Question

I have use SNMP v1 and 2c for network discovery of printers by sending broadcast message with community "public" and it works just fine, but when I send broadcast message with version 3 of the protocol I got timeout error.

Do somebody share example of SNMPv3 device discovery?

Thank you.

Was it helpful?

Solution

Two things:

1) Doing a broadcast SNMPv1/v2c is actually not defined to work in the protocol. Cheap implementations will simply respond, as you've found, to any packet it sees that the kernel accepts to the port and not check the address. However, you'll also find some implementations that will not respond to broadcast packets. So that's actually not a surefire discovery mechanism in the first place. (Let alone, many vendors finally got smart and don't have public be the default community name)

2) SNMPv3, on the other hand, is even less likely to work because of how engineID discovery happens within the SNMPv3 protocol. SNMPv3 won't respond with a normal response PDU anyway, as it should respond with a REPORT PDU saying "this is my engineID" and you'd have to respond back with that engineID and the proper USM credentials to access the device.

In short, SNMPv3 was designed for security and there isn't a "public" equivalent any longer. You'd need to know how to access the device and can't just "guess".

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top