Troubleshooting snmpd.conf
SNMP binds only to 127.0.0.1 (localhost)
After going in the configurations inside snmpd.conf
I tried:
- – using snmpconf (script based config).
# snmpconf
- – editing snmpd.conf and changing the source field
#vim /etc/snmp/snmpd.conf
”
# sec.name source community
com2sec paranoid default public
com2sec readonly 10.10.10.0/24 public
“
– #netstat -natup|grep 161
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1617/portmap
udp 0 0 127.0.0.1:161 0.0.0.0:* 5463/snmpd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1617/portma
- -Checking the running processes
– #ps -aux | grep snmpd
snmp 5463 0.0 0.7 7592 4072 ? S 14:45 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1
#snmpwalk -c test -v 2c localhost system
Worked fine
#snmpwalk -c test -v 2c 10.10.10.1 system
Did not work!
At this point it was clear to me the problem was the service listening only in the localhost 127.0.0.1
- Solution, Edit:
#vim /etc/default/snmpd
”
# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
# Remove the 127.0.0.1 (otherwise it will be only in the localhost interface)
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid’
“
Restart the SNMPD
#/etc/init.d/snmpd restart
By default (at least under Debian) the snmpd binds itself only to the 127.0.0.1 IP.
You sir, are a genuis!
This problem was driving me batty, that change to /etc/default/snmpd fixed it right up.
Thanks.
i have reinstalled my net-snmp-5.4.2.1 on ubuntu-8.04 hardy( and its
only ipv6 host, address assigned to it is 2001:468::3/64 on eth0
interface and eth1 im using for dhcp-internet connection). Sir, i have
new problem, my snmpd is start now and i am also getting its pid and
port no.(as 161) but im not getting the result of snmpwalk (both for
localhost and remotehost). i run the following commands–
#snmpwalk -v2c -c public localhost system ; on local host
output-timeout no response from localhost
#snmpwalk -v2c -c public 192.168.122.3 system ; on remotehost(
remotehost is having ip 192.168.1.2 and its ipv4 only machine. im
doing the project ipv4 to ipv6 migration and vice versa. im using 3
pc’s here ist is ipv6 pc(add-2001:468::3/64) , 2nd pc is ipv4 only
(add-192.168.1.2) and 3rd one is nat-pt box which maps the ipv4
address corresponds to the ipv6 here in the case it maps 192.168.122.3
to the 2001:468::3/64. add. of nat-pt is 192.168.1.1)
output-timeout no response from 192.168.122.3
im attaching my /etc/default/snmpd , /etc/snmp/snmpd.conf and
/usr/local/share/snmp/snmpd.conf( snmpd.conf file is same for
/etc/snmp and /usr/local/share/snmp directories). please tel me what
changes should i do in my default and snmpd.conf files so that my
snmpwalk starts working. Please help me soon.
