Skip to main content
hermann
hermann
Visitor III
August 15, 2025
Question

Bug in SNMP responses about DHCP leases?

  • August 15, 2025
  • 4 replies
  • 984 views

Hello,

I am monitoring Fortigates using SNMPv3. Among other things I monitor the status of DHCP scopes to be informed if they are near to get full. The main (and the only) OID related is 1.3.6.1.4.1.12356.101.23.2.1.1.2. It returns per line the amount of assigned leases in percents of the total IP addresses in the scope. 

I can see the following situation: if there are reservations in the DHCP scope and if a device with a reservation got a lease, this device (this lease) is not counted in the SNMP response. It can lead to situations that some IP addresses are assigned and not free anymore, but the number of assigned leases according to SNMP is still 0. Which is wrong. 

Different Fortigates 100E, 100F and 200E and FortiOS 7.2.11 and 7.4.8.

Could anyone please check this and let me know if I am missing anything?

 

4 replies

Anthony_E
Staff
Anthony_E
Staff
August 18, 2025

Hello Hermann,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Best Regards
BillH_FTNT
Staff
BillH_FTNT
Staff
August 18, 2025

Hi Hermann

 

Could you please share the configuration related to DHCP? If possible, please also help capture logs and sniffer packets related to snmp.
Kindly send the information to my official email: bhoang@fortinet.com. I’d like to review the issue further.

1. Open a session for debug:
dia debug application snmpd -1
dia debug enable

2. Another session to capture packet

dia sniffer packet any "host snmp.server.ip" 6 0 l

3. Another session to capture packets

diagnose sniffer packet any "port 161" 6 0 l

 

Regards

Bill

    hermann
    hermannAuthor
    Visitor III
    August 18, 2025

    Thanks, Bill!

    I am sending the config and the output of some CLI commands as well as of the SNMPWALK to your email address. I have not captured the traffic because we are using SNMPv3 (with encryption), which would not show you anything readable. 

    BR,

    Hermann

    BillH_FTNT
    Staff
    BillH_FTNT
    Staff
    August 21, 2025

    Hi @hermann 

    We have information from our engineering team regarding a similar issue: "the percentage is calculated based on available IP addresses, excluding the reserved ones". Therefore, this appears to be expected behavior. Thank you

    Bill

      hermann
      hermannAuthor
      Visitor III
      August 22, 2025

      thanks Bill!

      Do you mean that it is not a bug, it's a feature? And that this won't be changed?

      tomoljo3
      tomoljo3
      New Member
      August 22, 2025

      Depends on the hardware platform if the MIB is supported. Last I checked, SRX 300 series did not support that MIB, for instance. I would love to find out that this has been remedied.

        Terms & ConditionsAccessibility statement