 |
Index for
Section 8 |
|
 |
Alphabetical
listing for S |
|
 |
Bottom of
page |
|
snmpd(8)
NAME
snmpd, snmpd.conf - Simple Network Management Protocol (SNMP) agent daemon
SYNOPSIS
/usr/sbin/snmpd [-t] [-d] [-p port]
OPTIONS
-d Specifies debug mode. If you specify this option, snmpd prints error
information to stdout, but does not run as a daemon.
-p port
Specifies the port to which the snmpd daemon listens for SNMP requests.
The default is port 161, the well-known SNMP port.
-t Specifies trace mode. If you specify this option, snmpd prints trace
information to stdout. You must specify the -d option with the -t
option.
DESCRIPTION
The snmpd daemon is an extensible SNMP agent that starts automatically at
boot time. It listens on the snmp service port specified in the
/etc/services file for SNMP requests and for local subagents wishing to
register extended MIBs. The snmpd daemon processes SNMP requests for MIB
objects by communicating with registered subagents. The snmpd daemon
receives and organizes the subagent replies and sends the SNMP response to
logically remote network management stations.
The snmpd daemon is a bilingual master agent, and is capable of handling
both SNMPv1 and SNMPv2c requests. For information about building subagents
and extensible SNMP support, refer to the Network Programmer's Guide.
Tru64 UNIX standard MIB support is implemented in the subagent process
/usr/sbin/os_mibs. This process is typically started and stopped
automatically in conjunction with the snmpd daemon.
The snmpd daemon reads its configuration file, /etc/snmpd.conf, at startup
time. You can change the configuration by editing the /etc/snmpd.conf
file, as described in the Configuring snmpd section in this reference page.
Note
The default configuration grants only read access to the world, and
does not generate any traps.
The snmpd daemon logs error messages through the syslog function to the
/usr/var/adm/syslog.dated/date/daemon.log log file.
Configuring snmpd
The /etc/snmpd.conf file defines the initial values for four MIB variables,
as well as access control based on community names and trap information, as
follows:
sysName name
sysLocation location
sysContact contact
snmpEnableAuthenTraps n
community community-name IP-address privileges
trap [v1|v2c] trap-community-name IP-address[:port]
If no trap version is specified, v1 is the default. White space (tabs,
spaces, line feeds, and carriage returns) and blank lines are ignored.
The /etc/snmpd.conf file is defined as a Context-Dependent Symbolic Link
(CDSL), and must be maintained as such. See the System Administration
manual for more information.
MIB Variable Initialization
When an entry in the /etc/snmpd.conf file is one of the following MIB
variables, it is assigned the value that follows it:
sysName name
sysLocation location
sysContact contact
snmpEnableAuthenTraps n
According to MIB-II, the variables sysName, sysLocation, and sysContact can
be any display string of 0 to 255 NVT ASCII characters. The value of the
snmpEnableAuthenTraps entry can be either 1 (enable traps) or 2 (disable
traps); for example:
sysName Presto
sysLocation City, USA
sysContact Kathy Berberian 555-7667
snmpEnableAuthenTraps 1
If the values of the sysName, sysLocation, and sysContact variables are
modified by SNMP set commands, the new values are updated in the snmpd.conf
file. (The sysName variable does not affect the system's host name.) If
sysName is not present or commented out in the snmpd.conf file, the
system's host name is used.
Community Entries
Community entries have the following format:
community-name IP-address privileges
community-name
Can be any string.
IP-address
Indicates the remote site for which this community is valid. If the IP
address is 0.0.0.0, any address can communicate using that community
name.
privileges
Can be read for read-only or write for read and write.
The following is a sample entry for the community variable:
community test1 130.117.1.20 read
This example defines a community named test1 that allows read-only access
from the IP address 130.117.1.20.
Note
On Tru64 UNIX, the MIB-II implementation supports write access to all
MIB-II variables so defined. Authorized parties are able to change
the Tru64 UNIX environment; such as bring down an interface or delete
an entry from the routing table.
Disabling snmpd
By default, the snmpd.conf file contains a community entry that permits
read access of all MIB variables via the community public. You can
constrain access to different communities by removing this default entry
and by adding entries with different community names.
If you want to disable access to MIB variables completely (some sites might
want to do this), the recommended method is to remove all community entries
in the snmpd.conf file and to issue the /sbin/init.d/snmpd read command to
force snmpd to reload its configuration.
Trap Community Entries
Trap entries have the following format:
trap [version] trap-community-name IP-address [:port]
version
Specifies the SNMP version, either v1 or v2c. If not specified, v1 is
the default.
trap-community
Can be any string.
