Preview Tool

Cisco Bug: CSCvv21569 - Incomplete snmp v3 packets during engine discovery

Last Modified

Aug 05, 2020

Products (1)

  • Cisco Nexus 7000 Series Switches

Known Affected Releases

7.0(3)I7(8.74) 8.4(3.44)

Description (partial)

Initially when monitoring tool does not know the device SNMP Engine ID it sends the unencrypted snmp packets to the device and in return the monitoring toll expects the SNMP engine , Boot count and Boot Time . Once the DEvice sends the all the necessary details then Monitoring tool will start sending those  with encrypted snmp packets .

  To get a single value from an agent, this occurs

     1 NMS   (unencrypted request) > agent
     2 agent (report engine id = xxxxxx, boot count/time = num) > NMS
     3 NMS   (encryped request > agent
     4 agent (encrypted response > NMS

But in case of our Nexus 7k it send boot engine but leaves Boot count and Boot time as Zero . Due to this Some NMS tool is unable to poll as it requires fully authenticated/encrypted request.   This adds two more packets to the above sequence.

     1 NMS   (unencrypted request) > agent
     2 agent (report engine id = xxxxxx, boot count/time = 0) > NMS
     3 NMS   (unencrypted request) > agent
     4 agent (report engine id = xxxxxx, boot count/time = num) > NMS
     5 NMS   (encryped request > agent
     6 agent (encrypted response > NMS

Happens when device is polled using SNMPv3
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.