Agenda: exercises-snmp-v1-v2c.txt

File exercises-snmp-v1-v2c.txt, 6.9 KB (added by brian, 7 years ago)
Line 
1SNMP exercises, part I
2======================
3
4Note: many of the commands in this exercise do not have to be run as root,
5but it is safe to run them all as root. So it's simpler if you start a
6root shell and enter them all there. You can start a root shell like this:
7
8    $ sudo bash
9
101. Installing client tools
11--------------------------
12
13    # apt-get install snmp
14
152. Testing SNMP
16---------------
17
18To control that your SNMP installation works, run the
19snmpstatus command on each of the following devices
20
21    $ snmpstatus -c 'NetManage' -v2c IP_ADDRESS
22
23Where IP_ADDRESS is the following list:
24
25    * The NOC server:       10.10.0.254
26    * The backbone switch:  10.10.0.253
27    * Classroom routers:    10.10.1-9.254
28    * The access points:    10.10.0.(251,252)
29
303. SNMP Walk and OIDs
31---------------------
32
33Now, you are going to use the 'snmpwalk' command, part of the
34SNMP toolkit, to list the tables associated with the OIDs listed
35below, on each piece of equipment you tried above:
36
37    .1.3.6.1.2.1.2.2.1.2
38    .1.3.6.1.2.1.31.1.1.1.18
39    .1.3.6.1.4.1.9.9.13.1
40    .1.3.6.1.4.1.11.2.14.11.1.2
41    .1.3.6.1.2.1.25.2.3.1
42    .1.3.6.1.2.1.25.4.2.1
43
44You will try this with two forms of the 'snmpwalk' command:
45
46    $ snmpwalk     -c 'NetManage' -v2c IP_ADDRESS OID
47
48and
49
50    $ snmpwalk -On -c 'NetManage' -v2c IP_ADDRESS OID
51
52... where OID is one of the three OIDs listed above: .1.3.6...
53
54Note: the "-On" option turns on numerical output, i.e.: no translation
55of the OID <-> MIB object takes place.
56
57For these OIDs:
58
59a) Do all the devices answer ?
60
61b) Do you notice anything important about the OID on the output ?
62
634. Configuration of snmp on your Cisco router
64---------------------------------------------
65
66Connect to your virtual Cisco router:
67
68    # apt-get install telnet    # if required
69
70    $ telnet 10.10.X.254        # where X is 1-9
71
72Default login: "cisco", password "cisco", enable secret "cisco"
73
74Configure it to enable SNMP:
75
76    enable
77    conf t
78    snmp-server community NetManage ro 99
79    access-list 99 permit 10.10.0.0 0.0.255.255
80    exit
81    exit     # until you get back to your PC
82
83Now back on your PC, test using some of the OIDs from section 3 above.
84
85    $ snmpwalk -c 'NetManage' -v2c 10.10.X.254 <OID>
86
87What happens if you try using the wrong community string (i.e. change
88'NetManage' to something else?)
89
905. Configuration of snmpd on your PC
91-------------------------------------
92
93* Install the SNMP agent (daemon)
94
95    # apt-get install snmpd
96
97* Edit the following file:
98
99        # editor /etc/snmp/snmpd.conf
100
101    Comment this line (ADD '#' in front):
102
103        com2sec paranoid  default         public
104
105    ... so that it becomes:
106
107        #com2sec paranoid  default         public
108       
109    And UNcomment the line (REMOVE the '#' in front) and change community:
110
111        #com2sec readonly  default         public
112
113    ... so that it becomes:
114
115        com2sec readonly  default         NetManage
116
117* Edit the file /etc/default/snmpd, and find the line:
118   
119        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
120
121    Remove 127.0.0.1 at the end, so you have:
122
123        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'
124
125* Restart snmpd
126
127        # /etc/init.d/snmpd stop
128        # /etc/init.d/snmpd start
129
1306. Check that snmpd is working:
131-------------------------------
132
133    $ snmpstatus -c NetManage -v2c localhost
134
135What do you observe ?
