Agenda: snmp-exercises.txt

File snmp-exercises.txt, 6.5 KB (added by nocadmin, 9 years ago)
Line 
1Advanced Registry Operations Curriculum
2
3SNMP exercises, part I
4
51. Getting packages:
6
7    > apt-get install snmpd             # adds thSNMP tools, server + libraries
8    > apt-get install tkmib             # SNMP MIB browser
9
102. Testing SNMP
11
12    - To control that your SNMP installation works, run the
13    snmpstatus command on each of the following devices:
14
15    > snmpstatus -c 'tldadmin' -v2c IP_ADDRESS
16
17    ... Where IP_ADDRESS is the following list: (see diagram)
18
19    - Your TLD router:      10.10.10.21/22
20    - The backbone switch:  10.10.10.253
21    - The Core router:      10.10.10.254
22    - The NOC server:       10.10.10.10
23
243. SNMP Walk and OIDs
25
26    Now, you are going to use the 'snmpwalk' command, part of the
27    SNMP toolkit, to list the tables associated with the OIDs listed
28    below, on each piece of equipment you tried above:
29
30    .1.3.6.1.2.1.2.2.1.2
31    .1.3.6.1.2.1.31.1.1.1.18
32    .1.3.6.1.4.1.9.9.13.1.3
33    .1.3.6.1.4.1.11.2.14.11.1.2
34    .1.3.6.1.2.1.25.2.3.1
35    .1.3.6.1.2.1.25.4.2.1
36
37    You will try this with two forms of the 'snmpwalk' command:
38
39    > snmpwalk     -c 'tldadmin' -v2c IP_ADDRESS OID
40
41    and
42
43    > snmpwalk -On -c 'tldadmin' -v2c IP_ADDRESS OID
44
45    ... where OID is one of the three OIDs listed above: .1.3.6...
46
47    Note: the "-On" option turns on numerical output, i.e.: no translation
48    of the OID <-> MIB object takes place.
49
50    For these OIDs:
51
52    a) Do all the devices answer ?
53
54    b) Do you notice anything important about the OID on the output ?
55
564. Configuration of snmpd on your NOC server
57
58    - Edit the following file:
59
60    > vi /etc/snmp/snmpd.conf
61
62        Comment the line (ADD '#' in front):
63
64    com2sec paranoid  default         public
65
66      ... so that it becomes:
67
68    #com2sec paranoid  default         public
69       
70        And UNcomment the line (REMOVE the '#' in front) and change community:
71
72    #com2sec readonly  default         public
73
74      ... so that it becomes:
75
76    com2sec readonly  default         tldadmin
77
78
79    - Edit the file /etc/default/snmpd, and find the line:
80   
81SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
82
83    - Remove 127.0.0.1 at the end, so you have:
84
85SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
86
87    - Restart snmpd
88
89    > /etc/init.d/snmpd stop
90    > /etc/init.d/snmpd start
91
925. Check that snmpd is working:
93
94    > snmpstatus -c 'tldadmin' -v2c localhost
95
96    - What do you observe ?
97
987. Check now that you can run snmpstatus against your neighbor's server:
99
100    - Check snmp against their machine:
101
102    > snmpstatus -c 'tldadmin!' -v2c 10.10.10.X         # X = 40 -> 56
103
1048. SNMPwalk – the rest of MIB-II
105
106    - Try and run snmpwalk on any hosts (routers, switches, machines) you
107      have not tried yet, in the 10.10.10.X network
108
109    Note the kind of information you can obtain.
110
111    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X ifDescr
112    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X ifTable
113    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X ifAlias
114    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X ifOperStatus
115    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X ifAdminStatus
116    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X if
117
118    - Can you explain the difference between ifOperStatus and
119      ifAdminStatus ?
120
121    - Can you imagine a scenarion where this could be useful ?
122
1239. Adding MIBs
124
125    Remember when you ran:
126
127    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X  .1.3.6.1.4.1.9.9.13.1.3
128    or
129    > snmpwalk -c 'tldadmin' -v2c 10.10.10.X  .1.3.6.1.4.1.11.2.14.11.1.2
130
131    If you noticed, the SNMP client (snmpwalk) couldn't interpret
132    all the OIDs coming back from the Agent:
133
134    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
135    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
136
137    or
138
139    ...
140    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
141    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
142    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
143    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
144    ...
145
146    - What is '9.9.13.1.3.1.3' ?
147    - What is '.11.2.14.11.1.2.6.1.4' ?
148
149    To be able to interpret this information, we need to download extra MIBs:
150
151    - Download the following files to your machine:
152
153    CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
154                ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
155
156    HP MIBS:    http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
157
158    > cd /usr/share/snmp/mibs
159    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
160    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
161    > wget http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
162
163    - Extract the HP SNMP MIBs (in the /usr/share/snmp/mibs):
164
165    > cd /usr/share/snmp/mibs       # just in case!
166    > mkdir hp
167    > cd hp
168    > tar -xvf ../mibs-Oct09.tar
169
170    Note: You should see a lot of output on the screen (the HP MIB files)
171 
172    - Create the file /usr/share/snmp/snmp.conf, and put into it:
173
174        mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/hp
175
176        mibs ALL
177
178    This tells the snmp* commands that they should load ALL mibs in the
179    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
180   
181    - Save the file, quit.
182
183    Now, try again:
184
185    > snmpwalk -c 'tldadmin!' -v2c 10.10.10.X  .1.3.6.1.4.1.9.9.13.1.3
186    or
187    > snmpwalk -c 'tldadmin!' -v2c 10.10.10.X  .1.3.6.1.4.1.11.2.14.11.1.2
188
189    What do you notice ?
190
191
19210. More MIB-OID fun
193
194    - Use the OIDs from the beginning of this exercise set, and examine:
195
196    a) the running processes on your neighbor's server (hrSWRun)
197    b) the amount of free diskspace on your neighbor's server (hrStorage)
198    c) the interfaces on your neighbor's server (ifIndex, ifDescr)
199
200    Can you use short names to walk these OID tables ?
201
202    - Experiment with the "snmptranslate" command, example:
203
204    > snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
205
206    - Try with various OIDs
207
20811. MIB Browser
209
210    In the beginning of this exercise set, you installed the tkmib MIB
211    browser.  Now we will run it:
212
213    > tkmib
214
215    The tkmib main windows should pop up on your screen.
216
217    We'll run through a few examples together, but you are encourage
218    to explore the interface.
219
220    Remember to set the community name and the SNMP version (v2c) in the
221    "Options" menu.
222
223    Then replace "localhost" with the IP you want to probe, and you can
224    either type an OID manually in the OID window, or navigate using the
225    tree window, for example, on the HP switches (.253 and .254):
226
227    .iso.org.dod.internet.private.enterprises.hp.nm.icf.hpicfObjects.
228        hpicfCommon.hpicfChassis
229
230
231    Then try and "walk" that part of the MIB
232
233