Category:Juniper -> Routing and Switching
Category:Juniper -> Security
SNMP walk the whole MIB:
> show snmp mib walk 1 | no-more
// <output omitted> // there will be close to 60000 entries
Let’s find OID related to TCP connection:
> show snmp mib walk 1 | match tcp
// <output omitted>
tcpConnState.0.0.0.0.22.0.0.0.0.0 = 2
tcpConnState.0.0.0.0.179.0.0.0.0.0 = 2
tcpConnState... // <many more>
// <output omitted>
To find the decimal OID number for TCP connection state:
> show snmp mib walk tcpConnState | display xml
<rpc-reply xmlns:junos="http://xml.juniper.net/junos">
<snmp-object-information >
<snmp-object>
<name>tcpConnState.0.0.0.0.22.0.0.0.0.0</name>
<index>
<index-name>tcpConnLocalAddress</index-name>
<index-value>00 00 00 00 </index-value>
</index>
<index>
<index-name>tcpConnLocalPort</index-name>
<index-value>22</index-value>
</index>
<index>
<index-name>tcpConnRemAddress</index-name>
<index-value>00 00 00 00 </index-value>
</index>
<index>
<index-name>tcpConnRemPort</index-name>
<index-value>0</index-value>
</index>
<object-value-type>number</object-value-type>
<object-value>2</object-value>
<oid>1.3.6.1.2.1.6.13.1.1.0.0.0.0.22.0.0.0.0.0</oid> // <---- OID decimal number
</snmp-object>
<snmp-object>
<name>tcpConnState.0.0.0.0.179.0.0.0.0.0</name>
<index>
<index-name>tcpConnLocalAddress</index-name>
<index-value>00 00 00 00 </index-value>
</index>
<index>
<index-name>tcpConnLocalPort</index-name>
<index-value>179</index-value>
</index>
<index>
<index-name>tcpConnRemAddress</index-name>
<index-value>00 00 00 00 </index-value>
</index>
<index>
<index-name>tcpConnRemPort</index-name>
<index-value>0</index-value>
</index>
<object-value-type>number</object-value-type>
<object-value>2</object-value>
<oid>1.3.6.1.2.1.6.13.1.1.0.0.0.0.179.0.0.0.0.0</oid> // <---- OID decimal number
</snmp-object>
//<output omitted>
We have found the MIB number for TCP connection state which is 1.3.6.1.2.1.6.13.1.1. Now if you walk it, you’ll get the same results:
> show snmp mib walk 1.3.6.1.2.1.6.13.1.1
// <output omitted>
tcpConnState.0.0.0.0.22.0.0.0.0.0 = 2
tcpConnState.0.0.0.0.179.0.0.0.0.0 = 2
tcpConnState... // <many more>
// <output omitted>
Let’s analyse - tcpConnState.0.0.0.0.22.0.0.0.0.0 is ascii representation for 1.3.6.1.2.1.6.13.1.1.0.0.0.0.22.0.0.0.0.0.
1.3.6.1.2.1.6.13.1.1.0.0.0.0.22.0.0.0.0.0 equals to 2 as per tcpConnState.0.0.0.0.22.0.0.0.0.0 = 2
NOTE
Enumeration (1-closed, 2-listen, 3-synSent, 4-synReceived, 5-established, 6-finWait1, 7-finWait2, 8-closeWait, 9-lastAck, 10-closing, 11-timeWait, 12-deleteTCB)
From the note above we can tell that 2 is the state of the connection. This means that the device is listening on port 22 where first 0.0.0.0 is LocalAddress, last 0.0.0.0 is the RemoteAddress and the last 0 is the port for RemoteAddress.
One can use this data to configure SNMP polling or monitoring for specific data on the device by an SNMP server.
By privilege15