SNMP exercises. 2 Installing client (manager) tools 2. 3 Configure SNMP on Your Router 3

Similar documents
Monitoring disk stats with Cacti

Simple Network Management Protocol

Network Management & Monitoring Introduction to SNMP

Network Monitoring & Management Introduction to SNMP

Newton Linux User Group Graphing SNMP with Cacti and RRDtool

Network Management & Monitoring

Monitoring Netflow with NFsen

Network Monitoring Lab

QStar SNMP installation, configuration and testing. Contents. Introduction. Change History

Network Management & Monitoring Introduction to SNMP

This watermark does not appear in the registered version - SNMP and OpenNMS. Part 1 SNMP.

SNMP Monitoring. The Sequel by Manuel Deschambault. Support Tool Architect Symbiotic System Design

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management

INASP: Effective Network Management Workshops

Using SNMP with Content Gateway (not V-Series)

Configuring CitectSCADA SNMP projects with MIB2CIT. A reference for CitectSCADA Customers

TEIN2 Measurement and Monitoring Workshop Passive Measurements.

Using Dedicated Servers from the game

Network Monitoring and Management Recommendations Best Practice Document

Network Monitoring with SNMP

A SHORT INTRODUCTION TO DUPLICITY WITH CLOUD OBJECT STORAGE. Version

White Paper Case Study:

Network Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016

How to Install Multicraft on a VPS or Dedicated Server (Ubuntu bit)

SNMP Version 3. Finding Feature Information. Information About SNMP Version 3. Security Features in SNMP Version 3

Network Monitoring with SNMP

OpenGeo Suite for Linux Release 3.0

Install and configure the Net- SNMP agent for Windows

Creating Cacti FortiGate SNMP Graphs

CYAN SECURE WEB HOWTO. NTLM Authentication

Configuring Simple Network Management Protocol (SNMP)

May PZ-0502A-WWEN Prepared by: Internet & E-Commerce Solutions

Operations Manager: Network Monitoring

Scheduling Automated Outlet Control Using FineSNMPSet with Sentry Switched Power Distribution Units

Network Management & Monitoring Request Tracker (RT) Installation and Configuration

Using SNMP to Obtain Port Counter Statistics During Live Migration of a Virtual Machine. Ronny L. Bull Project Writeup For: CS644 Clarkson University

Using Cacti To Graph MySQL s Metrics

SETTING UP A LAMP SERVER REMOTELY

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts

Cassandra Installation over Ubuntu 1. Installing VMware player:

Advanced Guide for Configuring SNMPc to Manage Any SNMP Enabled Device

SNMP COMMAND SNMP SNMP [HELP] [COMMUNITY SYSCONTACT SYSLOCATION SYSNAME SYSOBJECID/OID TRAPS LIST]

securitymodel who securityname com2sec secname ipsource community default group groupname model secname v1 v2c usm

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Linux Development Environment Description Based on VirtualBox Structure

OM2012 Network Monitoring. Phil Bracher Sr. Premier Field Engineer Microsoft Corporation

How to simulate network devices using the Verax SNMP Simulator (Linux/Windows)

SNMP Peach Pit Data Sheet

HowTo Check. Microsoft Cluster. Functionality via SNMP

orrelog SNMP Trap Monitor Software Users Manual

Laboration 3 - Administration

2. Boot using the Debian Net Install cd and when prompted to continue type "linux26", this will load the 2.6 kernel

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

Setting up Radmind For an OSX Public Lab

GeBro-BACKUP. Die Online-Datensicherung. Manual Pro Backup Client on a NAS

A Dude probing SNMP! Building custom probes and configuring equipment using SNMP with The Dude. Andrea Coppini AIR Wireless - Malta andrea@air.com.

S /3133 Networking Technology, laboratory course A/B

This configuration guide describes the installation process of SNMP on Windows and Linux with the NetBorder Express Gateway.

