0

I have a proxmox 5.2 machine (4.15.18-8-pve) and snmp installed with default config. when I do a snmpwalk it outputs some information but then hangs.

Any future snmpwalk requests don't get any response (unless I restart the snmpd service)

What could cause this issue?

root@px-box:~#   snmpwalk -Os -c public -v 2c localhost
sysDescr.0 = STRING: Linux matterhorn 4.15.18-8-pve #1 SMP PVE 4.15.18-28 (Tue, 30 Oct 2018 14:27:50 +0100) x86_64
sysObjectID.0 = OID: netSnmpAgentOIDs.10
sysUpTimeInstance = Timeticks: (908) 0:00:09.08
sysContact.0 = STRING: Me <me@example.org>
sysName.0 = STRING: matterhorn
sysLocation.0 = STRING: Sitting on the Dock of the Bay
sysServices.0 = INTEGER: 72
sysORLastChange.0 = Timeticks: (18) 0:00:00.18
sysORID.1 = OID: snmpMPDCompliance
sysORID.2 = OID: usmMIBCompliance
sysORID.3 = OID: snmpFrameworkMIBCompliance
sysORID.4 = OID: snmpMIB
sysORID.5 = OID: vacmBasicGroup
sysORID.6 = OID: tcpMIB
sysORID.7 = OID: ip
sysORID.8 = OID: udpMIB
sysORID.9 = OID: snmpNotifyFullCompliance
sysORID.10 = OID: notificationLogMIB
sysORDescr.1 = STRING: The MIB for Message Processing and Dispatching.
sysORDescr.2 = STRING: The management information definitions for the SNMP User-based Security Model.
Timeout: No Response from localhost
root@px-box:~#

Any future snmpwalk attempts after that one will end up just replying with a Timeout: No Response from localhost unless we restart snmpd and then its gets stuck again mid way

Yif Swery
  • 31
  • 1
  • 6
  • Looks like a bug in snmpd. Is snmpd still running after first walk? Any error messages in logs or coredumps? Running snmpd with debug turned on (-D) and snmpwalk with -Tsnmp option can possibly give more hints. – Yuri Lachin Nov 20 '18 at 07:46
  • snmpd is still running and you can see port 161 is still bound when doing an `losf` however everything times out, when doing a TCPDUMP you can see the snmpget but nothing back out. I did a full -DALL on the SNMP process that shows both successful AND failed results and posted here: https://sourceforge.net/p/net-snmp/bugs/2901/ however I can see what to even look for. – Yif Swery Nov 20 '18 at 21:58
  • Strange... Debug log shows that snmpd does process requests and walks through the whole tree. Does snmpd reply to plain `snmpget -v2c -c public localhost sysDescr.0` after first walk? Or snmpget for any other oid (for example, ifDescr.1 or ifOperStatus.2, etc)? Have you checked syslog messages? Are you sure snmpd is not crushing and auto-restarted by systemd on crushes? – Yuri Lachin Nov 21 '18 at 12:10
  • You can try starting snmpd manually and experiment with `-d -f -C -I` options to see the difference. Default snmpd.conf limits access to "systemonly" view - so check configuration. What is surprised me a little is that I see max IF-MIB::ifOperStatus.458 in debug log (`iso.3.6.1.2.1.2.2.1.8.458 = INTEGER: 1`) - do you really have >400 interfaces in your system? – Yuri Lachin Nov 21 '18 at 12:39
  • @YuriLachin thank you for your on going help, using snmpget on any simple MIB (tried `sysUpTime.0`/`sysDescr.0` and carrying others) on the *22nd* query it fails (the first *21* snmpget queries run all fine) I tried running snmpd in the debug mode here is the output for the last few queries: https://paste.ee/r/xoMOs (as you can see after the last successful query nothing else comes though at all) Here is the snmpget I ran as per your suggestion https://paste.ee/r/M2FlQ – Yif Swery Nov 22 '18 at 22:47
  • @YuriLachin Also here is an strace of the snmp process with all the successful queries https://paste.ee/r/7dhL6 sadly after the first 21 queries nothing happens after it. To answer you question about the interfaces, this is a proxmox box, and there is a whole bunch of LXC (and QEUMU) machines on here, around ~200 odd so yes we expect to have a whole bunch of interfaces (virtual - bridged to another) on here. – Yif Swery Nov 22 '18 at 22:47

0 Answers0