Installing and Configuring Net-SNMP for Linux

Net-SNMP is an open-source software suite that implements Simple Network Management Protocol (SNMP) for managing network devices. It provides a wide range of tools that enable network administrators to monitor and manage their systems more effectively. In this article, we will explore how to install and configure Net-SNMP on a Linux system.

Prerequisites

Before we begin, ensure that you have access to a Linux system with root privileges. Additionally, make sure that system has an active internet connection to download necessary software packages.

Installing Net-SNMP

To install Net-SNMP on a Linux system, you can use package manager of your distribution. For instance, if you are using Ubuntu, you can use following command to install Net-SNMP

sudo apt-get update
sudo apt-get install snmpd snmp-mibs-downloader

The above command will install SNMP daemon (snmpd) and SNMP MIB downloader (snmp-mibs-downloader) packages. The daemon is responsible for listening to SNMP requests and providing necessary information. MIB downloader downloads Management Information Base (MIB) files required for SNMP agent to work correctly.

For other Linux distributions, use the appropriate package manager

# CentOS/RHEL/Fedora
sudo yum install net-snmp net-snmp-utils

# Debian-based systems
sudo apt install snmpd snmp

Configuring Net-SNMP

After installing Net-SNMP, you need to configure it to suit your requirements. The configuration file for SNMP daemon is located at /etc/snmp/snmpd.conf.

Open configuration file using your preferred text editor. Here is an example configuration file that you can use as a starting point

com2sec readonly default public
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
view all included .1
access MyROGroup "" any noauth exact all none none
sysLocation Unknown (edit /etc/snmp/snmpd.conf)
sysContact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)

The above configuration file has several directives that define SNMP settings. Let's go through each one of them

• com2sec This directive defines community string used by SNMP requests. In example above, community string is set to 'public.' You can change it to a more secure value to prevent unauthorized access to your system.

• group This directive defines access rights for different SNMP groups. In example above, we have defined a group called MyROGroup with read-only access.

• view This directive specifies objects that can be viewed by SNMP agent. In example above, we have allowed access to all objects (.1).

• access This directive specifies access control for different SNMP groups. In example above, we have allowed read-only access to MyROGroup group.

Save changes to configuration file and restart SNMP daemon using following command

sudo systemctl restart snmpd
sudo systemctl enable snmpd

Testing Net-SNMP

To test Net-SNMP installation, you can use SNMP command-line tools. SNMP tools are installed with Net-SNMP package.

The most commonly used tool is snmpwalk command, which can be used to retrieve values of SNMP objects. Here is an example command that retrieves system information

snmpwalk -v2c -c public localhost system

The above command will retrieve system description for local system using SNMP version 2c and 'public' community string.

You can also use snmpget command to retrieve value of a specific SNMP object. Here is an example command that retrieves uptime of system

snmpget -v2c -c public localhost 1.3.6.1.2.1.1.3.0

The above command will retrieve value of system uptime object (1.3.6.1.2.1.1.3.0) for local system using SNMP version 2c and 'public' community string.

Configuring SNMP Community Strings

Community strings are used to authenticate SNMP requests and responses. The default community string for Net-SNMP is 'public', which is a well-known community string and should be changed to ensure security of your SNMP configuration.

To configure SNMP community strings, open SNMP daemon configuration file located at /etc/snmp/snmpd.conf and add following lines

rocommunity <community_string> <IP_address>

Replace <community_string> with new community string you wish to use, and <IP_address> with IP address of host you want to grant read-only access to. You can add multiple lines with different community strings and IP addresses to provide access to multiple hosts.

For example, to set community string to 'mycommunity' and allow access to host with IP address 192.168.1.10, add following line to configuration file

rocommunity mycommunity 192.168.1.10

Once you have updated configuration file, restart SNMP daemon for changes to take effect

sudo systemctl restart snmpd

Configuring SNMP Traps

SNMP traps are used to notify SNMP manager of important events or conditions that occur on network devices. For example, a trap can be sent when a disk on a network device is almost full or when a hardware component fails.

To configure SNMP traps, open SNMP daemon configuration file and add following lines

trap2sink <IP_address> <community_string>

Replace <IP_address> with IP address of SNMP manager that will receive traps, and <community_string> with community string for SNMP manager.

For example, to send traps to SNMP manager with IP address 192.168.1.100 using community string 'mycommunity', add following line to configuration file

trap2sink 192.168.1.100 mycommunity

You can add multiple lines with different IP addresses and community strings to send traps to multiple SNMP managers.

Troubleshooting Net-SNMP

If you encounter any issues with Net-SNMP, you can use following tools to troubleshoot the problem

Checking SNMP Daemon Status

Use the following command to check status of daemon

sudo systemctl status snmpd

If daemon is not running, you can start it using following command

sudo systemctl start snmpd

Testing SNMP Response

Use snmpwalk command to check if SNMP agent is responding to requests

snmpwalk -v2c -c public localhost system

If you do not receive any output, SNMP agent may not be running correctly.

Network Traffic Analysis

Use tcpdump to capture SNMP traffic and analyze it for any issues

sudo tcpdump -i eth0 -s 0 -w snmp.pcap udp port 161

The above command will capture all SNMP traffic on eth0 interface and save it to a file called snmp.pcap. You can then use a tool like Wireshark to analyze captured traffic.

Using SNMP with Nagios

Nagios is a popular open-source monitoring tool that can be used to monitor network devices, servers, and applications. Nagios can use SNMP to monitor and manage devices that support SNMP.

To use SNMP with Nagios, you will need to install Nagios SNMP plugins

sudo apt-get install nagios-plugins-contrib

Once plugins are installed, you can use check_snmp plugin to monitor SNMP objects on network devices. For example, to monitor system uptime of a device with IP address 192.168.1.1 using community string 'mycommunity'

/usr/lib/nagios/plugins/check_snmp -H 192.168.1.1 -C mycommunity -o sysUpTime.0

The above command will retrieve system uptime object (1.3.6.1.2.1.1.3.0) for device with IP address 192.168.1.1 using SNMP and community string 'mycommunity'.

Conclusion

Net-SNMP is a powerful and flexible SNMP management tool that can be installed and configured on a Linux system in just a few steps. By following the steps outlined in this article, you can get started with Net-SNMP and start monitoring and managing your network devices more effectively. Remember to always secure your SNMP configuration by changing default community strings and restricting access to authorized hosts only.