Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Magnus-Holmberg
Advisor
Advisor

How to keep interface from changing in SNMP | sk71600

Hi Guys,

One thing that really bugs me when it comes to monitoring check point is the interface name changes in SNMP.
Maybe just me, but it took me years to find a solution for this (yes iknow the SK is old, but you still need to find it)

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...



Regards,
Magnus

https://www.youtube.com/c/MagnusHolmberg-NetSec
2 Replies
genisis__
Leader Leader
Leader

Thought I would feedback on implementing SK71600 on a checkpoint appliance:
- SK show only a SNMPv2 example rather then v3, no biggy but would be nice to include this.
- snmpwalk example results on an appliance comes back with NIC models rather then interface names. In order to get the interface names use 'IF-MIB-ifName'.
snmpwalk -v 3 -l authPriv -u <SNMPUser> -a SHA -A <AuthPass> -x AES -X <PrivPass> localhost IF-MIB::ifName
IF-MIB::ifName.1 = STRING: lo
IF-MIB::ifName.2 = STRING: Sync
IF-MIB::ifName.3 = STRING: Mgmt
IF-MIB::ifName.4 = STRING: eth1-05
IF-MIB::ifName.5 = STRING: eth1-06

In my case I had a total of three drivers:
e1000e = onboard NICs
igb = 1GB Nics in Slot
ixge = 10GB Nics in Slot

I want to load the drives in the above order so I did this:
cp /etc/modprobe.conf /etc/modprobe.conf_ORIGINAL
echo "# -- Orders how the drivers are loaded, in this case: e1000e, igb and finally ixgbe" >> /etc/modprobe.conf
echo "install igb /sbin/modprobe e1000e ; sleep 5 ; /sbin/modprobe --ignore-install igb" >> /etc/modprobe.conf
echo "install ixgbe /sbin/modprobe igb ; sleep 5 ; /sbin/modprobe --ignore-install ixgbe" >> /etc/modprobe.conf
cat /etc/modprobe.conf

 

The only thing I could not do is actually order the interfaces in sequential order so if I have 5 interfaces using 'igb' driver I could not order them so that index 1 = eth1-01 and index 5 = eth1-05 as an example. 

0 Kudos
Václav_Brožík
Collaborator

Thank you for sharing your experience but I do not understand why to spend the effort.

* The order changes anyway: when you add new interfaces, when you remove interfaces.

* The solution does not help with ordering of VLAN (and maybe other non-physical) interfaces.

* The sk71600 explains that correctly working SNMP monitoring tool has to re-discover the interfaces after the machine is rebooted. Part of the discovery is mapping to IF-MIB::ifName values which you then use to refer to the interfaces by their names.

Summary: The SNMP monitoring tool has to be fixed to not use the changing table index number when referring to an interface.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events