What Is SNMP? How To Install & Configure SNMP in Linux

Simple Network Management Protocol (SNMP) is an internet standard protocol which can be used to remotely retrieve the operational statistics of the routers and firewalls. Devices that typically support SNMP include routers, switches, servers, workstations and more. The monitoring tools such as MRTG, cacti uses SNMP to retrieve information from the routers to draw the graphs. In this article, we will go through the installation and simple configuration of SNMP on Linux (CentOS 7, Ubuntu 16.04).

Basics concepts

SNMP is a protocol that is implemented on the application layer of the networking stack.  It is one of the widely accepted protocols to manage and monitor network elements. The protocol was created as a way of gathering information from very different systems in a consistent manner. In general, a network being profiled by SNMP will mainly consist of devices containing SNMP agents. An agent is a program that can gather information about a piece of hardware, organize it into predefined entries, and respond to queries using the SNMP protocol. SNMP requires only a couple of basic components to work:

  • Managed device: it is a computer that is configured to poll SNMP agent for information. It can be any machine that can send query requests to SNMP agents with the correct credentials. SNMP Manager’s key functions: queries agents, gets responses from agents, sets variables in agents and acknowledges asynchronous events from agents
  • Agent: theses are softwares which run on managed devices. They are responsible for gathering information about the local system and storing them in a format that can be queried.updating a database called the "management information base" (MIB).
  • Network management station (NMS): it executes applications that monitor and control managed devices.

MIB is a database that follows a standard that the manager and agents adhere to. Every SNMP agent maintains an information database describing the managed device parameters. The SNMP manager uses this database to request the agent for specific information and further translates the information as needed for the Network Management System (NMS). This commonly shared database between the Agent and the Manager is our MIB.

SNMP version

Currently, there are 3 versions for SNMP.

  • SNMP Version 1: This provides device statistics and error reporting without consuming a lot of system resources. Security is limited to community strings and access controls based on the IP address of the querying server. Data communication isn't encrypted.
  • SNMP Version 2: This is referred to as v2c which expanded the number of supported error codes, increased the size of counters used to track data and has the ability to do bulk queries that more efficiently loaded response packets with data.
  • SNMP Version 3: This version provides greater security and remote configuration capabilities than its predecessors. Access isn't limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced. Support for encrypted SNMP data transfer and transfer error detection is also provided.

1) Installation of snmp

We will present snmp installation both on ubuntu and centos

  • On ubuntu
# apt-get install -y snmpd snmp
  • On centos
# yum install -y net-snmp net-snmp-utils

2) Configuration of SNMP

The configuration file of SNMP service can be found at /etc/snmp/snmpd.conf. Before modifying the file, make a copy of the file by the command

# cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak

Following are the basic configuration parameters you can use to configure SNMP.

  • Set community string for SNMP: it is like a user id or password that allows access to a device's statistics. This string will be used by the client machines to retrieve data (to generate monitoring graphs). This is a mandatory configuration parameter. It can be identified where you will see rocommunity . The default value is public which is not secured because everybody know it by default.
  • Listening address: We can configure the SNMP agent to listen only to a particular IP address as follows agentAddress udp:ip_address:161. The default port on which SNMP listens is 161. The default behavior of the agent is to listen on standard UDP port on all interfaces.
  • System information: it concerns personal infos, process/disk monitoring,
    • syslocation: This is the [typically physical] location of the system.
    • syscontact: This is the contact information for the administrator.

