Linux SNMP: Simple Network Management Protocol:
SNMP or Simple Network Management Protocol, is a technology standard for alert messages (trap), monitoring (get), and configuring (set) network devices. SNMP comes in three varieties: v1, v2 and v3, of which v3 is the only version to be considered secure.
The variables associated with a network device configuration is defined in the Management Information Base, or MIB. The MIB is a collection of information for managing the network element and is comprised of managed objects identified by the Object Identifier (OID). Each OID is unique and identifies a special characteristic of the managed network device. SNMP is built upon a client (SNMP manager) — server (SNMP agent/network device) architecture pattern with a message schema defined by the MIB and sent over UDP port 161 (SNMP agent) and port 162 (SNMP manager). Each of the data values defined by the MIB are associated with an OID identified by a hierarchy of numbers separated by periods.
Installation:
- CentOS/RedHat: sudo yum install net-snmp-utils net-snmp net-snmp-devel
(RPMs also included with CentOS/RHEL 6 and 7 install DVDs) - Ubuntu: sudo apt-get install snmp snmpd snmp-mibs-downloader
Configure:
- System file /etc/snmp/snmpd.conf
This file default restricts access to localhost only. - User file ~/.snmp/snmp.conf
Start:
- CentOS/RedHat:
- sudo systemctl enable snmpd.service
- sudo systemctl start snmpd.service
- sudo systemctl status snmpd.service
snmpd.service - Simple Network Management Protocol (SNMP) Daemon. Loaded: loaded (/usr/lib/systemd/system/snmpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2019-07-02 17:03:02 PDT; 3s ago Main PID: 345 (snmpd) Memory: 6.8M CGroup: /system.slice/snmpd.service └─345 /usr/sbin/snmpd -LS0-6d -f Jul 02 17:03:01 myhostname systemd[1]: Starting Simple Network Management Protocol (. Jul 02 17:03:02 myhostname snmpd[345]: NET-SNMP version 5.7.2 Jul 02 17:03:02 myhostname systemd[1]: Started Simple Network Management Protocol (S. Hint: Some lines were ellipsized, use -l to show in full.
- sudo systemctl enable snmpd.service
- sudo systemctl start snmpd.service
- sudo systemctl status snmpd.service
Test:
- snmpwalk -v 1 localhost -c public .1.3.6.1
- snmpwalk -v 1 localhost -c public system
- Open firewall to everything (if using iptables): sudo iptables -F
or - if using firewald: sudo firewall-cmd --permanent --new-service=snmp
this command will add service to directory /etc/firewalld/services/
snmp 161/tcp # Simple Net Mgmt Proto snmp 161/udp # Simple Net Mgmt Proto snmptrap 162/tcp # SNMPTRAP snmptrap 162/udp snmp-trap # Traps for SNMP cmip-man 163/tcp # ISO mgmt over IP (CMOT)
- RHEL 7: snmpget -v 1 -c public localhost sysDescr.0
SNMPv2-MIB::sysDescr.0 = STRING: Linux myhostname 3.10.0-693.el7.x86_64 #1 SMP Thu Jul 6 19:56:57 EDT 2017 x86_64
iso.3.6.1.2.1.1.1.0 = STRING: "Linux myhostname 4.15.0-70-generic #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019 x86_64"
+--iso(1) | +--org(3) | +--dod(6) | +--internet(1) | +--directory(1) | +--mgmt(2) | | | +--mib-2(1) | | | +--system(1) | | | | | +-- -R-- String sysDescr(1) | | | Textual Convention: DisplayString | | | Size: 0..255 | | +-- -R-- ObjID sysObjectID(2) | | +-- -R-- TimeTicks sysUpTime(3) | | | | | | | +--sysUpTimeInstance(0) | | | | | +-- -RW- String sysContact(4) | | | Textual Convention: DisplayString | | | Size: 0..255 . .
:HOST-RESOURCES-MIB:HOST-RESOURCES-TYPES:UCD-DISKIO-MIB:TCP-MIB:UDP-MIB:MTA-MIB:NETWORK-SERVICES-MIB:SCTP-MIB:RMON-MIB:EtherLike-MIB:LM-SENSORS-MIB:SNMPv2-MIB:IF-MIB:IP-MIB:NOTIFICATION-LOG-MIB:DISMAN-EVENT-MIB:DISMAN-SCHEDULE-MIB:UCD-SNMP-MIB:UCD-DEMO-MIB:SNMP-TARGET-MIB:NET-SNMP-AGENT-MIB:SNMP-MPD-MIB:SNMP-USER-BASED-SM-MIB:SNMP-FRAMEWORK-MIB:SNMP-VIEW-BASED-ACM-MIB:SNMP-COMMUNITY-MIB:IPV6-ICMP-MIB:IPV6-MIB:IPV6-TCP-MIB:IPV6-UDP-MIB:IP-FORWARD-MIB:NET-SNMP-PASS-MIB:NET-SNMP-EXTEND-MIB:UCD-DLMOD-MIB:SNMP-NOTIFICATION-MIB:SNMPv2-TM:NET-SNMP-VACM-MIB /home/userx/.snmp/mibs:/usr/share/snmp/mibs
iso.3.6.1.2.1.1.3.0 = Timeticks: (1310658) 3:38:26.58
iso.3.6.1.4.1.2021.10.1.3.3 = STRING: "0.10"
Command Description snmpcmd options and behavior common to most of the Net-SNMP command-line tools snmpwalk retrieve a subtree of management values using SNMP GETNEXT requests snmpget communicates with a network entity using SNMP GET requests snmpset communicates with a network entity using SNMP SET requests snmptrap sends an SNMP notification to a manager (also snmpinform) snmpgetnext communicates with a network entity using SNMP GETNEXT requests to get the next variable that is lexicographically «next» in the remote entity’s MIB snmptable retrieve an SNMP table and display it in tabular form snmpdelta Monitor delta differences in SNMP Counter values snmptest flexible SNMP application that can monitor and manage information on a network entity snmpdf display disk space usage on a network entity via SNMP snmpusm creates and maintains SNMPv3 users on a network entity snmpstatus retrieves a fixed set of management information from a network entity snmpnetstat display networking status and configuration information from a network entity via SNMP snmpbulkget SNMP application that uses the SNMP GETBULK request to query a network entity efficiently for information snmpbulkwalk retrieve a subtree of management values using SNMP GETBULK requests snmp.conf configuration files for the Net-SNMP applications SNMP Variables Format of specifying variable names to SNMP tools The Object Identifiers (OID)s are used to identify a specific characteristic of a managed device.
