Hi all -
I have ROS 4.9, and MRTG 2.15.0 running on Linux. I’ve been using MRTG with SNMPv1 to monitor traffic on the router without trouble. I want to switch to snmp v3 to take advantage of the 64-bit counters.
I followed the example at the bottom this post to configure a community on the router: http://forum.mikrotik.com/viewtopic.php?f=2&t=37360&start=0&hilit=snmp+v3. That worked fine and I was able to snmpwalk the router from my monitoring station.
I then set a 10-digit engineID for snmp on the router, and tried to generate an mrtg cfg file for it with the following command:
/usr/local/mrtg-2/bin/cfgmaker --global 'Workdir: /work/path' --global 'Options[_]: bits, growright' --ifref=descr --output /output/path/r.va.0.cfg --enablesnmpv3 --username=<community-name> --authproto=MD5 --authpassword=<auth-password> --contextengineid=<engine-id> --snmp-options=:::::3 xxx.xxx.xxx.xxx
This generates an error:
SNMPopen failed: Received usmStatsUnsupportedSecLevels.0 Report-PDU with value 2 during synchronization at /usr/local/mrtg-2/bin/cfgmaker line 915
For fun, I tried removing authproto and authpassword, but that just generates a stub of a cfg file with a few directives but no content.
Kind of stuck here, as searches for usmStatsUnsupportedSecLevels are not returning anything enlightening. Any help is greatly appreciated.
Thanks!
Ed
does ROS support 64-bit counters at all?..
Yes indeedee, from snmpwalk:
…
IF-MIB::ifHCInOctets.43 = Counter64: 142241289
IF-MIB::ifHCInOctets.44 = Counter64: 6960307
…
At this point I’ve refined my mrtg cfgmaker statement a bit:
/usr/local/mrtg-2/bin/cfgmaker --global 'Workdir: /path/to/workdir' --global 'Options[_]: bits, growright' --ifref=descr --output /path/to/output.cfg --enablesnmpv3 --username=<username> --authprotocol=MD5 --authpassword=<authpass> --privprotocol=des --privpassword=<encrypass> --contextengineid=<engineid> --snmp-options=:::::3 <router.ip>
This is what I see on the command line as the result of that command:
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on public@<router.ip>
--base: Writing /path/to/output.cfg
When I open output.cfg, this is all that’s in there:
# Created by
# /usr/local/mrtg-2/bin/cfgmaker --global 'Workdir: /path/to/workdir' --global 'Options[_]: bits, growright' --ifref=descr --output /path/to/output.cfg --enablesnmpv3 --username=public --authprotocol=MD5 --authpassword=<authpass> --privprotocol=des --privpassword=<encrypass> --contextengineid=<engineid> --snmp-options=:::::3 <router.ip>
### Global Config Options
# for UNIX
# WorkDir: /home/http/mrtg
# or for NT
# WorkDir: c:\mrtgdata
### Global Defaults
# to get bits instead of bytes and graphs growing to the right
# Options[_]: growright, bits
EnableIPv6: no
Workdir: /path/to/workdir
Options[_]: bits, growright
######################################################################
# System:
# Description:
# Contact:
# Location:
######################################################################
enablesnmpv3: yes
That’s it. If I run cfgmaker with my usual snmp v1 commands, it works fine and I get a properly populated file. Any idea what is wrong?