Agenda: exercises-snmp-v1-v2c.txt

File exercises-snmp-v1-v2c.txt, 6.7 KB (added by admin, 7 years ago)
Line 
1SNMP exercises, part I
2======================
3
4Note: many of the commands in this exercise do not have to be run as root,
5but it is safe to run them all as root. So it's simpler if you start a
6root shell and enter them all there. You can start a root shell like this:
7
8    $ sudo bash
9
101. Installing client tools
11--------------------------
12
13    # apt-get install snmp
14
152. Testing SNMP
16---------------
17
18To control that your SNMP installation works, run the
19snmpstatus command on each of the following devices
20
21    $ snmpstatus -c 'NetManage' -v2c IP_ADDRESS
22
23Where IP_ADDRESS is the following list:
24
25    * The NOC server:       10.10.0.254
26    * The backbone switch:  10.10.0.253
27    * Classroom routers:    10.10.0.201-20x
28    * The access points:    10.10.0.251
29
303. SNMP Walk and OIDs
31---------------------
32
33Now, you are going to use the 'snmpwalk' command, part of the
34SNMP toolkit, to list the tables associated with the OIDs listed
35below, on each piece of equipment you tried above:
36
37    .1.3.6.1.2.1.2.2.1.2
38    .1.3.6.1.2.1.31.1.1.1.18
39    .1.3.6.1.4.1.9.9.13.1
40    .1.3.6.1.4.1.11.2.14.11.1.2
41    .1.3.6.1.2.1.25.2.3.1
42    .1.3.6.1.2.1.25.4.2.1
43
44You will try this with two forms of the 'snmpwalk' command:
45
46    $ snmpwalk     -c 'NetManage' -v2c IP_ADDRESS OID
47
48and
49
50    $ snmpwalk -On -c 'NetManage' -v2c IP_ADDRESS OID
51
52... where OID is one of the three OIDs listed above: .1.3.6...
53
54Note: the "-On" option turns on numerical output, i.e.: no translation
55of the OID <-> MIB object takes place.
56
57For these OIDs:
58
59a) Do all the devices answer ?
60
61b) Do you notice anything important about the OID on the output ?
62
634. Configuration of snmp on your Cisco router
64---------------------------------------------
65
66NOTE: this may already be configured on your Cisco, but it doesn't
67hurt to do it again :)
68
69Connect to your virtual Cisco router:
70
71    # apt-get install telnet    # if required
72
73    $ telnet 10.10.0.20X        # where X is 1-7
74
75Default login: "cisco", password "cisco", enable secret "cisco"
76
77If you have not changed the password... :)
78
79Configure it to enable SNMP:
80
81    enable
82    conf t
83    snmp-server community NetManage ro 99
84    access-list 99 permit 10.10.0.0 0.0.255.255
85    exit
86    exit     # until you get back to your PC
87
88Now back on your PC, test using some of the OIDs from section 3 above.
89
90    $ snmpwalk -c 'NetManage' -v2c 10.10.X.254 <OID>
91
92What happens if you try using the wrong community string (i.e. change
93'NetManage' to something else?)
94
955. Configuration of snmpd on your PC
96-------------------------------------
97
98* Install the SNMP agent (daemon)
99
100    # apt-get install snmpd
101
102* Edit the following file:
103
104        # editor /etc/snmp/snmpd.conf
105
106    Comment this line (ADD '#' in front):
107
108        com2sec paranoid  default         public
109
110    ... so that it becomes:
111
112        #com2sec paranoid  default         public
113       
114    And UNcomment the line (REMOVE the '#' in front) and change community:
115
116        #com2sec readonly  default         public
117
118    ... so that it becomes:
119
120        com2sec readonly  default         NetManage
121
122* Edit the file /etc/default/snmpd, and find the line:
123   
124        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
125
126    Remove 127.0.0.1 at the end, so you have:
127
128        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
129
130* Restart snmpd
131
132        # /etc/init.d/snmpd stop
133        # /etc/init.d/snmpd start
134
1356. Check that snmpd is working:
136-------------------------------
137
138    $ snmpstatus -c NetManage -v2c localhost
139
140What do you observe ?
141
1427. Test your neighbors
143----------------------
144
145Check now that you can run snmpstatus against your neighbor's servers:
146
147    $ snmpstatus -c NetManage -v2c pcX
148
149
1508. Adding MIBs
151--------------
152
153Remember when you ran:
154
155    $ snmpwalk -c NetManage -v2c 10.10.0.20X  .1.3.6.1.4.1.9.9.13.1
156
157or
158
159    $ snmpwalk -c NetManage -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
160
161If you noticed, the SNMP client (snmpwalk) couldn't interpret
162all the OIDs coming back from the Agent:
163
164    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
165    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
166
167or
168
169    ...
170    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
171    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
172    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
173    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
174    ...
175
176What is '9.9.13.1.3.1' ?
177What is '.11.2.14.11.1.2.6.1.4' ?
178
179To be able to interpret this information, we need to download extra MIBs:
180
181* You will download the following files to your machine:
182
183        CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
184                    ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
185
186    However we have a local mirror on http://noc.ws.nsrc.org/mibs/
187    which will be much faster (especially for the large HP mib bundle)
188
189        # apt-get install wget
190        # cd /usr/share/snmp/mibs
191        # wget http://noc.ws.nsrc.org/mibs/CISCO-SMI.my
192        # wget http://noc.ws.nsrc.org/mibs/CISCO-ENVMON-MIB.my
193
194* Create the file /etc/snmp/snmp.conf, and put into it:
195
196        mibdirs /usr/share/snmp/mibs
197        mibs ALL
198
199    This tells the snmp* commands that they should load ALL mibs in the
200    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
201   
202* Save the file, quit.
203
204Now, try again:
205
206    $ snmpwalk -c 'NetManage' -v2c 10.10.0.20X  .1.3.6.1.4.1.9.9.13.1
207
208        (use ' ... | less' if there is too much information on the screen)
209
210and
211
212    $ snmpwalk -c 'NetManage' -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
213
214What do you notice ?  Is .253 a Cisco device ?
215
216
2179. SNMPwalk - the rest of MIB-II
218--------------------------------
219
220Try and run snmpwalk on any hosts (routers, switches, machines) you
221have not tried yet, in the 10.10.0.X network
222
223Note the kind of information you can obtain.
224
225    $ snmpwalk -c NetManage -v2c 10.10.0.X ifDescr
226    $ snmpwalk -c NetManage -v2c 10.10.0.X ifTable
227    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAlias
228    $ snmpwalk -c NetManage -v2c 10.10.0.X ifOperStatus
229    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAdminStatus
230    $ snmpwalk -c NetManage -v2c 10.10.0.X if
231
232Can you explain the difference between ifOperStatus and ifAdminStatus ?
233
234Can you imagine a scenario where this could be useful ?
235
236
237
23810. More MIB-OID fun
239--------------------
240
241* Use the OIDs from the beginning of this exercise set, and examine:
242
243        a) the running processes on your neighbor's server (hrSWRun)
244        b) the amount of free diskspace on your neighbor's server (hrStorage)
245        c) the interfaces on your neighbor's server (ifIndex, ifDescr)
246
247    Can you use short names to walk these OID tables ?
248
249* Experiment with the "snmptranslate" command, example:
250
251        $ snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
252
253* Try with various OIDs