snmpd(8) System Manager's Manual snmpd(8)
NAME
snmpd, snmpd.conf - Simple Network Management Protocol (SNMP) agent daemon
SYNOPSIS
/usr/sbin/snmpd [-t] [-d] [-p port]
OPTIONS
Specifies debug mode. If you specify this option, snmpd prints error information to stdout, but does not run as a daemon. Specifies the
port to which the snmpd daemon listens for SNMP requests. The default is port 161, the well-known SNMP port. Specifies trace mode. If you
specify this option, snmpd prints trace information to stdout. You must specify the -d option with the -t option.
DESCRIPTION
The snmpd daemon is an extensible SNMP agent that starts automatically at boot time. It listens on the snmp service port specified in the
/etc/services file for SNMP requests and for local subagents wishing to register extended MIBs. The snmpd daemon processes SNMP requests
for MIB objects by communicating with registered subagents. The snmpd daemon receives and organizes the subagent replies and sends the
SNMP response to logically remote network management stations.
The snmpd daemon is a bilingual master agent, and is capable of handling both SNMPv1 and SNMPv2c requests. For information about building
subagents and extensible SNMP support, refer to the Network Programmer's Guide.
Tru64 UNIX standard MIB support is implemented in the subagent process /usr/sbin/os_mibs. This process is typically started and stopped
automatically in conjunction with the snmpd daemon.
The snmpd daemon reads its configuration file, /etc/snmpd.conf, at startup time. You can change the configuration by editing the
/etc/snmpd.conf file, as described in the Configuring snmpd section in this reference page.
Note
The default configuration grants only read access to the world, and does not generate any traps.
The snmpd daemon logs error messages through the syslog function to the /usr/var/adm/syslog.dated/date/daemon.log log file.
Configuring snmpd
The /etc/snmpd.conf file defines the initial values for four MIB variables, as well as access control based on community names and trap
information, as follows:
sysName name sysLocation location sysContact contact snmpEnableAuthenTraps n community
community-name IP-address privileges trap [v1|v2c] trap-community-name IP-address[:port]
If no trap version is specified, v1 is the default. White space (tabs, spaces, line feeds, and carriage returns) and blank lines are
ignored.
MIB Variable Initialization
When an entry in the /etc/snmpd.conf file is one of the following MIB variables, it is assigned the value that follows it:
sysName name sysLocation location sysContact contact snmpEnableAuthenTraps n
According to MIB-II, the variables sysName, sysLocation, and sysContact can be any display string of 0 to 255 NVT ASCII characters. The
value of the snmpEnableAuthenTraps entry can be either 1 (enable traps) or 2 (disable traps); for example:
sysName Presto sysLocation City, USA sysContact Kathy Berberian 555-7667 snmpEnableAuthenTraps 1
If the values of the sysName, sysLocation, and sysContact variables are modified by SNMP set commands, the new values are updated in the
snmpd.conf file. (The sysName variable does not affect the system's host name.) If sysName is not present or commented out in the
snmpd.conf file, the system's host name is used.
Community Entries
Community entries have the following format: community-name IP-address privileges
Can be any string. Indicates the remote site for which this community is valid. If the IP address is 0.0.0.0, any address can communicate
using that community name. Can be read for read-only or write for read and write.
The following is a sample entry for the community variable:
community test1 130.117.1.20 read
This example defines a community named test1 that allows read-only access from the IP address 130.117.1.20.
Note
On Tru64 UNIX, the MIB-II implementation supports write access to all MIB-II variables so defined. Authorized parties are able to change
the Tru64 UNIX environment; such as bring down an interface or delete an entry from the routing table.
Disabling snmpd
By default, the snmpd.conf file contains a community entry that permits read access of all MIB variables via the community public. You can
constrain access to different communities by removing this default entry and by adding entries with different community names.
If you want to disable access to MIB variables completely (some sites might want to do this), the recommended method is to remove all com-
munity entries in the snmpd.conf file and to issue the /sbin/init.d/snmpd read command to force snmpd to reload its configuration.
Trap Community Entries
Trap entries have the following format: trap [version] trap-community-name IP-address [:port]
Specifies the SNMP version, either v1 or v2c. If not specified, v1 is the default. Can be any string. Indicates the destination address,
in dot notation, to which to send the trap PDU. Specifies the port at the destination address to which to send the trap PDU. If no port is
specified, port 162 is the default.
The following sample trap entry indicates to the agent that if a trap needs to be sent, the trap PDU should be built using the community
name test2 and sent to the trap port at 128.169.4.15:
trap test2 128.169.4.15
The following sample trap entry indicates to the agent that if a trap needs to be sent, the SNMPv1 trap PDU should be built using the com-
munity name test1 and sent to the trap port at 128.169.4.15:
trap v1 test1 128.169.4.15
The following sample trap entry indicates to the agent that if a trap needs to be sent, the SNMPv2 trap PDU should be built using the com-
munity name test2 and sent to the port 5008 at 128.169.4.15:
trap v2 test2 128.169.4.15:5008
Rereading the Daemon Configuration File (snmpd.conf)
Sending the SIGHUP signal to snmpd causes it to reread the /etc/snmpd.conf file and and reload that information. To do this, issue the
/sbin/init.d/snmpd read command.
Dumping the Registry of MIBs and Subagents
Sending the SIGUSR1 signal to snmpd causes it to dump its subagent registration database to the /var/tmp/snmpd_dump.log file. To do this,
issue the /sbin/init.d/snmpd dump command.
Agent Extensibility (AgentX)
The snmpd daemon supports RFC 2741 for communication with MIB implementations (called subagents), for example os_mibs and cpq_mibs. This
permits third-party subagents that support AgentX to interoperate at the protocol level with Tru64 UNIX snmpd. These subagents do not
require their own private SNMP agent.
Since the operating system's libesnmp.so library also uses AgentX, all native subagents will interoperate with third-party SNMP agents that
support AgentX.
Cluster Alias Support
SNMP is a multi-instance service. Therefore, snmpd runs on each member of a cluster. The snmpd daemon will accept SNMP messages received
on cluster alias addresses, but will process them differently than those received on non-alias addresses.
Since SNMP/UDP messages sent to the same cluster alias address are delivered in round-robin fashion to different cluster members, snmpd
processes them in the context of a restricted "MIB view". This MIB view is the set of MIB variables that are identical in name and value
on each cluster member. Only these variables are exported via cluster alias addresses.
The snmpd daemon is made aware of subagent MIB variables by the AgentX registration mechanism. Registrations made in the default mode are
not part of the cluster alias MIB view; they are available only when processing SNMP requests received on non-alias addresses. Registra-
tions using the AgentX context "cluster-alias" are made part of the cluster alias view; they available when processing messages received on
cluster alias addresses. (Native Tru64 UNIX subagents can accomplish this by using the esnmp_register2 function. See the Network Program-
mer's Guide for more information.
The snmpd daemon does not communicate with subagents on different cluster members. A subagent that registers MIB variables in the cluster
alias view is responsible for ensuring that those variables are identical in name and value on each cluster member.
FILES
The snmpd daemon configuration file. The file containing the port number on which snmpd listens. The system daemon log file, where date
is the date. This directory contains sample MIBs and scripts. The file containing a dump of the snmpd daemon's MIB registry. This direc-
tory contains snmpd daemon's UNIX domain socket directory. This socket listens for connection requests from subagent processes.
SEE ALSO
Commands: syslog(3), os_mibs(8), snmp_request(8), snmp_traprcv(8)
Network Administration
Network Programmer's Guide
For SNMP Version 1:
RFC 1155, Structure and Identification of Management Information for TCP/IP-Based Internets
RFC 1157, A Simple Network Management Protocol
RFC 1212, Concise MIB Definitions
RFC 1215, Conventions for Defining Traps for Use With the SNMP
For SNMP Version 2:
RFC 1901, Introduction to Community-based SNMPv2
RFC 1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1903, Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1904, Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1906, Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2)
RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework
RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 within a bi-lingual SNMP Agent
RFC 2741, Agent Extensibility (AgentX) Protocol Version 1
RFC 2742, Definitions of Managed Objects for Extensible SNMP Agents
snmpd(8)