NetMaster

I have ticket 20059700 open with CA about NetMaster not working with SNMP when the snmpd.boots file contains a loopback address rather than the Stack VIPA. OSNMPD builds those snmpd.boots files and sometimes it builds it with the VIPA and sometimes with the loopback address.

When the hosts are built in /IPADMIN.S or when you provide the information into /IPDIAG.MB then NetMaster is using the Stack VIPA (presumably from the .boots file) to generate the keys. If the .boots file gets built with loopback then the keys stored in /IPADMIN.S or typed in in /IPDIAG.MB don't work.

So, my suggestion is that NetMaster have the option of using a non-localized user and/or a localized user when querying SNMP. It would eliminate the need for hordes of /IPADMIN.S hosts entries ( we have one set for the real-world and another set for a DR-Test ). It would also mean that NetMaster would still work when OSNMPD burps and buillds a wonky .boots file.

I have ticket TS002703774 open with IBM as to why the .boots file can contain loopback.

Thanks for listening to my suggestion.

Best Regards,

Jeff

Hi Jeff,

The SNMP Host Details Definition screen has the following fields that allow the entry of user specified keys - 
OR Authentication Key ..... ____________________________________________
OR Privacy Key ............ ____________________________________________

My understanding is that these were provided for the entry of non-localized keys. You could set a non-localized key in a definition with a generic mask and have that used across a range of IP addresses. Is this a viable solution?

Cheers, Jon Marsden
Original Message:
Sent: 09-10-2019 09:19 AM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

I have ticket 20059700 open with CA about NetMaster not working with SNMP when the snmpd.boots file contains a loopback address rather than the Stack VIPA. OSNMPD builds those snmpd.boots files and sometimes it builds it with the VIPA and sometimes with the loopback address.

When the hosts are built in /IPADMIN.S or when you provide the information into /IPDIAG.MB then NetMaster is using the Stack VIPA (presumably from the .boots file) to generate the keys. If the .boots file gets built with loopback then the keys stored in /IPADMIN.S or typed in in /IPDIAG.MB don't work.

So, my suggestion is that NetMaster have the option of using a non-localized user and/or a localized user when querying SNMP. It would eliminate the need for hordes of /IPADMIN.S hosts entries ( we have one set for the real-world and another set for a DR-Test ). It would also mean that NetMaster would still work when OSNMPD burps and buillds a wonky .boots file.

I have ticket TS002703774 open with IBM as to why the .boots file can contain loopback.

Thanks for listening to my suggestion.

Best Regards,

Jeff

Hi Jon,
Thanks for the suggestion but as soon as I put an IP address mask in with SNMP Version 3 then I get an error message.
IPSP2007 Version 3 invalid when IP address/mask has a mask value
See attached image.
Cheers,
Jeff
Original Message:
Sent: 09-11-2019 02:14 AM
From: Jonathan Marsden
Subject: SNMP localized vs non-localized users

Hi Jeff,

The SNMP Host Details Definition screen has the following fields that allow the entry of user specified keys - 
OR Authentication Key ..... ____________________________________________
OR Privacy Key ............ ____________________________________________

My understanding is that these were provided for the entry of non-localized keys. You could set a non-localized key in a definition with a generic mask and have that used across a range of IP addresses. Is this a viable solution?

Cheers, Jon Marsden
Original Message:
Sent: 09-10-2019 09:19 AM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

I have ticket 20059700 open with CA about NetMaster not working with SNMP when the snmpd.boots file contains a loopback address rather than the Stack VIPA. OSNMPD builds those snmpd.boots files and sometimes it builds it with the VIPA and sometimes with the loopback address.

When the hosts are built in /IPADMIN.S or when you provide the information into /IPDIAG.MB then NetMaster is using the Stack VIPA (presumably from the .boots file) to generate the keys. If the .boots file gets built with loopback then the keys stored in /IPADMIN.S or typed in in /IPDIAG.MB don't work.

So, my suggestion is that NetMaster have the option of using a non-localized user and/or a localized user when querying SNMP. It would eliminate the need for hordes of /IPADMIN.S hosts entries ( we have one set for the real-world and another set for a DR-Test ). It would also mean that NetMaster would still work when OSNMPD burps and buillds a wonky .boots file.

I have ticket TS002703774 open with IBM as to why the .boots file can contain loopback.

Thanks for listening to my suggestion.

Best Regards,

Jeff

Hi Jeff,

Apologies for not trying it first myself. If we relax this restriction for definitions that contain explicit keys will that work for you? If so can raise an APAR for you to test with.  

