Differences between revisions 11 and 12
Revision 11 as of 2009-03-16 03:33:16
Size: 7669
Editor: anonymous
Comment: converted to 1.6 markup
Revision 12 as of 2010-11-24 15:49:31
Size: 8431
Editor: ?ReenenKroukamp
Comment: removed do not edit link from 2005, added info on snmp-mibs-downloader
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
[Please do not edit in Aug-Sep'05, still under construction. See my link at the bottom]
Line 4: Line 3:
= SNMP on Debian =
This is a first atempt at documenting various tasks I (and maybe you) want to accomplish with SNMP. It is based on my work with Debian GNU/Linux 3.1 Sarge and net-snmp 5.1.2, which comes with it by default. I find this page necessary after finding the limited way snmp is implemented by default on Debian. I suspect this is because of the multi platform nature of Debian and the tight relationship between platform and SNMP (but hey, what do I know, correct me if I'm wrong).
= SNMP Clients =
Line 7: Line 5:
The page is meant for documentation and to make it possible for others to profit from my atempts and mistakes. Please feel free to correct mistakes and add your own knowledge. == Command line client applications ==

To configure SNMP client applications on Debian, including snmpwalk:

 apt-get install snmp

If you want to resolve OIDs to their text description, also install snmp-mibs-downloader:

 apt-get install snmp-mibs-downloader

Edit /etc/snmp/snmp.conf, and comment the line 'mibs :'

apt-get install snmp-mibs-downloader

If you have a SNMP server on localhost, with Community string 'public', you can test
this:

 % snmpwalk -v1 -cpublic localhost
 SNMPv2-MIB::sysDescr.0 = STRING: Linux eedesne 2.6.36 #2 SMP Fri Oct 22 00:03:39 BST 2010 i686
 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (141766) 0:23:37.66
 SNMPv2-MIB::sysContact.0 = STRING: Me <me@example.org>
 ...


= SNMP Servers =

This is the daemon providing SNMP services. SNMP 'agents' run on the server
side, which listens for incoming SNMP requests from clients and provides responses.
Install this from the snmpd package:

 apt-get install snmpd

Edit /etc/snmp/snmpd.conf to configure. A simple test, is to allow access from
localhost. To enable this, uncomment the line:

 rocommunity public localhost

You can now query your local server using 'public' as your Community string as follows:

 % snmpwalk -v1 -cpublic localhost

= SNMP on Debian - older information =

The following section applies to Debian GNU/Linux 3.1 Sarge, and dates from 2005, so may not be relevant any more.

SNMP Clients

Command line client applications

To configure SNMP client applications on Debian, including snmpwalk:

  • apt-get install snmp

If you want to resolve OIDs to their text description, also install snmp-mibs-downloader:

  • apt-get install snmp-mibs-downloader

Edit /etc/snmp/snmp.conf, and comment the line 'mibs :'

apt-get install snmp-mibs-downloader

If you have a SNMP server on localhost, with Community string 'public', you can test this:

  • % snmpwalk -v1 -cpublic localhost SNMPv2-MIB::sysDescr.0 = STRING: Linux eedesne 2.6.36 #2 SMP Fri Oct 22 00:03:39 BST 2010 i686 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (141766) 0:23:37.66

    SNMPv2-MIB::sysContact.0 = STRING: Me <me@example.org>

  • ..

SNMP Servers

This is the daemon providing SNMP services. SNMP 'agents' run on the server side, which listens for incoming SNMP requests from clients and provides responses. Install this from the snmpd package:

  • apt-get install snmpd

Edit /etc/snmp/snmpd.conf to configure. A simple test, is to allow access from localhost. To enable this, uncomment the line:

  • rocommunity public localhost

You can now query your local server using 'public' as your Community string as follows:

  • % snmpwalk -v1 -cpublic localhost

SNMP on Debian - older information

The following section applies to Debian GNU/Linux 3.1 Sarge, and dates from 2005, so may not be relevant any more.

Defaults

Agent

Starts allways by default. Listens on all interfaces, correct by adding the address you want it to listen on in /etc/default/snmpd to the parameter SNMPDOPTS:

change from

     SNMPDOPTS='-Lsd -Lf /dev/null -p /var/run/snmpd.pid'

to

     SNMPDOPTS='-Lsd -Lf /dev/null -p /var/run/snmpd.pid 192.168.123.4'

It also listens to the smux port (199) on all interfaces, which can only be altered to listening only to localhost by recompiling. More on this later. It can be argued, with security in mind, to configure snmpd to listen only on localhost. To make it accessible over the net you would have to add tricks like a tunnel, but that goes beyond the scope of this document. Feel free to add it to this page if you know how to do it.

Trap server

Does not start by default. See /etc/default/snmpd

Note: does not need to run on ervery server, you only need 1 trap server in your network, unless it's overloaded or for reasons of redundancy or security.

Rebuilding

Needed packages to make building possible:

(install all extra packages with apt-get install packagename)

     autoconf
     automake1.4
     autotools-dev

You need the following extra packages to rebuild snmpd:

     libwrap0-dev
     libsensors-dev
     libssl-dev

Which you can install the easiest (according to http://www.debian.org/doc/manuals/apt-howto/ch-sourcehandling.en.html#6.2) with:

     apt-get build-dep package

Download the sources in /usr/src:

