Hi, experts!
customer is sending SNMP v3 traps (Auth+Encr mode) from docker containers using NET-SNMP command. Sure, nodes are non-SNMP, so IPs of trp senderss and SNMPv3 Engine IDs are loaded into NNMi jboss. These Engine IDs are used in NET_SNMP commands.
Strange thing is that from some nodes traps are received, parsed and decoded properly, but some nodes traps parsing fails:
2024-02-16 13:12:16.721 WARNING [com.hp.ov.nms.trapd.NMTrapData] (Thread-92 (group:HornetQ-client-global-threads-267017497)) Failed to parse trap from /10.47.38.80: Expecting a SEQUENCE for ScopedPDU
2024-02-16 13:12:16.722 WARNING [com.hp.ov.nms.trapd.MessageProcessor] (Thread-92 (group:HornetQ-client-global-threads-267017497)) com.hp.ov.snmp.exceptions.DecryptedPduBerParseException: Trap parsing failed. Expecting a SEQUENCE for ScopedPDU. Dropping trap from /10.47.38.80.
2024-02-16 13:12:17.754 WARNING [com.hp.ov.nms.trapd.NMTrapData] (Thread-79 (group:HornetQ-client-global-threads-267017497)) Failed to parse trap from /10.47.38.80: Length too long or indet erminate 82
2024-02-16 13:12:17.754 WARNING [com.hp.ov.nms.trapd.MessageProcessor] (Thread-79 (group:HornetQ-client-global-threads-267017497)) com.hp.ov.snmp.exceptions.DecryptedPduBerParseException: Trap parsing failed. Length too long or indeterminate 82. Droping trap from /10.47.38.80.
Any idea what can be wrong? How we could troubleshhot anissue further?
We analyzed captured traps traffic with Wireshark. No problems there. Traps were decoded and presented correctly. As a result, customer insists that something is wrong in NNMi.
thank you in advance,
Gedas