Forum Discussion
No Response to SNMP GetRequest
I am currently troubleshooting an issue from SolarWinds to all my F5 devices. I receive the GetRequests but no response ever comes back. I see the following in my tcpdump but I have redacted a lot because of security concerns.
solarwinds_IP.59071 > f5-device_IP.161: GetRequest(26) .1.3.6.1.2.1.1.2.0
solarwinds_IP.59071 > f5-device_IP.161: GetRequest(26) .1.3.6.1.2.1.1.2.0
solarwinds_IP.59071 > f5-device_IP.161: GetRequest(26) .1.3.6.1.2.1.1.2.0
Now if I go to any of my F5 devices and perform the same snmpwalk I receive a response using the exact same credentials. I do have a client allow list which allows the source to reach all the F5s as well. The following is an example of a working request and response from one of the other F5 devices.
f5-device-1_IP.43962 > f5-device_IP.161: GetNextRequest(28) .1.3.6.1.2.1.1.2.0
f5-device_IP.161 > f5-device-1_IP.43962: GetResponse(32) .1.3.6.1.2.1.1.3.0=1494278987
f5-device-1_IP.43962 > f5-device_IP.161: GetRequest(28) .1.3.6.1.2.1.1.2.0
f5-device_IP.161 > f5-device-1_IP.43962: GetResponse(40) .1.3.6.1.2.1.1.2.0=.1.3.6.1.4.1.3375.2.1.3.4.105
Any insight on how to troubleshoot this or what the issue could be would be greatly appreciated.
It ended up being that the following was configured so I had to add in the additional subnet.
Here is a guide how to configure SNMP on F5:
https://support.f5.com/csp/article/K52219241
make sure you read it first.
So a snmpwalk from you source Solarwinds server does not work?
when you say "Now if I go to any of my F5 devices and perform the same snmpwalk" you sis a snmpwalk from the F5? or from Solarwinds server? Try a snmpwalk from a Solrwinds server. There is an exe file that can do that.
Note: By default, SNMP is enabled only for the BIG-IP system loopback interface (127.0.0.1).
Make sure you have this:
"
- On the Main tab, click System > SNMP > Agent > Configuration .
- In the Client Allow List area, for the Type setting, select either Host or Network, depending on whether the IP address you specify is a host system or a subnet.
"
Q: So a snmpwalk from you source Solarwinds server does not work?
A: Correct, no SNMP request from the Solarwinds server works when attempting to connect to any of my F5 devices but keeping it simple and just mentioning the one F5 device.Q: When you say "Now if I go to any of my F5 devices and perform the same snmpwalk" you sis a snmpwalk from the F5? or from Solarwinds server?
A: I performed an snmpwalk and an snmpget from both Solarwinds and another of my F5 devices.In regards to the SNMP agent configuration, I do have the appropriate allowed list and even went as far as allowing all IPs to reach the F5 in question with the same result. I see the GetRequest arrive from the Solarwinds server but a GetResponse never goes back.
I guess the routing part is ok. I mean you can ping the F5 from Solarwinds and vice versa.
If you have a firewall in between udp port 161 is permitted I guess.
What errors do you get when you run snmpwalk from solarwinds? have you checked the logs of F5 and Solarwinds server?
mihaicI can ping from Solarwinds to F5 but not the other way around but that is by design. On the firewall I do see that udp/161 is being allowed and I see the connection arrive at the F5 in the tcpdump. I do not see anything on the Solarwinds server other than the connection failed. Sadly on the F5 side I haven't found anything in the logs or the particular log setting to provide me the information that I'm looking for in regards to SNMP connections. I did a test just now where I allowed all IPs in the agent allow list and it still doesn't work. I did notice that when I allow nothing to reach the F5 for SNMP both snmpget from any of my other F5s ends up having the same behavior as Solarwinds where the connection arrives but no response is sent back. It might be possible that the allow list is not functioning correctly or possibly that because the Solarwinds server sits on a different subnet it is acting different than the F5s on the same management network. I might have to reach out to F5 on this one to see if maybe this is a bug. I appreciate your assistance on this one though.
if the F5 is on a different subnet then your management interface must have a gateway to use it, to reach the Solarwinds server.
Seems to me that is a routing/design issue.
I still don't understand what design it is that you can not ping from F5 to Solarwinds.
mihaichopefully this image sheds some light on how the topology is configured. The subnets are not the same for obvious reasons but the general layout is the same. You will notice that routes are indeed in place on the F5. I would like to note that ICMP functions between Solarwinds and the F5 even though that isn't the best of tests but a tcpdump on the F5 does confirm that traffic is coming in and leaving the same interface for ICMP traffic so it should do the same for SNMP.
Check to see how many snmpd processes are there:
tmsh show /sys proc-info | grep -A 3 -i snmpd
If necessary stop them:
kill -15 <PID of instance 1>
You could also try to restart the process:
bigstart restart snmpd
mihaicI forgot to mention it but restarting the process and checking the running processes was one of the first things I checked even though I feel as though it couldn't be that across 10 devices but I did anyway in the hope that it was a small chance. I think maybe at this point it might be worth me opening a ticket with F5 and seeing what they can find. Hopefully it isn't some minor configuration that I overlooked.
It ended up being that the following was configured so I had to add in the additional subnet.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com