|
Re: [nv-l] Invalid SNMP Trap services packet
2003-10-27 15:33:24
Carlos ,
The message means that trapd got something he could not understand. Whether that is trapd's fault (a NetView code bug) or Cisco's fault (a Cisco code bug), no one can say without a copy of what was sent.
And , I forgot that at the level of code you have there will be very little you will see in the trace, and Paul is probably right, that without an upgrade you would need to use an external sniffer to see what was sent. trapd's internal tracing is very much improved in NetView for Windows 7.1.4 and will also be in 7.1.3 FixPack 2. Level 2 Support could send you the latest e-fix for trapd and for libems, PJ29321, and that would provide internal tracing after you applied it.
But you might still need a sniffer if the new internal trace proves inconclusive. It's hard to say at this point.
Alternatively, I think your Cisco device should have a log of what he sent. What does it say? Can you match what he sent with the time of your invalid trap? That might give you a clue. And I would think that router would also tell you what format SNMP he is using. But I don't "speak Cisco". That's for you folks who configure Cisco devices. I don't know much about any particular one.
If you want an answer and cannot arrive at one yourself then you can always ask IBM Support for help. That's up to you.
James Shanks
Level 3 Support for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group
|
| CMazon AT commercebankfl DOT com
Sent by: owner-nv-l-digest AT lists.us.ibm DOT com
10/27/2003 03:00 PM
Please respond to nv-l
|
To: nv-l AT lists.us.ibm DOT com
cc:
Subject: Re: [nv-l] Invalid SNMP Trap services packet
|
James this is what I got from the trace. Does this mean that the routers are issueing SNMPv2 traps?
Mon Oct 27 14:45:23 2003 process_event: received trap from 10.105.31.8
Mon Oct 27 14:45:23 2003 process_event: de-queued 0 bytes.
Mon Oct 27 14:45:23 2003 process_event: received trap from 10.105.31.7
Mon Oct 27 14:45:23 2003 process_event: de-queued 0 bytes.
If you think I should send this to support let me know so I can open a PMR.
Thanks.
Carlos
|
| James Shanks <jshanks AT us.ibm DOT com>
Sent by: owner-nv-l-digest AT lists.us.ibm DOT com
10/27/2003 11:39 AM
Please respond to nv-l
|
To: nv-l AT lists.us.ibm DOT com
cc:
Subject: Re: [nv-l] Invalid SNMP Trap services packet |
You would have to turn on the trapd trace and examine the incoming data. Normally this a job we leave to Support.
To turn on the trace on Windows, you edit the ovsuf file to add the -t flag with a log name, like this
0:trapd:\usr\ov\bin\trapd.exe:OVs_YES_START::-z ,-a5000,-m1000,-t\usr\ov\log\trapd.trace:OVs_WELL_BEHAVED:120::
or add that option in the trapd.lrf and do "ovdelobj trapd.lrf" and then "ovaddobj trapd.lrf" from the \usr\ov\lrf directory.
Note that you might get this message if your Cisco device is configured to send SNMP V2 traps. NetView for Windows does not support them. To him they are invalid and are discarded.
James Shanks
Level 3 Support for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group
|
| CMazon AT commercebankfl DOT com
Sent by: owner-nv-l-digest AT lists.us.ibm DOT com
10/27/2003 11:10 AM
Please respond to nv-l
|
To: <nv-l AT lists.us.ibm DOT com>
cc:
Subject: [nv-l] Invalid SNMP Trap services packet |
Hi List (Win2k/7.1.3 FP1/ Sql2000)
I am receiving this event from NV in the event log.
"WARNING: invalid SNMP Trap Services packet from agent 10.105.31.8"
I tried to check trapd logs and all i get is this: "1067270104 1 Mon Oct 27 10:55:04 2003 <none> T WARNING: invalid SNMP Trap Services packet from agent 10.105.31.8". The ip address listed represents a Cisco router 2620. I verified the routers running config and it does have the correct community names set up. Has anyone come across this before? Anyway that I can get more information on this event or trap?
Thanks
Carlos
|
|
|
