3

I installed a snmpd into a CentOS 7 minimal installation for system parameters search, for instance:

snmpget -v 2c -c public 127.0.0.1 .1.3.6.1.2.1.2.2.1.2

for the above command I get the following result:

IF-MIB::ifDescr = No Such Object available on this agent at this OID

when i execute: 

 snmpwalk -v 2c -c public 127.0.0.1

to check if the IF-MIB is loaded by snmpd, i get the following result:

     SNMPv2-MIB::sysDescr.0 = STRING: Linux vm_test.whatever.com 3.10.0-862.6.3.el7.x86_64 #1 SMP Tue Jun 26 16:32:21 UTC 2018 x86_64
     SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
     DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (90641) 0:15:06.41
     SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
     SNMPv2-MIB::sysName.0 = STRING: vm_test.whatever.com
     SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf)
     SNMPv2-MIB::sysORLastChange.0 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDCompliance
     SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
     SNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK- MIB::snmpFrameworkMIBCompliance
     SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
     SNMPv2-MIB::sysORID.5 = OID: TCP-MIB::tcpMIB
     SNMPv2-MIB::sysORID.6 = OID: IP-MIB::ip
     SNMPv2-MIB::sysORID.7 = OID: UDP-MIB::udpMIB
     SNMPv2-MIB::sysORID.8 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
     SNMPv2-MIB::sysORID.9 = OID: SNMP-NOTIFICATION-MIB::snmpNotifyFullCompliance
     SNMPv2-MIB::sysORID.10 = OID: NOTIFICATION-LOG-MIB::notificationLogMIB
     SNMPv2-MIB::sysORDescr.1 = STRING: The MIB for Message Processing and Dispatching.
     SNMPv2-MIB::sysORDescr.2 = STRING: The management information definitions for the SNMP User-based Security Model.
     SNMPv2-MIB::sysORDescr.3 = STRING: The SNMP Management Architecture MIB.
     SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for SNMPv2 entities
     SNMPv2-MIB::sysORDescr.5 = STRING: The MIB module for managing TCP implementations
     SNMPv2-MIB::sysORDescr.6 = STRING: The MIB module for managing IP and ICMP implementations
     SNMPv2-MIB::sysORDescr.7 = STRING: The MIB module for managing UDP implementations
     SNMPv2-MIB::sysORDescr.8 = STRING: View-based Access Control Model for SNMP.
     SNMPv2-MIB::sysORDescr.9 = STRING: The MIB modules for managing SNMP Notification, plus filtering.
     SNMPv2-MIB::sysORDescr.10 = STRING: The MIB module for logging SNMP Notifications.
     SNMPv2-MIB::sysORUpTime.1 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.2 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.3 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.4 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.5 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.6 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.7 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.8 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.9 = Timeticks: (4) 0:00:00.04
     SNMPv2-MIB::sysORUpTime.10 = Timeticks: (4) 0:00:00.04
     HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (872972) 2:25:29.72
     HOST-RESOURCES-MIB::hrSystemUptime.0 = No more variables left in this MIB View (It is past the end of the MIB tree)

the output tells me that IF-MIB is not being checked, but if execute the command:

 snmptranslate -Dinit_mib .1.3.2>&1 | grep MIBDIR

to check the mibdirs (directories) and MIB's found (Seen MIBS) i get the following result:

  registered debug token init_mib, 1
  init_mib: Seen MIBDIRS: Looking in '/root/.snmp/mibs:/usr/share/snmp/mibs' for mib dirs ...
  init_mib: Seen MIBS: Looking in ':HOST-RESOURCES-MIB:HOST-RESOURCES- 
  TYPES:UCD-DISKIO-MIB:TCP-MIB:UDP-MIB:MTA-MIB:NETWORK-SERVICES-MIB:SCTP- 
  MIB:RMON-MIB:EtherLike-MIB:LM-SENSORS-MIB:SNMPv2-MIB:IF-MIB:IP- 
  MIB:NOTIFICATION-LOG-MIB:DISMAN-EVENT-MIB:DISMAN-SCHEDULE-MIB:UCD-SNMP- 
  MIB:UCD-DEMO-MIB:SNMP-TARGET-MIB:NET-SNMP-AGENT-MIB:SNMP-MPD-MIB:SNMP- 
  USER-BASED-SM-MIB:SNMP-FRAMEWORK-MIB:SNMP-VIEW-BASED-ACM-MIB:SNMP- 
  COMMUNITY-MIB:IPV6-ICMP-MIB:IPV6-MIB:IPV6-TCP-MIB:IPV6-UDP-MIB:IP-FORWARD- 
  MIB:NET-SNMP-PASS-MIB:NET-SNMP-EXTEND-MIB:UCD-DLMOD-MIB:SNMP-NOTIFICATION- 
  MIB:SNMPv2-TM:NET-SNMP-VACM-MIB' for mib files ...
  init_mib: Seen PREFIX: Looking in '.1.3.6.1.2.1' for prefix ..

and if you look carefully, the IF-MIB is there tagged as Seen Mibs. Why is it not showing up in the snmpwalk command? and why does the OID related to the IF-MIB doesn't exist in this agent? is this something permission related? OS related?

