Version 10 (modified by 7 years ago) ( diff ) | ,
---|
SNMP Hands - On
Through this hands-on you will Install and learn to use the SNMP commands, Explore and identify standard vs enterprise parts of the MIB tree and Install vendor specific MIBs and use those with the SNMP commands
Setting up the Virtualbox
Installation of virtualbox and Downloading virtual hard disks
- Download and install virtualbox 5.0.x
- Download the Virtual Hard disks from the LEARN mirror. You can get them by following links
- Note down the location of downloaded vdi files
Creating the VM Netmon
- Start VirtualBox and Click on New button (at top-right) to create new virtual machine
- Enter name of the VM as Netmon
- Select OS Type: Linux
- Select Version: Ubuntu (64-bit)
- Then click on Continue button
- Set VM's memory size to 2048MB and click on Continue button
- Set VM's hard disk option to Use an existing virtual hard disk file and click the browse button and browse to the location where you download the virtual hard disks. Then select the Netmon.vdi file and click on the create button.
- You will see a new virtual machine named Netmon appears on Virtual Box Manager Window
Setting up Network Interfaces
- Select the Netmon VM from left panel on Virtual box, right click and open Settings
- Click on the Network title
- On Adapter 1 check the Enable Network Adapter . Then change Attached to be to the Bridged Adapter and make sure the name of the interface is the same interface which you use to connect to the outside (Either Wi-Fi or Ethernet). This virtual interface will work as the WAN port of the of your virtual campus network that can be used to connect from out side.
- Click on Advanced drop down list and change the promiscuous mode to Allow All
- Click OK
Netmon VM
Before running Dynagen you have to start your VMs and assign IP address to the VM's network interfaces.
- Select the Netmon VM from left panel on Virtual box, right click Start and wait till the VM starts
- login to the machine using the following user credentials
usrname : learn password : <classpassword>
- Then change the interfaces file. Root password is the same as class password
sudo vi /etc/network/interfaces
- locate the following lines
iface enp0s3 inet static address 192.168.56.2 netmask 255.255.255.0 network 192.168.56.0 broadcast 192.168.56.255 gateway 192.168.56.1 dns-nameservers 192.248.1.161
- Change it to the following lines. You can find your IP Address from this table
iface enp0s3 inet static address <Your IP Address > netmask 255.255.255.0 network 192.248.6.0 broadcast 192.248.6.255 gateway 192.248.6.254 dns-nameservers 192.248.1.161
- Save and Exit the editor (type :wq)
- When you completed the IP settings , reboot the machine
sudo reboot
- Confirm the correct IP settings by ifconfig command. Your result should be something like the following. Check the IP address of enp0s3 Interface and see whether the other interfaces are up
enp0s3 Link encap:Ethernet HWaddr 08:00:27:8c:e0:26 inet addr:<your IP address> Bcast:192.248.6.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe8c:e026/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1120 errors:0 dropped:0 overruns:0 frame:0 TX packets:7550 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:99387 (99.3 KB) TX bytes:567441 (567.4 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:160 errors:0 dropped:0 overruns:0 frame:0 TX packets:160 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:11840 (11.8 KB) TX bytes:11840 (11.8 KB)
- Try ping to some known hosts and see the results.
ping 192.248.6.254 ping 192.248.1.161 ping www.google.com
Remote Access
Windows
- Download Putty
- type your vm's IP address in the hostname text box. set the port as 22
- Click open and You will ask the username and Password of your vm. Provide them and You will be able to remote login to your linux machine
Mac/Linux
- Open a terminal
- Type ssh <your username>@<Your VM's IP address>
- Give password and you will have a remote login to your linux machine
Install SNMP
Update your software package repository
$ sudo apt-get update
This might take a few moments if everyone in class is doing this at the same moment.
Install the net-snmp tools:
$ sudo apt-get install snmp $ sudo apt-get install snmp-mibs-downloader
The second of the two commands downloads the standard IETF and IANA SNMP MIBs which are not included by default.
Now, edit the file /etc/snmp/snmp.conf:
$ sudo vi /etc/snmp/snmp.conf
Note: Here we are using vi editor. You can use any text editor you are familiar with
Change this line:
mibs :
so that it looks like:
# mibs :
(You are "commenting out" the empty mibs statement, which was telling the snmp* tools not to automatically load the mibs in the /usr/share/mibs/ directory)
Now, in your home directory make a .snmp directory with file snmp.conf inside it, make it readable only be you, and add the credentials to it:
$ cd $ mkdir .snmp $ chmod 700 .snmp/ $ vi .snmp/snmp.conf
Put the following contents in the file:
defVersion 3 defSecurityLevel authNoPriv defSecurityName admin defAuthPassphrase <class passowrd> defAuthType SHA # Default community when using SNMP v2c defCommunity NetManage
Creating this configuration file means you won't have to enter your credentials everytime you use one of the SNMP utilities. Otherwise you would have to add all these values on the command line like this:
snmpstatus -v3 -l authNoPriv -a SHA -u admin -A NetManage pcX
Configure SNMP on Your Router/Switch (Already Done)
Cisco
connect to your router and go to configure mode.