SNMP in Cisco IOS. The minimum you should know

Automated Offsite Backup with rdiff-backup

Enhancements to idrac7 Alert Notification

Using a login script for deployment of Kaspersky Network Agent to Mac OS X clients

SNMP SECURITY A CLOSER LOOK JEFFERY E. HAMMONDS EAST CAROLINA UNIVERSITY ICTN 6865

Lab - Observing DNS Resolution

Deploying the BIG-IP LTM with the Cacti Open Source Network Monitoring System

Partek Flow Installation Guide

Solr Bridge Search Installation Guide

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

Using Device Discovery

Using the Radmind Command Line Tools to. Maintain Multiple Mac OS X Machines

Adafruit's Raspberry Pi Lesson 6. Using SSH

The Tor VM Project. Installing the Build Environment & Building Tor VM. Copyright The Tor Project, Inc. Authors: Martin Peck and Kyle Williams

Adafruit's Raspberry Pi Lesson 7. Remote Control with VNC

INSTALLING KAAZING WEBSOCKET GATEWAY - HTML5 EDITION ON AN AMAZON EC2 CLOUD SERVER

Network Monitoring. Dhruba Raj Bhandari (CCNA) Manager Systems Soaltee Crowne Plaza Kathmandu NEPAL

MRTG used for Basic Server Monitoring

How To Name A Snip On Linux (M500) On A Usb Modem Or Ipa (M5) On An Ipa Or Ipb (M50) On Linux On A Microsoft M500 Modem On A 2C Or Ip

Ciphermail Gateway Separate Front-end and Back-end Configuration Guide

Cisco UCS Performance Manager Installation Guide

SNMP Simple Network Management Protocol

Installing an open source version of MateCat

Local File Sharing in Linux

INTRODUCING SAMBA 4 NOW, EVEN MORE AWESOMENESS

Simple Network Management Protocol

EventSentry Overview. Part I Introduction 1 Part II Setting up SQL 2008 R2 Express 2. Part III Setting up IIS 9. Part IV Installing EventSentry 11

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Using Red Hat Enterprise Linux with Georgia Tech's RHN Satellite Server Installing Red Hat Enterprise Linux

Monitoring the Firewall Services Module

Installing a Symantec Backup Exec Agent on a SnapScale Cluster X2 Node or SnapServer DX1 or DX2. Summary

NRPE Documentation CONTENTS. 1. Introduction... a) Purpose... b) Design Overview Example Uses... a) Direct Checks... b) Indirect Checks...

Management, Logging and Troubleshooting

This guide provides instructions on how to configure SNMP feature on Yealink IP phones and test SNMP feature using a free SNMP test tool.

Installation Guide for AmiRNA and WMD3 Release 3.1

Helsinki University of Technology Department of Electrical and Communications Engineering Networking Laboratory

CPE111 COMPUTER EXPLORATION

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

THE SNMP PROTOCOL THE SNMP REQUEST MIB SATELLAR 2DS/20DS SIMPLE NETWORK MANAGEMENT PROTOCOL SATELLAR MANAGEMENT WITH SNMP GET AND SET SMART RADIO

Using Network Attached Storage with Linux. by Andy Pepperdine

SNMP. Simple Network Management Protocol

Transcription:

SNMP exercises Contents 1 Introduction 1 1.1 Goals................................. 1 1.2 Notes................................. 2 2 Installing client (manager) tools 2 3 Configure SNMP on Your Router 3 4 Testing SNMP 4 5 SNMP Walk and OIDs 4 6 Configuration of snmpd on your PC 5 6.1 Check that snmpd is working:.................... 7 6.2 Test your neighbors......................... 7 7 Adding MIBs 7 8 SNMPwalk - the rest of MIB-II 8 9 More MIB-OID fun 9 1 Introduction 1.1 Goals Install and learn to use the SNMP commands 1

Explore and identify standard vs enterprise parts of the MIB tree Install vendor specific MIBs and use those with the SNMP commands 1.2 Notes Commands preceded with $ imply that you should execute the command as a general user - not as root. Commands preceded with # imply that you should be working as root. Commands with more specific command lines (e.g. rtrx> or mysql> ) imply that you are executing commands on remote equipment, or within another program. 2 Installing client (manager) tools Start by installing the net-snmp tools: $ sudo apt-get install snmp $ sudo apt-get install snmp-mibs-downloader The second of the two commands downloads the standard IETF and IANA SNMP MIBs which are not included by default. Note: for this to work, you must enable the multiverse source in your APT configuration, If you are using Ubuntu 12.04 or 14.04. This has already been done for you in this workshop. Now, edit the file /etc/snmp/snmp.conf: $ sudo editor /etc/snmp/snmp.conf Change this line: mibs :... so that it looks like: # mibs : (You are commenting out the empty mibs statement, which was telling the snmp* tools not to automatically load the mibs in the /usr/share/mibs/ directory) Now, make your own copy of the file /etc/snmp/snmp.conf, make it readable only by you, and add your credentials to it: 2

