Agenda: exercises-snmp-v1-v2c.2.txt

File exercises-snmp-v1-v2c.2.txt, 6.9 KB (added by admin, 8 years ago)
Line 
1SNMP exercises, part I
2======================
3
4Note: many of the commands in this exercise do not have to be run as root,
5but it is safe to run them all as root. So it's simpler if you start a
6root shell and enter them all there. You can start a root shell like this:
7
8    $ sudo bash
9
101. Getting packages:
11--------------------
12
13    # apt-get install snmp snmpd       # adds both tools and agent
14
152. Testing SNMP
16---------------
17
18To control that your SNMP installation works, run the
19snmpstatus command on each of the following devices
20
21    $ snmpstatus -c 'NetManage' -v2c IP_ADDRESS
22
23Where IP_ADDRESS is the following list:
24
25    * The NOC server:       10.10.0.254
26    * The backbone switch:  10.10.0.253
27    * Classroom routers:    10.10.1-9.254
28    * The access points:    10.10.0.(251,252)
29
303. SNMP Walk and OIDs
31---------------------
32
33Now, you are going to use the 'snmpwalk' command, part of the
34SNMP toolkit, to list the tables associated with the OIDs listed
35below, on each piece of equipment you tried above:
36
37    .1.3.6.1.2.1.2.2.1.2
38    .1.3.6.1.2.1.31.1.1.1.18
39    .1.3.6.1.4.1.9.9.13.1
40    .1.3.6.1.4.1.11.2.14.11.1.2
41    .1.3.6.1.2.1.25.2.3.1
42    .1.3.6.1.2.1.25.4.2.1
43
44You will try this with two forms of the 'snmpwalk' command:
45
46    $ snmpwalk     -c 'NetManage' -v2c IP_ADDRESS OID
47
48and
49
50    $ snmpwalk -On -c 'NetManage' -v2c IP_ADDRESS OID
51
52... where OID is one of the three OIDs listed above: .1.3.6...
53
54Note: the "-On" option turns on numerical output, i.e.: no translation
55of the OID <-> MIB object takes place.
56
57For these OIDs:
58
59a) Do all the devices answer ?
60
61b) Do you notice anything important about the OID on the output ?
62
634. Configuration of snmp on your Cisco router
64---------------------------------------------
65
66Connect to your virtual Cisco router:
67
68    # apt-get install telnet    # if required
69
70    $ telnet 10.10.X.254        # where X is 1-26
71
72Default login: "cisco", password "cisco", enable secret "cisco"
73
74Configure it to enable SNMP:
75
76    enable
77    conf t
78    snmp-server community NetManage ro 99
79    access-list 99 permit 10.10.0.0 0.0.255.255
80    access-list 99 permit 10.10.254.0 0.0.255.255
81    exit
82    exit     # until you get back to your PC
83
84Now back on your PC, test using some of the OIDs from section 3 above.
85
86    $ snmpwalk -c 'NetManage' -v2c 10.10.X.254 <OID>
87
88What happens if you try using the wrong community string (i.e. change
89'NetManage' to something else?)
90
915. Configuration of snmpd on your PC
92-------------------------------------
93
94* Edit the following file:
95
96        # editor /etc/snmp/snmpd.conf
97
98    Comment this line (ADD '#' in front):
99
100        com2sec paranoid  default         public
101
102    ... so that it becomes:
103
104        #com2sec paranoid  default         public
105       
106    And UNcomment the line (REMOVE the '#' in front) and change community:
107
108        #com2sec readonly  default         public
109
110    ... so that it becomes:
111
112        com2sec readonly  default         NetManage
113
114* Edit the file /etc/default/snmpd, and find the line:
115   
116        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
117
118    Remove 127.0.0.1 at the end, so you have:
119
120        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
121
122* Restart snmpd
123
124        # /etc/init.d/snmpd stop
125        # /etc/init.d/snmpd start
126
1276. Check that snmpd is working:
128-------------------------------
129
130    $ snmpstatus -c NetManage -v2c localhost
131
132What do you observe ?
133
1347. Test your neighbors
135----------------------
136
137Check now that you can run snmpstatus against your neighbor's servers:
138
139    $ snmpstatus -c NetManage -v2c 10.10.0.X             # X = 1 -> 26 (PCs)
140
141
1428. Adding MIBs
143--------------
144
145Remember when you ran:
146
147    $ snmpwalk -c NetManage -v2c 10.10.0.254  .1.3.6.1.4.1.9.9.13.1
148
149or
150
151    $ snmpwalk -c NetManage -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
152
153If you noticed, the SNMP client (snmpwalk) couldn't interpret
154all the OIDs coming back from the Agent:
155
156    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
157    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
158
159or
160
161    ...
162    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
163    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
164    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
165    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
166    ...
167
168What is '9.9.13.1.3.1' ?
169What is '.11.2.14.11.1.2.6.1.4' ?
170
171To be able to interpret this information, we need to download extra MIBs:
172
173* You will download the following files to your machine:
174
175        CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
176                    ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
177
178        HP MIBS:    http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
179
180    However we have a local mirror on http://noc.ws.nsrc.org/mibs/
181    which will be much faster (especially for the large HP mib bundle)
182
183        # apt-get install wget
184        # cd /usr/share/snmp/mibs
185        # wget http://noc.ws.nsrc.org/mibs/CISCO-SMI.my
186        # wget http://noc.ws.nsrc.org/mibs/CISCO-ENVMON-MIB.my
187        # wget http://noc.ws.nsrc.org/mibs/mibs-Oct09.tar
188
189* Extract the HP SNMP MIBs (in the /usr/share/snmp/mibs):
190
191        # cd /usr/share/snmp/mibs       # just in case!
192        # mkdir hp
193        # cd hp
194        # tar -xvf ../mibs-Oct09.tar
195
196    Note: You should see a lot of output on the screen (the HP MIB files)
197 
198* Create the file /etc/snmp/snmp.conf, and put into it:
199
200        mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/hp
201        mibs ALL
202
203    This tells the snmp* commands that they should load ALL mibs in the
204    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
205   
206* Save the file, quit.
207
208Now, try again:
209
210    $ snmpwalk -c 'NetManage' -v2c 10.10.0.254  .1.3.6.1.4.1.9.9.13.1
211
212and
213
214    $ snmpwalk -c 'NetManage' -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
215
216What do you notice ?
217
218
2199. SNMPwalk - the rest of MIB-II
220--------------------------------
221
222Try and run snmpwalk on any hosts (routers, switches, machines) you
223have not tried yet, in the 10.10.0.X network
224
225Note the kind of information you can obtain.
226
227    $ snmpwalk -c NetManage -v2c 10.10.0.X ifDescr
228    $ snmpwalk -c NetManage -v2c 10.10.0.X ifTable
229    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAlias
230    $ snmpwalk -c NetManage -v2c 10.10.0.X ifOperStatus
231    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAdminStatus
232    $ snmpwalk -c NetManage -v2c 10.10.0.X if
233
234Can you explain the difference between ifOperStatus and ifAdminStatus ?
235
236Can you imagine a scenario where this could be useful ?
237
238
239
24010. More MIB-OID fun
241--------------------
242
243* Use the OIDs from the beginning of this exercise set, and examine:
244
245        a) the running processes on your neighbor's server (hrSWRun)
246        b) the amount of free diskspace on your neighbor's server (hrStorage)
247        c) the interfaces on your neighbor's server (ifIndex, ifDescr)
248
249    Can you use short names to walk these OID tables ?
250
251* Experiment with the "snmptranslate" command, example:
252
253        $ snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
254
255* Try with various OIDs