136
1377. Test your neighbors
138----------------------
139
140Check now that you can run snmpstatus against your neighbor's servers:
141
142    $ snmpstatus -c NetManage -v2c pcX
143
144
1458. Adding MIBs
146--------------
147
148Remember when you ran:
149
150    $ snmpwalk -c NetManage -v2c 10.10.X.254  .1.3.6.1.4.1.9.9.13.1
151
152or
153
154    $ snmpwalk -c NetManage -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
155
156If you noticed, the SNMP client (snmpwalk) couldn't interpret
157all the OIDs coming back from the Agent:
158
159    SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
160    SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 1
161
162or
163
164    ...
165    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.1 = INTEGER: 4
166    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.2 = INTEGER: 4
167    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.3 = INTEGER: 5
168    RFC1155-SMI::enterprises.11.2.14.11.1.2.6.1.4.4 = INTEGER: 4
169    ...
170
171What is '9.9.13.1.3.1' ?
172What is '.11.2.14.11.1.2.6.1.4' ?
173
174To be able to interpret this information, we need to download extra MIBs:
175
176* You will download the following files to your machine:
177
178        CISCO MIBS: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-SMI.my
179                    ftp://ftp.cisco.com/pub/mibs/v2/CISCO-ENVMON-MIB.my
180
181        HP MIBS:    http://ftp.hp.com/pub/networking/software/mibs-Oct09.tar
182
183    However we have a local mirror on http://noc.ws.nsrc.org/mibs/
184    which will be much faster (especially for the large HP mib bundle)
185
186        # apt-get install wget
187        # cd /usr/share/snmp/mibs
188        # wget http://noc.ws.nsrc.org/mibs/CISCO-SMI.my
189        # wget http://noc.ws.nsrc.org/mibs/CISCO-ENVMON-MIB.my
190        # wget http://noc.ws.nsrc.org/mibs/mibs-Oct09.tar
191
192* Extract the HP SNMP MIBs (in the /usr/share/snmp/mibs):
193
194        # cd /usr/share/snmp/mibs       # just in case!
195        # mkdir hp
196        # cd hp
197        # tar -xvf ../mibs-Oct09.tar
198
199    Note: You should see a lot of output on the screen (the HP MIB files)
200 
201* Create the file /etc/snmp/snmp.conf, and put into it:
202
203        mibdirs /usr/share/snmp/mibs:/usr/share/snmp/mibs/hp
204        mibs ALL
205
206    This tells the snmp* commands that they should load ALL mibs in the
207    mibdirs /usr/share/snmp/mibs and /usr/share/snmp/mibs/hp
208   
209* Save the file, quit.
210
211Now, try again:
212
213    $ snmpwalk -c 'NetManage' -v2c 10.10.X.254  .1.3.6.1.4.1.9.9.13.1
214
215and
216
217    $ snmpwalk -c 'NetManage' -v2c 10.10.0.253  .1.3.6.1.4.1.11.2.14.11.1.2
218
219What do you notice ?
220
221
2229. SNMPwalk - the rest of MIB-II
223--------------------------------
224
225Try and run snmpwalk on any hosts (routers, switches, machines) you
226have not tried yet, in the 10.10.0.X network
227
228Note the kind of information you can obtain.
229
230    $ snmpwalk -c NetManage -v2c 10.10.0.X ifDescr
231    $ snmpwalk -c NetManage -v2c 10.10.0.X ifTable
232    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAlias
233    $ snmpwalk -c NetManage -v2c 10.10.0.X ifOperStatus
234    $ snmpwalk -c NetManage -v2c 10.10.0.X ifAdminStatus
235    $ snmpwalk -c NetManage -v2c 10.10.0.X if
236
237Can you explain the difference between ifOperStatus and ifAdminStatus ?
238
239Can you imagine a scenario where this could be useful ?
240
241
242
24310. More MIB-OID fun
244--------------------
245
246* Use the OIDs from the beginning of this exercise set, and examine:
247
248        a) the running processes on your neighbor's server (hrSWRun)
249        b) the amount of free diskspace on your neighbor's server (hrStorage)
250        c) the interfaces on your neighbor's server (ifIndex, ifDescr)
251
252    Can you use short names to walk these OID tables ?
253
254* Experiment with the "snmptranslate" command, example:
255
256        $ snmptranslate .1.3.6.1.4.1.11.2.14.11.1.2
257
258* Try with various OIDs