Check Listening Addresses
This scenario shows how to restrict the addresses used to listen for incoming requests in SNMPv3. In addition, the SNMP ‘walk’ and ‘table’ commands are checked.
Test SNMPv3
Description
Listening addresses are configured for a user in DUT0, and the ‘walk’ and ‘table’ commands are used to check incoming requests in SNMPv3 .
Scenario
Step 1: Set the following configuration in DUT0:
set interfaces ethernet eth0 address 10.0.0.1/24 set interfaces dummy dum0 address 20.0.0.1/24 set service snmp user USER2TEST
Step 2: Set the following configuration in DUT1:
set interfaces ethernet eth0 address 10.0.0.2/24
Note
Initially, local and DUT1 requests are allowed, since the ‘listen‘ field is set for all interfaces by default.
Step 3: Run command service snmp walk local-agent v3 USER2TEST oid ifTable at DUT0 and check if output matches the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.2 = INTEGER: 2 IF-MIB::ifIndex.3 = INTEGER: 3 IF-MIB::ifIndex.4 = INTEGER: 4 IF-MIB::ifIndex.94 = INTEGER: 94 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.3 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.4 = STRING: ip_vti0 IF-MIB::ifDescr.94 = STRING: dum0 IF-MIB::ifType.1 = INTEGER: softwareLoopback(24) IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.4 = INTEGER: tunnel(131) IF-MIB::ifType.94 = INTEGER: ethernetCsmacd(6) IF-MIB::ifMtu.1 = INTEGER: 65536 IF-MIB::ifMtu.2 = INTEGER: 1500 IF-MIB::ifMtu.3 = INTEGER: 1500 IF-MIB::ifMtu.4 = INTEGER: 1480 IF-MIB::ifMtu.94 = INTEGER: 1500 IF-MIB::ifSpeed.1 = Gauge32: 10000000 IF-MIB::ifSpeed.2 = Gauge32: 0 IF-MIB::ifSpeed.3 = Gauge32: 0 IF-MIB::ifSpeed.4 = Gauge32: 0 IF-MIB::ifSpeed.94 = Gauge32: 0 IF-MIB::ifPhysAddress.1 = STRING: IF-MIB::ifPhysAddress.2 = STRING: de:ad:be:ef:6c:10 IF-MIB::ifPhysAddress.3 = STRING: de:ad:be:ef:6c:11 IF-MIB::ifPhysAddress.4 = STRING: IF-MIB::ifPhysAddress.94 = STRING: 8a:3c:11:cc:d4:3e IF-MIB::ifAdminStatus.1 = INTEGER: up(1) IF-MIB::ifAdminStatus.2 = INTEGER: up(1) IF-MIB::ifAdminStatus.3 = INTEGER: down(2) IF-MIB::ifAdminStatus.4 = INTEGER: down(2) IF-MIB::ifAdminStatus.94 = INTEGER: up(1) IF-MIB::ifOperStatus.1 = INTEGER: up(1) IF-MIB::ifOperStatus.2 = INTEGER: up(1) IF-MIB::ifOperStatus.3 = INTEGER: down(2) IF-MIB::ifOperStatus.4 = INTEGER: down(2) IF-MIB::ifOperStatus.94 = INTEGER: up(1) IF-MIB::ifLastChange.1 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.2 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.3 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.4 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.94 = Timeticks: (0) 0:00:00.00 IF-MIB::ifInOctets.1 = Counter32: 213055 IF-MIB::ifInOctets.2 = Counter32: 580991231 IF-MIB::ifInOctets.3 = Counter32: 4249855903 IF-MIB::ifInOctets.4 = Counter32: 0 IF-MIB::ifInOctets.94 = Counter32: 0 IF-MIB::ifInUcastPkts.1 = Counter32: 0 IF-MIB::ifInUcastPkts.2 = Counter32: 0 IF-MIB::ifInUcastPkts.3 = Counter32: 0 IF-MIB::ifInUcastPkts.4 = Counter32: 0 IF-MIB::ifInUcastPkts.94 = Counter32: 0 IF-MIB::ifInNUcastPkts.1 = Counter32: 0 IF-MIB::ifInNUcastPkts.2 = Counter32: 0 IF-MIB::ifInNUcastPkts.3 = Counter32: 0 IF-MIB::ifInNUcastPkts.4 = Counter32: 0 IF-MIB::ifInNUcastPkts.94 = Counter32: 0 IF-MIB::ifInDiscards.1 = Counter32: 