Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

SNMP Source on 5300 switches

PDnet
Advisor

SNMP Source on 5300 switches

I have several hundred 5300s deployed, all with multiple VLANs. My problem is that the switches do not seem to respond to SNMP requests from a consistent interface. For example, I will send the request to the VLAN1 interface on switch 1 and it will respond with the source address of the VLAN2 interface. Another switch may respond from the VLAN10 interface. My management app sees this as an unrequested packet and drops it, as it should. I can see the traffic flow in a sniffer trace taken at the interface of the SNMP application.

My question: Is there a way to force the 5300 to always respond to an SNMP request from the same interface, like Cisco's SNMP-source command? If not, what is the best way to address this issue. I can't try every interface on every switch until I find the correct one.
4 REPLIES
Andrey Deryugin
Honored Contributor

Re: SNMP Source on 5300 switches

Hello Stuart,

May be it gives you some clue if you check are those source adresses from default, primary or management VLANs?

Regards,
Andrey
PDnet
Advisor

Re: SNMP Source on 5300 switches

Well, here is what I think is happening. In the 10.x train of code, HP introduced ECMP routing when using OSPF. It is a step in the right direction, though the functionality still leaves something to be desired. The switch will make use of multiple routes out, though it uses only one route per subnet. It appears that the interface that responds to the SNMP queries is the interface that is the candidate route BACK to the SNMP station.

This is a very dangerous situation, as that route is subject to change at any time. Any kind of a network change could result in a better route becoming available and then the SNMP target address of the switch will change, making it unavailable. Hopefully, this will be the impetus the developers and lab folks need to fix the behavior of ECMP, or at least add an SNMP source command to the code. I'll be talking to them soon about this.

I'll be checking into it some more, but the first 6 switches I checked all were responding on the candidate route interface.
Matt Hobbs
Honored Contributor

Re: SNMP Source on 5300 switches

Hi Stuart,

I've been through this before myself over a year ago, and put in a feature request for the snmp-source command. This was a writeup on the issue back then.

Problem Statement:

SNMP traps are being sent from the first VLAN interface that comes online after a reboot, that has a route to the trap destination. Whichever VLAN meets this criteria first, SNMP traps will then be sent out from this interface.

Known Workarounds:

A. Change order of port initialization.
Since the VLAN that comes online first is the one that the SNMP traps are sent from, you can force this interface to come online before others using a few methods:

1. Disabling LACP on one of the ports in that VLAN.
2. Set the port to 100-auto
3. If everything else is the same, the ports come online in order from 1-4.
4. You can see what VLAN comes online first after a reboot by checking your 'show log'


B. Make a more specific route to the snmp server. e.g. Delete the â ip route 0.0.0.0 0.0.0.0 10.20.20.2â .
Now the only possible route to the SNMP server is through 10.255.254.2 via
â ip route 10.255.254.0 255.255.255.0 172.31.35.1â

C. Disable the VLAN that SNMP has originally aligned itself with.
Then traps will come through the next most suitable VLAN.

As you've stated though, if something happens to change your preferred trap source, then it will failback to the next most suitable interface.

Hope this helps.

Regards,

Matt
PDnet
Advisor

Re: SNMP Source on 5300 switches

An acknowledged problem with the code. Hopefully it will be fixed soon.