| 1 | SNMP exercises, part I |
|---|
| 2 | ====================== |
|---|
| 3 | |
|---|
| 4 | Note: many of the commands in this exercise do not have to be run as root, |
|---|
| 5 | but it is safe to run them all as root. So it's simpler if you start a |
|---|
| 6 | root shell and enter them all there. You can start a root shell like this: |
|---|
| 7 | |
|---|
| 8 | $ sudo bash |
|---|
| 9 | |
|---|
| 10 | 1. Getting packages: |
|---|
| 11 | -------------------- |
|---|
| 12 | |
|---|
| 13 | # apt-get install snmp snmpd # adds both tools and agent |
|---|
| 14 | |
|---|
| 15 | 2. Testing SNMP |
|---|
| 16 | --------------- |
|---|
| 17 | |
|---|
| 18 | To control that your SNMP installation works, run the |
|---|
| 19 | snmpstatus command on each of the following devices |
|---|
| 20 | |
|---|
| 21 | $ snmpstatus -c 'NetManage' -v2c IP_ADDRESS |
|---|
| 22 | |
|---|
| 23 | Where IP_ADDRESS is the following list: |
|---|
| 24 | |
|---|
| 25 | * The NOC server: 10.10.0.254 |
|---|
| 26 | * The backbone switch: 10.10.0.253 |
|---|
| 27 | * Classroom routers: 10.10.0.201-205 |
|---|
| 28 | * The access points: 10.10.0.(251,252) |
|---|
| 29 | |
|---|
| 30 | 3. SNMP Walk and OIDs |
|---|
| 31 | --------------------- |
|---|
| 32 | |
|---|
| 33 | Now, you are going to use the 'snmpwalk' command, part of the |
|---|
| 34 | SNMP toolkit, to list the tables associated with the OIDs listed |
|---|
| 35 | below, on each piece of equipment you tried above: |
|---|
| 36 | |
|---|
| 37 | .1.3.6.1.2.1.2.2.1.2 |
|---|
| 38 | .1.3.6.1.2.1.31.1.1.1.18 |
|---|
| 39 | .1.3.6.1.4.1.9.9.13.1 |
|---|
| 40 | .1.3.6.1.2.1.25.2.3.1 |
|---|
| 41 | .1.3.6.1.2.1.25.4.2.1 |
|---|
| 42 | |
|---|
| 43 | You will try this with two forms of the 'snmpwalk' command: |
|---|
| 44 | |
|---|
| 45 | $ snmpwalk -c 'NetManage' -v2c IP_ADDRESS OID |
|---|
| 46 | |
|---|
| 47 | and |
|---|
| 48 | |
|---|
| 49 | $ snmpwalk -On -c 'NetManage' -v2c IP_ADDRESS OID |
|---|
| 50 | |
|---|
| 51 | ... where OID is one of the three OIDs listed above: .1.3.6... |
|---|
| 52 | |
|---|
| 53 | Note: the "-On" option turns on numerical output, i.e.: no translation |
|---|
| 54 | of the OID <-> MIB object takes place. |
|---|
| 55 | |
|---|
| 56 | For these OIDs: |
|---|
| 57 | |
|---|
| 58 | a) Do all the devices answer ? |
|---|
| 59 | |
|---|
| 60 | b) Do you notice anything important about the OID on the output ? |
|---|
| 61 | |
|---|
| 62 | 4. Configuration of snmp on your Cisco router |
|---|
| 63 | --------------------------------------------- |
|---|
| 64 | |
|---|
| 65 | Connect to your virtual Cisco router: |
|---|
| 66 | |
|---|
| 67 | # apt-get install telnet # if required |
|---|
| 68 | |
|---|
| 69 | $ telnet 10.10.0.X # where X is 201-205 |
|---|
| 70 | |
|---|
| 71 | Default login: "cisco", password "cisco", enable secret "cisco" |
|---|
| 72 | |
|---|
| 73 | Configure it to enable SNMP: |
|---|
| 74 | |
|---|
| 75 | enable |
|---|
| 76 | conf t |
|---|
| 77 | snmp-server community NetManage ro 99 |
|---|
| 78 | access-list 99 permit 10.10.0.0 0.0.255.255 |
|---|
| 79 | access-list 99 permit 10.10.254.0 0.0.255.255 |
|---|
| 80 | exit |
|---|