$ mkdir ~/.snmp $ cp /etc/snmp/snmp.conf ~/.snmp/ $ chmod 700 ~/.snmp/ $ sudo editor ~/.snmp/snmp.conf Add the following lines to the bottom: defversion 3 defcommunity NetManage defsecurityname admin defsecuritylevel authnopriv defauthpassphrase NetManage defauthtype SHA Adding this information means you won t have to enter your credentials everytime you use one of the SNMP utilities. 3 Configure SNMP on Your Router For this exercise you need to work in groups. Assign one person to type on the keyboard. If you are unsure of what group you are in refer to the Network Diagram on the classroom wiki by going to http://noc.ws.nsrc.org/ and clicking on the Network Diagram link. Now connect to your router: $ ssh cisco@rtrn.ws.nsrc.org (or "ssh cisco@10.10.n.254") username: cisco password: <CLASS PASSWORD> rtrn> enable Password: <CLASS PASSWORD> rtrn# configure terminal (conf t) Now we need to add an Access Control List rule for SNMP access, turn on SNMP, assign a read-only SNMP community string as well as a SNMPv3 group and user and tell the router to maintain SNMP information across reboots. To do this we do: 3

rtrn(config)# access-list 99 permit 10.10.0.0 0.0.255.255 rtrn(config)# snmp-server community NetManage ro 99 rtrn(config)# snmp-server group ReadGroup v3 auth access 99 rtrn(config)# snmp-server user admin ReadGroup v3 auth sha NetManage rtrn(config)# snmp-server ifindex persist Now let s exit and save this new configuration to the routers permanent config. rtrn(config)# exit rtrn# write memory rtrn# exit (wr mem) (until you return to your pc) Now to see if your changes are working. 4 Testing SNMP To check that your SNMP installation works, run the snmpstatus command on each of the following devices $ snmpstatus <IP_ADDRESS> Where is each of the following: * The NOC server: 10.10.0.250 * Your group's router: 10.10.N.254 * The backbone switch: 10.10.0.253 * The backbone router: 10.10.0.254 * The access points: 10.10.0.251, 10.10.0.252 Note that you just used SNMPv3. Not all devices that implement SNMP support v3. Try again, adding -v2c as a parameter. Notice that the command automatically uses the community string in the snmp.conf file instead of the v3 user credentials. Try -v1. What happens if you try using the wrong community string (i.e. change NetManage to something else) using the options -v2c -c NetWrong? 5 SNMP Walk and OIDs Now, you are going to use the snmpwalk command, part of the SNMP toolkit, to list the tables associated with the OIDs listed below, on each piece of equipment you tried above: 4

.1.3.6.1.2.1.2.2.1.2.1.3.6.1.2.1.31.1.1.1.18.1.3.6.1.4.1.9.9.13.1.1.3.6.1.2.1.25.2.3.1.1.3.6.1.2.1.25.4.2.1 You will try this with two forms of the snmpwalk command: $ snmpwalk <IP_ADDRESS> <OID> and $ snmpwalk -On <IP_ADDRESS> <OID>... where OID is one of the OIDs listed above:.1.3.6...... where IP_ADDRESS can be your group s router... Note: the -On option turns on numerical output, i.e.: no translation of the OID <-> MIB object takes place. For these OIDs: a) Do all the devices answer? b) Do you notice anything important about the OID on the output? 6 Configuration of snmpd on your PC For this exercise your group needs to verify that the snmpd service is running and responding to queries for all machines in your group. First enable snmpd on your machine, then test if your machine is responding, then check each machine of your other group members. Install the SNMP agent (daemon) $ sudo apt-get install snmpd $ sudo apt-get install libsnmp-dev Because of an Ubuntu bug (https://bugs.launchpad.net/ubuntu/+source/netsnmp/+bug/1322431), the command to create SNMPv3 users is missing, so, until this is fixed, do the following: 5