Cheers, Jon
Original Message:
Sent: 09-11-2019 12:55 PM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

Hi Jon,
Thanks for the suggestion but as soon as I put an IP address mask in with SNMP Version 3 then I get an error message.
IPSP2007 Version 3 invalid when IP address/mask has a mask value
See attached image.
Cheers,
Jeff
Original Message:
Sent: 09-11-2019 02:14 AM
From: Jonathan Marsden
Subject: SNMP localized vs non-localized users

Hi Jeff,

The SNMP Host Details Definition screen has the following fields that allow the entry of user specified keys - 
OR Authentication Key ..... ____________________________________________
OR Privacy Key ............ ____________________________________________

My understanding is that these were provided for the entry of non-localized keys. You could set a non-localized key in a definition with a generic mask and have that used across a range of IP addresses. Is this a viable solution?

Cheers, Jon Marsden
Original Message:
Sent: 09-10-2019 09:19 AM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

I have ticket 20059700 open with CA about NetMaster not working with SNMP when the snmpd.boots file contains a loopback address rather than the Stack VIPA. OSNMPD builds those snmpd.boots files and sometimes it builds it with the VIPA and sometimes with the loopback address.

When the hosts are built in /IPADMIN.S or when you provide the information into /IPDIAG.MB then NetMaster is using the Stack VIPA (presumably from the .boots file) to generate the keys. If the .boots file gets built with loopback then the keys stored in /IPADMIN.S or typed in in /IPDIAG.MB don't work.

So, my suggestion is that NetMaster have the option of using a non-localized user and/or a localized user when querying SNMP. It would eliminate the need for hordes of /IPADMIN.S hosts entries ( we have one set for the real-world and another set for a DR-Test ). It would also mean that NetMaster would still work when OSNMPD burps and buillds a wonky .boots file.

I have ticket TS002703774 open with IBM as to why the .boots file can contain loopback.

Thanks for listening to my suggestion.

Best Regards,

Jeff

Hi Jon,
Apologies for delay. Swamped with work.
I honestly don't know the best way to implement it, you probably have the best ideas. I would think you could simply set a value/parameter somewhere that said this instance of NM can access SNMPv3 data via the non-localized SNMP user. Logging on to /IPDIAG.MB is really painful, anything to simplify that would be nice also.
Thanks.
Jeff
Original Message:
Sent: 09-11-2019 06:38 PM
From: Jonathan Marsden
Subject: SNMP localized vs non-localized users

Hi Jeff,

Apologies for not trying it first myself. If we relax this restriction for definitions that contain explicit keys will that work for you? If so can raise an APAR for you to test with.  

Cheers, Jon
Original Message:
Sent: 09-11-2019 12:55 PM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

Hi Jon,
Thanks for the suggestion but as soon as I put an IP address mask in with SNMP Version 3 then I get an error message.
IPSP2007 Version 3 invalid when IP address/mask has a mask value
See attached image.
Cheers,
Jeff
Original Message:
Sent: 09-11-2019 02:14 AM
From: Jonathan Marsden
Subject: SNMP localized vs non-localized users

Hi Jeff,

The SNMP Host Details Definition screen has the following fields that allow the entry of user specified keys - 
OR Authentication Key ..... ____________________________________________
OR Privacy Key ............ ____________________________________________

My understanding is that these were provided for the entry of non-localized keys. You could set a non-localized key in a definition with a generic mask and have that used across a range of IP addresses. Is this a viable solution?

Cheers, Jon Marsden
Original Message:
Sent: 09-10-2019 09:19 AM
From: JEFF BEECH-GARWOOD
Subject: SNMP localized vs non-localized users

I have ticket 20059700 open with CA about NetMaster not working with SNMP when the snmpd.boots file contains a loopback address rather than the Stack VIPA. OSNMPD builds those snmpd.boots files and sometimes it builds it with the VIPA and sometimes with the loopback address.

When the hosts are built in /IPADMIN.S or when you provide the information into /IPDIAG.MB then NetMaster is using the Stack VIPA (presumably from the .boots file) to generate the keys. If the .boots file gets built with loopback then the keys stored in /IPADMIN.S or typed in in /IPDIAG.MB don't work.

So, my suggestion is that NetMaster have the option of using a non-localized user and/or a localized user when querying SNMP. It would eliminate the need for hordes of /IPADMIN.S hosts entries ( we have one set for the real-world and another set for a DR-Test ). It would also mean that NetMaster would still work when OSNMPD burps and buillds a wonky .boots file.

I have ticket TS002703774 open with IBM as to why the .boots file can contain loopback.

Thanks for listening to my suggestion.

Best Regards,

Jeff