/dev/otmar

I’m doing a bit of network monitoring with SNMP again, and stumbled upon yet another cisco SNMP bug. Back when I wrote the pan-european NMS for KPNQwest, I had to work-around a good number of bugs in the IOS snmp agent, but this time it’s a bug in the MIB file:

Using the CISCO-BGP4-MIB, I can graph the state of my BGP peerings. All fine, when looking at

    CbgpPeerAddrFamilyPrefixEntry ::= SEQUENCE {
        cbgpPeerAcceptedPrefixes        Counter32,
        cbgpPeerDeniedPrefixes          Gauge32,
        cbgpPeerPrefixAdminLimit        Unsigned32,
        cbgpPeerPrefixThreshold         Unsigned32,
        cbgpPeerPrefixClearThreshold    Unsigned32,
        cbgpPeerAdvertisedPrefixes      Gauge32,
        cbgpPeerSuppressedPrefixes      Gauge32,
        cbgpPeerWithdrawnPrefixes       Gauge32
        }

you notice that the Gauge32 vs. Counter32 types are mixed up.

cbgpPeerAcceptedPrefixes is the only Gauge here, whereas cbgpPeerDeniedPrefixes, cbgpPeerAdvertisedPrefixes, cbgpPeerSuppressedPrefixes and cbgpPeerWithdrawnPrefixes are actually Counters, e.g.

    cbgpPeerWithdrawnPrefixes  OBJECT-TYPE
        SYNTAX      Gauge32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "This counter is incremented when a route prefix,
                 which belongs to an address family, is withdrawn on
                 this connection. It is initialized to zero when the
                 connection is undergone a hard reset."
        ::= { cbgpPeerAddrFamilyPrefixEntry 8 }