IP-address
Indicates the destination address, in dot notation, to which to send
the trap PDU.
:port
Specifies the port at the destination address to which to send the trap
PDU. If no port is specified, port 162 is the default.
The following sample trap entry indicates to the agent that if a trap needs
to be sent, the trap PDU should be built using the community name test2 and
sent to the trap port at 128.169.4.15:
trap test2 128.169.4.15
The following sample trap entry indicates to the agent that if a trap needs
to be sent, the SNMPv1 trap PDU should be built using the community name
test1 and sent to the trap port at 128.169.4.15:
trap v1 test1 128.169.4.15
The following sample trap entry indicates to the agent that if a trap needs
to be sent, the SNMPv2 trap PDU should be built using the community name
test2 and sent to the port 5008 at 128.169.4.15:
trap v2 test2 128.169.4.15:5008
Rereading the Daemon Configuration File (snmpd.conf)
Sending the SIGHUP signal to snmpd causes it to reread the /etc/snmpd.conf
file and and reload that information. To do this, issue the
/sbin/init.d/snmpd read command.
Dumping the Registry of MIBs and Subagents
Sending the SIGUSR1 signal to snmpd causes it to dump its subagent
registration database to the /var/tmp/snmpd_dump.log file. To do this,
issue the /sbin/init.d/snmpd dump command.
Agent Extensibility (AgentX)
The snmpd daemon supports RFC 2741 for communication with MIB
implementations (called subagents), for example os_mibs and cpq_mibs. This
permits third-party subagents that support AgentX to interoperate at the
protocol level with Tru64 UNIX snmpd. These subagents do not require their
own private SNMP agent.
Since the operating system's libesnmp.so library also uses AgentX, all
native subagents will interoperate with third-party SNMP agents that
support AgentX.
Cluster Alias Support
SNMP is a multi-instance service. Therefore, snmpd runs on each member of
a cluster. The snmpd daemon will accept SNMP messages received on cluster
alias addresses, but will process them differently than those received on
non-alias addresses.
Since SNMP/UDP messages sent to the same cluster alias address are
delivered in round-robin fashion to different cluster members, snmpd
processes them in the context of a restricted "MIB view". This MIB view is
the set of MIB variables that are identical in name and value on each
cluster member. Only these variables are exported via cluster alias
addresses.
The snmpd daemon is made aware of subagent MIB variables by the AgentX
registration mechanism. Registrations made in the default mode are not
part of the cluster alias MIB view; they are available only when processing
SNMP requests received on non-alias addresses. Registrations using the
AgentX context "cluster-alias" are made part of the cluster alias view;
they available when processing messages received on cluster alias
addresses. (Native Tru64 UNIX subagents can accomplish this by using the
esnmp_register2 function. See the Network Programmer's Guide for more
information.
The snmpd daemon does not communicate with subagents on different cluster
members. A subagent that registers MIB variables in the cluster alias view
is responsible for ensuring that those variables are identical in name and
value on each cluster member.
FILES
/etc/snmpd.conf
The snmpd daemon configuration file.
/etc/services
The file containing the port number on which snmpd listens.
/usr/var/adm/syslog.dated/date/daemon.log
The system daemon log file, where date is the date.
/usr/examples/esnmp/*
This directory contains sample MIBs and scripts.
/var/tmp/snmpd_dump.log
The file containing a dump of the snmpd daemon's MIB registry.
/var/agentx
This directory contains snmpd daemon's UNIX domain socket directory.
This socket listens for connection requests from subagent processes.
SEE ALSO
Commands: syslog(3), os_mibs(8), snmp_request(8), snmp_traprcv(8)
Network Administration: Services
Network Programmer's Guide
For SNMP Version 1:
RFC 1155, Structure and Identification of Management Information for
TCP/IP-Based Internets
RFC 1157, A Simple Network Management Protocol
RFC 1212, Concise MIB Definitions
RFC 1215, Conventions for Defining Traps for Use With the SNMP
For SNMP Version 2:
RFC 1901, Introduction to Community-based SNMPv2
RFC 1902, Structure of Management Information for Version 2 of the Simple
Network Management Protocol (SNMPv2)
RFC 1903, Textual Conventions for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1904, Conformance Statements for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1905, Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1906, Transport Mappings for Version 2 of the Simple Network Management
Protocol (SNMPv2)
RFC 1907, Management Information Base for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-
standard Network Management Framework
RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 within a bi-lingual SNMP Agent
RFC 2741, Agent Extensibility (AgentX) Protocol Version 1
RFC 2742, Definitions of Managed Objects for Extensible SNMP Agents
|
Index for
Section 8 |
|
|
Alphabetical
listing for S |
|
 |
Top of
page |
|