Simple Network Management Protocol (SNMP) is an internet standard protocol which can be used to remotely retrieve the operational statistics of the routers and firewalls. Devices that typically support SNMP include routers, switches, servers, workstations and more. The graphical network monitoring tools such as MRTG uses SNMP to retrieve information from the routers to draw the graphs. In this article, we will go through the installation and simple configuration of SNMP on linux (RHEL, CentOS).
SNMP utilities and services are provided by the packages “net-snmp” and “net-snmp-utils”. We can use the “yum” package manager to install these packages.
yum install net-snmp net-snmp-utils
Currently there are 3 versions for SNMP.
1. SNMP Version 1: This provides device statistics and error reporting without consuming a lot of system resources. Security is limited to community strings and access controls based on the IP address of the querying server. Data communication isn't encrypted.
2. SNMP Version 2: This is referred to as v2c which expanded the number of supported error codes, increased the size of counters used to track data and has the ability to do bulk queries that more efficiently loaded response packets with data.
3. SNMP Version 3: This version provides greater security and remote configuration capabilities than its predecessors. Access isn't limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced. Support for encrypted SNMP data transfer and transfer error detection is also provided.
The configuration file of SNMP service can be found at “/etc/snmp/snmpd.conf”. Following are the basic configuration parameters; you can use to configure SNMP.
1. Set community string for SNMP.
There are a number of types of community strings, the most commonly used ones are the “Read Only” or "get" community string that only provides access for viewing statistics and system parameters. The Read/Write or "set" community string is for not only viewing statistics and system parameters but also for updating the parameters. This string will be used by the client machines to retrieve data (to generate monitoring graphs). This is a mandatory configuration parameter.
2. Listening address.
We can configure the SNMP agent to listen only to a particular IP address as follows:
The default port on which SNMP listens is ‘161’. The default behavior of the agent is to listen on standard UDP port on all interfaces.
3. Monitoring interfaces.
You can mention the interfaces to be monitored using the directive ‘interface’. The value must have three fields and they are (1) a string naming the interface, (2) an integer describing the type of the interface and (3) an integer describing the speed of the interface.
interface: eth0 6 10000000
4. System information.
syslocation: This is the [typically physical] location of the system. Note that setting this value here means that when trying to perform a SNMP SET operation to the sysLocation. 0 variable will make the agent return the "notWritable" error code.
syscontact: This is the contact information for the administrator. Note that setting this value here means that when trying to perform a SNMP SET operation to the sysContact. 0 variable will make the agent return the "notWritable" error code.
syslocation "Capital City"
5. SNMP port.
The default port on which SNMP service listens is 161. If you want to use another port for SNMP, you need to configure it in snmpd.conf
A sample snmpd.conf file may look like the following:
Configure SNMP for automatic restart.
Now, we need to add SNMP to chkconfig for automatic restart on system reboot. This can be done as follows:
chkconfig snmpd on
Restart SNMP server.
The SNMP service needs to be restarted for any configuration change (snmpd.conf) to take place. This can be accomplished as follows:
service snmpd restart
Testing SNMP service.
You can test whether SNMP can read the system and interface MIB's using the snmpwalk command.
snmpwalk -v 1 -c vsnl localhost system
snmpwalk -v 1 -c vsnl localhost interface
Once you have verified that SNMP is working correctly, you can configure SNMP statistics gathering software such as MRTG to create online graphs of your traffic flows.