Our modified information should be like below, notice that there are other default values on the file which don't appear here

  • On Ubuntu
#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161

#  ACCESS CONTROL
#
view   all  included   .1.3.6.1.2.1.1
view   all  included   .1.3.6.1.2.1.25.1

#rocommunity public  localhost
                                  #  Default access to basic system info
 rocommunity my_password  default    -V all
                                  #  rocommunity6 is for IPv6
 rocommunity6 my_password  default   -V all

sysLocation    linoxide
sysContact     Me <me@linoxide.com>

#  ACTIVE MONITORING
#
                                  #   send SNMPv1  traps
 trapsink     localhost public
                                  #   send SNMPv2c traps
 trap2sink    localhost public
  • on Centos
#       sec.name  source          community
com2sec notConfigUser  default       my_comm

# Make at least  snmpwalk -v 1 localhost -c public system fast again.
#       name           incl/excl     subtree         mask(optional)
view    systemview    included   .1.3.6.1.2.1
view    systemview    included   .1.3.6.1.2.1.25.1

##        incl/excl subtree mask
view all    included   .1    80

# variables through the snmpd.conf file:
syslocation centos linoxide
syscontact admin <admin@linoxide>

The SNMP service needs to be restarted for any configuration change (/etc/snmp/snmpd.conf) to take place. This can be accomplished as follows:

# service snmpd restart

with systemd do

# systemctl restart snmpd.service

3) Testing SNMP service

You can test whether SNMP can read the system and interface MIB's using the snmpwalk command.

  • on Ubuntu
# snmpwalk -c my_password -v2c -O e 127.0.0.1
iso.3.6.1.2.1.1.1.0 = STRING: "Linux ubuntu-01 4.4.0-66-generic #87-Ubuntu SMP Fri Mar 3 15:29:05 UTC 2017 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (1544) 0:00:15.44
iso.3.6.1.2.1.1.4.0 = STRING: "me <me@linoxide>"
iso.3.6.1.2.1.1.5.0 = STRING: "ubuntu-01"
iso.3.6.1.2.1.1.6.0 = STRING: "linoxide"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.3.1 = STRING: "The MIB for Message Processing and Dispatching."
iso.3.6.1.2.1.1.9.1.3.3 = STRING: "The SNMP Management Architecture MIB."
iso.3.6.1.2.1.25.1.1.0 = Timeticks: (9971483) 1 day, 3:41:54.83
iso.3.6.1.2.1.25.1.2.0 = Hex-STRING: 07 E1 04 08 01 30 16 00 2B 00 00 
iso.3.6.1.2.1.25.1.3.0 = INTEGER: 393216
iso.3.6.1.2.1.25.1.4.0 = STRING: "BOOT_IMAGE=/boot/vmlinuz-4.4.0-66-generic root=LABEL=cloudimg-rootfs ro console=tty1 console=ttyS0
"
iso.3.6.1.2.1.25.1.5.0 = Gauge32: 1
iso.3.6.1.2.1.25.1.6.0 = Gauge32: 121
iso.3.6.1.2.1.25.1.7.0 = INTEGER: 0
  • on Centos
# snmpwalk -c my_comm -v1 -O e 127.0.0.1
SNMPv2-MIB::sysDescr.0 = STRING: Linux centos-01 3.10.0-514.6.1.el7.x86_64 #1 SMP Wed Jan 18 13:06:36 UTC 2017 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (304) 0:00:03.04
SNMPv2-MIB::sysContact.0 = STRING: admin <admin@linoxide> (configure /etc/snmp/snmp.local.conf)
SNMPv2-MIB::sysName.0 = STRING: centos-01
SNMPv2-MIB::sysLocation.0 = STRING: centos linoxide
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (8) 0:00:00.08
SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.5 = OID: TCP-MIB::tcpMIB

Once you have verified that SNMP is working correctly, you can configure SNMP statistics gathering software such as MRTG to create online graphs of your traffic flows.

Conclusion

SNMP is used to monitor devices on a network. There are some monitoring tools based on it which are very popular and used across the world. We know the concept of snmp and how it works. With this basic concepts, you are able to use snmp tools to explore this environment.

About Bobbin Zachariah

Founder of LinOxide, passionate lover of Linux and technology writer. Started his career in Linux / Opensource from 2000. Love traveling, blogging and listening music. Reach Bobbin Zachariah about me page and google plus page.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.