CJ Goldsmith
December 18 2009, 08:00 PM
Introduction:
Sun OS versions previous to 10 come configured with the Sun SNMP agent. Solaris has started to ship Net-SNMP with OS 10 as an alternative to the Sun SNMP agent, this guide is designed to offer a road-map for installing Net-SNMP on versions previous to 10 so that users can utilize both the inclusion of the HOST-MIB Tree (Disk and CPU monitoring) and the use of SNMPv3 (encryption of SNMP traffic over a network) within these previous OS's (capability unavailable in the Sun SNMP agent).
Check For Sun SNMP Agent:
Before we can start we are going to need to check for the existence of the Sun SNMP agent and turn it off if it is currently running.
To do so we are going to want to run the following command from the command line:
ps -ef | grep snm
If the Sun agent is running you will see output which is similar to the following:
root 10765 1 0 Sep 23 ? 0:00 /usr/lib/dmi/snmpXdmid -s builder-solaris
root 10756 1 0 Sep 23 ? 0:00 /usr/lib/dmi/snmpXdmid -s builder-solaris
root 10725 1 0 Sep 23 ? 18:41 /usr/lib/snmp/snmpdx -y -c /etc/snmp/conf
If the Net-SNMP agent has already been installed and is running you will alternatively see output similar to this:
root 4035 1 0 16:08:12 ? 0:03 /usr/local/sbin/snmpd
If no agent is currently running you receive an empty set output.
Turn Off Sun Agent:
In the event that you do have a running sun Agent, it can be turned off using the following commands:
/etc/rc3.d/S76snmpdx stop
/etc/rc3.d/S77dmi stop
Once you have stopped the process, make sure that you have nothing else running on UPD ports 161 or 162, this can be checked by running the following commands:
netstat -an | grep 161
netstat -an | grep 162
Assuming nothing is currently running, both should return an empty set. If connection information is returned you will need to clear these ports before you can proceed.
Installing Net-SNMP Agent
The Net-SNMP package can be installed from packages or built locally on a system from source.
Installing from packages involves the following steps:
Retrieve the package:
For demo purpose we are going to install Net-SNMP from packages available at: http://www.sunfreeware.com/
To retrieve the package you are going to want to use the linux FTP client to download the archive. This can be achieved using the following set of commands:
> cd /tmp
> ftp ftp.sunfreeware.com
ftp> anonymous
ftp> (your email address)
ftp> bin
ftp> cd pub/freeware/sparc/9/
ftp> get netsnmp-5.4.2.1-sol9-sparc-local.gz
ftp> quit
> gunzip netsnmp-5.4.2.1-sol9-sparc-local.gz
> pkgadd -d netsnmp-5.4.2.1-sol9-sparc-local
Keep in mind that this set of instructions is for Solaris 9, different versions of Solaris will require slightly different paths and filenames (IE sol9, sparc/9/), different build numbers will also require slightly different filenames (IE 5.4.2.1).
It should also be mentioned that you can also always alternatively build these packages from source (in fact this is the Net-SNMP preferred way), for detailed instructions regarding building the Net-SNMP package from source please visit: http://www.net-snmp.org/docs/README.solaris.html .
Configuring Net-SNMP
Once Net-SNMP has been successfully installed you are going to need to configure the agent by creating an snmpd.conf file and copying it over to the /usr/local/share/snmp/ directory.
This can be accomplished by completing the snmp configuration wizard:
> cd /tmp
> snmpconf -g basic_setup
[Complete Questionair]
>cp snmpd.conf /usr/local/share/snmp/
Alternatively for a simple setup you can copy and paste the following into a file located at /usr/local/share/snmp/snmpd.conf (SNMPv1 & v2 with community string 'public'):
################################################## #########################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
rocommunity public
To test that the configuration has worked you will want to run the following set of commands from the command line:
/usr/local/sbin/snmpd
snmpwalk -v 2c -c public localhost
If the agent is running correctly you are going to see an snmpwalk output dump to your screen, which should look similar to this:
SNMPv2-MIB::snmpOutBadValues.0 = Counter32: 0
SNMPv2-MIB::snmpOutGenErrs.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetNexts.0 = Counter32: 0
SNMPv2-MIB::snmpOutSetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetResponses.0 = Counter32: 2826
SNMPv2-MIB::snmpOutTraps.0 = Counter32: 0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
SNMPv2-MIB::snmpSilentDrops.0 = Counter32: 0
SNMPv2-MIB::snmpProxyDrops.0 = Counter32: 0
If for any reason you are unable to walk your localhost at this point, you can find further information for debugging and troubleshooting at the following location: http://www.net-snmp.org/docs/README.solaris.html
Conclusion:
You should now be able to provision the Solaris device within Traverse and receive all of the HOST-MIB applicable metrics (CPU, Disk). If an appropriate SNMPv3 account was created while completing the snmpconf wizard you will also have encrypted SNMP queries available to you at this point.