Thanks Alot
————————————————-
snmpd.conf
#
# – created by the snmpconf configuration program
#
###########################################################################
# SECTION: Monitor Various Aspects of the Running Host
#
# The following check up on various aspects of a host.
# proc: Check for processes that should be running.
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It must match
# exactly (ie, http will not find httpd processes).
# MAX: the maximum number allowed to be running. Defaults to 0.
# MIN: the minimum number to be running. Defaults to 0.
#
# The results are reported in the prTable section of the UCD-SNMP-MIB tree
# Special Case: When the min and max numbers are both 0, it assumes
# you want a max of infinity and a min of 1.
proc mountd
proc ntalkd 4
proc sendmail 10 1
# disk: Check for disk space usage of a partition.
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
#
# disk PATH [MIN=100000]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib’s errorFlag set.
# Can be a raw byte value or a percentage followed by the %
# symbol. Default value = 100000.
#
# The results are reported in the dskTable section of the UCD-SNMP-MIB tree
disk / 10000
# load: Check for unreasonable load average values.
# Watch the load average levels on the machine.
#
# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
#
# 1MAX: If the 1 minute load average is above this limit at query
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
#
# The results are reported in the laTable section of the UCD-SNMP-MIB tree
load 12 14 14
###########################################################################
# SECTION: System Information Setup
#
# This section defines some of the information reported in
# the “system” mib group in the mibII tree.
# syscontact: The contact information for the administrator
# Note that setting this value here means that when trying to
# perform an snmp SET operation to the sysContact.0 variable will make
# the agent return the “notWritable” error code. IE, including
# this token in the snmpd.conf file will disable write access to
# the variable.
# arguments: contact_string
#syscontact G. S. Marzot
syslocation Unknown (configure /etc/snmp/snmpd.local.conf)
syscontact Root (configure /etc/snmp/snmpd.local.conf)
#syslocation bhwon.pyroworks.co.kr No.1
#syscontact Root (configure /etc/snmp/snmp.local.conf)
###########################################################################
# SECTION: Extending the Agent
#
# You can extend the snmp agent to have it return information
# that you yourself define.
# exec: run a simple command using exec()
# arguments: [oid] name /path/to/executable arguments
exec echotest /bin/echo hello world
###########################################################################
# SECTION: Agent Operating Mode
#
# This section defines how the agent will operate when it
# is running.
# agentaddress: The IP address and port number that the agent will listen on.
# By default the agent listens to any and all traffic from any
# interface on the default SNMP port (161). This allows you to
# specify which address, interface, transport type and port(s) that you
# want the agent to listen on. Multiple definitions of this token
# are concatenated together (using ‘:’s).
# arguments: [transport:]port[@interface/address],…
agentaddress udp:161,udp6:161
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rwuser: a SNMPv3 read-write user
# arguments: user [noauth|auth|priv] [restriction_oid]
#rwuser initial priv
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
#rocommunity public
rocommunity6 public
#
# Unknown directives read in from other files by snmpconf
#
#com2sec readonly default public
com2sec6 readonly default public
#com2sec local 127.0.0.1 public
com2sec6 local localhost public
com2sec6 mynetwork 2001:468::3 public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyRWGroup usm initial
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
group MyRWGroup v1 any
group MyRWGroup v2c any
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
access MyROGroup “” any noauth exact all none none
access MyRWGroup “” any noauth exact all all none
access MyROSystem “” any noauth exact system none none
createUser initial MD5 auth_pass DES priv_pass
—————————————————-
Below is the /etc/default/snmpd
# This file controls the activity of snmpd and snmptrapd
# MIB directories. /usr/share/snmp/mibs is the default, but
# including it here avoids some strange problems.
export MIBDIRS=/usr/share/snmp/mibs
# snmpd control (yes means start daemon).
SNMPDRUN=yes
# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf’
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid udp6:161 udp:161′
# snmptrapd control (yes means start daemon). As of net-snmp version
# 5.0, master agentx support must be enabled in snmpd before snmptrapd
# can be run. See snmpd.conf(5) for how to do this.
TRAPDRUN=yes
# snmptrapd options (use syslog).
TRAPDOPTS=’-Lsd -p /var/run/snmptrapd.pid’
# create symlink on Debian legacy location to official RFC path
SNMPDCOMPAT=yes
—————————————————–
cat /var/log/snmpd.log
Warning: no access control information configured.
It’s unlikely this agent can serve any useful purpose in this state.
Run “snmpconf -g basic_setup” to help you configure the snmpd.conf file for this agent.
NET-SNMP version 5.4.2.1
I was getting some problems in attaching my files so i mentioned those file here only.
Hi,
I can do
snmpwalk -v 2c -c localhost
Works as expected
but with snmpv3 on localhost
snmpwalk -v 3 -u -l authNoPriv -a md5 -A localhost
Gives error : Timeout : no response from localhost
and with snmpv3 on remote
snmpwalk -v 3 -u -l authNoPriv -a md5 -A 192.168.x.X
Works as expected
Please let me know if am i missing any configuration here
Details:
snmpd running ” /usr/bin/snmpd -f -c /etc/snmp/snmpd.conf”
~ $ netstat -natu | grep 161
udp 0 0 0.0.0.0:161 0.0.0.0:*
~ $