cd /tmp/ wget https://gist.githubusercontent.com/rarylson/72d1414d6907a4548427/raw/d97aed8debf0a291a0 chmod +x net-snmp-create-v3-user sudo mv net-snmp-create-v3-user /usr/local/bin Configuration. We will make a backup of the distributed config, and then we will create our own: $ cd /etc/snmp $ sudo mv snmpd.conf snmpd.conf.dist $ sudo editor snmpd.conf Then, copy/paste the following: # Listen for connections on all interfaces (both IPv4 *and* IPv6) agentaddress udp:161,udp6:[::1]:161 # Configure Read-Only community and restrict who can connect rocommunity NetManage 10.10.0.0/16 rocommunity NetManage 127.0.0.1 # Information about this host syslocation NSRC Network Management Workshop syscontact sysadm@pcx.ws.nsrc.org # Which OSI layers are active in this host # (Application + End-to-End layers) sysservices 72 # Include proprietary dsktable MIB (in addition to hrstoragetable) includealldisks 10% Now save and exit from the editor. Now we will add the same SNMPv3 user to your PC. We need to stop snmpd before adding the user, and restart it to read the above changes as well as the new user: $ sudo service snmpd stop $ sudo net-snmp-create-v3-user -a SHA -A NetManage admin $ sudo service snmpd start 6

6.1 Check that snmpd is working: $ snmpstatus localhost What do you observe? 6.2 Test your neighbors Check now that you can run snmpstatus against your other group members servers: $ snmpstatus pcn.ws.nsrc.org For instance, in group 5, you should verify against: * pc17.ws.nsrc.org * pc18.ws.nsrc.org * pc19.ws.nsrc.org * pc20.ws.nsrc.org 7 Adding MIBs Remember when you ran: $ snmpwalk 10.10.X.254.1.3.6.1.4.1.9.9.13.1 If you noticed, the SNMP client (snmpwalk) couldn t interpret all the OIDs coming back from the Agent: SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis" SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1 What is 9.9.13.1.3.1? To be able to interpret this information, we need to download extra MIBs: We will use the following MIBs (Don t download them yet!): CISCO MIBS ftp://ftp.cisco.com/pub/mibs/v2/cisco-smi.my ftp://ftp.cisco.com/pub/mibs/v2/cisco-envmon-mib.my 7

To make it easier, we have a local mirror on http://noc.ws.nsrc.org/mibs/ Download them now as follows: $ cd /usr/share/mibs $ sudo mkdir cisco $ cd cisco $ sudo wget http://noc.ws.nsrc.org/downloads/mibs/cisco-smi.my $ sudo wget http://noc.ws.nsrc.org/downloads/mibs/cisco-envmon-mib.my Now we need to tell the snmp tools that we have the cisco MIBS it should load. So edit the file /etc/snmp/snmp.conf, and add the following two lines: mibdirs +/usr/share/mibs/cisco mibs +CISCO-ENVMON-MIB:CISCO-SMI Save the file, quit. Now, try again: $ snmpwalk 10.10.X.254.1.3.6.1.4.1.9.9.13.1 What do you notice? 8 SNMPwalk - the rest of MIB-II Try and run snmpwalk on any hosts (routers, switches, machines) you have not tried yet, in the 10.10.0.X network Note the kind of information you can obtain. $ snmpwalk 10.10.0.X ifdescr $ snmpwalk 10.10.0.X ifalias $ snmpwalk 10.10.0.X iftable less $ snmpwalk 10.10.0.X ifxtable less $ snmpwalk 10.10.0.X ifoperstatus $ snmpwalk 10.10.0.X ifadminstatus $ snmpwalk 10.10.0.X if (Remember that with less you press space for next page, b to go back to previous page, and q to quit) Can you see what s different between iftable and ifxtable? What do you think might be the difference between ifoperstatus and ifadminstatus? Can you imagine a scenario where this could be useful? 8

9 More MIB-OID fun Use SNMP to examine: a. the running processes on your neighbor s server (hrswrun) b. the amount of free diskspace on your neighbor s server (hrstorage) c. the interfaces on your neighbor s server (ifindex, ifdescr) Can you use short names to walk these OID tables? Experiment with the snmptranslate command, example: $ snmptranslate.1.3.6.1.4.1.9.9.13.1 Try with various OIDs 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information