Fibre Channel (SAN)

Reply
New Contributor
Posts: 4
Registered: ‎10-15-2014
Accepted Solution

snmp v3 username and password character limit

Greetings all,

 

My company is presently supporing the US Navy with its new computer systems roll out, and part of that is the use of IBM blade centers with the 8GB SAN Fibrechannel Switches from Brocade.

 

Currently we're running firmware version 6.4.2b4 on them.

 

Our current problem is this:

 

On most switches they take the Navy specified snmpv3 username and password, which is a mix of numbers, letters, and special characters with no problems; both are over 15 characters.  However, we have one switch that will not take this username and password no matter what we try (reinstalling the FabricOS, snmpconfig --default snmpv3); it simply fails to configure the snmpv3 information.  However, when we knock the character amount back a bit (less than 14 characters), it takes it just fine.  No, under no circumstances can we deviate the Navy's CM on a single switch, and it still doesn't explain why this one switch will not take the information and every other switch will.

 

Any ideas?

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: snmp v3 username and password character limit

hi,

 

If some other switch running the same, snmp confing, fos release and being the same model work, you should be able to do it on that one as well. You could try to disable/enable snmv3 

 

snmpconfig --disable snmv3

snmpconfig --enable snmv3

 

or reboot the switch. 

What error do you get? any info on errdump?

 

Rgds,

Felipon

New Contributor
Posts: 4
Registered: ‎10-15-2014

Re: snmp v3 username and password character limit

The rebooting we've done several times with no effect.

 

--enable and --disable resulted in the error message (and yes, I used the correct spelling for snmpv3 there):  Options are invalid 

 

Checked the errdump.  The only error message that pertained to it was this one:

 

2014/10/15-16:46:46, [KSWD-1002], 1456, FFDC | CHASSIS, WARNING, brocade8Gb, Detected termination of process snmpd:2145

 

Indeed, one would think if it works on other switches it would work on this one as well.

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: snmp v3 username and password character limit

Hi there,

 

Brocade Solution SLN1980 reports that a switch may find problems when configuring SNMP users longer than 15 characters. If the issue is caused by a code defect, you could try to upgrade FOS. Also you can try to configure that user in different positions inside snmpconfig. Or maybe cleanup some space to see if that could help out.

 

If no luck, then I'd start thinking of opening a case with Brocade/OEM...

 

 

 

rgds

New Contributor
Posts: 4
Registered: ‎10-15-2014

Re: snmp v3 username and password character limit

[ Edited ]

Navy Config Management will not allow me to change code like that, unfortunately.  Though it may be possible to upgrade to a higher version and then downgrade to see if the problem goes away.  It's a little dicier than I'd like, but I'll keep that option open.

 

You mentioned 'freeing up space'.  How would one go about doing that?

 

Also can you point me to where you found Brocade Solution SLN1980?  I can't seem to locate that notice anywhere.

 

Thanks for your help.

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: snmp v3 username and password character limit

hi,

 

If you have root access to the switch, you can run non-disruptive command 'cleanup' in order to free up space. If not, you can execute 'supportsave -R' to clear the dumps and free some space there.

 

 Brocade SLN1980 reports the following:

Solutions

FOS Kernel panic when user has configured snmpv3 username with too many characters

 

 

Product Type Details
All FOS switches
Environment
SNMP management application in use
Software Release
All FOS versions prior to v7.0.2b
Description
The following panic is seen:

2012/10/04-17:22:01, [HAM-1004], 1172, CHASSIS, INFO, Brocade5100, Processor rebooted - Software Fault:Kernel Panic

User has configured SNMP v3 user names to 32 characters. After the switch tried to commit the change and failed, SNMP started to restart over and over then rolling reboots started.
Symptoms
Switch panics and reboots over and over.
Workaround
When switch reboots constantly, the following workaround will bring the switch back to clean firmware load:

- As soon as the switch reboots again, login as root
- Run firmwarecleaninstall command and answer the prompts to the firmware download location desired
- Switch will be reloaded with new firmware and the configuration will be changed to default
Root Cause
If the user gives a username in lower case (abc…), the ascii value of lower case starts from 97 (‘a’) and ends at 122 (‘z’). It is storing the engine ID and username in dotted decimal notation. If the user gives username in all lower case, each character will be converted to 3 digit ascii value (eg: ascii value – ‘z’ 122) and a dot will be appended for each character value.

Example: xyz1 => 120.121.122.49. => four letters becomes 15 characters. 

The maximum buffer size allowed is 128 bytes. When usernames contain 32 characters we end up over-running that memory space and end up with a crash in snmpd.

Bearing the above in mind, Brocade has considered all these boundary conditions and stated that usernames with less than 15 characters is recommended. 
Resolution

Upgrade to a version of FOS that contains the fix.   

Product Defect
Defect 423054
Fixed in Version
v7.0.2b, v7.1.0
 
Disclaimer

These documents are provided "as is" and without any warranty of any kind, expressed or implied, including, without limitation, any warranty of non-infringement, merchantability, or fitness for a particular purpose. All warranties are expressly disclaimed. User assumes the full risk of using these instructions. In no event shall Brocade be liable for any actual, direct, indirect, punitive, or consequential damages arising from such use, even if advised of the possibility of such damages.

New Contributor
Posts: 4
Registered: ‎10-15-2014

Re: snmp v3 username and password character limit

The 'cleanup' command was not a valid command in this FOS, but the 'supportsave -R' worked.  The device still will not take the long snmp user/pass.  However, with SLN1980 that you provided I was able to recommend an engineering change with either an FOS upgrade or a change for the username/pass.  This isn't the only device that's had issues with the USN required lengths, so it's likely engineering and IA will need to hash that out...problem being that they work at geologic speeds.  There's also the fact that this is an IBM rebranded Brocade product for their blade centers, so they will likely need to be involved as well.

 

Thanks for your help on this.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.