[mrtg] Re: Can MRTG make the switch reset ?

Michael Markstaller mm at elabnet.de
Wed Apr 30 13:54:47 MEST 2003


Hi,

a bug in the snmp-part of the switch software can cause a reset, sure. I personally experienced this with Cisco-routers reloading when a specific (E1) interface-name is queried from the cisco.liftable, but it's quite uncommon, also it's not mrtg to blame but the vendor unable to write a stable snmp-agent.
Possibly easiest way to find out is with trying to reproduce this with an snmpwalk on the iftable. the interface-remapping reported by HPOV might be due to the reload (?)

Sorry, I couldn't resist: I could imagine something else, if you handle the security in your network always this way by posting your IP's and communitys to the public and even worse, disregarding ANY of the basic security pricinples like an ACL on snmp for public devices on not using public as community at all, you shouldn't wonder that occassionally something reloads or anything else strange happens in your network:
> snmpwalk 203.146.11.1 public system
system.sysDescr.0 = Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 11.2(10), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1997 by cisco Systems, Inc.
Compiled Mon 10-Nov-97 16:51 by ckralik
...

Please note that not anybody reading this might be that nice and only try one of the routers with getting the system-OID's, so first of all you should go and fix your network-security right now !


Michael

-----Original Message-----
From: TS/9A (Metha T. 7359) [mailto:MethaT at arc.co.th]
Sent: Wednesday, April 30, 2003 11:28 AM
To: mrtg at list.ee.ethz.ch
Subject: [mrtg] Can MRTG make the switch reset ?


Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
                        Hello forum !

                        This is my strange story, I received the "SNMP
Authentication Failure" trap from the Linux machine running MRTG in my
AVAYA Cajun P882's event log. After that, I advice the MRTG's
administrator to correct the SNMP community string on the MRTG. But I
didn't exactly know how he change or what he change, suddenly after he
make change to MRTG the unexpected phenomenon occurred, my core switch
automatically reset. The following is the interesting message on HPOV at
the same time the core switch reset:=20

=20

- Critical Thu Apr 17 14:32:45  p882-north            Possible device
reconfiguration.  Interface to IfIndex have been remapped.  You      =20

may need to reconfigure any data collection on p882-north.  The new
interface mappings are:\n'MOC1-T'(old=3D11, new=3D14), =
'MOC1-M'(old=3D12,
new=3D15), 'MOC1-D'(old=3D13, new=3D16), 'MOC2'(old=3D14, new=3D17),
'P334T-ROC1-T'(old=3D15, new=3D18), 'P334T-ROC1-M'(old=3D16, new=3D19),
'ROC2-T'(old=3D17, new=3D20), 'ROC2-P334T-D'(old=3D18, new=3D21), 'Port
4.1'(old=3D21, new=3D24), 'Port 4.2'(old=3D22, new=3D25), 'Port =
4.3'(old=3D23,
new=3D26), 'Port 4.4'(old=3D24, new=3D27), 'Port 4.5'(old=3D25, =
new=3D28), 'Port
4.6'(old=3D26, new=3D29), 'Port 4.7'(old=3D27, new=3D30), =
'BACKBONE_4_8'(old=3D28,
new=3D31), 'WH1-T_5.1'(old=3D31, new=3D34), 'WH1-D_5.2'(old=3D32, =
new=3D35),
'WH2_5.3'(old=3D33, new=3D36), 'CCB-D_5.4'(old=3D34, new=3D37),
'LAB_5.5'(old=3D35, new=3D38), 'ROC2-P334T-M'(old=3D36, new=3D39),
'CCB-T_5.7'(old=3D37, new=3D40), 'BACKBONE_5_8'(old=3D38, new=3D41),
'WH1-T_6.1'(old=3D41, new=3D44), 'WH1-D_6.2'(old=3D42, new=3D45),
'WH2_6.3'(old=3D43, new=3D46), 'CCB-D_6.4'(old=3D44, new=3D47)

=20

I also attached this e-mail with configuration file of the MRTG. Because
of I've no good knowledge enough on MRTG, please the forum to help me to
confirm either MRTG did the switch reset event or MRTG did not. Any
advice, tips, feedback, etc., would be greatly appreciated.

=20

              Regards

              MethaT.

=20

=20

=20

=20

=20

=20

=20




-- Attached file removed by Ecartis and put at URL below --
-- Type: application/x-zip-compressed
-- Desc: MRTG_Config.zip
-- Size: 22k (23074 bytes)
-- URL : http://www.ee.ethz.ch/~slist/p/MRTG_Config.zip


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi



More information about the mrtg mailing list