Versions Compared

Old Version 6

changes.mady.by.user Arnulfo Garcia Perez

Saved on

compared with

New Version Current

changes.mady.by.user Arnulfo Garcia Perez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page is intended to provide a troubleshooting and validation process to the SNMP configuration on the servers where NMIS is installed.process for problems involving SNMP, such as SNMP configuration validation, snmpd daemon status, port, rules, traffic captures, mibs translations, possible failures/errors. 



Network-Management-Information-System

What is SNMP?

SNMP stands for Simple Network Management Protocol and consists of three key components: managed devices, agents and network management systems. The protocol is a set of standards for communicating with devices on a TCP/IP network. It can be defined as an application-level protocol designed to monitor network infrastructure and provides administrators with device-centric visibility. SNMP monitoring is useful for anyone responsible for servers and network devices such as servers, routers, hubs, switches, ups, etc.

...

Start with these basic checks:

  • If you’re using SNMPv1 or v2: Is the device configured with the correct community string in LogicMonitor (either at the global, group or device level)? If no community string is set, LogicMonitor defaults to using public. Note: Some Linux distributions significantly restrict which metrics are exposed if the community string is set to “public”. Therefore, we recommend you set your community string to something else.  See the section below to verify that your device has the correct community string set.
  • If you’re using SNMPv3: Is the device configured with the correct authpass, privpass and username (either at the global, group or device level)? See the section below to verify that your device has the correct v3 credentials set.
  • Can queries from the collector device reach the monitored device? You can check this by running tcpdump on the monitored host. If the queries are not reaching the device, there may be a firewall issue.
  • Is the monitored device replying to the queries from the collector?

If the queries are reaching the host, but the host is not replying, things to check are:

  • The access restrictions in snmpd.conf may not allow queries from the collector, or the community string is wrong.
    • The simplest SNMPd v1/v2 configuration would be the single line: rocommunity [community]
    • Note that SNMPd must be restarted after changing the configuration file contents. (/etc/init.d/snmpd restart)
  • SNMPd may only be listening on a loopback address.
    • On some distributions of Debian and Redhat, by default SNMPd only listens on 127.0.0.1. You can correct this in /etc/default/snmpd or /etc/syconfig/snmpd.options and restart SNMPd.
    • If you see this line: agentAddress  udp:127.0.0.1:161, it means the host is only listening on the loopback address for SNMP queries. Please comment that line.
  • IP Access restrictions may be blocking the SNMP requests from being accepted.
    • /etc/hosts.allow may be restricting the IP addresses that SNMP will respond to (you will see syslog messages about “Connection Refused”). Ensure the collector is listed in this file for SNMP access, if the file exists.
    • IPTables rules may be preventing the reception of SNMP packets from the collector.

Lexicographic order issues:

  • If you are receiving the common error message “Agent did not return variable bindings in lexicographic order”, set the snmp.ignore.lexicographic.order Collector setting to TRUE. As discussed in Editing the Collector Config Files, this setting must be updated from the Collector’s agent.conf file.


Ports/rules required by the snmpd service.

...

Examples of command execution.

SNMPBULKWALK

snmpbulkwalk is an SNMP application that uses SNMP GETBULK requests to query a network entity efficiently for a tree of information.

More details here.

Procedure for translating MIBS

One of the most common issues that users encounter with SNMP Traps and MIB files are that most MIB files require other MIB files to be loaded on the system so they can be fully translated. Solving this issue require that those needed MIB files are gathered and translated appropriately.

Details of the procedure.


SNMP trap

SNMP traps are one of the oldest standards for fault notification on network equipment. As one of the oldest standard protocols, most network devices with basic management capabilities typically support SNMP traps. When a device detects an error or change, the device will send a notification to one or more trap receivers.
NMIS waits for incoming messages and upon receiving data and, depending on the filtering rule, sound the alarm to notify of this detected event.

Tests for snmptraps reception.