wiki:netmon2017snmp

Version 14 (modified by admin, 7 years ago) ( diff )

--

SNMP Hands - On

Through this hands-on you will Install and learn to use the SNMP commands, Explore and identify standard vs enterprise parts of the MIB tree and Install vendor specific MIBs and use those with the SNMP commands. Start !NetMON VM and log in to the VM.

Remote Access

Windows

  • Download Putty
  • type your vm's IP address in the hostname text box. set the port as 22
  • Click open and You will ask the username and Password of your vm. Provide them and You will be able to remote login to your linux machine

Mac/Linux

  • Open a terminal
  • Type ssh <your username>@<Your VM's IP address>
  • Give password and you will have a remote login to your linux machine

SNMP

Install SNMP

Update your software package repository

$ sudo apt-get update

This might take a few moments if everyone in class is doing this at the same moment.

Install the net-snmp tools:

$ sudo apt-get install snmp
$ sudo apt-get install snmp-mibs-downloader

The second of the two commands downloads the standard IETF and IANA SNMP MIBs which are not included by default.

Now, edit the file /etc/snmp/snmp.conf:

$ sudo vi /etc/snmp/snmp.conf

Note: Here we are using vi editor. You can use any text editor you are familiar with

Change this line:

mibs :

so that it looks like:

# mibs :

(You are "commenting out" the empty mibs statement, which was telling the snmp* tools not to automatically load the mibs in the /usr/share/mibs/ directory)

Now, in your home directory make a .snmp directory with file snmp.conf inside it, make it readable only be you, and add the credentials to it:

$ cd
$ mkdir .snmp
$ chmod 700 .snmp/
$ vi .snmp/snmp.conf

Put the following contents in the file:

defVersion 3
defSecurityLevel authNoPriv
defSecurityName admin
defAuthPassphrase <class passowrd>
defAuthType SHA

# Default community when using SNMP v2c
defCommunity <class passowrd>

Creating this configuration file means you won't have to enter your credentials everytime you use one of the SNMP utilities. Otherwise you would have to add all these values on the command line like this:

snmpstatus -v3 -l authNoPriv -a SHA -u admin -A <class passowrd> <IP Address>

Configure SNMP on Your Router/Switch (Already Done)

Cisco

connect to your router and go to configure mode.

Router> enable

Router# configure terminal

Now we need to add an Access Control List rule for SNMP access, turn on SNMP, assign a read-only SNMP community string as well as a SNMPv3 group and user and tell the router to maintain SNMP information across reboots. To do this we do:

Router(config)# access-list 99 permit 192.248.6.0 255.255.255.0
Router(config)# snmp-server community <class passowrd> ro 99
Router(config)# snmp-server group ReadGroup v3 auth access 99
Router(config)# snmp-server user admin ReadGroup v3 auth sha <Class Password>
Router(config)# snmp-server ifindex persist
Now let's exit and save this new configuration to the routers permanent config.

Router(config)# exit
Router# write memory            
Router# exit       

HP

Connect to the Router and go to config mode

<Router> system-view

Add the following configurations

[Router]acl number 2000
[Router-acl-basic-2000]rule 0 permit source 192.248.6.0 0.0.0.255
[Router]snmp-agent
[Router]snmp-agent community read <class passowrd>
[Router]snmp-agent sys-info version all
[Router]snmp-agent group v3 ReadGroup authentication acl 2000
[Router]snmp-agent usm-user v3 admin ReadGroup authentication-mode sha <class passowrd>

Now to see if your changes are working.

Testing SNMP

To check that your SNMP installation works, run the snmpstatus command on workshop devices (Router and Switch)

$ snmpstatus <IP_ADDRESS> 

Note that you just used SNMPv3. Not all devices that implement SNMP support v3. Try again, adding "-v2c" as a parameter. Notice that the command automatically uses the community string in the snmp.conf file instead of the v3 user credentials. Try "-v1".

For the Switch

#snmpstatus 192.248.6.254
[UDP: [192.248.6.254]:161-&gt;[0.0.0.0]:49723]=&gt;[HP Comware Platform Software, Software
Version 5.20 Release 2208P01
HP A5500-24G EI Switch with 2 Interface Slots
Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P.] Up: 6:37:18.08

Interfaces: 34, Recv/Trans packets: 19825513/21718652 | IP: 174730/20535
21 interfaces are down!

For the Router

#snmpstatus 192.248.7.253
[UDP: [192.248.7.253]:161-&gt;[0.0.0.0]:55583]=&gt;[HPE Comware Platform Software, Software
Version 7.1.059, Release 0306P30
HPE MSR2003
Copyright (c) 2010-2016 Hewlett Packard Enterprise Development LP] Up: 6:39:35.59
Interfaces: 2, Recv/Trans packets: 20181722/19906654 | IP: 19966987/16113

Configuration of snmpd on your PC

For this exercise you needs to verify that the snmpd service is running and responding. First enable snmpd on your machine, then test if your machine is responding, then check each machine of your neighbor.

Install the SNMP agent (daemon)

$ sudo apt-get install snmpd
$ sudo apt-get install libsnmp-dev

Configuration

We will make a backup of the distributed config, and then we will create our own:

$ cd /etc/snmp
$ sudo mv snmpd.conf snmpd.conf.dist
$ sudo vi snmpd.conf

Then, copy/paste the following (change pcX to your own pc number):

#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161

# For SNMPv2: Configure Read-Only community and restrict who can connect
rocommunity <class passowrd>  192.248.6.0/24
rocommunity <class passowrd>  127.0.0.1

# Information about this host
sysLocation    LEARN Workshop
sysContact     sysadm@ws.ac.lk

# Which OSI layers are active in this host
# (Application + End-to-End layers)
sysServices    72

# Include proprietary dskTable MIB (in addition to hrStorageTable)
includeAllDisks  10%

Now save and exit from the editor.

Now we will add the same SNMPv3 user to your PC. We need to stop snmpd before adding the user, and restart it to read the above changes as well as the new user:

$ sudo service snmpd stop
$ sudo net-snmp-create-v3-user -a SHA -A <class password> admin
$ sudo service snmpd start

Check that snmpd is working:

$ snmpstatus localhost

Test your neighbors

$ snmpstatus <Neighbor IP Address>

SNMP Walk and OIDs

Now, you are going to use the snmpwalk command, part of the SNMP toolkit, to list the tables associated with the OIDs listed below, on each piece of equipment you tried above:

OID

1.3.6.1.4.1.25506.2.6.1.1.1.1.6
1.3.6.1.4.1.25506.2.6.1.1.1.1.8
1.3.6.1.4.1.25506.2.6.1.1.1.1.12

You will try this with two forms of the snmpwalk command:

$ snmpwalk <IP_ADDRESS> <OID>

and

$ snmpwalk -On <IP_ADDRESS> <OID>
Note: See TracWiki for help on using the wiki.