Agenda: exercises-snmp-v1-v2c.txt

File exercises-snmp-v1-v2c.txt, 6.6 KB (added by admin, 8 years ago)
Line 
1Advanced Registry Operations Curriculum
2
3SNMP exercises, part I
4
51. Getting packages:
6
7    > apt-get install snmpd             # adds thSNMP tools, server + libraries
8    > apt-get install tkmib             # SNMP MIB browser
9
102. Testing SNMP
11
12    - To control that your SNMP installation works, run the
13    snmpstatus command on each of the following devices:
14
15    > snmpstatus -c 'public' -v2c IP_ADDRESS
16
17    ... Where IP_ADDRESS is the following list: (see diagram)
18
19    - Your virtual router:  10.10.0.(1-16)
20    - The NOC server:       10.10.0.200
21    - The Core router:      10.10.0.254
22    - The backbone switch:  10.10.0.253
23    - The access points:    10.10.0.(251,252)
24
253. SNMP Walk and OIDs
26
27    Now, you are going to use the 'snmpwalk' command, part of the
28    SNMP toolkit, to list the tables associated with the OIDs listed
29    below, on each piece of equipment you tried above:
30
31    .1.3.6.1.2.1.2.2.1.2
32    .1.3.6.1.2.1.31.1.1.1.18
33    .1.3.6.1.4.1.9.9.13.1.3
34    .1.3.6.1.4.1.11.2.14.11.1.2
35    .1.3.6.1.2.1.25.2.3.1
36    .1.3.6.1.2.1.25.4.2.1
37
38    You will try this with two forms of the 'snmpwalk' command:
39
40    > snmpwalk     -c 'public' -v2c IP_ADDRESS OID
41
42    and
43
44    > snmpwalk -On -c 'public' -v2c IP_ADDRESS OID
45
46    ... where OID is one of the three OIDs listed above: .1.3.6...
47
48    Note: the "-On" option turns on numerical output, i.e.: no translation
49    of the OID <-> MIB object takes place.
50
51    For these OIDs:
52
53    a) Do all the devices answer ?
54
55    b) Do you notice anything important about the OID on the output ?
56
574. Configuration of snmpd on your NOC server
58
59    - Edit the following file:
60
61    > vi /etc/snmp/snmpd.conf
62
63        Comment the line (ADD '#' in front):
64
65    com2sec paranoid  default         public
66
67      ... so that it becomes:
68
69    #com2sec paranoid  default         public
70       
71        And UNcomment the line (REMOVE the '#' in front) and change community:
72
73    #com2sec readonly  default         public
74
75      ... so that it becomes:
76
77    com2sec readonly  default         public
78
79
80    - Edit the file /etc/default/snmpd, and find the line:
81   
82SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
83
84    - Remove 127.0.0.1 at the end, so you have:
85
86SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
87
88    - Restart snmpd
89
90    > /etc/init.d/snmpd stop
91    > /etc/init.d/snmpd start
92
935. Check that snmpd is working:
94
95    > snmpstatus -c public -v2c localhost
96
97    - What do you observe ?
98
997. Check now that you can run snmpstatus against your neighbor's servers:
100
101    - Check snmp against their machine:
102
103    > snmpstatus -c public -v2c 10.10.0.X             # X = 101 -> 116 (PCs)
104
1058. SNMPwalk – the rest of MIB-II
106
107    - Try and run snmpwalk on any hosts (routers, switches, machines) you
108      have not tried yet, in the 10.10.0.Y network
109
110    Note the kind of information you can obtain.
111
112    > snmpwalk -c public -v2c 10.10.0.X ifDescr
113    > snmpwalk -c public -v2c 10.10.0.X ifTable
114    > snmpwalk -c public -v2c 10.10.0.X ifAlias
115    > snmpwalk -c public -v2c 10.10.0.X ifOperStatus
116    > snmpwalk -c public -v2c 10.10.0.X ifAdminStatus
117    > snmpwalk -c public -v2c 10.10.0.X if
118
119    - Can you explain the difference between ifOperStatus and
120      ifAdminStatus ?
121
122    - Can you imagine a scenario where this could be useful ?
123
1249. Adding MIBs
125
126    Remember when you ran:
127
128    > snmpwalk -c public -v2c 10.10.0.254  .1.3.6.1.4.1.9.9.13.1.3
129    or
130    > snmpwalk -c public -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
131
132    If you noticed, the SNMP client (snmpwalk) couldn't interpret
133    all the OIDs coming back from the Agent:
134
135    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
136    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
137
138    or
139
140    ...
141    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
142    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
143    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
144    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
145    ...
146
147    - What is '9.9.13.1.3.1.3' ?
148    - What is '.11.2.14.11.1.2.6.1.4' ?
149
150    To be able to interpret this information, we need to download extra MIBs:
151
152    - Download the following files to your machine:
153
154    CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
155                ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
156
157    HP MIBS:    http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
158
159    > cd /usr/share/snmp/mibs
160    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
161    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
162    > wget http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
163
164    - Extract the HP SNMP MIBs (in the /usr/share/snmp/mibs):
165
166    > cd /usr/share/snmp/mibs       # just in case!
167    > mkdir hp
168    > cd hp
169    > tar -xvf ../mibs-Oct09.tar
170
171    Note: You should see a lot of output on the screen (the HP MIB files)
172 
173    - Create the file /usr/share/snmp/snmp.conf, and put into it:
174
175        mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/hp
176
177        mibs ALL
178
179    This tells the snmp* commands that they should load ALL mibs in the
180    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
181   
182    - Save the file, quit.
183
184    Now, try again:
185
186    > snmpwalk -c 'public' -v2c 10.10.0.254  .1.3.6.1.4.1.9.9.13.1.3
187    or
188    > snmpwalk -c 'public' -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
189
190
191    - What do you notice ?
192
193
19410. More MIB-OID fun
195
196    - Use the OIDs from the beginning of this exercise set, and examine:
197
198    a) the running processes on your neighbor's server (hrSWRun)
199    b) the amount of free diskspace on your neighbor's server (hrStorage)
200    c) the interfaces on your neighbor's server (ifIndex, ifDescr)
201
202    Can you use short names to walk these OID tables ?
203
204    - Experiment with the "snmptranslate" command, example:
205
206    > snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
207
208    - Try with various OIDs
209
210=== PLEASE SKIP THE FOLLOWING, IT APPLIES TO LINUX WITH GUI ===
211
21211. MIB Browser
213
214    In the beginning of this exercise set, you installed the tkmib MIB
215    browser.  Now we will run it:
216
217    > tkmib
218
219    The tkmib main windows should pop up on your screen.
220
221    We'll run through a few examples together, but you are encourage
222    to explore the interface.
223
224    Remember to set the community name and the SNMP version (v2c) in the
225    "Options" menu.
226
227    Then replace "localhost" with the IP you want to probe, and you can
228    either type an OID manually in the OID window, or navigate using the
229    tree window, for example, on the HP switches (.100.1 and .75.254):
230
231    .iso.org.dod.internet.private.enterprises.hp.nm.icf.hpicfObjects.
232        hpicfCommon.hpicfChassis
233
234
235    Then try and "walk" that part of the MIB