Agenda: exercises-snmp-v1-v2c.txt

File exercises-snmp-v1-v2c.txt, 6.7 KB (added by b.candler, 8 years ago)
Line 
1Advanced Registry Operations Curriculum
2
3SNMP exercises, part I
4
51. Getting packages:
6
7    > apt-get install snmpd             # adds thSNMP tools, server + libraries
8    > apt-get install tkmib             # SNMP MIB browser
9
102. Testing SNMP
11
12    - To control that your SNMP installation works, run the
13    snmpstatus command on each of the following devices:
14
15    > snmpstatus -c 'public' -v2c IP_ADDRESS
16
17    ... Where IP_ADDRESS is the following list: (see diagram)
18
19    - Your virtual router:  10.10.254.(1-16)
20    - The NOC server:       10.10.254.200
21    - The Core router:      10.10.254.254
22    - The backbone switch:  10.10.254.253 (not yet installed)
23
243. SNMP Walk and OIDs
25
26    Now, you are going to use the 'snmpwalk' command, part of the
27    SNMP toolkit, to list the tables associated with the OIDs listed
28    below, on each piece of equipment you tried above:
29
30    .1.3.6.1.2.1.2.2.1.2
31    .1.3.6.1.2.1.31.1.1.1.18
32    .1.3.6.1.4.1.9.9.13.1.3
33    .1.3.6.1.4.1.11.2.14.11.1.2
34    .1.3.6.1.2.1.25.2.3.1
35    .1.3.6.1.2.1.25.4.2.1
36
37    You will try this with two forms of the 'snmpwalk' command:
38
39    > snmpwalk     -c 'public' -v2c IP_ADDRESS OID
40
41    and
42
43    > snmpwalk -On -c 'public' -v2c IP_ADDRESS OID
44
45    ... where OID is one of the three OIDs listed above: .1.3.6...
46
47    Note: the "-On" option turns on numerical output, i.e.: no translation
48    of the OID <-> MIB object takes place.
49
50    For these OIDs:
51
52    a) Do all the devices answer ?
53
54    b) Do you notice anything important about the OID on the output ?
55
564. Configuration of snmpd on your NOC server
57
58    - Edit the following file:
59
60    > vi /etc/snmp/snmpd.conf
61
62        Comment the line (ADD '#' in front):
63
64    com2sec paranoid  default         public
65
66      ... so that it becomes:
67
68    #com2sec paranoid  default         public
69       
70        And UNcomment the line (REMOVE the '#' in front) and change community:
71
72    #com2sec readonly  default         public
73
74      ... so that it becomes:
75
76    com2sec readonly  default         menog7
77
78
79    - Edit the file /etc/default/snmpd, and find the line:
80   
81SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
82
83    - Remove 127.0.0.1 at the end, so you have:
84
85SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
86
87    - Restart snmpd
88
89    > /etc/init.d/snmpd stop
90    > /etc/init.d/snmpd start
91
925. Check that snmpd is working:
93
94    > snmpstatus -c 'menog7' -v2c localhost
95
96    - What do you observe ?
97
987. Check now that you can run snmpstatus against your neighbor's server
99   and router:
100
101    - Check snmp against their machine:
102
103    > snmpstatus -c 'menog7' -v2c 10.10.X.1              # X = 1 -> 16
104    > snmpstatus -c 'menog7' -v2c 10.10.X.254            # X = 1 -> 16
105
1068. SNMPwalk – the rest of MIB-II
107
108    - Try and run snmpwalk on any hosts (routers, switches, machines) you
109      have not tried yet, in the 10.10.254.Y network
110
111    Note the kind of information you can obtain.
112
113    > snmpwalk -c 'public' -v2c 10.10.254.X ifDescr
114    > snmpwalk -c 'public' -v2c 10.10.254.X ifTable
115    > snmpwalk -c 'public' -v2c 10.10.254.X ifAlias
116    > snmpwalk -c 'public' -v2c 10.10.254.X ifOperStatus
117    > snmpwalk -c 'public' -v2c 10.10.254.X ifAdminStatus
118    > snmpwalk -c 'public' -v2c 10.10.254.X if
119
120    - Can you explain the difference between ifOperStatus and
121      ifAdminStatus ?
122
123    - Can you imagine a scenario where this could be useful ?
124
1259. Adding MIBs
126
127    Remember when you ran:
128
129    > snmpwalk -c 'public' -v2c 10.10.254.254  .1.3.6.1.4.1.9.9.13.1.3
130    or
131    > snmpwalk -c 'public' -v2c 10.10.254.254  .1.3.6.1.4.1.11.2.14.11.1.2
132
133    If you noticed, the SNMP client (snmpwalk) couldn't interpret
134    all the OIDs coming back from the Agent:
135
136    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
137    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
138
139    or
140
141    ...
142    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
143    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
144    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
145    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
146    ...
147
148    - What is '9.9.13.1.3.1.3' ?
149    - What is '.11.2.14.11.1.2.6.1.4' ?
150
151    To be able to interpret this information, we need to download extra MIBs:
152
153    - Download the following files to your machine:
154
155    CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
156                ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
157
158    HP MIBS:    http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
159
160    > cd /usr/share/snmp/mibs
161    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
162    > wget ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
163    > wget http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
164
165    - Extract the HP SNMP MIBs (in the /usr/share/snmp/mibs):
166
167    > cd /usr/share/snmp/mibs       # just in case!
168    > mkdir hp
169    > cd hp
170    > tar -xvf ../mibs-Oct09.tar
171
172    Note: You should see a lot of output on the screen (the HP MIB files)
173 
174    - Create the file /usr/share/snmp/snmp.conf, and put into it:
175
176        mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/hp
177
178        mibs ALL
179
180    This tells the snmp* commands that they should load ALL mibs in the
181    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
182   
183    - Save the file, quit.
184
185    Now, try again:
186
187    > snmpwalk -c 'public' -v2c 10.10.254.254  .1.3.6.1.4.1.9.9.13.1.3
188    or
189    > snmpwalk -c 'public' -v2c 10.10.254.253  .1.3.6.1.4.1.11.2.14.11.1.2
190
191    What do you notice ?
192
193
19410. More MIB-OID fun
195
196    - Use the OIDs from the beginning of this exercise set, and examine:
197
198    a) the running processes on your neighbor's server (hrSWRun)
199    b) the amount of free diskspace on your neighbor's server (hrStorage)
200    c) the interfaces on your neighbor's server (ifIndex, ifDescr)
201
202    Can you use short names to walk these OID tables ?
203
204    - Experiment with the "snmptranslate" command, example:
205
206    > snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
207
208    - Try with various OIDs
209
210=== PLEASE SKIP THE FOLLOWING, IT APPLIES TO LINUX WITH GUI ===
211
21211. MIB Browser
213
214    In the beginning of this exercise set, you installed the tkmib MIB
215    browser.  Now we will run it:
216
217    > tkmib
218
219    The tkmib main windows should pop up on your screen.
220
221    We'll run through a few examples together, but you are encourage
222    to explore the interface.
223
224    Remember to set the community name and the SNMP version (v2c) in the
225    "Options" menu.
226
227    Then replace "localhost" with the IP you want to probe, and you can
228    either type an OID manually in the OID window, or navigate using the
229    tree window, for example, on the HP switches (.100.1 and .75.254):
230
231    .iso.org.dod.internet.private.enterprises.hp.nm.icf.hpicfObjects.
232        hpicfCommon.hpicfChassis
233
234
235    Then try and "walk" that part of the MIB
236
237