| 81 | exit # until you get back to your PC |
|---|
| 82 | |
|---|
| 83 | Now back on your PC, test using some of the OIDs from section 3 above. |
|---|
| 84 | |
|---|
| 85 | $ snmpwalk -c 'NetManage' -v2c 10.10.0.X <OID> |
|---|
| 86 | |
|---|
| 87 | (where X is .201 - .205) |
|---|
| 88 | |
|---|
| 89 | What happens if you try using the wrong community string (i.e. change |
|---|
| 90 | 'NetManage' to something else?) |
|---|
| 91 | |
|---|
| 92 | 5. Configuration of snmpd on your PC |
|---|
| 93 | ------------------------------------- |
|---|
| 94 | |
|---|
| 95 | * Edit the following file: |
|---|
| 96 | |
|---|
| 97 | # editor /etc/snmp/snmpd.conf |
|---|
| 98 | |
|---|
| 99 | Comment this line (ADD '#' in front): |
|---|
| 100 | |
|---|
| 101 | com2sec paranoid default public |
|---|
| 102 | |
|---|
| 103 | ... so that it becomes: |
|---|
| 104 | |
|---|
| 105 | #com2sec paranoid default public |
|---|
| 106 | |
|---|
| 107 | And UNcomment the line (REMOVE the '#' in front) and change community: |
|---|
| 108 | |
|---|
| 109 | #com2sec readonly default public |
|---|
| 110 | |
|---|
| 111 | ... so that it becomes: |
|---|
| 112 | |
|---|
| 113 | com2sec readonly default NetManage |
|---|
| 114 | |
|---|
| 115 | * Edit the file /etc/default/snmpd, and find the line: |
|---|
| 116 | |
|---|
| 117 | SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1' |
|---|
| 118 | |
|---|
| 119 | Remove 127.0.0.1 at the end, so you have: |
|---|
| 120 | |
|---|
| 121 | SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid' |
|---|
| 122 | |
|---|
| 123 | * Restart snmpd |
|---|
| 124 | |
|---|
| 125 | # /etc/init.d/snmpd stop |
|---|
| 126 | # /etc/init.d/snmpd start |
|---|
| 127 | |
|---|
| 128 | 6. Check that snmpd is working: |
|---|
| 129 | ------------------------------- |
|---|
| 130 | |
|---|
| 131 | $ snmpstatus -c NetManage -v2c localhost |
|---|
| 132 | |
|---|
| 133 | What do you observe ? |
|---|
| 134 | |
|---|
| 135 | 7. Test your neighbors |
|---|
| 136 | ---------------------- |
|---|
| 137 | |
|---|
| 138 | Check now that you can run snmpstatus against your neighbor's servers: |
|---|
| 139 | |
|---|
| 140 | $ snmpstatus -c NetManage -v2c 10.10.0.X # X = 1 -> 30 (PCs) |
|---|
| 141 | |
|---|
| 142 | |
|---|
| 143 | 8. Adding MIBs |
|---|
| 144 | -------------- |
|---|
| 145 | |
|---|
| 146 | Remember when you ran snmpwalk on the routers: |
|---|
| 147 | |
|---|
| 148 | $ snmpwalk -c NetManage -v2c 10.10.0.201-205 .1.3.6.1.4.1.9.9.13.1 |
|---|
| 149 | |
|---|
| 150 | If you noticed, the SNMP client (snmpwalk) couldn't interpret |
|---|
| 151 | all the OIDs coming back from the Agent: |
|---|
| 152 | |
|---|
| 153 | SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis" |
|---|
| 154 | SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1 |
|---|
| 155 | |
|---|
| 156 | or |
|---|
| 157 | |
|---|
| 158 | ... |
|---|
| 159 | RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4 |
|---|
| 160 | RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4 |
|---|
| 161 | RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5 |
|---|
| 162 | RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4 |
|---|
| 163 | ... |
