SNMP v3 and v2

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

SNMP v3 and v2

Mario Luzeiro
Hi all, I'm following a discussion with Trampas Stern regarding SNMPv3.
I hope that it is proper to discuss it here and I would be happy if anyone could add something. If not, let me know.

> I am also going to have enable SNMP v3, so if you get there first let me know.

One thing that is confusing me is the v1 v2c v3 usage. Is that expect that all this versions are used at same time?
I am not sure on the propose to have a secure and non secure at same time. Unless there is some way that v3 could be forward to some other IPport number..

Also what about Traps? should it be sent using v1/v2c or what happen when using v3 ?

Also from LWIP SNMP example and source code, I couldn't find if it was supposed to work with all versions at same time or could select only v3.

Regards,
Mario
_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users
Reply | Threaded
Open this post in threaded view
|

Re: SNMP v3 and v2

Harrold Spier

Hi Mario,

As far as I know, the current stable version of lwIP does only support SNMPv1 traps. I'm now using the latest lwIP git checkout, which does have support for SNMP v2c traps.

As far as I can see, there is no support for SNMPv3 traps yet.

If you build lwIP for SNMPv3, the older SNMP version are enabled by default. I was also a little bit confused about this, because if you support v3, you probably don't want older versions to be enabled.
Of course you can still disable them by calling the functions snmp_v1_enable(0) and snmp_v2c_enable(0).

Using SNMPv3, I had a small issue with SNMP SET. I created a quick fix to solve it, but I have to dig a little bit deeper into it to find out whether this is indeed the correct solution.

I attach the patch. It contains a diff with the current version of snmp_msg.c in Git, but it will not be difficult to use it for the current stable version also. At least you can see what I changed.

Regards,
Harrold




On Fri, Nov 8, 2019 at 1:38 PM Mário Luzeiro <[hidden email]> wrote:
Hi all, I'm following a discussion with Trampas Stern regarding SNMPv3.
I hope that it is proper to discuss it here and I would be happy if anyone could add something. If not, let me know.

> I am also going to have enable SNMP v3, so if you get there first let me know.

One thing that is confusing me is the v1 v2c v3 usage. Is that expect that all this versions are used at same time?
I am not sure on the propose to have a secure and non secure at same time. Unless there is some way that v3 could be forward to some other IPport number..

Also what about Traps? should it be sent using v1/v2c or what happen when using v3 ?

Also from LWIP SNMP example and source code, I couldn't find if it was supposed to work with all versions at same time or could select only v3.

Regards,
Mario
_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users

_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users

snmp_msg.c.patch (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: SNMP v3 and v2

Mario Luzeiro
Thanks Harrold!

I found the LWIP_SNMP_CONFIGURE_VERSIONS define and functions that we can use to enable/disable at run time the SNMP versions.
So it sounds to me that it should be the user to setup it in the equipment.

Thanks for sharing your patch, I will test it once I need to enable v3 in my project.

Regards,
Mario

________________________________________
From: lwip-users <lwip-users-bounces+mrluzeiro=[hidden email]> on behalf of Harrold Spier <[hidden email]>
Sent: 08 November 2019 13:38
To: Mailing list for lwIP users
Subject: Re: [lwip-users] SNMP v3 and v2


Hi Mario,

As far as I know, the current stable version of lwIP does only support SNMPv1 traps. I'm now using the latest lwIP git checkout, which does have support for SNMP v2c traps.

As far as I can see, there is no support for SNMPv3 traps yet.

If you build lwIP for SNMPv3, the older SNMP version are enabled by default. I was also a little bit confused about this, because if you support v3, you probably don't want older versions to be enabled.
Of course you can still disable them by calling the functions snmp_v1_enable(0) and snmp_v2c_enable(0).

Using SNMPv3, I had a small issue with SNMP SET. I created a quick fix to solve it, but I have to dig a little bit deeper into it to find out whether this is indeed the correct solution.

I attach the patch. It contains a diff with the current version of snmp_msg.c in Git, but it will not be difficult to use it for the current stable version also. At least you can see what I changed.

Regards,
Harrold




On Fri, Nov 8, 2019 at 1:38 PM Mário Luzeiro <[hidden email]<mailto:[hidden email]>> wrote:
Hi all, I'm following a discussion with Trampas Stern regarding SNMPv3.
I hope that it is proper to discuss it here and I would be happy if anyone could add something. If not, let me know.

> I am also going to have enable SNMP v3, so if you get there first let me know.

One thing that is confusing me is the v1 v2c v3 usage. Is that expect that all this versions are used at same time?
I am not sure on the propose to have a secure and non secure at same time. Unless there is some way that v3 could be forward to some other IPport number..

Also what about Traps? should it be sent using v1/v2c or what happen when using v3 ?

Also from LWIP SNMP example and source code, I couldn't find if it was supposed to work with all versions at same time or could select only v3.

Regards,
Mario
_______________________________________________
lwip-users mailing list
[hidden email]<mailto:[hidden email]>
https://lists.nongnu.org/mailman/listinfo/lwip-users

_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users
Reply | Threaded
Open this post in threaded view
|

Re: SNMP v3 and v2

goldsimon@gmx.de
In reply to this post by Harrold Spier


Am 8. November 2019 14:38:38 MEZ schrieb Harrold Spier <[hidden email]>:

>Hi Mario,
>
>As far as I know, the current stable version of lwIP does only support
>SNMPv1 traps. I'm now using the latest lwIP git checkout, which does
>have
>support for SNMP v2c traps.
>
>As far as I can see, there is no support for SNMPv3 traps yet.
>
>If you build lwIP for SNMPv3, the older SNMP version are enabled by
>default. I was also a little bit confused about this, because if you
>support v3, you probably don't want older versions to be enabled.
>Of course you can still disable them by calling the
>functions snmp_v1_enable(0) and snmp_v2c_enable(0).
>
>Using SNMPv3, I had a small issue with SNMP SET. I created a quick fix
>to
>solve it, but I have to dig a little bit deeper into it to find out
>whether
>this is indeed the correct solution.
>
>I attach the patch. It contains a diff with the current version of
>snmp_msg.c in Git, but it will not be difficult to use it for the
>current
>stable version also. At least you can see what I changed.

Would you mind sharing patches via our patch tracker instead of attaching them to an email here? That would greatly increase the chance of getting them upatreamed!

Regards,
Simon

_______________________________________________
lwip-users mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/lwip-users