Sun OS versions previous to 10 come configured with the Sun SNMP agent. Solaris has started to ship Net-SNMP with OS 10 as an alternative to the Sun SNMP agent, this guide is designed to offer a road-map for installing Net-SNMP on versions previous to 10 so that users can utilize both the inclusion of the HOST-MIB Tree (Disk and CPU monitoring) and the use of SNMPv3 (encryption of SNMP traffic over a network) within these previous OS's (capability unavailable in the Sun SNMP agent).
Check For Sun SNMP Agent:
Before we can start we are going to need to check for the existence of the Sun SNMP agent and turn it off if it is currently running.
To do so we are going to want to run the following command from the command line:
ps -ef | grep snm
If the Sun agent is running you will see output which is similar to the following:
root 10765 1 0 Sep 23 ? 0:00 /usr/lib/dmi/snmpXdmid -s builder-solaris
root 10756 1 0 Sep 23 ? 0:00 /usr/lib/dmi/snmpXdmid -s builder-solaris
root 10725 1 0 Sep 23 ? 18:41 /usr/lib/snmp/snmpdx -y -c /etc/snmp/conf
If the Net-SNMP agent has already been installed and is running you will alternatively see output similar to this:
root 4035 1 0 16:08:12 ? 0:03 /usr/local/sbin/snmpd
If no agent is currently running you receive an empty set output.
Turn Off Sun Agent:
In the event that you do have a running sun Agent, it can be turned off using the following commands:
/etc/rc3.d/S76snmpdx stop
/etc/rc3.d/S77dmi stop
Once you have stopped the process, make sure that you have nothing else running on UPD ports 161 or 162, this can be checked by running the following commands:
netstat -an | grep 161
netstat -an | grep 162
Assuming nothing is currently running, both should return an empty set. If connection information is returned you will need to clear these ports before you can proceed.
Installing Net-SNMP Agent
The Net-SNMP package can be installed from packages or built locally on a system from source.
Installing from packages involves the following steps:
Retrieve the package:
For demo purpose we are going to install Net-SNMP from packages available at: http://www.sunfreeware.com/
To retrieve the package you are going to want to use the linux FTP client to download the archive. This can be achieved using the following set of commands:
> cd /tmp
> ftp ftp.sunfreeware.com
ftp> anonymous
ftp> (your email address)
ftp> bin
ftp> cd pub/freeware/sparc/9/
ftp> get netsnmp-5.4.2.1-sol9-sparc-local.gz
ftp> quit
> gunzip netsnmp-5.4.2.1-sol9-sparc-local.gz
> pkgadd -d netsnmp-5.4.2.1-sol9-sparc-local
Keep in mind that this set of instructions is for Solaris 9, different versions of Solaris will require slightly different paths and filenames (IE sol9, sparc/9/), different build numbers will also require slightly different filenames (IE 5.4.2.1).
It should also be mentioned that you can also always alternatively build these packages from source (in fact this is the Net-SNMP preferred way), for detailed instructions regarding building the Net-SNMP package from source please visit: http://www.net-snmp.org/docs/README.solaris.html .
Configuring Net-SNMP
Once Net-SNMP has been successfully installed you are going to need to configure the agent by creating an snmpd.conf file and copying it over to the /usr/local/share/snmp/ directory.
This can be accomplished by completing the snmp configuration wizard:
> cd /tmp
> snmpconf -g basic_setup
[Complete Questionair]
>cp snmpd.conf /usr/local/share/snmp/
Alternatively for a simple setup you can copy and paste the following into a file located at /usr/local/share/snmp/snmpd.conf (SNMPv1 & v2 with community string 'public'):
################################################## #########################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
rocommunity public
To test that the configuration has worked you will want to run the following set of commands from the command line:
/usr/local/sbin/snmpd
snmpwalk -v 2c -c public localhost
If the agent is running correctly you are going to see an snmpwalk output dump to your screen, which should look similar to this:
SNMPv2-MIB::snmpOutBadValues.0 = Counter32: 0
SNMPv2-MIB::snmpOutGenErrs.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetNexts.0 = Counter32: 0
SNMPv2-MIB::snmpOutSetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetResponses.0 = Counter32: 2826
SNMPv2-MIB::snmpOutTraps.0 = Counter32: 0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
SNMPv2-MIB::snmpSilentDrops.0 = Counter32: 0
SNMPv2-MIB::snmpProxyDrops.0 = Counter32: 0
If for any reason you are unable to walk your localhost at this point, you can find further information for debugging and troubleshooting at the following location: http://www.net-snmp.org/docs/README.solaris.html
Conclusion:
You should now be able to provision the Solaris device within Traverse and receive all of the HOST-MIB applicable metrics (CPU, Disk). If an appropriate SNMPv3 account was created while completing the snmpconf wizard you will also have encrypted SNMP queries available to you at this point.