Snmp linux ����������� ����������

Linux SNMP Network Management Tools

The following should also be consulted for additional leads:

• SNMP FAQ Frequently asked questions about SNMP.
• Linux CMU SNMP Project — provides the standard bilingual SNMPv1/v2 agent, incl USEC support, as well as command line tools; includes MIB-2 (RFC 1213) Identification MIB (RFC 1414) Host Resources MIB (RFC 1514) and the TUBS Linux MIB, as well as pointers to the Tcl and Perl snmp libs.
• SUNY Bufallo Network Management Archives — the most complete archive around, including tools, MIB compilers, documentation. Not Linux specific.
• The Simple Web site maintains info on internet management.
• Simple Times A periodical for Internet network management.
• Altavista search for Linux and SNMP

Frameworks

PIKT PIKT is a general framework for problem detection, software distribution, and automated problem correction.

Playin’ in the LAN Playin’ in the LAN is a set of tools designed to allow hub/router status to be monitored, including alarms, connectivity, traffic graphs, equipment inventory and more. Data archiving via SQL.

scotty, tkined scotty is a set of tcl extensions designed for network management. Tkined is a graphical application built on scotty to do that management. I am told that this is a powerful & complete system.

Kinetics Kinetics from Loran Technologies is a turnkey network management system. Bundle includes hardware and software; the base OS is Linux. Not for the faint of wallet; pricing starts at $8300 for a 1-150 station license & goes up from there. This product is aimed at the high-end network management tools from IBM and HP.

Big Brother The Big Brother package provides web-based, multi-platform configurable network/system/application/filesystem monitor. It can be configured to call a pager when alarms occur.

SNMP Tools

The «Simple Network Management Protocol» (SNMP) is an internet standard for gathering statistics from and managing devices on the internet, principally routers. Below follows a list of free and commercial network management tools for Linux.

MRTG The Multi-Router Traffic Grapher is a magnificent graphing tool that will create web pages showing hourly, daily, weekly and yearly in-bound and out-bound packet traffic on one or many routers/ports. Colorful, ease of installation is typical for a source-code package. It runs automatically without a glitch. *Recommended*.

SNMP Sniff SNMP Sniff is an SNMP packet sniffer. It will listen to a network (LAN) segment in promiscuous mode, and report and decode any information that passes by in any SNMPv1 and SNMPv2 (Community Based) PDU. This can be very useful for debugging new SNMP programs, diagnosing bad interactions between agents and managers, as well as just learning SNMP internals.

NetSCARF Scion NetSCARF, the Network Statistics Collection And Reporting Facility, performs SNMP queries and displays results on the web.

SNMP Vulture SNMP Vulture is a set of perl scripts coupled to gnuplot and PBMPlus to create graphs and web pages. Sources appear a bit stale (last updated October 1996).

IBM Webbin IBM (Zurich) has released a Linux port of its Webbin’ CMIP (and SNMP) tools. This tool is interesting because it creates web-pages on the fly, on a special port number, and does not require you to configure or run a web server. Installation is almost trivial. Output in VRML as well as HTML. The next nice thing about this package is the automatic discovery feature, which will locate all snmp agents on your net. In other ways, this package is underwhelming: before you know it, you’re just browsing another MIB. No alarm support, no graphs, no history. None-the-less, kudos to IBM for supporting the Linux platform; this is worth a spin around the block.

RMONX Cyber Professionals have a web-based SNMP Network Management System, RMONX, which provide a number of features: network status, event detection & notification, trend monitoring, MIB browsing & configuration.

CMU-SNMP The CMU-SNMP package is a set of basic, low-level libraries, utilities, and of course the snmpd daemon. Most Linux distributions come with this package by default, and include a special extended Linux MIB. If you want to monitor/control a Linux box via SNMP, this package is a must-have. See the CMU-SNMP-3.2 availability announce (old).

DevPatrol DevPatrol is a simple set of Perl scripts that collect current and historical information about host uptime & availability, presenting the results as web pages. It uses SNMP queries, ICMP/UDP/TCP pings and challenge/response on TCP ports to verify reachability & availability of hosts and subsystems (daeomsn, such as POP3, www, etc.). Click here for live example report.

NetEye NetEye is a commercial product that provides a Motif-based network management and trouble-ticketing system. It supports SNMP and a subset of SNMPv2, handles alarms and events, and database integration. The screen shot looks interesting . Unfortunately for English-speakers, the page is in Italian.

WWW SNMP MIB Browser The WWW SNMP MIB Browser is a tcl script that allows you to browse SNMP MIB entries with a web browser. Note however, that MIB’s are very low level constructs in SNMP — this tool does NOT provide summary information, graphs, etc. It simply presents a plain ASCII display of the current values of the standard low-level info. Worth a spin, though.

