IPv4 to IPv6 translation

SNMP engines built into client and server pieces of SNMP Forwarder can operate over different network transports, namely different IP protocol versions.

The following example demonstrates SNMP command forwarder performing IPv4 to IPv6 translation of SNMP traffic along the way.

You could test this configuration by running:

$ snmpwalk -v2c -c public 127.0.0.1:1161 system

Note

The example configuration attempt to query public SNMP agent at demo.snmplabs.com over IPv6. This might work if global IPv6 routing is available on your local network.

Server configuration

Server is configured to:

  • listen on IPv4 address
  • respond to queries performed over SNMPv2c
  • forward all queries to snmpfwd client through an unencrypted trunk connection running in client mode
#
# SNMP forwarder: Agent part configuration
#

config-version: 2
program-name: snmpfwd-server

snmp-credentials-group {
  snmp-transport-domain:  1.3.6.1.6.1.1.1
  snmp-bind-address: 127.0.0.1:1161

  snmp-engine-id: 0x0102030405070809

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  snmp-credentials-id: snmp-credentials
}

context-group {
  snmp-context-engine-id-pattern: .*?
  snmp-context-name-pattern: .*?

  snmp-context-id: any-context
}

content-group {
  snmp-pdu-type-pattern: .*?
  snmp-pdu-oid-prefix-pattern-list: .*?

  snmp-content-id: any-content
}

peers-group {
  snmp-transport-domain: 1.3.6.1.6.1.1.1
  snmp-bind-address-pattern-list: .*?
  snmp-peer-address-pattern-list: .*?

  snmp-peer-id: 100
}

trunking-group {
  trunk-bind-address: 127.0.0.1
  trunk-peer-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: client

  trunk-id: trunk-1
}

routing-map {
  matching-snmp-context-id-list: any-context
  matching-snmp-content-id-list: any-content

  matching-snmp-credentials-id-list: snmp-credentials
  matching-snmp-peer-id-list: 100

  using-trunk-id-list: trunk-1
}

Download server configuration file.

Client configuration

Client is configured to:

  • listen on server-mode unencrypted trunk connection
  • process all incoming SNMP messages in the same way
  • place inbound PDUs into SNMP v2c messages and forward them to public SNMP agent at demo.snmplabs.com over IPv6 network
#
# SNMP forwarder: Manager part configuration
#

config-version: 2
program-name: snmpfwd-client

peers-group {
  snmp-engine-id: 0x0102030405070809

  snmp-transport-domain: 1.3.6.1.2.1.100.1.2.100
  snmp-bind-address: [::0]:0

  # time out SNMP request in 1 second
  snmp-peer-timeout: 100
  snmp-peer-retries: 0

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  # demo.snmplabs.com
  snmp-peer-address: [2604:a880:1:20::12:d001]:161
  snmp-peer-id: snmplabs
}

trunking-group {
  trunk-bind-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: server

  trunk-id: <discover>
}

original-snmp-peer-info-group {
  orig-snmp-bind-address-pattern: .*?
  orig-snmp-context-name-pattern: .*?

  orig-snmp-pdu-type-pattern: .*?
  orig-snmp-oid-prefix-pattern: .*?

  orig-snmp-engine-id-pattern: .*?
  orig-snmp-context-engine-id-pattern: .*?

  orig-snmp-transport-domain-pattern: .*?
  orig-snmp-peer-address-pattern: .*?

  orig-snmp-security-level-pattern: .*?

  orig-snmp-security-name-pattern: .*?
  orig-snmp-security-model-pattern: .*?

  orig-snmp-peer-id: manager-1
}

server-classification-group {
  server-snmp-credentials-id-pattern: .*?
  server-snmp-context-id-pattern: .*?
  server-snmp-content-id-pattern: .*?
  server-snmp-peer-id-pattern: .*?

  server-classification-id: any-classification
}

routing-map {
  matching-trunk-id-list: trunk-1
  matching-orig-snmp-peer-id-list: manager-1
  matching-server-classification-id-list: any-classification

  using-snmp-peer-id-list: snmplabs
}

Download client configuration file.