[147269] in North American Network Operators' Group
Re: Writable SNMP
daemon@ATHENA.MIT.EDU (Jeff Wheeler)
Tue Dec 6 14:19:47 2011
In-Reply-To: <CABO8Q6QsPUDv88SJKAEn2VutE7s0fdLpSLGL2dAo54UvSDr_PA@mail.gmail.com>
Date: Tue, 6 Dec 2011 14:18:52 -0500
From: Jeff Wheeler <jsw@inconcepts.biz>
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Dec 6, 2011 at 11:07 AM, Keegan Holley
<keegan.holley@sungard.com> wrote:
> For a few years now I been wondering why more networks do not use writabl=
e
> SNMP. =A0Most automation solutions actually script a login to the various
I've spent enough time writing code to deal with SNMP (our own stack,
not using Net-SNMP or friends) to have a more in-depth understanding
of SNMP's pitfalls than most people. It is TERRIBLE and should be
totally gutted and replaced with something more sane, less likely to
have bugs, etc. There is a good reason why many major bugs have
popped up over the years allowing devices to be crashed with crafted
SNMP packets -- it's honestly not that easy to get right, especially
if you really implement every possible encoding so some random
customer with a brain-damaged SNMP client stack won't come crying to
you that his client won't work.
Juniper does not support writing via SNMP. I am glad. Hopefully that
is the first step toward not supporting SNMP at all.
--=20
Jeff S Wheeler <jsw@inconcepts.biz>
Sr Network Operator=A0 /=A0 Innovative Network Concepts