NetMan The Netman Development Group provides a set of tools for network management — runs on UNIX’s, I was unable to find Linux binaries (the group mentions that a Linux port has not yet been done). Their page shows some intriguing screen shots. The university that sponsored this project wants $500 US for the source code.

SNMX SNMX provides a scripting language interface to a shell-like MIB browser. The MIB browser shell supports «cd» and «ls» for walking the MIB tree as if it were a file directory. Includes a built agent so that scripts can be used to build custom agents.

BTNG / tricklet BTNG appears to be an RMON and SNMPv1 ethernet packet monitor. Tricklet seems to be a Tk/tcl based MIB browser. Univ of Delft FTP site.

HNMS The screen shots (one and two) look pretty intriguing. HNMS appears to be available on common Linux ftp sites and cd-roms.

XNetDB XNetDB is advertised as a graphical (X11 based) SNMP client, but the sources appear to date to 1991. A quick attempt to compile on Linux yielded naught . a file called «sys/mbuf.h» is missing, together with its definition of mbufBuf and MT_RTABLE. Not clear that anything this old is worth pursuing. Sigh .

gwtraffic This is an SNMP application that polls routers/gateways for packet traffic statistics. Generates plots with gnuplot. Old, dates to 1992. Does not appear to be currently maintained. AARNet gwtraffic Home FTP Site.

Источник

What is SNMP? Install & Configure SNMP in Linux

SNMP (Simple Network Management Protocol) is an internet standard protocol used to remotely retrieve the operational statistics (current status) of the servers and infrastructure components. Devices that typically support SNMP include routers, switches, workstations, firewalls, and more.

In this tutorial, we will go through the installation and simple configuration of SNMP on Linux (CentOS 7, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04).

SNMP Basics concepts

SNMP protocol is implemented on the application layer of the networking stack. It is one of the widely accepted protocols to manage and monitor network elements. The protocol was created as a way of gathering information from very different systems in a consistent manner.

In general, a network profiled by SNMP will mainly consist of devices containing SNMP agents. An agent is a program that can gather information about a piece of hardware, organize it into predefined entries, and respond to queries using the SNMP protocol.

In the core, SNMP management system read and write operational parameters in remote devices. These parameters are known as OID’s (Object Identifiers).

SNMP requires only a couple of basic components to work:

• SNMP Manager: Is an application that manages SNMP agents on the network. It can be any machine that can send query requests to agents with the correct credentials. Manager’s key functions are queries agents, get responses from agents, set variables in agents and acknowledges asynchronous events from agents. It can be part of the network management station (NMS). Cacti, MRTG, Zabbix, Icinga, PRTG are some of the free opensource monitoring tool which acts as an SNMP manager.
  
• Agent: When the manager application sends SNMP queries, the agent responds back with current status and statistics. Agents are responsible for gathering information about the local system and storing them in a format that can be queried and updating a database called the management information base (MIB).

MIB is a database that follows a standard that the manager and agents adhere to. Every agent maintains an information database describing the managed device parameters. The manager application uses this database to request the agent for specific information and translates the information as needed for the Network Management System (NMS). This commonly shared database between the Agent and the Manager is called MIB.

SNMP versions

Currently, there are 3 versions available.

SNMP Version 1: This is the first version of SNMP. It only supports 32-bit counters. This provides device statistics and error reporting without consuming a lot of system resources. Security is limited to community strings, if the string matches that configured in the equipment, the request will be carried out.

Access controls based on the IP address of the querying server. It has unencrypted data communication.

SNMP Version 2: This is referred to as v2c, which adds support for 64-bit counters. Has the ability to do bulk queries that more efficiently loaded response packets with data.

SNMP Version 3: This version provides greater security and remote configuration capabilities. Access isn’t limited to a single community string for read-only and read/write access, as usernames and passwords have been introduced. It supports using encryption algorithms and authentication mechanisms.

3 Options for security and privacy:

noAuthNoPriv (no authentication, no privacy)
authNoPriv (authentication but no privacy)
authPriv (authentication and privacy)

Two authentication mechanisms:

Two encryption algorithms:

1) Installation of snmp on Linux

On the SNMP agent machine, you required only SNMP daemon (snmpd) and for manager components, you can install snmp package on Ubuntu.

The following command install snmp service on Ubuntu and Debian derived systems:

2) Configuration of SNMP

The configuration file of snmpd service can be found at /etc/snmp/snmpd.conf . Before modifying the file, make a copy of the file by the following command:

Remember to add a new SNMP user you use ‘/var/lib/net-snmp/snmpd.conf’ file.

The following are the basic config parameters to configure SNMP.

• Set community string: It is like a user id or password that allows access to a device’s statistics. The client machine use this string to retrieve data (to generate monitoring graphs). It can be identified where you will see rocommunity or rwcommunity . The default value is ‘public’ which is not secured, should be disabled.
• Listening address: We can configure the agent to listen only to a particular IP address as follows agentAddress udp:ip_address:161 . The default port on which SNMP listens is 161. The default behavior of the agent is to listen on standard UDP port on all interfaces.
• System information: It concerns personal info, process/disk monitoring,
  • syslocation: This is the [typically physical] location of the system.
  • syscontact: This is the contact information for the administrator.
• SNMP traps: Helps to send traps (device down, interface down, etc) to monitoring tools.

