Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1462
Views
5
Helpful
9
Replies

LMS 3.2 - DFM 3.2.0 - Questioned Devices, SNMP Timeout

Go to solution
tim.davies
Level 1
Level 1

‎08-25-2009 08:34 AM

Hi there,

When I try to descover devices in DFM the majority of devices go into the Questioned state as an SNMP Timeout, a few are known and some are stuck in the learning state at 40%. I have tried adjusting the SNMP timeout settings and deleting all Devices and reimporting them again into DFM with no luck!

Any ideas?

Cheers

Tim

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to tim.davies

‎08-26-2009 08:05 AM

Ah, I bet I know the problem. What we have seen is either customers copy the snmp-server engineID from device to device (which is wrong), or they are bitten by a bug where multiple devices come standard with the same engineID. The latter affects mainly Cat4500 switches. If you post the sniffer trace, I can identify which is the problem.

The solution/workaround for both is to make sure the engineID values on each device are unique, then remove the devices from DFM, and re-add them.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎08-25-2009 08:39 AM

The easiest way to troubleshoot this is to start a sniffer trace filtering on SNMP (udp/161) traffic to one problem device. Then delete this device from DFM, and re-add it. When the device slips into a Questioned state, look at the sniffer output. It should be clear where the problem lies.

As for 40%. This indicates a problem with DFM inventory collection. Since some of the devices are Known, DFM is probably okay, but there could be a device problem. Again, a sniffer trace would be helpful as it will show exactly the objects being polled and their values.

0 Helpful

Go to solution
tim.davies
Level 1
Level 1
In response to Joe Clarke

‎08-26-2009 02:48 AM

Thanks for the response.

On the sniffer trace I can see an ICMP ping request and then a few SNMP get-requests and thats it, the device then goes into a questioned state.

I have noticed that the devices that are are known are SNMP V2 devices and the devices that are questioned are SNMP V3. I have checked the SNMP V3 credentials in the DCR and they look ok.

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to tim.davies

‎08-26-2009 08:05 AM

Ah, I bet I know the problem. What we have seen is either customers copy the snmp-server engineID from device to device (which is wrong), or they are bitten by a bug where multiple devices come standard with the same engineID. The latter affects mainly Cat4500 switches. If you post the sniffer trace, I can identify which is the problem.

The solution/workaround for both is to make sure the engineID values on each device are unique, then remove the devices from DFM, and re-add them.

0 Helpful

Go to solution
tim.davies
Level 1
Level 1
In response to Joe Clarke

‎08-27-2009 02:01 AM

You've cracked it!

Each device had the same engineID specified. I have remove this configuation and allowed the device to create a unique ID. Everything now appears to be working.

Thank's very much for your help!

0 Helpful

Go to solution
v.c.bodenstab
Level 1
Level 1
In response to Joe Clarke

‎02-21-2011 05:46 AM

Hi Joseph,


"The solution/workaround for both is to make sure the engineID values on  each device are unique, then remove the devices from DFM, and re-add  them."

How would you make sure the EngineID is unique? Is there a command to let the switch generate it? Thanks,


Vincent

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to v.c.bodenstab

‎02-21-2011 07:29 AM

Typically the engineID is unique as it is generated automatically based on the first MAC address on the device.  However, there have been some bugs where certain device types all configure the same engineID.  Additionally, sometimes users copy and paste SNMP configurations from device to device and include the engineID.  You must inspect each engineID visually to confirm uniqueness.

0 Helpful

Go to solution
v.c.bodenstab
Level 1
Level 1
In response to Joe Clarke

‎02-21-2011 07:50 AM

Hi Joseph,

Eh (sigh), that's what I have. In my switch configs, I got the command:

     snmp-server engineID local xxxxxxx

In DFM 3.2.0, I've got devices switching straight to 'Questioned/SNMP Timeout'. The SNMPv3 credentials are correct and I can see SNMP traffic going back and forth. I removed the above command on all the switches. Is that enough to re-generate the engineID?

Thanks,


Vincent

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to v.c.bodenstab

‎02-21-2011 08:18 AM

To fix this, you need to remove all of your SNMP configuration, then reboot.  Then re-add your SNMP groups and users (do NOT reconfigure the engineID).  Then delete your devices from DFM and re-add them.

Go to solution
v.c.bodenstab
Level 1
Level 1
In response to Joe Clarke

‎02-24-2011 04:42 AM

Hi Joseph,

Thanks for the reply! The engineID did the trick. I removed all engineID statements from the switch configurations, removed SNMPv3 users, deleted devices from DFM. Than added the SNMPv3 users again to the switches and added them to DFM. Presto! Working again :-)  Thanks again.

Cheers,

Vincent

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents