I am planning to disable SNMP in our AIX LPARs. wanted to see by disabling in a test LPAR.
before that, I would like to check disabling this SNMP will impact any of our application or database in anyway. what kind of other software depends on these SNMP daemons ?
Can you please let me know the exact use of SNMP in AIX. I understand that SNMP is used to collect information about network connected servers/routes/devices etc. (will it affect NFS file systems ? )
ours is a small shop. we never used SNMP config files to setup anything specially.
Code:
[root@testlpar]/root>which snmpd
/usr/sbin/snmpd
[root@testlpar]/root>ls -ltr /usr/sbin/snmpd
lrwxrwxrwx 1 root system 9 Jan 07 2015 /usr/sbin/snmpd -> snmpdv3ne
lrwxrwxrwx 1 root system 8 Jan 07 2015 /usr/sbin/clsnmp -> clsnmpne
[root@testlpar]/home/tesusr>cd /etc/snmp
snmpd.boots snmpd.conf snmpd.peers snmpdv3.conf snmpinterfaces/ snmpmibd.conf
when we installed AIX 71, SNMP v3 non-encrypted version came along with it. please see details below. we never had an opportunity use SNMP agents/server for any purpose.
Code:
Subsystem Group PID Status
aixmibd tcpip 3121214 active
hostmibd tcpip 3232324 active
snmpmibd tcpip 3323232 active
snmpd tcpip 3212121 active
Please let me know disabling SNMP related daemons or services will cause any issues. thank you.
Last edited by system.engineer; 04-13-2016 at 05:57 PM..
As I mentioned earlier, ours is a small shop. AIX is not a primary/core OS in our environment.We do not have POWERHA/HACMP and We do not have any monitoring tool for AIX. Instead we use scripts for monitoring very few servers.
we never modified any of the SNMP config files after OS installation to support application.
As I mentioned earlier, ours is a small shop. AIX is not a primary/core OS in our environment.We do not have POWERHA/HACMP and We do not have any monitoring tool for AIX. Instead we use scripts for monitoring very few servers.
This suggests that you do not need SNMP, but to finally answer that question you simply will have to try.
Quote:
Originally Posted by system.engineer
we never modified any of the SNMP config files after OS installation to support application.
does this means Application will not use SNMP ?
No, it doesn't. I haven't installed AIX from scratch for a long time and i am not sure what the installation default of the SNMP-daemons is, but you can simply test that:
Code:
lssrc -a | grep -e snmp -e mib
You may eventually see 4 running daemons: snmpd, aixmibd, hostmibd and snmpmibd. If so: SNMP is active. If not: then not. (duh ;-) )
If it is active: shut them offf via the SRC. The command is stopsrc -s <daemon>. See the description of the SRC (system resource controller), namely the command chssys to change the starting behaviour.
This depends on the network service and a general answer can't be given. You will have to determine which network services you need in particular and then find out if they rely on SNMP. What you have said so far indicated that you don't need it, but just try it and see what happens. In teh unlikely event of you having to start them again: use the startsrc command to start them via the SRC.
I disabled SNMP related daemons on test AIX LPARs.
on /etc/rc.tcpip file;
Code:
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
# Start up the hostmibd daemon
#start /usr/sbin/hostmibd "$src_running"
# Start up the aixmibd daemon
#start /usr/sbin/aixmibd "$src_running"
The company I work for has various AIX servers that I've recently migrated to AIX 7.1 (from 6.1). Some are powerHA clusters some are not. Likewise, the systems engineer that I replaced had net-snmp installed on said clustered systems. Long story short I am re-invoking AIX's native SNMP (v3) for... (1 Reply)
Hi,
We've a requirement to disable the protocols SSLv3, SSL v2 and TLS 1.0.
And have TLS 1.2 enabled using AEAD (Authentication Encryption with Associated Data).
This is the only information i have,
I'm not sure how to proceed, was trying to find information using google.
Can you... (6 Replies)
Hello,
We're working on securing the AIX environment. started with disabling unused services on AIX.
Below are the entries which are not commented on my test LPAR (even other LPARs).
ntalk dgram udp wait root /usr/sbin/talkd talkd
daytime stream tcp nowait root... (1 Reply)
Hello Admins,
We need to configure and setup snmp v2 on AIX 6.1 clients.
I don't find snmp v2 related files on AIX servers
. I see there is snmpdv3.conf and v3 installed.
Where can I get snmpdv2 for AIX?
Thanks in advance. (5 Replies)
Hello everyone,
Can anyone help me please. I want to disable SSH direct access for an AIX user.
For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 .
Thanks, (3 Replies)
Hi, I tried to do some research on this subject, but got nothing conclusive.
I have the following need:
I have different servers with AIX versions 3.2.5 through 4.3.2.
Some of them have two ASCI terminals connected.
I have a shell script that is executed by a user on the main console... (2 Replies)
Hi,
I want to capture snmp packets in AIX.
When i give print from AIX6.1, Printer will give its response thru' snmp.
I used iptrace command like below, but it is not capturing snmp packets other packets are captured like udp, tcp..
1. iptrace command:
/usr/sbin/iptrace -a -i en0... (1 Reply)
Hello!
I'm not a expert AIX administrator, but i need to monitorize an AIX V4 system. I want to do it using SNMP but i don't really know how to get CPU, proccess or memory information. I only can get network interfaces information.... How can i add more MIBs to get more info about the AIX... (0 Replies)
Hi
I would like to monitor CPU usage ( %) , memory utilization and such on an AIX 5.3 with snmp.
How would I do that ? :confused:
If I do "snmpwalk -c public -v1 hosttomonitor" I get nothing about the CPU.
I've done this on Linux ( not much trouble doing it on linux ) but I'm having a hard... (2 Replies)
Hi,
Just wondering if anyone knows how can I send an SNMP Trap in Unix Environment(AIX) to another machine (NT/Ux) after having activated the SNMP in the AIX.
Can this be done by using a single command line or do I have to write a script for it?
Thanks in advance for your advices.
:) (1 Reply)
04-15-2016
