Hello,
Our Cacti has lot of SNMNP traffic send to monitoring server via our Juniper firewall, so it caused the firewall limition, my question is how to reduce the SNMP traffic ?
Thanks
SNMNP traffic
Moderators: Developers, Moderators
Re: SNMNP traffic
Could you please explain your network setup a bit more and also provide more details about your exact problem?
How does Cacti communicate with the monitoring server that you mention?
Is that monitoring server also located in a security zone behind the firewall?
How have you set up the security zone on which your Cacti server is located and what policies did you define for this zone?
I also have a clustered Juniper SRX240H firewall and our Cacti server is located on a security zone behind the Juniper firewall and in my experience so far, the more you use the "smart" features of Junos, the more problems you get in your network.
How does Cacti communicate with the monitoring server that you mention?
Is that monitoring server also located in a security zone behind the firewall?
How have you set up the security zone on which your Cacti server is located and what policies did you define for this zone?
I also have a clustered Juniper SRX240H firewall and our Cacti server is located on a security zone behind the Juniper firewall and in my experience so far, the more you use the "smart" features of Junos, the more problems you get in your network.
Re: SNMNP traffic
Hi winni
Sorry for the late reply, please see attached file, this is captured by Juniper firewall event log, you can see have a lot of traffic in every sec.
We have different Vlan servers that needed to monitoring with SNMP, 172.17.128.52 is Cacti server.
Thanks
Sorry for the late reply, please see attached file, this is captured by Juniper firewall event log, you can see have a lot of traffic in every sec.
We have different Vlan servers that needed to monitoring with SNMP, 172.17.128.52 is Cacti server.
Thanks
- Attachments
-
- 01.png (87.05 KiB) Viewed 1520 times
Re: SNMNP traffic
Cacti is doing what it is suppose to, it is sending SNMP Packets to each server to get data. You don't want to limit what Cacti is doing, you need to increase the threshold in your firewall for
"Source IP Based Session Limit"
http://www.juniper.net/techpubs/softwar ... 74994.html
Default is 128, so you will want to crank that up much higher for your trusted zone.
"Source IP Based Session Limit"
http://www.juniper.net/techpubs/softwar ... 74994.html
Default is 128, so you will want to crank that up much higher for your trusted zone.
Re: SNMNP traffic
Do you mean in "Security" > "Screening" > "Screen" > "Source IP Based Session Limit" & "Destination IP Based Session Limit" ? if yes, both was set to 256 in trusted zone, now I set to 384.cigamit wrote:Cacti is doing what it is suppose to, it is sending SNMP Packets to each server to get data. You don't want to limit what Cacti is doing, you need to increase the threshold in your firewall for
"Source IP Based Session Limit"
http://www.juniper.net/techpubs/softwar ... 74994.html
Default is 128, so you will want to crank that up much higher for your trusted zone.
Thanks
Re: SNMNP traffic
I don't have, nor use Juniper firewalls. I just checked google which seems to have plenty of information on how to fix your issue. Your firewall is blocking normal SNMP traffic from Cacti when it does a lot of connections. Cacti is doing everything correctly as a monitoring system, your firewall configuration needs to be changed. As a Juniper admin, I would assume that you know how to fix that yourself.
Re: SNMNP traffic
OK, thanks.cigamit wrote:I don't have, nor use Juniper firewalls. I just checked google which seems to have plenty of information on how to fix your issue. Your firewall is blocking normal SNMP traffic from Cacti when it does a lot of connections. Cacti is doing everything correctly as a monitoring system, your firewall configuration needs to be changed. As a Juniper admin, I would assume that you know how to fix that yourself.
Who is online
Users browsing this forum: No registered users and 2 guests