11-20-2009 01:29 PM
Hi,
Can Cisco switches/routers be discovered by any SNMP NMS on their broadcast IP addresses?
Came across an external link saying that they drop SNMP requests on subnet broadcast addresses.
Q:2.60.12
http://www.snmp.com/FAQs/snmp-faq-part2.txt
What is the typical behavior?
Thanks.
Solved! Go to Solution.
11-21-2009 03:52 PM
A need for it? You mean a use for it? I think some people like to use it for SNMP discoveries (i.e. finding new SNMP hosts/devices on their network). However, as I said, many network management systems do not support broadcast addresses (e.g. CiscoWorks no longer supports them, and hasn't since ~ 1998).
11-20-2009 05:44 PM
The typical behavior is to drop SNMP requests to broadcast addresses. Most SNMP managers could not handle such responses (i.e. those from multiple devices at the same time) anyway.
11-21-2009 01:51 AM
NMS would receive multiple responses only if "ip directed broadcast" is ON, The question here is when this feature is OFF(default behavior) should a switch/router respond to SNMP queries coming onto its subnet broadcast IP?
11-21-2009 08:30 AM
In this case, the behavior could be a bit erratic (see CSCsr09033). Basically, some IOS devices will respond to broadcasts, but include the source address as the directed broadcast IP (e.g. 10.1.1.255). Others will not. However, once this bug is fixed in a given platform, the behavior will be consistent in that the device will respond to the broadcast, and pick a resonable source IP address.
11-21-2009 11:08 AM
Eventually the behavior is aganst the statement made on http://www.snmp.com/FAQs/snmp-faq-part2.txt;isn't it?
i.e. Cisco routers respond to SNMP requests on subnet broadcast addresses.
Is there any application/network specifc requirement to do so?
11-21-2009 12:04 PM
Is there a specific need for the router to respond to SNMP queries on the broadcast address ?
11-21-2009 03:52 PM
A need for it? You mean a use for it? I think some people like to use it for SNMP discoveries (i.e. finding new SNMP hosts/devices on their network). However, as I said, many network management systems do not support broadcast addresses (e.g. CiscoWorks no longer supports them, and hasn't since ~ 1998).
11-25-2009 12:11 PM
Thanks for your response. Still not clear yet why would a router need to respond to snmp queries on its broadcast address especially when ip directed broadcast is OFF. Of course different NMS behave differently and as you have mentioned most of them do not support broadcast addresses.
11-25-2009 01:42 PM
The RFC leaves this detail up to the specific implementation. Some vendors may want to respond to broadcast request to facilitate multi-device management with fewer request packets.
11-28-2009 05:05 AM
>>The RFC leaves this detail up to the specific implementation
Could you specify in which RFC exactly?
Thanks a lot for your thoughts already.
11-28-2009 09:00 AM
The SNMP RFC is 1157. The RFC does not explicitly say how broadcast requests should be handled, so this implementation van vary from vendor to vendor.
12-05-2009 11:57 AM
Yes, but RFC 2644 does say that subnet
broadcasts must not be received and/or forwarded if the directed-broadcast feature is OFF which is the default behavior; Therefore hosts must not respond to broadcast requests irrespective of the application protocol in question.
Thanks a lot for your thoughts
12-05-2009 03:07 PM
See http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_i1g.html#wp1081245 . The "no ip directed-broadcast" command prevents a router from exploding directed broadcasts on the interface directly connected to the subnet in question. It doesn't affect whether or not the router will process an incoming broadcast. For example, if I am connected to a device, and I send a subnet broadcast ping (e.g. 10.1.1.255), the device will respond even if "no ip directed-broadcast" is configured.
12-05-2009 04:31 PM
Surely, however it's not what RFC(2644) says. I've also tested this in lab to verify what was mentioned in that link. So it deviates from the standard,right?
12-05-2009 04:41 PM
The RFC states that if an option exists to allow for receipt of directed broadcasts, then that option should be disabled by default. I do not believe IOS has such an option. It only has the option to disable FORWARDING of directed broadcasts, and that is disabled by default.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide