Tiplet: no SNMP replies? Fix broken SNMP responses in Windows Server 2008, Windows 8

I encountered a weird problem on a Windows Server 2008 R2 install which had dual NICs on the same physical network (different subnets, DNS and gateways) - you could interrogate its SNMP agent and you wouldn't get a response even though the right community was set and you might initially see it working properly! This borkage would happen indefinitely after beginning, though punctuated with momentary spurts of correct operation (depending on which way the wind was blowing, how you looked at the box, whether you spoke softly to it...) but then arbitrarily breaking again. Intensely frustrating.

From my own analysis, as SNMP traffic is (usually) UDP, the responses were being routed through the wrong interface (Windows' SNMP agent binds automatically to all interfaces on 0.0.0.0:161 and doesn't care about interface order or metrics, even if you define custom metrics -- though you can force it by setting metrics on your connections' default gateways). The incorrectly-identified replies to SNMP requests were also being caught by the firewall (for whatever reason), even though it has the appropriate SNMP rules to allow ingress/egress traffic on UDP 161 and 162 (trap traffic).

But guess what, for once MS has actually issued a fix for this! It's on the Microsoft site via the snappily-named article "Incorrect source IP address is returned in the SNMP response in Windows 8, Windows Server 2012, Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008". I've applied this to the servers I'm setting up monitoring for, and it works beautifully.

Big kudos to "mobilenow" who linked to this hotfix on the Solarwinds Thwack forum and explained the hotfix was produced after they opened a bug case after similarly trawling the net during production of their ServerSilo monitoring product. Probably worth checking them out. 🙂

Hopefully this avoids you wasting as much time as I spent trying to fix this...

I