     user@buildserver:/usr/src >apt-get source libsnmp-base libsnmp5 snmpd
     Reading Package Lists... Done
     Building Dependency Tree... Done
     Need to get 9967kB of source archives.
     Get:1 http://d-i stable/main net-snmp 5.1.2-6.1 (dsc) ["1086B"]
     Get:2 http://d-i stable/main net-snmp 5.1.2-6.1 (tar) ["3254kB"]
     Get:3 http://d-i stable/main net-snmp 5.1.2-6.1 (diff) [67.5kB]
     Get:4 http://d-i stable/main net-snmp 5.1.2-6.1 (dsc) ["1086B"]
     Get:5 http://d-i stable/main net-snmp 5.1.2-6.1 (tar) ["3254kB"]
     Get:6 http://d-i stable/main net-snmp 5.1.2-6.1 (diff) [67.5kB]
     Get:7 http://d-i stable/main net-snmp 5.1.2-6.1 (dsc) ["1086B"]
     Get:8 http://d-i stable/main net-snmp 5.1.2-6.1 (tar) ["3254kB"]
     Get:9 http://d-i stable/main net-snmp 5.1.2-6.1 (diff) [67.5kB]
     Fetched 9967kB in 1s (7314kB/s)
     dpkg-source: extracting net-snmp in net-snmp-5.1.2
     Skipping unpack of already unpacked source in net-snmp-5.1.2
     Skipping unpack of already unpacked source in net-snmp-5.1.2
     user@buildserver:/usr/src >

results in :

     user@buildserver:/usr/src >ls -al||grep snmp
     drwxrwxr-x  15 user src       4096 2005-08-24 10:42 net-snmp-5.1.2
     -rw-r--r--   1 user src      67522 2005-03-31 17:32 net-snmp_5.1.2-6.1.diff.gz
     -rw-r--r--   1 user src       1086 2005-03-31 17:32 net-snmp_5.1.2-6.1.dsc
     -rw-r--r--   1 user src    3253579 2004-08-10 12:32 net-snmp_5.1.2.orig.tar.gz
     user@buildserver:/usr/src >

Rebuild to check your environment :

     user@buildserver:/usr/src >cd net-snmp-5.1.2
     user@buildserver:/usr/src/net-snmp-5.1.2 >debian/rules binary

Yada, yada, yada ...

     Use of uninitialized value in scalar assignment at /usr/bin/dh_shlibdeps line 13 8.
     dh_gencontrol -a
     dh_md5sums -a
     dh_builddeb -a
     dpkg-deb: building package `snmpd' in `../snmpd_5.1.2-6.1_i386.deb'.
     dpkg-deb: building package `snmp' in `../snmp_5.1.2-6.1_i386.deb'.
     dpkg-deb: building package `libsnmp5' in `../libsnmp5_5.1.2-6.1_i386.deb'.
     dpkg-deb: building package `libsnmp5-dev' in `../libsnmp5-dev_5.1.2-6.1_i386.deb '.
     dpkg-deb: building package `libsnmp-perl' in `../libsnmp-perl_5.1.2-6.1_i386.deb '.
     user@buildserver:/usr/src/net-snmp-5.1.2 >
     user@buildserver:/usr/src/net-snmp-5.1.2 >date
     Wed Aug 24 10:59:16 CEST 2005
     user@buildserver:/usr/src/net-snmp-5.1.2 >ls -al .. || grep '08-24 10:5'
     drwxrwsr-x  10 user src       4096 2005-08-24 10:53 .
     -rw-r--r--   1 user src    1533904 2005-08-24 10:53 libsnmp5_5.1.2-6.1_i386.deb
     -rw-r--r--   1 user src    1100654 2005-08-24 10:53 libsnmp5-dev_5.1.2-6.1_i386.deb
     -rw-r--r--   1 user src    1004758 2005-08-24 10:53 libsnmp-base_5.1.2-6.1_all.deb
     -rw-r--r--   1 user src     808572 2005-08-24 10:53 libsnmp-perl_5.1.2-6.1_i386.deb
     drwxrwxr-x  15 user src       4096 2005-08-24 10:53 net-snmp-5.1.2
     -rw-r--r--   1 user src     811612 2005-08-24 10:53 snmp_5.1.2-6.1_i386.deb
     -rw-r--r--   1 user src     730488 2005-08-24 10:53 snmpd_5.1.2-6.1_i386.deb
     -rw-r--r--   1 user src     754554 2005-08-24 10:53 tkmib_5.1.2-6.1_all.deb
     user@buildserver:/usr/src/net-snmp-5.1.2 >

[Todo : Find out why building from sources libsnmp-base, libsnmp5 and snmpd produces packages libsnmp5, libsnmp5-dev, libsnmp-base, libsnmp-perl, snmp, snmpd & tkmib]

Using your own packages

Since I prefer installing packages automatically using the same means as the original install method, I'm describing my own way through a debian-local directory on my local web server in combination with apt-proxy. Feel free to install your packages with

     dpkg -i ./packagefile.deb

if you feel an urgent need to create work or for testing purposes.

So I run a local apt-proxy which keeps a copy of my downloaded packages on my local web server and have a real (so not proxied) local directory that's part of my /etc/apt/sources.list (the place apt uses to install new packages and updates over the net) in which I store my home-grown packages:

     deb     http://d-i.local/debian          sarge         main contrib non-free # proxied
     deb-src http://d-i.local/debian          sarge         main contrib non-free
     deb     http://d-i.local/debian-security sarge/updates main contrib non-free
     deb-src http://d-i.local/debian-security sarge/updates main contrib non-free
     deb     http://d-i.local/debian-local    sarge         main                  # local (my own packages)

For how to set up and maintain a local repository, see http://www.debian.org/doc/manuals/repository-howto/repository-howto.en.html

How to keep your localy build package from being overwritten by the official Debian packages is described here : http://www.debian.org/doc/manuals/apt-howto/ch-apt-get.en.html#s-pin Basically this is achieved locally on the system you install your packages on on a per package base :-( [Todo: find a way to override from the repository].

Disk usage monitoring

Basically, you need to recompile with the parameters disman/event-mib and ucd-snmp/diskio added to the --with-mib-modules option.

Process monitoring