Siva
  • 9,017
  • 8
  • 56
  • 86
D Venzi
  • 35
  • 1
  • 1
  • 5

2 Answers2

6

The SNMP daemon upon installation in CentOS is configured by default to answer to queries of a restricted MIB tree view using the "public" community for security reasons.

As configured by default, the default "public" MIB (sub)tree allowed views are only .1.3.6.1.2.1.1 and .1.3.6.1.2.1.25.1.1 ; if you look closely the IF-MIB address space is .1.3.6.1.2.1.2. So querying objects on that MIB address space is not allowed by default. It also explains why that snmpwalk command of yours shows only a very restricted view.

Consequently, to get the SNMP daemon/service answering to your queries, you have firstly to configure a new view (and for security reasons better also a new community) on the configuration file /etc/snmp/snmpd.conf.

We shall then configure a "private" community for security reasons, and widen the MIB tree space which can be queried.

As such, add to /etc/snmp/snmpd.conf

rocommunity private 127.0.0.1 .1

Where 127.0.0.1 is the IP address which can make queries, and .1 the whole MIB tree. rocommunity also certifies you can only make read queries, which are more secure.

After configuring the snmpd.conf file, you have to restart the SNMP service, as in:

sudo service snmpd restart

or

sudo systemctl restart snmpd

Now for the query. If you are not asking for a MIB leaf node, you cannot use snmpget. You have to use snmpwalk for it to walk the MIB tree as in:

$ snmpwalk -v 2c -c private 127.0.0.1 .1.3.6.1.2.1.2.2.1.2
IF-MIB::ifDescr.1 = STRING: lo
IF-MIB::ifDescr.2 = STRING: eth0
IF-MIB::ifDescr.3 = STRING: eth1
IF-MIB::ifDescr.4 = STRING: eth2

On the other hand, if you need to query a leaf node of the MIB tree, for instance, your second interface in the system, you do:

$ snmpget -v 2c -c private 127.0.0.1 .1.3.6.1.2.1.2.2.1.2.2
IF-MIB::ifDescr.2 = STRING: eth0

PS Obviously in production systems, you call your community name something other than private.

PS2. The fact that you install a MIB file, is that you are installing dictionaries that translate numbers to readable text for humans and scripts/network monitoring software alike. Not having a MIB installed does not prevent from querying a specific MIB subtree in numeric form if the security context for accessing that SNMP community allows it

Rui F Ribeiro
  • 55,929
  • 26
  • 146
  • 227
  • 1
    It worked, thanks alot for the detailed explanation, it really makes a difference in the learning process. =] – D Venzi Aug 22 '18 at 18:45
  • You are welcome. See also, related: https://unix.stackexchange.com/questions/268959/how-to-properly-configure-snmpd/268962#268962 – Rui F Ribeiro Aug 22 '18 at 20:02
0

Try the below to snmpwalk,

snmpwalk  -v 2c -c public 127.0.0.1 .1.3.6.1.2.1.2.2.1.2

will give you the result as below

IF-MIB::ifDescr.1 = STRING: lo
IF-MIB::ifDescr.2 = STRING: eth2
IF-MIB::ifDescr.3 = STRING: eth3
IF-MIB::ifDescr.4 = STRING: eth4
IF-MIB::ifDescr.5 = STRING: eth5
IF-MIB::ifDescr.6 = STRING: eth0
IF-MIB::ifDescr.7 = STRING: eth1
IF-MIB::ifDescr.8 = STRING: eth6
IF-MIB::ifDescr.9 = STRING: eth7
IF-MIB::ifDescr.10 = STRING: bond0

So you should add another node to get the result.

snmpget -v 2c -c public 127.0.0.1 .1.3.6.1.2.1.2.2.1.2.1
Siva
  • 9,017
  • 8
  • 56
  • 86
  • It seems that subtree view is not included by default in snmpd.conf for the public community queries in CentOS. The default "public" MIB tree views are `.1.3.6.1.2.1.1` and `.1.3.6.1.2.1.25.1.1` – Rui F Ribeiro Aug 22 '18 at 04:15