Bug 23034 - UCD SNMP agent hangs, eats 99% CPU for several minutes
Summary: UCD SNMP agent hangs, eats 99% CPU for several minutes
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: ucd-snmp   
(Show other bugs)
Version: 6.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: Brock Organ
: 63332 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2000-12-30 19:34 UTC by Mario Lorenz
Modified: 2015-03-05 01:08 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-01-31 19:06:58 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Sample Config (2.76 KB, text/plain)
2002-01-31 19:00 UTC, Mario Lorenz
no flags Details

Description Mario Lorenz 2000-12-30 19:34:26 UTC
UCD SNMP as included with RedHat 6.2, as well as in 7.0 after fixing Bug
#23033 has a
problem walking the MIB with the hosts tree hidden.
Consider this snmpd.conf excerpt:

view    t1view        included             .1            
view    t1view        excluded            

access t1group  ""       any        noauth     prefix   t1view  t1view  

A snmpwalk (v1, community t1, mapped to t1group) will walk through the
regular mib-2,
and then time out when it  would hit the host mib (where it doesnt have
access for)

By that time, snmpd is hung and consumes 99% CPU for several minutes.

Comment 1 John E. Martin 2001-03-22 18:34:10 UTC
I've actually experienced similar issues on the following releases: 6.2, 7.0, 
7.1 beta.

It appears that the SNMP daemon would listen, run through the first part of the 
MIB, then timeout before moving on to the host section. After that, any queries 
to the tree would timeout. I'd have to restart the daemon and try again.

Oddly, removing the RPM, then re-installing cured the troubles.

*Note: The config file was identical in all setups.

Comment 2 Phil Knirsch 2001-07-19 13:40:48 UTC
Could you give the current rawhide version a try and see if that fixes the
problem? We had several problems reported related to snmpwalk and a fix has now
been included.


Read ya, Phil

Comment 3 Mario Lorenz 2001-07-23 20:19:32 UTC
I tried again with the rawhide package (4.2.1-2). I had to recompile, because
I didnt know where to find libcrypto.so.2 (since when is openssl at major 2 ?)

The problem persists tho. I still see the timeouts with the configuration as
stated above. Except that its now a bit faster to respond again (thats most
likely because I upgraded my hardware).

stracing the process reveals a lot of activity in accessing /var/lib/rpm related
files, stats, read, etc. so it seems that it indeed walks all the time through
the whole internal RPM MIB to see that it isnt actually allowed to dish out the
info, as per the view configuration. This seems to take long enough to make the
client timeout. 

So I am not sure if there is an easy fix at all.....

Comment 4 Phil Knirsch 2001-11-07 15:42:46 UTC
Hmmm.. I am currently still trying to reproduce the problem locally here, but
without success.

Could you send me your snmpd.conf file so that i can try to reproduce it locally
here? Otherwise i have a real hard time fixing this problem. It might even be
fixed with the latest and greates package (ucd-snmp-4.2.1-7).

Read ya, Phil

Comment 5 Mario Lorenz 2001-11-07 17:06:37 UTC
OK, I just checked.
4.2.1-7 doesnt exhibit the problem, because 4.2.1-7 does not include the RPM
query support, and thats due to the librpm check is AGAIN BROKEN (see #23033).
(want me to reopen 23033 or open a new bug on that ?)
It seems the RPM guys have split librpm again, and this time librpmdb needs to
be linked (and added to the check)
Without the RPM functions, the bug doesnt occcur - see above.

As for the configuration, all you really need is the snmpd.conf snipped in the
original bugreport (see above) and add the com2sec etc. so that you define
then a simple snmpwalk (see above) most likely will show the problem, however
due to lack of time I havent tested that yet.


Comment 6 Phil Knirsch 2002-01-29 14:07:01 UTC
Could you give the latest version from rawhide a try? It's based on 4.2.3 now
which has quite a few fixes included.


Read ya, Phil

Comment 7 Mario Lorenz 2002-01-31 19:00:19 UTC
Created attachment 44176 [details]
Sample Config

Comment 8 Mario Lorenz 2002-01-31 19:06:52 UTC
Nope, the new 4.2.3-4 RPMs do NOT fix the problem. It is still the same.
Since it seems you are not able to reproduce this, I have attached my snmpd.conf

Put it into /etc/snmp/snmpd.conf, restart snmpd, then do this:

snmpwalk localhost public
 -> snmp mib gets walked, all works
snmpwalk localhost t1
 -> snmp mib walks all the way to snmp.snmpEnableAuthenTraps, then
your snmpwalk will (well, it does here) time out, and snmpd will run for quite
some time with 99% CPU utilization.

Comment 9 Phil Knirsch 2002-06-25 16:08:41 UTC
After checking the net-snmp devel mailinglists this seems to be a know issue and
is not likely to be fixed anytime for the 4.x release, so the only way to fix it
is to either only query the OID's you're really interessted in or to increase
the timeout of the snmpwalk command.

Read ya, Phil

Comment 10 Phil Knirsch 2002-06-25 16:09:12 UTC
*** Bug 63332 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.