0

How do I set the maximum message size when using snmp v2 in PHP?

I am using PHP to do an SNMP walk of devices, and my organization has very stringent firewalls in place. I am running into an issue where (snmp2_real_walk, or snmp2_walk) are resulting in timeouts from my production server if the packets are larger and getting fragmented. I'm wondering if there is a way to set the maximum packet size to something smaller to prevent fragmentation.

I am using php 5.4.10 on Ubuntu 12.04, and Net-SNMP 5.4.3.

When I capture the traffic, it turns out the snmp2_real_walk is using getBulkRequest. I get a response that is saying the packet is fragmented, and a smaller follow up packet. On my local machine, same environment aside from firewall, this works. On my production machine, it's failing.

var_dump(snmp2_real_walk("a.b.c.d", "public", '.o.i.d'));

If I call it via command line, it works with smaller packets. I don't understand why. There has to be a way to set the packet/message size, right?

snmpbulkwalk -v2c -cpublic a.b.c.d .o.i.d

(sensitive data removed).

Jolta
  • 2,620
  • 1
  • 29
  • 42
Trenton
  • 148
  • 11
  • The problematic packet size is not the request you send, but the response you receive, right? You can't decide how the other party decides to answer, apart from setting the "max-repeaters" flag in the request. My recommendation would be to avoid using get-bulk on this network, and use get-next requests instead. That way, the answers will be a lot smaller. (But there is still no guarantee that they won't be fragmented.) – Jolta Sep 23 '14 at 08:25
  • The odd thing is that I can run the cli version of getBulk from the same machine to the same destination host, and it doesn't produce packets that are too big. I also need the OIDs in my walk so that I can connect them to other information which share the same portion of the OID. (the last part). – Trenton Sep 24 '14 at 12:49
  • I see what you mean for repeaters... I am now able to duplicate the fragmentation from CLI if I use -C r20 in the command. Now to see if its possible for me to tell PHP to reduce it's repetitions. – Trenton Sep 24 '14 at 18:11

1 Answers1

0

It doesn't appear there is a way to tell PHP to request a custom max-repetitions setting. Also, PHP's get next doesn't work too well, as it will continue going through the SNMP tree into the next branch (i.e. if you're traversing .17.x, the last one on 17.z will give you 18.1).

To get around this issue, I ended up using exec and sanitizing the data to ensure no variables could hijack the system.

Trenton
  • 148
  • 11