SNMP v3 trap users cleared by manager

0
votes

I am using SNMP4j 1.11.3 in an application which runs SNMP manager and as well receiver concurrently. In this scenario when Java process starts, V3 trap receiver is working fine loading all the v3 users from the configuration, but once SNMP v3 manager starts making get/set requests to the devices the trap receiver stop receiving traps and says "RFC3414 ยง3.2.4 Unknown security name" when it tries to decrypt v3 traps.

As it seems the snmp4j is using a singleton SecurityModels in which it keeps the USM users collection, so when manager creates a new snmp session and addusmuser it is clearing the trap USM users, which is why trap receiver is not able to process the traps.

Initialization of the SNMP manager request code is as follows

Snmp snmp = new Snmp(new DefaultUdpTransportMapping());
USM usm = new USM(SecurityProtocols.getInstance(),
                    new OctetString(MPv3.createLocalEngineID()), 0);
SecurityModels.getInstance().addSecurityModel(usm);
snmp.getUSM().addUser(securityName, new UsmUser(securityName,
                                                    authProtocol,
                                                    authPassphrase,
                                                    privProtocol,
                                                    privPassphrase));

How could I avoid this problem, What am I missing ??

FYI Manager and Receiver running on different threads.

Cheers, Reddy.

2
javasnmp4j

2 Answers

1
votes

After changing to the following code now the manager each SNMP request is going to have its own USM usertable, trap receiver working normally. Culprit was to add new security model on Global SecuirtyModels Singleton USM.

Snmp snmp = new Snmp(new DefaultUdpTransportMapping());
USM usm = new USM(SecurityProtocols.getInstance(),
                    localEngineID,
                    engineBootCount);
usm.addUser(securityName, new UsmUser(securityName,
                authProtocol,
                authPassphrase,
                privProtocol,
                privPassphrase));
MessageProcessingModel oldModel = snmp.getMessageDispatcher().getMessageProcessingModel(MessageProcessingModel.MPv3);
if (oldModel != null) {    
    snmp.getMessageDispatcher().removeMessageProcessingModel(oldModel);
}
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3(usm));
-1
votes

I come with the same problem. And the method above is effective. SecurityModels is singleton and constants are used as the key of HashTable which caused the concurrent problem.