|---|
| 164 | |
|---|
| 165 | What is '9.9.13.1.3.1' ? |
|---|
| 166 | What is '.11.2.14.11.1.2.6.1.4' ? |
|---|
| 167 | |
|---|
| 168 | To be able to interpret this information, we need to download extra MIBs: |
|---|
| 169 | |
|---|
| 170 | * You will download the following files to your machine: |
|---|
| 171 | |
|---|
| 172 | CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my |
|---|
| 173 | ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my |
|---|
| 174 | |
|---|
| 175 | However we have a local mirror on http://noc.ws.nsrc.org/mibs/ |
|---|
| 176 | which will be much faster |
|---|
| 177 | |
|---|
| 178 | # apt-get install wget |
|---|
| 179 | # cd /usr/share/snmp/mibs |
|---|
| 180 | # wget http://noc.ws.nsrc.org/mibs/CISCO-SMI.my |
|---|
| 181 | # wget http://noc.ws.nsrc.org/mibs/CISCO-ENVMON-MIB.my |
|---|
| 182 | |
|---|
| 183 | * Create the file /etc/snmp/snmp.conf, and put into it: |
|---|
| 184 | |
|---|
| 185 | mibdirs /usr/share/snmp/mibs |
|---|
| 186 | mibs ALL |
|---|
| 187 | |
|---|
| 188 | This tells the snmp* commands that they should load ALL mibs in the |
|---|
| 189 | mibdirs /usr/share/snmp/mibs directory |
|---|
| 190 | |
|---|
| 191 | * Save the file, quit. |
|---|
| 192 | |
|---|
| 193 | Now, try again: |
|---|
| 194 | |
|---|
| 195 | $ snmpwalk -c 'NetManage' -v2c 10.10.0.201-205 .1.3.6.1.4.1.9.9.13.1 |
|---|
| 196 | |
|---|
| 197 | What do you notice ? |
|---|
| 198 | |
|---|
| 199 | |
|---|
| 200 | 9. SNMPwalk - the rest of MIB-II |
|---|
| 201 | -------------------------------- |
|---|
| 202 | |
|---|
| 203 | Try and run snmpwalk on any hosts (routers, switches, machines) you |
|---|
| 204 | have not tried yet, in the 10.10.0.X network |
|---|
| 205 | |
|---|
| 206 | Note the kind of information you can obtain. |
|---|
| 207 | |
|---|
| 208 | $ snmpwalk -c NetManage -v2c 10.10.0.X ifDescr |
|---|
| 209 | $ snmpwalk -c NetManage -v2c 10.10.0.X ifTable |
|---|
| 210 | $ snmpwalk -c NetManage -v2c 10.10.0.X ifAlias |
|---|
| 211 | $ snmpwalk -c NetManage -v2c 10.10.0.X ifOperStatus |
|---|
| 212 | $ snmpwalk -c NetManage -v2c 10.10.0.X ifAdminStatus |
|---|
| 213 | $ snmpwalk -c NetManage -v2c 10.10.0.X if |
|---|
| 214 | |
|---|
| 215 | Can you explain the difference between ifOperStatus and ifAdminStatus ? |
|---|
| 216 | |
|---|
| 217 | Can you imagine a scenario where this could be useful ? |
|---|
| 218 | |
|---|
| 219 | |
|---|
| 220 | |
|---|
| 221 | 10. More MIB-OID fun |
|---|
| 222 | -------------------- |
|---|
| 223 | |
|---|
| 224 | * Use the OIDs from the beginning of this exercise set, and examine: |
|---|
| 225 | |
|---|
| 226 | a) the running processes on your neighbor's server (hrSWRun) |
|---|
| 227 | b) the amount of free diskspace on your neighbor's server (hrStorage) |
|---|
| 228 | c) the interfaces on your neighbor's server (ifIndex, ifDescr) |
|---|
| 229 | |
|---|
| 230 | Can you use short names to walk these OID tables ? |
|---|
| 231 | |
|---|
| 232 | * Experiment with the "snmptranslate" command, example: |
|---|
| 233 | |
|---|
| 234 | $ snmptranslate .1.3.6.1.4.1.9.9.13.1.5.1.2.1 |
|---|
| 235 | |
|---|
| 236 | * Try with various OIDs |
|---|