Simple Network Management Protocol

Not that simple, really

SNMP stands for Simple Network Management Protocol. The 'simple' refers more to 'protocol' than to "Network Management'. But anyway ...

Introduction

This is not a tutorial on SNMP, but rather a very basic introduction on how to use SNMP on a Linux system (Debian/Ubuntu oriented). I'll assume that you know that SNMP exposes data about a system in the form of variables and that these variables can then be queried (and sometimes set) with software tools. The SNMP protocol provides the mechanism, but does not discribe what data a system should expose. The latter is described by MIBs, "Management Information Base". A MIB is a hierarchal (tree-like) structure that describes the "object Identifiers" (OID) for a given system. An OID is a variable and can be represented in a numerical form (representing its place in the hierarchy) or, sometimes, with a more descriptive textual name.

A MIB is a "namespace", it defines the meaning of an OID. There are MIBs per device category (eg. the Printer MIB) and there are vendor or device specific MIBs (eg. the Xerox MFC MIB, ...). Examples of OID-trees (MIBs) can be found at www.oidview.com, eg in http://www.oidview.com/mibs/0/Printer-MIB.html you can see that you might get a printer's toner level by reading the value of OID 1.3.6.1.2.1.43.11.1.1.9 (although you might need to first read OID 1.3.6.1.2.1.43.11.1.1.5 "prtMarkerSuppliesType" or 1.3.6.1.2.1.43.11.1.1.6 "prtMarkerSuppliesDescription " in order to get to the correct variable/value).

So, in order to "use" SNMP, you need

  1. an SNMP-enabled device, a.k.a a "network element" or "Agent" : this is the device you want to monitor, query or manage using snmp
  2. snmp tools, software to query the targetted device, 'the network element'. This software, or the hoston which it runs, is called a "manager"
  3. knowledge of the MIB(s)/OID-tree(s) that apply to the targetted device

This gives us 2 scenarios of "Linux and SNMP" :

  1. Use a Linux system to run SNMP tools to query SNMP network elements (switches, routers, UPSes, ...)
  2. run 'snmp' on a Linux server so the server itself can be monitored by way of snmp

We'll mainly focus on scenario 1 : how to set up a linux system so it can be used to monitor SNMP-enabled devices, i.e. Linux as an SNMP 'manager'.

Query SNMP from a Linux host

Install snmp client tools (snmpget, snmpwalk commands ...) :

	apt-get install snmp
  

To be able to use OID text descriptions (in input and output of the snmp commands) rather than numeric OID's, you need to install MIBs. The more generic MIBs are available in the Debian and Ubuntu repos (debian: non-free, ubuntu: multiverse).

 apt-get install snmp-mibs-downloader

the installer actually runs /usr/bin/download-mibs which simply downloads published mibs from known web servers; you can repeat the process by executing it again. It has configuration files in /etc/snmp-mibs-downloader and dumps the MIBs in /var/lib/mib.

Additional, vendor-specific mibs can be "installed" by placing them in the MIBS directory : /var/lib/mib.
You may need to (re)name the MIB to follow the convention (MIB_NAME).txt. (MIB_NAME) can be found on he first uncommented line of the MIB file (eg: Name-MIB DEFINITIONS ::= BEGIN).

You can test/use these commands by running snmpget or snmpwalk agains an snmp-enabled device:

snmpwalk -v1 -cpublic 

Here's an example of a Nagios check by SNMP implemented as a shell script wrapper around snmpget

References and Acknowledgements

More

Use SNMP to monitor a Linux system

TODO


Koen Noens
August 2012