Reset Search



S-Series f/w Loopback Interface cannot be SNMP Managed

« Go Back


TitleS-Series f/w Loopback Interface cannot be SNMP Managed
Cannot SNMP-manage the router via its loopback interface.
  • S-Series
  • Firmware and lower
  • NetSight Suite
  • When replying to UDP traffic such as SNMP, as a source address the router lets the IP stack determine the "best" routed VLAN interface address.
  • This asymmetric behavior can in general lead to at the following undesirable results:
    • An intermediate firewall may drop SNMP replies when their source IP address does not match the destination IP address of the original SNMP requests, leading to a perception that the S-Series did not reply at all.
    • NetSight 3.x's Client/Server SNMP Redirect feature may not work properly, leading to problems in managing the router from NetSight.
    • When replying to TCP traffic such as SSH, as a source address the router uses the original destination address (from the TCP socket binding) - which works fine.
  • Upgrade to firmware or higher.
  • Release notes state, in the 'Firmware Changes and Enhancements' section:
    When the SNMP agent replies to a request, the source IP address used in the reply is determined by the route table. If the device has multiple IP interfaces then this IP address might not be the same as that used as the destination in the original request. This can be problematic particularly when traversing firewalls.
Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255