• 0
Sign in to follow this  
Michael Dieter

Juniper EX Virtual Chassis SNMP v3 monitoring after a change in RE mastership ????

Question

  • 0

Can anyone share how they have solved the problem of maintaining SNMP v3 auth/Priv connectivity between LM collectors and a virtual chassis after there is a change in the RE mastership?

Juniper offers 3 methods to set the local engine id:

1)enter no config, and automatically the default ip address of the RE at the time of configuration is used --> communication will fail as soon as this RE is no longer the master RE

2)set a value for the local engine id: this produces some interoperability issue between LM and the virtual chassis --> no snmp-discoverable datasources ever get discovered even though the switch logs no indication of SNMP credential failure

3)use the MAC of the management ethernet port: well, this one will change too as soon as there is a change in RE mastership.

I have an open case with Juniper support but I am sort of getting the run-around from them and there brand -new documentation support site is the equivalent of a Byzantine Labyrinth.

Any ideas, feedback or comments are appreciated.

Thanks.

Share this post


Link to post
Share on other sites

2 answers to this question

Recommended Posts

  • 0

Can anyone share how they have solved the problem of maintaining SNMP v3 auth/Priv connectivity between LM collectors and a virtual chassis after there is a change in the RE mastership?

Juniper offers 3 methods to set the local engine id:

1)enter no config, and automatically the default ip address of the RE at the time of configuration is used --> communication will fail as soon as this RE is no longer the master RE

2)set a value for the local engine id: this produces some interoperability issue between LM and the virtual chassis --> no snmp-discoverable datasources ever get discovered even though the switch logs no indication of SNMP credential failure

3)use the MAC of the management ethernet port: well, this one will change too as soon as there is a change in RE mastership.

I have an open case with Juniper support but I am sort of getting the run-around from them and there brand -new documentation support site is the equivalent of a Byzantine Labyrinth.

Any ideas, feedback or comments are appreciated.

Thanks.

Share this post


Link to post
Share on other sites
  • 0

Resolution reached: finally walked away in frustration from attempting to use SNMPV3 and Juniper EX Virtual Chassis.

After extensive work with Juniper support, I discovered that even Advanced JTAC does not know how to make this work. While it is possible that LM SNMP operation might contribute to an interoperability issue, I am not interested in a line-by-line validation of adherence to RFCs. Regardless, I have serious doubts about Juniper's ability to preserve SNMPV3 communication across Virtual-Chassis Routing Engine mastership changes.

SNMPV3 works very well with stand-alone devices...but I do not recommend it for use in Virtual Chassis.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this