0 IF-MIB::ifInDiscards.2 = Counter32: 17 IF-MIB::ifInDiscards.3 = Counter32: 14 IF-MIB::ifInDiscards.4 = Counter32: 0 IF-MIB::ifInDiscards.94 = Counter32: 0 IF-MIB::ifInErrors.1 = Counter32: 0 IF-MIB::ifInErrors.2 = Counter32: 0 IF-MIB::ifInErrors.3 = Counter32: 0 IF-MIB::ifInErrors.4 = Counter32: 0 IF-MIB::ifInErrors.94 = Counter32: 0 IF-MIB::ifInUnknownProtos.1 = Counter32: 0 IF-MIB::ifInUnknownProtos.2 = Counter32: 0 IF-MIB::ifInUnknownProtos.3 = Counter32: 0 IF-MIB::ifInUnknownProtos.4 = Counter32: 0 IF-MIB::ifInUnknownProtos.94 = Counter32: 0 IF-MIB::ifOutOctets.1 = Counter32: 213055 IF-MIB::ifOutOctets.2 = Counter32: 1331867 IF-MIB::ifOutOctets.3 = Counter32: 4249849613 IF-MIB::ifOutOctets.4 = Counter32: 0 IF-MIB::ifOutOctets.94 = Counter32: 0 IF-MIB::ifOutUcastPkts.1 = Counter32: 1796 IF-MIB::ifOutUcastPkts.2 = Counter32: 12015 IF-MIB::ifOutUcastPkts.3 = Counter32: 2958218 IF-MIB::ifOutUcastPkts.4 = Counter32: 0 IF-MIB::ifOutUcastPkts.94 = Counter32: 0 IF-MIB::ifOutNUcastPkts.1 = Counter32: 0 IF-MIB::ifOutNUcastPkts.2 = Counter32: 0 IF-MIB::ifOutNUcastPkts.3 = Counter32: 0 IF-MIB::ifOutNUcastPkts.4 = Counter32: 0 IF-MIB::ifOutNUcastPkts.94 = Counter32: 0 IF-MIB::ifOutDiscards.1 = Counter32: 0 IF-MIB::ifOutDiscards.2 = Counter32: 0 IF-MIB::ifOutDiscards.3 = Counter32: 0 IF-MIB::ifOutDiscards.4 = Counter32: 0 IF-MIB::ifOutDiscards.94 = Counter32: 0 IF-MIB::ifOutErrors.1 = Counter32: 0 IF-MIB::ifOutErrors.2 = Counter32: 0 IF-MIB::ifOutErrors.3 = Counter32: 0 IF-MIB::ifOutErrors.4 = Counter32: 0 IF-MIB::ifOutErrors.94 = Counter32: 0 IF-MIB::ifOutQLen.1 = Gauge32: 0 IF-MIB::ifOutQLen.2 = Gauge32: 0 IF-MIB::ifOutQLen.3 = Gauge32: 0 IF-MIB::ifOutQLen.4 = Gauge32: 0 IF-MIB::ifOutQLen.94 = Gauge32: 0 IF-MIB::ifSpecific.1 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.2 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.3 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.4 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.94 = OID: SNMPv2-SMI::zeroDotZero
Step 4: Run command service snmp walk remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output matches the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.2 = INTEGER: 2 IF-MIB::ifIndex.3 = INTEGER: 3 IF-MIB::ifIndex.4 = INTEGER: 4 IF-MIB::ifIndex.94 = INTEGER: 94 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.3 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.4 = STRING: ip_vti0 IF-MIB::ifDescr.94 = STRING: dum0 IF-MIB::ifType.1 = INTEGER: softwareLoopback(24) IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.4 = INTEGER: tunnel(131) IF-MIB::ifType.94 = INTEGER: ethernetCsmacd(6) IF-MIB::ifMtu.1 = INTEGER: 65536 IF-MIB::ifMtu.2 = INTEGER: 1500 IF-MIB::ifMtu.3 = INTEGER: 1500 IF-MIB::ifMtu.4 = INTEGER: 1480 IF-MIB::ifMtu.94 = INTEGER: 1500 IF-MIB::ifSpeed.1 = Gauge32: 10000000 IF-MIB::ifSpeed.2 = Gauge32: 0 IF-MIB::ifSpeed.3 = Gauge32: 0 IF-MIB::ifSpeed.4 = Gauge32: 0 IF-MIB::ifSpeed.94 = Gauge32: 0 IF-MIB::ifPhysAddress.1 = STRING: IF-MIB::ifPhysAddress.2 = STRING: de:ad:be:ef:6c:10 IF-MIB::ifPhysAddress.3 = STRING: de:ad:be:ef:6c:11 IF-MIB::ifPhysAddress.4 = STRING: IF-MIB::ifPhysAddress.94 = STRING: 8a:3c:11:cc:d4:3e IF-MIB::ifAdminStatus.1 = INTEGER: up(1) IF-MIB::ifAdminStatus.2 = INTEGER: up(1) IF-MIB::ifAdminStatus.3 = INTEGER: down(2) IF-MIB::ifAdminStatus.4 = INTEGER: down(2) IF-MIB::ifAdminStatus.94 = INTEGER: up(1) IF-MIB::ifOperStatus.1 = INTEGER: up(1) IF-MIB::ifOperStatus.2 = INTEGER: up(1) IF-MIB::ifOperStatus.3 = INTEGER: down(2) IF-MIB::ifOperStatus.4 = INTEGER: down(2) IF-MIB::ifOperStatus.94 = INTEGER: up(1) IF-MIB::ifLastChange.1 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.2 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.3 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.4 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.94 = Timeticks: (0) 0:00:00.00 IF-MIB::ifInOctets.1 = Counter32: 213055 IF-MIB::ifInOctets.2 = Counter32: 580991231 IF-MIB::ifInOctets.3 = Counter32: 4249855903 IF-MIB::ifInOctets.4 = Counter32: 0 IF-MIB::ifInOctets.94 = Counter32: 0 IF-MIB::ifInUcastPkts.1 = Counter32: 0 IF-MIB::ifInUcastPkts.2 = Counter32: 0 IF-MIB::ifInUcastPkts.3 = Counter32: 0 IF-MIB::ifInUcastPkts.4 = Counter32: 0 IF-MIB::ifInUcastPkts.94 = Counter32: 0 IF-MIB::ifInNUcastPkts.1 = Counter32: 0 IF-MIB::ifInNUcastPkts.2 = Counter32: 0 IF-MIB::ifInNUcastPkts.3 = Counter32: 0 IF-MIB::ifInNUcastPkts.4 = Counter32: 0 IF-MIB::ifInNUcastPkts.94 = Counter32: 0 IF-MIB::ifInDiscards.1 = Counter32: 0 IF-MIB::ifInDiscards.2 = Counter32: 17 IF-MIB::ifInDiscards.3 = Counter32: 14 IF-MIB::ifInDiscards.4 = Counter32: 0 IF-MIB::ifInDiscards.94 = Counter32: 0 IF-MIB::ifInErrors.1 = Counter32: 0 IF-MIB::ifInErrors.2 = Counter32: 0 IF-MIB::ifInErrors.3 = Counter32: 0 IF-MIB::ifInErrors.4 = Counter32: 0 IF-MIB::ifInErrors.94 = Counter32: 0 IF-MIB::ifInUnknownProtos.1 = Counter32: 0 IF-MIB::ifInUnknownProtos.2 = Counter32: 0 IF-MIB::ifInUnknownProtos.3 = Counter32: 0 IF-MIB::ifInUnknownProtos.4 = Counter32: 0 IF-MIB::ifInUnknownProtos.94 = Counter32: 0 IF-MIB::ifOutOctets.1 = Counter32: 213055 IF-MIB::ifOutOctets.2 = Counter32: 1331867 IF-MIB::ifOutOctets.3 = Counter32: 4249849613 IF-MIB::ifOutOctets.4 = Counter32: 0 IF-MIB::ifOutOctets.94 = Counter32: 0 IF-MIB::ifOutUcastPkts.1 = Counter32: 1796 IF-MIB::ifOutUcastPkts.2 = Counter32: 12015 IF-MIB::ifOutUcastPkts.3 = Counter32: 2958218 IF-MIB::ifOutUcastPkts.4 = Counter32: 0 IF-MIB::ifOutUcastPkts.94 = Counter32: 0 IF-MIB::ifOutNUcastPkts.1 = Counter32: 0 IF-MIB::ifOutNUcastPkts.2 = Counter32: 0 IF-MIB::ifOutNUcastPkts.3 = Counter32: 0 IF-MIB::ifOutNUcastPkts.4 = Counter32: 0 IF-MIB::ifOutNUcastPkts.94 = Counter32: 0 IF-MIB::ifOutDiscards.1 = Counter32: 0 IF-MIB::ifOutDiscards.2 = Counter32: 0 IF-MIB::ifOutDiscards.3 = Counter32: 0 IF-MIB::ifOutDiscards.4 = Counter32: 0 IF-MIB::ifOutDiscards.94 = Counter32: 0 IF-MIB::ifOutErrors.1 = Counter32: 0 IF-MIB::ifOutErrors.2 = Counter32: 0 IF-MIB::ifOutErrors.3 = Counter32: 0 IF-MIB::ifOutErrors.4 = Counter32: 0 IF-MIB::ifOutErrors.94 = Counter32: 0 IF-MIB::ifOutQLen.1 = Gauge32: 0 IF-MIB::ifOutQLen.2 = Gauge32: 0 IF-MIB::ifOutQLen.3 = Gauge32: 0 IF-MIB::ifOutQLen.4 = Gauge32: 0 IF-MIB::ifOutQLen.94 = Gauge32: 0 IF-MIB::ifSpecific.1 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.2 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.3 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.4 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.94 = OID: SNMPv2-SMI::zeroDotZero
Step 5: Run command service snmp table local-agent v3 USER2TEST oid ifTable at DUT0 and check if output matches the following regular expressions:
SNMP table:.*::ifTableShow output
SNMP table: IF-MIB::ifTable ifIndex ifDescr ifType ifMtu ifSpeed ifPhysAddress ifAdminStatus 1 lo softwareLoopback 65536 10000000 up 2 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:10 up 3 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:11 down 4 ip_vti0 tunnel 1480 0 down 94 dum0 ethernetCsmacd 1500 0 8a:3c:11:cc:d4:3e up SNMP table IF-MIB::ifTable, part 2 ifOperStatus ifLastChange ifInOctets ifInUcastPkts ifInNUcastPkts ifInDiscards ifInErrors up 0:0:00:00.00 213055 0 0 0 0 up 0:0:00:00.00 580991231 0 0 17 0 down 0:0:00:00.00 4249855903 0 0 14 0 down 0:0:00:00.00 0 0 0 0 0 up 0:0:00:00.00 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 3 ifInUnknownProtos ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen 0 213055 1796 0 0 0 0 0 1331867 12015 0 0 0 0 0 4249849613 2958218 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 4 ifSpecific SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero
Step 6: Run command service snmp table remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output matches the following regular expressions:
SNMP table:.*::ifTableShow output
SNMP table: IF-MIB::ifTable ifIndex ifDescr ifType ifMtu ifSpeed ifPhysAddress ifAdminStatus 1 lo softwareLoopback 65536 10000000 up 2 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:10 up 3 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:11 down 4 ip_vti0 tunnel 1480 0 down 94 dum0 ethernetCsmacd 1500 0 8a:3c:11:cc:d4:3e up SNMP table IF-MIB::ifTable, part 2 ifOperStatus ifLastChange ifInOctets ifInUcastPkts ifInNUcastPkts ifInDiscards ifInErrors up 0:0:00:00.00 213055 0 0 0 0 up 0:0:00:00.00 580991231 0 0 17 0 down 0:0:00:00.00 4249855903 0 0 14 0 down 0:0:00:00.00 0 0 0 0 0 up 0:0:00:00.00 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 3 ifInUnknownProtos ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen 0 213055 1796 0 0 0 0 0 1331867 12015 0 0 0 0 0 4249849613 2958218 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 4 ifSpecific SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero
Note
After configuring SNMP to listen on the local address, local requests should be allowed, but not DUT1 requests.
Step 7: Set the following configuration in DUT0:
set interfaces dummy dum1 address 127.0.0.1/24 set service snmp listen address 127.0.0.1
Step 8: Run command service snmp walk local-agent v3 USER2TEST oid ifTable at DUT0 and check if output matches the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.2 = INTEGER: 2 IF-MIB::ifIndex.3 = INTEGER: 3 IF-MIB::ifIndex.4 = INTEGER: 4 IF-MIB::ifIndex.94 = INTEGER: 94 IF-MIB::ifIndex.95 = INTEGER: 95 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.3 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.4 = STRING: ip_vti0 IF-MIB::ifDescr.94 = STRING: dum0 IF-MIB::ifDescr.95 = STRING: dum1 IF-MIB::ifType.1 = INTEGER: softwareLoopback(24) IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.4 = INTEGER: tunnel(131) IF-MIB::ifType.94 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.95 = INTEGER: ethernetCsmacd(6) IF-MIB::ifMtu.1 = INTEGER: 65536 IF-MIB::ifMtu.2 = INTEGER: 1500 IF-MIB::ifMtu.3 = INTEGER: 1500 IF-MIB::ifMtu.4 = INTEGER: 1480 IF-MIB::ifMtu.94 = INTEGER: 1500 IF-MIB::ifMtu.95 = INTEGER: 1500 IF-MIB::ifSpeed.1 = Gauge32: 10000000 IF-MIB::ifSpeed.2 = Gauge32: 0 IF-MIB::ifSpeed.3 = Gauge32: 0 IF-MIB::ifSpeed.4 = Gauge32: 0 IF-MIB::ifSpeed.94 = Gauge32: 0 IF-MIB::ifSpeed.95 = Gauge32: 0 IF-MIB::ifPhysAddress.1 = STRING: IF-MIB::ifPhysAddress.2 = STRING: de:ad:be:ef:6c:10 IF-MIB::ifPhysAddress.3 = STRING: de:ad:be:ef:6c:11 IF-MIB::ifPhysAddress.4 = STRING: IF-MIB::ifPhysAddress.94 = STRING: 8a:3c:11:cc:d4:3e IF-MIB::ifPhysAddress.95 = STRING: d6:c6:24:cf:67:fe IF-MIB::ifAdminStatus.1 = INTEGER: up(1) IF-MIB::ifAdminStatus.2 = INTEGER: up(1) IF-MIB::ifAdminStatus.3 = INTEGER: down(2) IF-MIB::ifAdminStatus.4 = INTEGER: down(2) IF-MIB::ifAdminStatus.94 = INTEGER: up(1) IF-MIB::ifAdminStatus.95 = INTEGER: up(1) IF-MIB::ifOperStatus.1 = INTEGER: up(1) IF-MIB::ifOperStatus.2 = INTEGER: up(1) IF-MIB::ifOperStatus.3 = INTEGER: down(2) IF-MIB::ifOperStatus.4 = INTEGER: down(2) IF-MIB::ifOperStatus.94 = INTEGER: up(1) IF-MIB::ifOperStatus.95 = INTEGER: up(1) IF-MIB::ifLastChange.1 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.2 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.3 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.4 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.94 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.95 = Timeticks: (0) 0:00:00.00 IF-MIB::ifInOctets.1 = Counter32: 225165 IF-MIB::ifInOctets.2 = Counter32: 580995637 IF-MIB::ifInOctets.3 = Counter32: 4249855903 IF-MIB::ifInOctets.4 = Counter32: 0 IF-MIB::ifInOctets.94 = Counter32: 0 IF-MIB::ifInOctets.95 = Counter32: 0 IF-MIB::ifInUcastPkts.1 = Counter32: 0 IF-MIB::ifInUcastPkts.2 = Counter32: 0 IF-MIB::ifInUcastPkts.3 = Counter32: 0 IF-MIB::ifInUcastPkts.4 = Counter32: 0 IF-MIB::ifInUcastPkts.94 = Counter32: 0 IF-MIB::ifInUcastPkts.95 = Counter32: 0 IF-MIB::ifInNUcastPkts.1 = Counter32: 0 IF-MIB::ifInNUcastPkts.2 = Counter32: 0 IF-MIB::ifInNUcastPkts.3 = Counter32: 0 IF-MIB::ifInNUcastPkts.4 = Counter32: 0 IF-MIB::ifInNUcastPkts.94 = Counter32: 0 IF-MIB::ifInNUcastPkts.95 = Counter32: 0 IF-MIB::ifInDiscards.1 = Counter32: 0 IF-MIB::ifInDiscards.2 = Counter32: 17 IF-MIB::ifInDiscards.3 = Counter32: 14 IF-MIB::ifInDiscards.4 = Counter32: 0 IF-MIB::ifInDiscards.94 = Counter32: 0 IF-MIB::ifInDiscards.95 = Counter32: 0 IF-MIB::ifInErrors.1 = Counter32: 0 IF-MIB::ifInErrors.2 = Counter32: 0 IF-MIB::ifInErrors.3 = Counter32: 0 IF-MIB::ifInErrors.4 = Counter32: 0 IF-MIB::ifInErrors.94 = Counter32: 0 IF-MIB::ifInErrors.95 = Counter32: 0 IF-MIB::ifInUnknownProtos.1 = Counter32: 0 IF-MIB::ifInUnknownProtos.2 = Counter32: 0 IF-MIB::ifInUnknownProtos.3 = Counter32: 0 IF-MIB::ifInUnknownProtos.4 = Counter32: 0 IF-MIB::ifInUnknownProtos.94 = Counter32: 0 IF-MIB::ifInUnknownProtos.95 = Counter32: 0 IF-MIB::ifOutOctets.1 = Counter32: 225165 IF-MIB::ifOutOctets.2 = Counter32: 1340937 IF-MIB::ifOutOctets.3 = Counter32: 4249849613 IF-MIB::ifOutOctets.4 = Counter32: 0 IF-MIB::ifOutOctets.94 = Counter32: 0 IF-MIB::ifOutOctets.95 = Counter32: 0 IF-MIB::ifOutUcastPkts.1 = Counter32: 1854 IF-MIB::ifOutUcastPkts.2 = Counter32: 12049 IF-MIB::ifOutUcastPkts.3 = Counter32: 2958218 IF-MIB::ifOutUcastPkts.4 = Counter32: 0 IF-MIB::ifOutUcastPkts.94 = Counter32: 0 IF-MIB::ifOutUcastPkts.95 = Counter32: 0 IF-MIB::ifOutNUcastPkts.1 = Counter32: 0 IF-MIB::ifOutNUcastPkts.2 = Counter32: 0 IF-MIB::ifOutNUcastPkts.3 = Counter32: 0 IF-MIB::ifOutNUcastPkts.4 = Counter32: 0 IF-MIB::ifOutNUcastPkts.94 = Counter32: 0 IF-MIB::ifOutNUcastPkts.95 = Counter32: 0 IF-MIB::ifOutDiscards.1 = Counter32: 0 IF-MIB::ifOutDiscards.2 = Counter32: 0 IF-MIB::ifOutDiscards.3 = Counter32: 0 IF-MIB::ifOutDiscards.4 = Counter32: 0 IF-MIB::ifOutDiscards.94 = Counter32: 0 IF-MIB::ifOutDiscards.95 = Counter32: 0 IF-MIB::ifOutErrors.1 = Counter32: 0 IF-MIB::ifOutErrors.2 = Counter32: 0 IF-MIB::ifOutErrors.3 = Counter32: 0 IF-MIB::ifOutErrors.4 = Counter32: 0 IF-MIB::ifOutErrors.94 = Counter32: 0 IF-MIB::ifOutErrors.95 = Counter32: 0 IF-MIB::ifOutQLen.1 = Gauge32: 0 IF-MIB::ifOutQLen.2 = Gauge32: 0 IF-MIB::ifOutQLen.3 = Gauge32: 0 IF-MIB::ifOutQLen.4 = Gauge32: 0 IF-MIB::ifOutQLen.94 = Gauge32: 0 IF-MIB::ifOutQLen.95 = Gauge32: 0 IF-MIB::ifSpecific.1 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.2 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.3 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.4 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.94 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.95 = OID: SNMPv2-SMI::zeroDotZero
Step 9: Run command service snmp walk remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output does not match the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
snmpbulkwalk: Timeout (Sub-id not found: (top) -> ifTable)
Step 10: Run command service snmp table local-agent v3 USER2TEST oid ifTable at DUT0 and check if output matches the following regular expressions:
SNMP table:.*::ifTableShow output
SNMP table: IF-MIB::ifTable ifIndex ifDescr ifType ifMtu ifSpeed ifPhysAddress ifAdminStatus 1 lo softwareLoopback 65536 10000000 up 2 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:10 up 3 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:11 down 4 ip_vti0 tunnel 1480 0 down 94 dum0 ethernetCsmacd 1500 0 8a:3c:11:cc:d4:3e up 95 dum1 ethernetCsmacd 1500 0 d6:c6:24:cf:67:fe up SNMP table IF-MIB::ifTable, part 2 ifOperStatus ifLastChange ifInOctets ifInUcastPkts ifInNUcastPkts ifInDiscards ifInErrors up 0:0:00:00.00 231949 1884 0 0 0 up 0:0:00:00.00 580996315 19129 0 17 0 down 0:0:00:00.00 4249855903 2958022 0 14 0 down 0:0:00:00.00 0 0 0 0 0 up 0:0:00:00.00 0 0 0 0 0 up 0:0:00:00.00 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 3 ifInUnknownProtos ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen 0 231949 1884 0 0 0 0 0 1341783 12056 0 0 0 0 0 4249849613 2958218 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 4 ifSpecific SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero
Step 11: Run command service snmp table remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output does not match the following regular expressions:
SNMP table:.*::ifTableShow output
snmptable: Timeout (Sub-id not found: (top) -> ifTable)
Note
After configuring SNMP to listen on the ‘10.0.0.1‘ address, DUT1 requests should be allowed, but not local requests.
