It's not hard to get SNMP v1 up and running. Just follow these simple steps.
A few weeks ago, I received an email from a fellow AIX system administrator, who was having issues trying to get his SNMP v3 (Simple Network Management Protocol) client talking to the local SNMP monitor server. After a few email exchanges, I suggested he revert back to SNMP v1 to test the connectivity. I sent him a bare bones config file for SNMP v1 to test. The system admin was surprised by how small in size the config file was to get SNMP working. So let me share with you in this article how to mskr SNMP v1 communicate with an SNMP-aware monitor server. The standard configuration file AIX ships is over a 100 lines long. You don't need all those config entries to get SNMP up and running.
First, though, what is SNMP?
SNMP in a Nutshell
SNMP allows the system to collect data about your hardware and then send it back to an SNMP monitor server using traps. In its simplest form, this is a notification request. SNMP works on the basis that an SNMP monitor server sends out a request to an SNMP client, and the client then returns a response containing information about the hardware that the client has stored in its own internal tables.
The SNMP community string defines the relationship between an SNMP monitor server and the client. This string acts like a password to control the access from the monitor server's request to the client. A community string (identifier) is sent along with all requests. SNMP can monitor CPU, disk usage, memory, and network devices. You get the picture. How SNMP works underneath will not be discussed in this article. Let's just get SNMP up and running with minimal configuration.
SNMP for AIX comes in three versions: v1, v2, and v3. Version 3 offers enhanced security with secure user credentials when authenticating; plus, it's encrypted. Version 2 is the same as version 3, except it's not encrypted. Version 1 is the entry-level standard for any SNMP monitoring. Most, if not all, SNMP monitoring servers are backward-compatible with v1.
Choose Your Community Name Well
By default, all SNMP installs come with the community string called "public" or, in some instances, "private." Using the default is not a good idea; expect other SNMP administrators to guess this community string to gather information from your SNMP client that is one of your AIX hosts, which could be a problem. In this article, the community string will be called acers6k.
Stopping the Services
Before any changes can be done to SNMP, the current services need to be stopped, like so:
# stopsrc -s aixmibd
# stopsrc -s hostmibd
# stopsrc -s snmpmibd
# stopsrc -s snmpd
Ensure You Are Running with SNMP v1
Next, inform AIX that SNMP v1 binary is to be used to handle all requests by changing the link from snmpd to point to snmpdv1:
# snmpv3_ssw -1
Confirm the change has taken place
# cd /usr/sbin
# ls -l snm*
lrwxrwxrwx 1 root system 17 Jan 30 2008 snmpd -> /usr/sbin/snmpdv1
That Confirmation File
The simple configuration is located in /etc/snmpd.conf, the contents of the file shown below.
logging file=/usr/tmp/snmpd.log enabled
logging size=0 level=0
view 1.17.2 system enterprises view
trap acers6k 127.0.0.1 1.2.3 fe # loopback
smux 220.127.116.11.18.104.22.168.22.214.171.124 gated_password # gated
smux 126.96.36.199.188.8.131.52.184.108.40.206.1.2 dpid_password #dpid
snmpd smuxtimeout=200 #muxatmd
smux 220.127.116.11.18.104.22.168.22.214.171.124.1 muxatmd_password #muxatmd
smux 126.96.36.199.188.8.131.52.184.108.40.206 xmtopas_pw # xmtopas
Looking briefly at the file, we see the following:
- The logging file/location is specified.
- The community name in this demonstration is acers6k.
- The view specifies what priveges a community has.
- The trap specifies what host to notify when a request comes in.
- The snmpd is additional configuration entries.
- The smux specifies information between the server and client.
Note we have an entry for xmtopas. Though not required, it is best to keep this, especially for other AIX monitoring tools that request information.
Start Your Services Up
The config file is completed. All that is needed now is to re-start your services. We restart the SNMP services appended with the community name we're using. To make this a permanent fixture, amend the entries in the /etc/rc.tcpip by parsing the community name to them, as shown below:
# startsrc -s snmpd
# startsrc -s aixmibd -a "-c acers6k"
# startsrc -s hostmibd -a "-c acers6k"
# startsrc -s snmpmibd -a "-c acers6k"
A Test You Can Query
Now wait a few minutes for the SNMP client to gather information. Then issue a local command to see if data is displayed. In the following example, processor information is output:
# snmpinfo -v -m dump -c acers6k hrProcessorLoad
hrProcessorLoad.1 = 0
hrProcessorLoad.2 = 0
hrProcessorLoad.3 = 0
hrProcessorLoad.4 = 0
If you want to dump the complete tree of information (expect a lot of output), use this:
# snmpinfo -m dump -c acers6k –v
sysDescr.0 = "IBM PowerPC CHRP Computer
Machine Type: 0x0800004c Processor id: 00CD94A64C00
Base Operating System Runtime AIX version: 05.03.0012.0001
If you're not getting any information back and you're quite sure that there are no typos in the file, check the UDP size. Maybe your UDP packets are not large enough. Change it to a max of 65535, like so:
# no -o udp_sendspace=65535
Setting udp_sendspace to 65535
Figures 1 and 2 show an SNMP monitor agent monitoring the AIX client uk01wrs6008 that was demonstrated in this article, along with the configurations used.
Figure 1: This is what the processor looks like.
Figure 2: And here's the disk output.
See how easy it is to get SNMP up and running?