- Scalar: managed object with a single instance (a single key to a key-value pair)
- Tabular: multiple data instances such as the rows of a table (e.g. CPU with multiple cores each with its’ own specific charateristics)
SNMP uses ASN.1 (Abstract Syntax Notation One) to define the data types used to build an SNMP message and uses Basic Encoding Rules (BER) to define the data types.
- Primitive Type: type/length(bytes)/data
- integer
- octet (byte, char)
- string
- null
- boolean
- OID
- sequence
- SNMP PDU (Protocol Data Unit) — complex data types specific to SNMP
Installation:
Select the «walk» button to traverse the OIDs.
Acronym Description ASN.1 Abstract Syntax Notation One BER Basic Encoding Rules MIB Management Information Base (data schema for an SNMP device and its variables) OID Object Identifiers (period separated number notation used to define the SNMP device variables) PDU Protocol Data Unit (SNMP packet construction definition) SNMP Simple Network Management Protocol Writing your own MIBs
This is a Good Answer article. It was likely created as a response to a question on a Net-SNMP Mailing List and written up here for others to see. It likely covers material not yet in the FAQ or in the Tutorial but may someday be moved there
Contents
Question
I need to write my own MIB What do I need to know? (Note: This answer is about writing a MIB, which defines objects and their syntax. It is not about implementing a MIB for the Net-SNMP agent, which is covered elsewhere.)
Answer
What does a MIB look like?
If you aren’t familiar with MIBs, take a look at the Net-SNMP examples MIB. It is an example of a simple MIB you can read to get a feel for what a basic MIB looks like. It contains scalars, a table and some notification objects.
What goes into a MIB?
The most important thing you’ll need for your own MIB is the list of objects you need to represent in the MIB. Once you have this list, you can organize them. SNMP MIBs have a tree structure, and the root of the tree and a good number of standard objects are defined by the IETF. You’ll need a place in the tree to insert your MIB.
Getting your own enterprise OID
If you are going to define a MIB that you are going to share with the world, you need a place in the tree that wont conflict with any other MIBs written by others. The enterprises branch of the tree is specifically for organizations (and individuals) to define their own objects. You can apply for your own enterprise OID on the IANA Pen Application page.
If you are defining a MIB that will only be used internally, you could also insert your MIB in the experimental tree. Just be aware that confusion can ensue if management applications try to load multiple MIBs which contain overlapping OIDs.
Writing the MIB
One simple way to start is to take an existing MIB and modify it for your own use. For example, use the Net-SNMP examples mib, and start by moving it to your own branch. Here is an example that moves it into the netSnmpPlaypen, which is a branch we’ve defined for private testing purposes. No «public» management objects should ever be defined within this tree. It is provided for private experimentation, prior to transferring a MIB structure to another part of the overall OID tree.
xyzSnmpExamples MODULE-IDENTITY LAST-UPDATED "201312190000Z" ORGANIZATION "www.example.com" CONTACT-INFO "postal: John Doe 123 Main Street Anytown, CA 00000 email: xyz-mib@example.com" DESCRIPTION "Example MIB objects for agent module example implementations" DESCRIPTION "First draft" ::= < netSnmpPlaypen 42 >-- or "enterprises XXXX" where XXXX with your assigned enterprise OID
Now you can change the names and definitions of the object and experiment.
Validating your MIB
Once you have a MIB, you should run it through a MIB syntax checker to make sure it can be compiled. We recommend using smilint from libsmi. Check their pages for usage information.
External References
The syntax for a MIB and the process of actually writing a MIB are too complex to cover in a basic wiki page, so at this point we’re going to hand you off to some resources that cover the topic in much more depth.
- Buy Understanding SNMP MIBs, by Dave Perkins
- If you are on a budget, there is a free PDF of the precursor to this book, which only covers SNMP version 1. It will help you understand the basic concepts, but we strongly recommend you get the book, which covers SNMP version 2.
Implementing a MIB in Net-SNMP
Once you have a MIB written, there are several resources in the wiki for implementing the MIB with Net-SNMP.
