Hello. I have RB1100AHx2 and today i've found problems with MRTG and SNMPv3 connection. And i'd like to make some kind of bugreport.
I've found similar problems here:
http://forum.mikrotik.com/viewtopic.php?f=2&t=42471 (ROS and MRTG and SNMPv3 - anybody know the magic formula?)
http://forum.mikrotik.com/viewtopic.php?f=2&t=62220 (snmp v3)
Here is bug-report and little overview what's wrong:
https://rt.cpan.org/Public/Bug/Display.html?id=75191
Shortly according to RFC 3414 Section 4 there is no usmStatsNotInTimeWindows inside varBindList of the Report PDU from Mikrotik
-
-
johnsilver
newbie
- Posts: 37
- Joined:
Re: snmpv3... yes, again
If someone would do MRTG on Centos, here is short how-to
1. don't forget to install rpmforge assets (to install additional snmpv3 perl libs)
2. configure mikrotik
3. install apps
4. fix 'usmStatsNotInTimeWindows' in /usr/share/perl5/vendor_perl/Net/SNMP.pm
5. fix access in /etc/httpd/conf.d/mrtg.conf
6. add cron task (every 5 min)
7. generate index (once!)
8. generate proper mrtg.cfg
if you add interfaces repeat steps 7 and 8 after:
ps. change passwords on your own, contextengineid selected according to wiki
1. don't forget to install rpmforge assets (to install additional snmpv3 perl libs)
2. configure mikrotik
Code: Select all
/snmp community add addresses=0.0.0.0/0 authentication-password=12345678 authentication-protocol=MD5 encryption-password=87654321 encryption-protocol=DES name=cactiuser read-access=yes security=private write-access=no
/snmp set contact=contact enabled=yes engine-id="" location=location trap-community=cactiuser trap-generators="" trap-target="" trap-version=3
Code: Select all
yum install net-snmp net-snmp-utils mrtg httpd
Code: Select all
--- Net/SNMP.pm.orig 2014-12-04 12:46:17.736487353 +0300
+++ Net/SNMP.pm 2014-12-04 12:28:05.582495561 +0300
@@ -2541,8 +2541,9 @@ sub _discovery_synchronization_cb
# counter in the varBindList..." If another error is returned, we
# assume that the synchronization has failed.
- if (($this->{_security}->discovered) &&
- ($this->{_error} =~ /usmStatsNotInTimeWindows/))
+ # if (($this->{_security}->discovered) &&
+ # ($this->{_error} =~ /usmStatsNotInTimeWindows/))
+ if ($this->{_security}->discovered)
{
$this->_error_clear;
@@ -2559,7 +2560,8 @@ sub _discovery_synchronization_cb
# If we received the usmStatsNotInTimeWindows report or no error, but
# we are still not synchronized, provide a generic error message.
- if ((!$this->{_error}) || ($this->{_error} =~ /usmStatsNotInTimeWindows/)) {
+ # if ((!$this->{_error}) || ($this->{_error} =~ /usmStatsNotInTimeWindows/)) {
+ if (!$this->{_error}) {
$this->_error_clear;
$this->_error('Time synchronization failed during discovery');
}
Code: Select all
<Location /mrtg>
Order deny,allow
Deny from all
Allow from 192.168.0.0/24
Allow from 127.0.0.1
Allow from ::1
# Allow from .example.com
</Location>
Code: Select all
*/1 * * * * env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
Code: Select all
/usr/bin/indexmaker --output /var/www/mrtg/index.html /etc/mrtg/mrtg.cfg
Code: Select all
cfgmaker --global 'Workdir: /var/www/mrtg' --global 'Options[_]: bits, growright' --output /etc/mrtg/mrtg.cfg --enablesnmpv3 --username=cactiuser --authprotocol=md5 --privprotocol=des --authpassword=12345678 --privpassword=87654321 --ifref=descr --contextengineid=80003a8c04 --snmp-options=:::::3 192.168.0.1
Code: Select all
rm -rf /var/www/mrtg/*
Who is online
Users browsing this forum: CoMMyz and 143 guests