Bug 886468
| Summary: | snmpd does not report error when clientaddr <ip>:<port> cannot bind to the specified port | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Dalibor Pospíšil <dapospis> | |
| Component: | net-snmp | Assignee: | Jan Safranek <jsafrane> | |
| Status: | CLOSED ERRATA | QA Contact: | Dalibor Pospíšil <dapospis> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.3 | CC: | dapospis, jsafrane, ksrot | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: |
Cause:
In one of the previous Net-SNMP updates we extended 'clientaddr' and 'clientaddrUsesPort' configuration options to allow system administrators to set specific port for outgoing SNMP requests. When this port number was not usable, for example it was already used, SNMP tools and daemons did not report any error and used random port for outgoing requests.
Consequence:
SNMP requests were sent from unexpected ports, while the system administrator did not know about it.
Fix:
Report an error that requested port cannot be used.
Result:
System admin knows that something is wrong.
|
Story Points: | --- | |
| Clone Of: | 840861 | |||
| : | 1086925 (view as bug list) | Environment: | ||
| Last Closed: | 2015-07-22 07:22:05 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 840861, 1877375 | |||
| Bug Blocks: | 1086925 | |||
|
Description
Dalibor Pospíšil
2012-12-12 11:04:41 UTC
The trap is actually sent on IPv6 if the port 30000 is already used on IPv4. It seems like there is some kind of fallback to IPv6 implemented.
17:10:29.409052 IP6 (hlim 64, next-header UDP (17) payload length: 52) ::1.46569 > ::1.162: [udp sum ok] { SNMPv1 { Trap(29) .1.3.6.1.4.1.8072.3.2.10 192.168.122.206 coldStart 5 } }
You should have '[snmp] clientaddrUsesPort yes' in your snmpd.conf. With that, no trap is sent and I get in /var/log/messages:
Dec 13 11:17:17 rhel6 snmpd[29457]: getaddrinfo("localhost", NULL, ...): No address associated with hostname
Dec 13 11:17:17 rhel6 snmpd[29457]: snmpd: create_trap_session:
Dec 13 11:17:17 rhel6 snmpd[29457]: /etc/snmp/snmpd.conf: line 2: Error: cannot create trap2sink: localhost
Dec 13 11:17:17 rhel6 snmpd[29457]: net-snmp: 1 error(s) in config file(s)
I admit the first message is quite confusing. RHEL 6.4 misses patch fixed in 5.9 as #840861.
This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. snmpd will now log "Cannot bind for clientaddr 127.0.0.1:30000: Address already in use" Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-1385.html |