..
Thought I'd post it here in case it helps someone else, or in case its enough info for you to run with to fix SNMPv3. No idea how much work that would be for you, or even if you're doing any updates to SwitchMap any more..
As always, thanks for making Switchmap available. Its a great little program, and we use the hell out of it!
-Cheers
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Not sure if this problem is unique to our environment, but I wanted to post it here in case anyone else has the same issues.. I had to do a bit of a hack to get SNMPv3 working, see my previous post. But I also was moving our SwitchMap setup to a newer Ubuntu server at the same time.
The SNMPv3 changes I mentioned above got most everything working for us, but my HP(H3C) stuff on the new server would still fail with the following error while running SwitchMap.pl. We assumed this was because of newer versions of SNMP::Info on the new server, but weren't sure.
-bash$ sudo ./SwitchMap.pl
MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs
Cannot find module (ENTITY-MIB): At line 0 in (none)
The ENTITY-MIB did not load. See README for SNMP::Info::Layer3::H3C
at /usr/local/switchmap/Switch.pm line 264.
The error shows the MIB search path, so I went down that rabbit hole for a while, trying to add MIBs there, but with no luck.
After having no luck there, I took a closer look at the error about Switch.pm, and just under line 264, I noticed my configuration has the following:
I'm not sure if this is what everyone's Switch.pm file looks like or not.. We've done some customizing to SwitchMap, and so we haven't really done a fresh install in a while, we mostly copy files over from our existing installs. So this may be left over from some previous work that we've done. I could do a fresh install and check, but I'm feeling a bit lazy right now.. :)
Anyways, the problem I was having was that we didn't have these directories (/usr/local/netdisco-mibs) on our new server, so we copied them over from a previous server, and now everything is working.
Again, I'm not sure if this is something custom to us, or if this is pretty standard for SwitchMap. But if you're having the "Cannot find module" problem, I would suggest checking your MibDirs configuration in Switch.pm, and if it points to /usr/local/netdisco, make sure you have those files. If you don't, I'm assuming you can install NetDisco and you'll get all those MIB folders along with it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
SwitchMap does not support SNMPv3. To speak SNMP to routers and switches,
SwitchMap uses two libraries: mostly Net::SNMP and a little bit of
SNMP::Info. Both those libraries support SNMPv3, but when calling the
library functions, SwitchMap doesn't pass in any SNMPv3 arguments.
It's a feature that someone could add. We don't use SNMPv3 at my site, so I
don't personally have an incentive to add it.
Cheers,
-- Pete
On Thu, Aug 22, 2019 at 7:44 AM Ticket #11: SNMPv3 11@support-requests.switchmap.p.re.sourceforge.net wrote:
Related
Support Requests: #11
Hey Pete!
We just recently switched everything to SNMPv3, and ran into some issues.. But I'm curious about why you say that Switchmap doesn't support SNMPv3? Its a configuration option in ThisSite.pm, and for our Cisco gear, SNMPv3 seems to work just fine.
The place we ran into issues is with our H3C gear, when trying to access our H3C equipment from Switchmap via SNMPv3, it fails. After some debugging, and digging around, I found that this is because Switch.pm is only setup to pass SNMPv2 credentials to SNMP::Info.. (Line 264ish)
Switchmap doesn't seem to need to use SNMP::Info for our Cisco switches, so I think this is why it works fine with our Cisco gear.
Anyways, below is the SNMPv3 changes that I made to the Switch.pm file. I just hardcoded the SNMPv3 info in there.
I'm not a programmer, so I have no idea how to correct the program to have it dynamically read the SNMPv3 info from ThisSite.pm. Trying to see if we have any developers internally that know Perl enough to help..
Thought I'd post it here in case it helps someone else, or in case its enough info for you to run with to fix SNMPv3. No idea how much work that would be for you, or even if you're doing any updates to SwitchMap any more..
As always, thanks for making Switchmap available. Its a great little program, and we use the hell out of it!
-Cheers
Not sure if this problem is unique to our environment, but I wanted to post it here in case anyone else has the same issues.. I had to do a bit of a hack to get SNMPv3 working, see my previous post. But I also was moving our SwitchMap setup to a newer Ubuntu server at the same time.
The SNMPv3 changes I mentioned above got most everything working for us, but my HP(H3C) stuff on the new server would still fail with the following error while running SwitchMap.pl. We assumed this was because of newer versions of SNMP::Info on the new server, but weren't sure.
-bash$ sudo ./SwitchMap.pl
MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs
Cannot find module (ENTITY-MIB): At line 0 in (none)
The ENTITY-MIB did not load. See README for SNMP::Info::Layer3::H3C
at /usr/local/switchmap/Switch.pm line 264.
The error shows the MIB search path, so I went down that rabbit hole for a while, trying to add MIBs there, but with no luck.
After having no luck there, I took a closer look at the error about Switch.pm, and just under line 264, I noticed my configuration has the following:
MibDirs => [ '/usr/local/netdisco-mibs/cisco', '/usr/local/netdisco-mibs/rfc', '/usr/local/netdisco-mibs/juniper', '/usr/local/netdisco-mibs/foundry', '/usr/local/netdisco-mibs/h3c'],
I'm not sure if this is what everyone's Switch.pm file looks like or not.. We've done some customizing to SwitchMap, and so we haven't really done a fresh install in a while, we mostly copy files over from our existing installs. So this may be left over from some previous work that we've done. I could do a fresh install and check, but I'm feeling a bit lazy right now.. :)
Anyways, the problem I was having was that we didn't have these directories (/usr/local/netdisco-mibs) on our new server, so we copied them over from a previous server, and now everything is working.
Again, I'm not sure if this is something custom to us, or if this is pretty standard for SwitchMap. But if you're having the "Cannot find module" problem, I would suggest checking your MibDirs configuration in Switch.pm, and if it points to /usr/local/netdisco, make sure you have those files. If you don't, I'm assuming you can install NetDisco and you'll get all those MIB folders along with it.