Community discussions

MikroTik App
 
TedRule
just joined
Topic Author
Posts: 15
Joined: Tue Nov 03, 2020 4:41 pm

SNMP walk of RFC1213 and IP-FORWARD MIBs disagrees on routing protocol

Wed Jul 07, 2021 7:42 pm

This is from a MikroTik RB2011UiAS running Stable 6.48.3

Walking the two different routing MIBs shows a different value for the routing protocol. From other cases which my colleagues have reported, we think all the ipRouteProto's reported
in the RFC1213 MIB are one less than what they should be, and that the IP-FORWARD MIB reports correctly.

IP Addresses mangled to anonymise....

Can we get this oversight fixed, please?

$ snmpwalk -v2c -c public mikrotik .1.3.6.1.2.1.4.21.1.9
RFC1213-MIB::ipRouteProto.54.156.66.64 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.54.156.81.187 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.43.145.0.0 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.43.145.8.0 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.43.145.16.0 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.43.145.24.0 = INTEGER: other(1)
RFC1213-MIB::ipRouteProto.55.167.178.252 = INTEGER: other(1)
$

$ snmpwalk -v2c -c public mikrotik .1.3.6.1.2.1.4.24.4.1.7
IP-FORWARD-MIB::ipCidrRouteProto.54.156.66.64.255.255.255.224.0.54.156.66.66 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.54.156.54.156.255.255.255.255.0.54.156.255.189 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.43.145.0.0.255.255.252.0.0.43.145.1.28 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.43.145.8.0.255.255.252.0.0.43.145.9.28 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.43.145.16.0.255.255.252.0.0.43.145.17.28 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.43.145.24.0.255.255.252.0.0.43.145.25.28 = INTEGER: local(2)
IP-FORWARD-MIB::ipCidrRouteProto.55.167.178.252.255.255.255.252.0.55.167.178.253 = INTEGER: local(2)


From RFC1213-MIB.txt

....
ipRouteProto OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- none of the following

-- non-protocol information,
-- e.g., manually configured
local(2), -- entries

-- set via a network
netmgmt(3), -- management protocol

-- obtained via ICMP,
icmp(4), -- e.g., Redirect

-- the remaining values are
-- all gateway routing
-- protocols
egp(5),
ggp(6),
hello(7),
rip(8),
is-is(9),
es-is(10),
ciscoIgrp(11),
bbnSpfIgp(12),
ospf(13),
bgp(14)
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The routing mechanism via which this route was
learned. Inclusion of values for gateway routing
protocols is not intended to imply that hosts
should support those protocols."
::= { ipRouteEntry 9 }
....


From IP-FORWARD-MIB.txt:

....
ipCidrRouteProto OBJECT-TYPE
SYNTAX INTEGER {
other (1), -- not specified
local (2), -- local interface
netmgmt (3), -- static route
icmp (4), -- result of ICMP Redirect

-- the following are all dynamic
-- routing protocols
egp (5), -- Exterior Gateway Protocol
ggp (6), -- Gateway-Gateway Protocol
hello (7), -- FuzzBall HelloSpeak
rip (8), -- Berkeley RIP or RIP-II
isIs (9), -- Dual IS-IS
esIs (10), -- ISO 9542
ciscoIgrp (11), -- Cisco IGRP
bbnSpfIgp (12), -- BBN SPF IGP
ospf (13), -- Open Shortest Path First
bgp (14), -- Border Gateway Protocol
idpr (15), -- InterDomain Policy Routing
ciscoEigrp (16) -- Cisco EIGRP
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The routing mechanism via which this route was learned.
Inclusion of values for gateway routing protocols is
not intended to imply that hosts should support those
protocols."
::= { ipCidrRouteEntry 7 }
....
 
TedRule
just joined
Topic Author
Posts: 15
Joined: Tue Nov 03, 2020 4:41 pm

Re: SNMP walk of RFC1213 and IP-FORWARD MIBs disagrees on routing protocol

Wed Jul 14, 2021 11:09 am

It's also apparent that a number of routes visible from the WebFig GUI are not present in the SNMP walks of either MIB.

Notably, the default route which happens to be learnt from a PPPoE connection to the upstream ISP, and several special "unreachable" routes which I've manually added to
effectively blackhole access to any rogue RFC1918 Address Spaces.

In general, the only things which appear are the 7 "DAC" routes - which seems to mean Dynamic + Active + Connected in MikroTik speak,
whereas DAS == Dynamic + Active + Static, ASU == Active + Static + Unreachable and AS == Active + Static don't show up.

Who is online

Users browsing this forum: amt, Erbit, jaclaz, lurker888, smirgo and 114 guests