Our modified information should be like below, notice that there are other default values on the file which don’t appear here

A sample agent configuration file on Ubuntu:

A sample agent config file on CentOS:

The SNMP service needs to be restarted for any configuration change ( /etc/snmp/snmpd.conf ) to take place.

The following will restart service on Linux, make sure to run with sudo access.

On systemd systems, run the following command

3) Testing SNMP service

You can test whether SNMP can read the system and interface MIB’s using the snmpwalk command.

Once you have verified SNMP is working correctly, you can configure SNMP statistics gathering software such as MRTG to create online graphs of your traffic flows.

This example shows how to use snmpwalk command to verify the user authentication.

Similar to snmpwalk, snmpget is command-line tool to get information from snmp enabled devices.

The following snmpget command, verify user authentication on snmp server.

-u : specify snmp user name

-l : Type of security and privacy method

-a : Which authentication mechanisms

-x : Type of encryption algorithms used

-A : Authentication password

-X : Encryption password

Conclusions

If you are configuring using SNMPv3, you should know about snmpusm command and used to creates and maintains SNMPv3 user’s on a network entity.

In this tutorial we learn how to install and configure SNMP on Linux to monitor network devices. I hope you enjoyed reading and please leave your suggestions in the below comment section.

Источник

SNMP Clients

Command line client applications

To configure SNMP client applications on Debian, including snmpwalk:

If you want the OIDs to resolve to their text description, activate the non-free repository and install snmp-mibs-downloader:

To configure net-snmp command-line to use the MIBS, edit /etc/snmp/snmp.conf and comment out the following line:

To update the MIBS to latest versions run the following command as root:

If you have a SNMP server running on localhost, with Community string «public», you can test if MIBs are working properly like this:

Adding 3rd party MIBs

If you want to add more — for example vendor specific — MIBs under your own user account then you can do that like this:

Now you can add your own MIBs under

/.snmp/mibs. The MIB files are usually of the following form:

Now when you want to use your additional MIBs you need to tell the snmp* command:

This will use the MIBs B100-MIB, IPVS-MIB, ONE4NET-MIB in addition to the default ones.

SNMP Servers

The daemon providing SNMP services is called snmpd. SNMP «agents» run on the server side, which listen for incoming SNMP requests from clients and provides responses. Install this from the snmpd package:

If you want human-readable names for OIDs, first install MIBS (see above) and then add the following to /etc/default/snmpd:

Finally, restart snmpd:

To configure snmpd edit /etc/snmp/snmpd.conf. A simple test is to allow access from localhost. To enable this, uncomment the line:

You can now query your local server using «public» as your Community string as follows:

SNMP on Debian — older information

The following section applies to Debian GNU/Linux 3.1 Sarge, and dates from 2005, so may not be relevant any more.

Defaults

Agent

Starts allways by default. Listens on all interfaces, correct by adding the address you want it to listen on in /etc/default/snmpd to the parameter SNMPDOPTS:

It also listens to the smux port (199) on all interfaces, which can only be altered to listening only to localhost by recompiling. More on this later. It can be argued, with security in mind, to configure snmpd to listen only on localhost. To make it accessible over the net you would have to add tricks like a tunnel, but that goes beyond the scope of this document. Feel free to add it to this page if you know how to do it.

Trap server

Does not start by default. See /etc/default/snmpd

Note: does not need to run on ervery server, you only need 1 trap server in your network, unless it’s overloaded or for reasons of redundancy or security.

Rebuilding

Needed packages to make building possible:

(install all extra packages with apt-get install packagename)

You need the following extra packages to rebuild snmpd:

Download the sources in /usr/src:

Rebuild to check your environment :

Using your own packages

Since I prefer installing packages automatically using the same means as the original install method, I’m describing my own way through a debian-local directory on my local web server in combination with apt-proxy. Feel free to install your packages with

if you feel an urgent need to create work or for testing purposes.

So I run a local apt-proxy which keeps a copy of my downloaded packages on my local web server and have a real (so not proxied) local directory that’s part of my /etc/apt/sources.list (the place apt uses to install new packages and updates over the net) in which I store my home-grown packages:

How to keep your localy build package from being overwritten by the official Debian packages is described here : http://www.debian.org/doc/manuals/apt-howto/ch-apt-get.en.html#s-pin Basically this is achieved locally on the system you install your packages on on a per package base [Todo: find a way to override from the repository].

Disk usage monitoring

Basically, you need to recompile with the parameters disman/event-mib and ucd-snmp/diskio added to the —with-mib-modules option.

Источник