No snmp response from a server or switch with multiple NICs and IP addresses

While testing my own software with Hewlett Packard Procurve layer-3 switches, I noticed strange behavior when collecting SNMP data from devices with multiple IP addresses.

I didn’t receive an SNMP response from a switch when the SNMP request was sent to IP (a), but it worked when I used IP (b). Both IP addresses were reachable and replied to a “ping”.

After some digging I found that SNMP replies were sent from a wrong IP address!

The responding IP address was not the same as the SNMP request was sent to!

The issue is not caused by a bug in MonitorONE G2! By default, the Hewlett Packard ProCurve switches/routers will respond to SNMP requests with the source IP address of the interface that the requests were received on, and NOT the source IP address matching the original destination of the requests!

HP Procurve switches/routers

On Procurve switches/routers, there’s a command-line setting available that addresses the issue:

SWITCH1(config)# snmp-server response-source dst-ip-of-request

Microsoft Windows servers

Microsoft servers may exhibit the same behavior. The issue is addressed in: http://support.microsoft.com/kb/2786454/en-us and there’s a Hotfix download available.

Issue solved!

MonitorONE G2 contains a “permanent workaround” for the issue described here. All applications from the suite use WinPcap for problem detection and switch to using the “responding” IP address if necessary.

Note that, in addition to the problems mentioned above, it is of course still possible that “a no SNMP response from device” is caused by invalid community or SNMPv3 parameters, but that is so obvious that it makes no sense to mention here !