LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

August 2006

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS August 2006

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: Whoops
From:	"Lanstein, Alex C" <[log in to unmask]>
Reply To:	Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:	Wed, 23 Aug 2006 19:21:02 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (217 lines)
 
Here's the tcpdump from the manager.  I'm firing up ethereal now and I'll send that to you privately via email (not that im too worried about people here decyphering my snmp communities)
 
 
http://oak.conncoll.edu/~aclan/manager_tcpdump.rtf
Regards,

Alex Lanstein
Senior Software Engineer, Transitional Data Services
Help Desk/Network Junkie, Connecticut College
Chief Coffee Drinker, LBCCHosting
860-625-4277
[log in to unmask]

________________________________

From: Perfigo SecureSmart and CleanMachines Discussion List on behalf of Prem Ananthakrishnan (prananth)
Sent: Wed 8/23/2006 6:55 PM
To: [log in to unmask]
Subject: Re: Whoops



Hi Alex,

Save run>> Start will be a wr mem ..which should again be a SET. Can't
see the SET packet here though :(
We need to confirm the CAM is sending a SET to switch.

Can we get a sniffer trace going between the two when you write to the
switch? Also on the CAM,
If you do

 tcpdump -q -a -vvv dst <switch ip>

Are you able to see packets being sent, when you write to it?

-Prem

-----Original Message-----
From: Perfigo SecureSmart and CleanMachines Discussion List
[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
Sent: Wednesday, August 23, 2006 3:41 PM
To: [log in to unmask]
Subject: Re: Whoops

Hi Prem,

Nice to hear from you - you guys are assets.

My boss sent you that packet dump, so I am not sure, but here's one I
just did.  I turned on debugging then tried to "save the running config
to startup config" via the web interface:

If this is against protocol I don't have a problem doing this the
"normal" way - it's just that students starting coming back any minute
(literally) and if we can't get this up and running we have to move back
to in-line.  No one wants to do that!  I also think these types of
conversations are useful for the other list members.

http://oak.conncoll.edu/~aclan/terminal_log

Alex


Prem Ananthakrishnan (prananth) wrote:

>Hi Alex,
>
>I took a look at the information that was sent. Basically, we are not
>seeing any SNMP SET packets coming into the switch.
>
>We can see GET/GETNEXT information when you are reading the switch
>config. Don't worry about port 162 on CAM. That is for traps not for
>SNMP Read/Write
>
>Was the
>
>debug snmp header
>Debug snmp packets
>
>Captured at the time you were writing to the switch?
>
>You are right that it happens through the read write community that has

>been defined
>
>Thanks
>Prem
>
>-----Original Message-----
>From: Perfigo SecureSmart and CleanMachines Discussion List
>[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
>Sent: Wednesday, August 23, 2006 1:56 PM
>To: [log in to unmask]
>Subject: Re: Whoops
>
>Just the man I was hoping to hear from :-P
>
>We do have a TAC case opened on this, waiting to hear back from
>Jesse/Nate, who are waiting to hear from the engineers (is what what
>you are?), but it seemed like something that someone on here might have

>encountered.
>
>We used to be inline, just moved out of band a few days ago.   When we
>add the switch, it reads the mac, snmp location and contact
>information, so it seems like its communicating fine.  Also, the switch

>can ping the manager and vice versa.
>
>We are running 4.0.2 and 12.2(25)FX on a C2960-LANBASE-M.  System image

>file is
>"flash:c2960-lanbase-mz.122-25.FX/c2960-lanbase-mz.122-25.FX.bin".  The

>image is stock from the vendor, we didnt upgrade it.
>
>When we add the switch, it brings us to the page where it shows the
>port status, and it does read the vlan and whether or not the port is
>linked properly.  I know it sounds like I'm saying "read" alot, which
>could mean an issue with the RW community, but I swear I have it right.
>
>As per your suggestion, i tried swapping it to "link notification". 
>When I  add the switch, it doesnt throw an error with that mib anymore,

>but when I hit "save configuration", it says "failed to save the
>running configuration."
>
>The error it spits back is:
>[Failure] Error:"No SNMP respone [1.3.6.1.4.1.9.9.215.1.1.5.0]."
>
>I looked that up, and it looks like the mac-notification, but i dont
>see the MIB on my cam.  I tried snagging it from cisco and dropping it
>into the dir and restarting snmpd, but no luck.
>
>Here are our SNMP settings for the switch:
>
>snmp-server community rwcommunity RW
>snmp-server community rocommunity RO
>snmp-server location BillHall
>snmp-server contact my_boss
>snmp-server enable traps snmp authentication linkdown linkup coldstart
>warmstart snmp-server enable traps tty snmp-server enable traps cluster

>snmp-server enable traps entity snmp-server enable traps cpu threshold
>snmp-server enable traps rtr snmp-server enable traps vtp snmp-server
>enable traps vlancreate snmp-server enable traps vlandelete snmp-server

>enable traps flash insertion removal snmp-server enable traps
>port-security snmp-server enable traps envmon snmp-server enable traps
>MAC-Notification snmp-server enable traps copy-config snmp-server
>enable traps config snmp-server enable traps bridge newroot
>topologychange snmp-server enable traps stpx inconsistency
>root-inconsistency loop-inconsistency snmp-server enable traps syslog
>snmp-server enable traps vlan-membership snmp-server host CAM_IP
>version 2c rwcommunity cluster vtp vlancreate vlandelete port-security
>MAC-Notification copy-config config vlan-membership snmp !
>
>Certainly not ruling out the possibility that its a RW issue.  OK, so
>question - in the profiles view there is snmp v1, 2, and 3.  How do I
>know which one it's going to try?  I tried putting my password in v1
>then hitting "save config" to copy ru st, that failed.  Tried the same
>thing with v2, and that failed also.
>
>I get that a trap sends from the switch to the server, and that what
>we're trying to do is have the server talk to the switch.  I'd assume
>that just happens through the RW community.  Also, 162 on the CAM is
>closed, not open, but I don't know if thats expected behavior or not.
>
>Any thoughts?
>
>Alex
>
>
>Rajesh Nair (rajnair) wrote:
>
> 
>
>>Alex,
>>
>>Is this happening with one switch or several?  If its only happening
>>with one switch, does everything work okay with Link-up instead? 
>>Also,
>>   
>>
>
> 
>
>>what is the switch model and the IOS/CatOS version?
>>
>>-Rajesh.
>>
>>-----Original Message-----
>>From: Perfigo SecureSmart and CleanMachines Discussion List
>>[mailto:[log in to unmask]] On Behalf Of Lanstein, Alex C
>>Sent: Wednesday, August 23, 2006 11:42 AM
>>To: [log in to unmask]
>>Subject: Whoops
>>
>>Sorry, ignore my previous message's subject line, i hit reply and
>>forgot to change it
>>
>>Regards,
>>
>>Alex Lanstein
>>Senior Software Engineer, Transitional Data Services Help Desk/Network

>>Junkie, Connecticut College Chief Coffee Drinker, LBCCHosting
>>860-625-4277
>>[log in to unmask]
>>
>>
>>
>>   
>>
ATOM RSS1 RSS2
LISTSERV.MIAMIOH.EDU