Step 12: Set the following configuration in DUT0:
del interfaces dummy dum1 address 127.0.0.1/24 del service snmp listen address 127.0.0.1 set service snmp listen address 10.0.0.1
Step 13: Run command service snmp walk local-agent v3 USER2TEST oid ifTable at DUT0 and check if output does not match the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
snmpbulkwalk: Timeout (Sub-id not found: (top) -> ifTable)
Step 14: Run command service snmp walk remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output matches the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
IF-MIB::ifIndex.1 = INTEGER: 1 IF-MIB::ifIndex.2 = INTEGER: 2 IF-MIB::ifIndex.3 = INTEGER: 3 IF-MIB::ifIndex.4 = INTEGER: 4 IF-MIB::ifIndex.94 = INTEGER: 94 IF-MIB::ifDescr.1 = STRING: lo IF-MIB::ifDescr.2 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.3 = STRING: Red Hat, Inc Device 0001 IF-MIB::ifDescr.4 = STRING: ip_vti0 IF-MIB::ifDescr.94 = STRING: dum0 IF-MIB::ifType.1 = INTEGER: softwareLoopback(24) IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6) IF-MIB::ifType.4 = INTEGER: tunnel(131) IF-MIB::ifType.94 = INTEGER: ethernetCsmacd(6) IF-MIB::ifMtu.1 = INTEGER: 65536 IF-MIB::ifMtu.2 = INTEGER: 1500 IF-MIB::ifMtu.3 = INTEGER: 1500 IF-MIB::ifMtu.4 = INTEGER: 1480 IF-MIB::ifMtu.94 = INTEGER: 1500 IF-MIB::ifSpeed.1 = Gauge32: 10000000 IF-MIB::ifSpeed.2 = Gauge32: 0 IF-MIB::ifSpeed.3 = Gauge32: 0 IF-MIB::ifSpeed.4 = Gauge32: 0 IF-MIB::ifSpeed.94 = Gauge32: 0 IF-MIB::ifPhysAddress.1 = STRING: IF-MIB::ifPhysAddress.2 = STRING: de:ad:be:ef:6c:10 IF-MIB::ifPhysAddress.3 = STRING: de:ad:be:ef:6c:11 IF-MIB::ifPhysAddress.4 = STRING: IF-MIB::ifPhysAddress.94 = STRING: 8a:3c:11:cc:d4:3e IF-MIB::ifAdminStatus.1 = INTEGER: up(1) IF-MIB::ifAdminStatus.2 = INTEGER: up(1) IF-MIB::ifAdminStatus.3 = INTEGER: down(2) IF-MIB::ifAdminStatus.4 = INTEGER: down(2) IF-MIB::ifAdminStatus.94 = INTEGER: up(1) IF-MIB::ifOperStatus.1 = INTEGER: up(1) IF-MIB::ifOperStatus.2 = INTEGER: up(1) IF-MIB::ifOperStatus.3 = INTEGER: down(2) IF-MIB::ifOperStatus.4 = INTEGER: down(2) IF-MIB::ifOperStatus.94 = INTEGER: up(1) IF-MIB::ifLastChange.1 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.2 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.3 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.4 = Timeticks: (0) 0:00:00.00 IF-MIB::ifLastChange.94 = Timeticks: (0) 0:00:00.00 IF-MIB::ifInOctets.1 = Counter32: 240011 IF-MIB::ifInOctets.2 = Counter32: 580996951 IF-MIB::ifInOctets.3 = Counter32: 4249855903 IF-MIB::ifInOctets.4 = Counter32: 0 IF-MIB::ifInOctets.94 = Counter32: 0 IF-MIB::ifInUcastPkts.1 = Counter32: 1926 IF-MIB::ifInUcastPkts.2 = Counter32: 19135 IF-MIB::ifInUcastPkts.3 = Counter32: 2958022 IF-MIB::ifInUcastPkts.4 = Counter32: 0 IF-MIB::ifInUcastPkts.94 = Counter32: 0 IF-MIB::ifInNUcastPkts.1 = Counter32: 0 IF-MIB::ifInNUcastPkts.2 = Counter32: 0 IF-MIB::ifInNUcastPkts.3 = Counter32: 0 IF-MIB::ifInNUcastPkts.4 = Counter32: 0 IF-MIB::ifInNUcastPkts.94 = Counter32: 0 IF-MIB::ifInDiscards.1 = Counter32: 0 IF-MIB::ifInDiscards.2 = Counter32: 17 IF-MIB::ifInDiscards.3 = Counter32: 14 IF-MIB::ifInDiscards.4 = Counter32: 0 IF-MIB::ifInDiscards.94 = Counter32: 0 IF-MIB::ifInErrors.1 = Counter32: 0 IF-MIB::ifInErrors.2 = Counter32: 0 IF-MIB::ifInErrors.3 = Counter32: 0 IF-MIB::ifInErrors.4 = Counter32: 0 IF-MIB::ifInErrors.94 = Counter32: 0 IF-MIB::ifInUnknownProtos.1 = Counter32: 0 IF-MIB::ifInUnknownProtos.2 = Counter32: 0 IF-MIB::ifInUnknownProtos.3 = Counter32: 0 IF-MIB::ifInUnknownProtos.4 = Counter32: 0 IF-MIB::ifInUnknownProtos.94 = Counter32: 0 IF-MIB::ifOutOctets.1 = Counter32: 240011 IF-MIB::ifOutOctets.2 = Counter32: 1342587 IF-MIB::ifOutOctets.3 = Counter32: 4249849613 IF-MIB::ifOutOctets.4 = Counter32: 0 IF-MIB::ifOutOctets.94 = Counter32: 0 IF-MIB::ifOutUcastPkts.1 = Counter32: 1926 IF-MIB::ifOutUcastPkts.2 = Counter32: 12062 IF-MIB::ifOutUcastPkts.3 = Counter32: 2958218 IF-MIB::ifOutUcastPkts.4 = Counter32: 0 IF-MIB::ifOutUcastPkts.94 = Counter32: 0 IF-MIB::ifOutNUcastPkts.1 = Counter32: 0 IF-MIB::ifOutNUcastPkts.2 = Counter32: 0 IF-MIB::ifOutNUcastPkts.3 = Counter32: 0 IF-MIB::ifOutNUcastPkts.4 = Counter32: 0 IF-MIB::ifOutNUcastPkts.94 = Counter32: 0 IF-MIB::ifOutDiscards.1 = Counter32: 0 IF-MIB::ifOutDiscards.2 = Counter32: 0 IF-MIB::ifOutDiscards.3 = Counter32: 0 IF-MIB::ifOutDiscards.4 = Counter32: 0 IF-MIB::ifOutDiscards.94 = Counter32: 0 IF-MIB::ifOutErrors.1 = Counter32: 0 IF-MIB::ifOutErrors.2 = Counter32: 0 IF-MIB::ifOutErrors.3 = Counter32: 0 IF-MIB::ifOutErrors.4 = Counter32: 0 IF-MIB::ifOutErrors.94 = Counter32: 0 IF-MIB::ifOutQLen.1 = Gauge32: 0 IF-MIB::ifOutQLen.2 = Gauge32: 0 IF-MIB::ifOutQLen.3 = Gauge32: 0 IF-MIB::ifOutQLen.4 = Gauge32: 0 IF-MIB::ifOutQLen.94 = Gauge32: 0 IF-MIB::ifSpecific.1 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.2 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.3 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.4 = OID: SNMPv2-SMI::zeroDotZero IF-MIB::ifSpecific.94 = OID: SNMPv2-SMI::zeroDotZero
Step 15: Run command service snmp table local-agent v3 USER2TEST oid ifTable at DUT0 and check if output does not match the following regular expressions:
SNMP table:.*::ifTableShow output
snmptable: Timeout (Sub-id not found: (top) -> ifTable)
Step 16: Run command service snmp table remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output matches the following regular expressions:
SNMP table:.*::ifTableShow output
SNMP table: IF-MIB::ifTable ifIndex ifDescr ifType ifMtu ifSpeed ifPhysAddress ifAdminStatus 1 lo softwareLoopback 65536 10000000 up 2 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:10 up 3 Red Hat, Inc Device 0001 ethernetCsmacd 1500 0 de:ad:be:ef:6c:11 down 4 ip_vti0 tunnel 1480 0 down 94 dum0 ethernetCsmacd 1500 0 8a:3c:11:cc:d4:3e up SNMP table IF-MIB::ifTable, part 2 ifOperStatus ifLastChange ifInOctets ifInUcastPkts ifInNUcastPkts ifInDiscards ifInErrors up 0:0:00:00.00 241283 1938 0 0 0 up 0:0:00:00.00 580999034 19148 0 17 0 down 0:0:00:00.00 4249855903 2958022 0 14 0 down 0:0:00:00.00 0 0 0 0 0 up 0:0:00:00.00 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 3 ifInUnknownProtos ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen 0 241283 1938 0 0 0 0 0 1346724 12075 0 0 0 0 0 4249849613 2958218 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SNMP table IF-MIB::ifTable, part 4 ifSpecific SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero SNMPv2-SMI::zeroDotZero
Note
After configuring SNMP to listen on the ‘20.0.0.1‘ address, neither local nor DUT1 requests should be allowed.
Step 17: Set the following configuration in DUT0:
del service snmp listen address 10.0.0.1 set service snmp listen address 20.0.0.1
Step 18: Run command service snmp walk local-agent v3 USER2TEST oid ifTable at DUT0 and check if output does not match the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
snmpbulkwalk: Timeout (Sub-id not found: (top) -> ifTable)
Step 19: Run command service snmp walk remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output does not match the following regular expressions:
::ifDescr\.1 = STRING: "?lo"?Show output
snmpbulkwalk: Timeout (Sub-id not found: (top) -> ifTable)
Step 20: Run command service snmp table local-agent v3 USER2TEST oid ifTable at DUT0 and check if output does not match the following regular expressions:
SNMP table:.*::ifTableShow output
snmptable: Timeout (Sub-id not found: (top) -> ifTable)
Step 21: Run command service snmp table remote-agent 10.0.0.1 v3 USER2TEST oid ifTable at DUT1 and check if output does not match the following regular expressions:
SNMP table:.*::ifTableShow output
snmptable: Timeout (Sub-id not found: (top) -> ifTable)