Trying to setup SNMPv3 on a few routers that are polled across the internet
If I set ‘security’ type to Authorized (no encryption) it works fine. But ‘Private’ doesn’t work
when I turn on logging on the MikroTik I see
I’ve tried both AES and DES
The poller is Solarwinds which has options for DES56/AES128/AES192/AES256 have tried all of them and get exactly the same message on the MikroTik device
If I can’t use encryption it entirely defeats the purpose of SNMPv3
I do notice when polling data with SNMPv3 with private (encryption) the resulting data is very slow in returning. For example on a CRS510 I’ll poll 100 data points (via Zabbix) every 10 minutes and I might see an updated data point every hour if not more. This is data that should be updated constantly as I’m viewing network traffic (bytes in and out) on various interfaces.
In investigating this I used Ubuntu (LTS 2024) and performed snmpwalks with v3 and the resulting data would time out after pulling
When I revert to SNMPv1 I receive the same data snaps fingers just like that. That was on 7.15 thru 7.19. I just updated some CRS518’s to long term 7.20.8 and will do the same with the CRS510s when I see them online next time.
Interesting. I don’t see the same performance problem on an RB5009 v7.21.2 with SHA/DES. Polling by LibreNMS averages under 4 seconds with occasional spikes to 7s. That’s to get the full set of health and performance data.