Reset Search
 

 

Article

S-Series f/w 7.03.06.0004 Loopback Interface cannot be SNMP Managed

« Go Back

Information

 
TitleS-Series f/w 7.03.06.0004 Loopback Interface cannot be SNMP Managed
Symptoms
Cannot SNMP-manage the router via its loopback interface.
Environment
  • S-Series
  • Firmware 7.03.06.0004 and lower
  • NetSight Suite
Cause
  • When replying to UDP traffic such as SNMP, as a source address the router lets the IP stack determine the "best" routed VLAN interface address.
  • This asymmetric behavior can in general lead to at the following undesirable results:
    • An intermediate firewall may drop SNMP replies when their source IP address does not match the destination IP address of the original SNMP requests, leading to a perception that the S-Series did not reply at all.
    • NetSight 3.x's Client/Server SNMP Redirect feature may not work properly, leading to problems in managing the router from NetSight.
    • When replying to TCP traffic such as SSH, as a source address the router uses the original destination address (from the TCP socket binding) - which works fine.
Resolution
  • Upgrade to firmware 7.11.01.0026 or higher.
  • Release notes state, in the 'Firmware Changes and Enhancements' section:
    When the SNMP agent replies to a request, the source IP address used in the reply is determined by the route table. If the device has multiple IP interfaces then this IP address might not be the same as that used as the destination in the original request. This can be problematic particularly when traversing firewalls.
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255