Router> enable Router# configure terminal
Now we need to add an Access Control List rule for SNMP access, turn on SNMP, assign a read-only SNMP community string as well as a SNMPv3 group and user and tell the router to maintain SNMP information across reboots. To do this we do:
Router(config)# access-list 99 permit 192.248.6.0 255.255.255.0 Router(config)# snmp-server community NetManage ro 99 Router(config)# snmp-server group ReadGroup v3 auth access 99 Router(config)# snmp-server user admin ReadGroup v3 auth sha <Class Password> Router(config)# snmp-server ifindex persist Now let's exit and save this new configuration to the routers permanent config. Router(config)# exit Router# write memory Router# exit
HP
Connect to the Router and go to config mode
<Router> system-view
Add the following configurations
[Router]acl number 2000 [Router-acl-basic-2000]rule 0 permit source 192.248.0.0 0.0.255.255 [Router]snmp-agent [Router]snmp-agent community read NetManage [Router]snmp-agent sys-info version all [Router]snmp-agent group v3 ReadGroup authentication acl 2000 [Router]snmp-agent usm-user v3 admin ReadGroup authentication-mode sha ]X'HZJP&@!!'OJC-8#V/`,NY%"E!
Now to see if your changes are working.
Testing SNMP
To check that your SNMP installation works, run the snmpstatus command on each of the following devices
$ snmpstatus <IP_ADDRESS>
Note that you just used SNMPv3. Not all devices that implement SNMP support v3. Try again, adding "-v2c" as a parameter. Notice that the command automatically uses the community string in the snmp.conf file instead of the v3 user credentials. Try "-v1".
Configuration of snmpd on your PC
For this exercise your group needs to verify that the snmpd service is running and responding to queries for all machines in your group. First enable snmpd on your machine, then test if your machine is responding, then check each machine of your other group members.
Install the SNMP agent (daemon)
$ sudo apt-get install snmpd $ sudo apt-get install libsnmp-dev
Configuration
We will make a backup of the distributed config, and then we will create our own:
$ cd /etc/snmp $ sudo mv snmpd.conf snmpd.conf.dist $ sudo vi snmpd.conf
Then, copy/paste the following (change pcX to your own pc number):
# Listen for connections on all interfaces (both IPv4 *and* IPv6) agentAddress udp:161,udp6:[::1]:161 # For SNMPv2: Configure Read-Only community and restrict who can connect rocommunity NetManage 10.10.0.0/16 rocommunity NetManage 127.0.0.1 # Information about this host sysLocation NSRC Network Management Workshop sysContact sysadm@pcX.ws.nsrc.org # Which OSI layers are active in this host # (Application + End-to-End layers) sysServices 72 # Include proprietary dskTable MIB (in addition to hrStorageTable) includeAllDisks 10%
Now save and exit from the editor.
Now we will add the same SNMPv3 user to your PC. We need to stop snmpd before adding the user, and restart it to read the above changes as well as the new user:
$ sudo service snmpd stop $ sudo net-snmp-create-v3-user -a SHA -A <class password> admin $ sudo service snmpd start
Check that snmpd is working:
$ snmpstatus localhost
Test your neighbors
$ snmpstatus <Neighbor IP Address>
SNMP Walk and OIDs
Now, you are going to use the snmpwalk command, part of the SNMP toolkit, to list the tables associated with the OIDs listed below, on each piece of equipment you tried above:
OID
1.3.6.1.4.1.25506.2.6.1.1.1.1.6 1.3.6.1.4.1.25506.2.6.1.1.1.1.8 1.3.6.1.4.1.25506.2.6.1.1.1.1.12
You will try this with two forms of the snmpwalk command:
$ snmpwalk <IP_ADDRESS> <OID>
and
$ snmpwalk -On <IP_ADDRESS> <OID>
example :
Adding MIBs
Remember when you ran:
$ snmpwalk <IP Address> .1.3.6.1.4.1.9.9.13.1 If you noticed, the SNMP client (snmpwalk) couldn't interpret all the OIDs coming back from the Agent:
SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis" SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1 What is 9.9.13.1.3.1 ?
To be able to interpret this information, we need to download extra MIBs:
Download them now as follows:
$ cd /usr/share/mibs $ sudo mkdir cisco $ cd cisco $ sudo wget http://www.ws.nsrc.org/downloads/mibs/CISCO-SMI.my $ sudo wget http://www.ws.nsrc.org/downloads/mibs/CISCO-ENVMON-MIB.my
Now we need to tell the snmp tools that we have the cisco MIBS it should load. So edit the file /etc/snmp/snmp.conf, and add the following two lines:
mibdirs +/usr/share/mibs/cisco mibs +CISCO-ENVMON-MIB:CISCO-SMI
Save the file, quit.
Now, try again:
$ snmpwalk <IP Address> .1.3.6.1.4.1.9.9.13.1