Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

snmpd(8) [osf1 man page]

snmpd(8)						      System Manager's Manual							  snmpd(8)

NAME
snmpd, snmpd.conf - Simple Network Management Protocol (SNMP) agent daemon SYNOPSIS
/usr/sbin/snmpd [-t] [-d] [-p port] OPTIONS
Specifies debug mode. If you specify this option, snmpd prints error information to stdout, but does not run as a daemon. Specifies the port to which the snmpd daemon listens for SNMP requests. The default is port 161, the well-known SNMP port. Specifies trace mode. If you specify this option, snmpd prints trace information to stdout. You must specify the -d option with the -t option. DESCRIPTION
The snmpd daemon is an extensible SNMP agent that starts automatically at boot time. It listens on the snmp service port specified in the /etc/services file for SNMP requests and for local subagents wishing to register extended MIBs. The snmpd daemon processes SNMP requests for MIB objects by communicating with registered subagents. The snmpd daemon receives and organizes the subagent replies and sends the SNMP response to logically remote network management stations. The snmpd daemon is a bilingual master agent, and is capable of handling both SNMPv1 and SNMPv2c requests. For information about building subagents and extensible SNMP support, refer to the Network Programmer's Guide. Tru64 UNIX standard MIB support is implemented in the subagent process /usr/sbin/os_mibs. This process is typically started and stopped automatically in conjunction with the snmpd daemon. The snmpd daemon reads its configuration file, /etc/snmpd.conf, at startup time. You can change the configuration by editing the /etc/snmpd.conf file, as described in the Configuring snmpd section in this reference page. Note The default configuration grants only read access to the world, and does not generate any traps. The snmpd daemon logs error messages through the syslog function to the /usr/var/adm/syslog.dated/date/daemon.log log file. Configuring snmpd The /etc/snmpd.conf file defines the initial values for four MIB variables, as well as access control based on community names and trap information, as follows: sysName name sysLocation location sysContact contact snmpEnableAuthenTraps n community community-name IP-address privileges trap [v1|v2c] trap-community-name IP-address[:port] If no trap version is specified, v1 is the default. White space (tabs, spaces, line feeds, and carriage returns) and blank lines are ignored. MIB Variable Initialization When an entry in the /etc/snmpd.conf file is one of the following MIB variables, it is assigned the value that follows it: sysName name sysLocation location sysContact contact snmpEnableAuthenTraps n According to MIB-II, the variables sysName, sysLocation, and sysContact can be any display string of 0 to 255 NVT ASCII characters. The value of the snmpEnableAuthenTraps entry can be either 1 (enable traps) or 2 (disable traps); for example: sysName Presto sysLocation City, USA sysContact Kathy Berberian 555-7667 snmpEnableAuthenTraps 1 If the values of the sysName, sysLocation, and sysContact variables are modified by SNMP set commands, the new values are updated in the snmpd.conf file. (The sysName variable does not affect the system's host name.) If sysName is not present or commented out in the snmpd.conf file, the system's host name is used. Community Entries Community entries have the following format: community-name IP-address privileges Can be any string. Indicates the remote site for which this community is valid. If the IP address is 0.0.0.0, any address can communicate using that community name. Can be read for read-only or write for read and write. The following is a sample entry for the community variable: community test1 130.117.1.20 read This example defines a community named test1 that allows read-only access from the IP address 130.117.1.20. Note On Tru64 UNIX, the MIB-II implementation supports write access to all MIB-II variables so defined. Authorized parties are able to change the Tru64 UNIX environment; such as bring down an interface or delete an entry from the routing table. Disabling snmpd By default, the snmpd.conf file contains a community entry that permits read access of all MIB variables via the community public. You can constrain access to different communities by removing this default entry and by adding entries with different community names. If you want to disable access to MIB variables completely (some sites might want to do this), the recommended method is to remove all com- munity entries in the snmpd.conf file and to issue the /sbin/init.d/snmpd read command to force snmpd to reload its configuration. Trap Community Entries Trap entries have the following format: trap [version] trap-community-name IP-address [:port] Specifies the SNMP version, either v1 or v2c. If not specified, v1 is the default. Can be any string. Indicates the destination address, in dot notation, to which to send the trap PDU. Specifies the port at the destination address to which to send the trap PDU. If no port is specified, port 162 is the default. The following sample trap entry indicates to the agent that if a trap needs to be sent, the trap PDU should be built using the community name test2 and sent to the trap port at 128.169.4.15: trap test2 128.169.4.15 The following sample trap entry indicates to the agent that if a trap needs to be sent, the SNMPv1 trap PDU should be built using the com- munity name test1 and sent to the trap port at 128.169.4.15: trap v1 test1 128.169.4.15 The following sample trap entry indicates to the agent that if a trap needs to be sent, the SNMPv2 trap PDU should be built using the com- munity name test2 and sent to the port 5008 at 128.169.4.15: trap v2 test2 128.169.4.15:5008 Rereading the Daemon Configuration File (snmpd.conf) Sending the SIGHUP signal to snmpd causes it to reread the /etc/snmpd.conf file and and reload that information. To do this, issue the /sbin/init.d/snmpd read command. Dumping the Registry of MIBs and Subagents Sending the SIGUSR1 signal to snmpd causes it to dump its subagent registration database to the /var/tmp/snmpd_dump.log file. To do this, issue the /sbin/init.d/snmpd dump command. Agent Extensibility (AgentX) The snmpd daemon supports RFC 2741 for communication with MIB implementations (called subagents), for example os_mibs and cpq_mibs. This permits third-party subagents that support AgentX to interoperate at the protocol level with Tru64 UNIX snmpd. These subagents do not require their own private SNMP agent. Since the operating system's libesnmp.so library also uses AgentX, all native subagents will interoperate with third-party SNMP agents that support AgentX. Cluster Alias Support SNMP is a multi-instance service. Therefore, snmpd runs on each member of a cluster. The snmpd daemon will accept SNMP messages received on cluster alias addresses, but will process them differently than those received on non-alias addresses. Since SNMP/UDP messages sent to the same cluster alias address are delivered in round-robin fashion to different cluster members, snmpd processes them in the context of a restricted "MIB view". This MIB view is the set of MIB variables that are identical in name and value on each cluster member. Only these variables are exported via cluster alias addresses. The snmpd daemon is made aware of subagent MIB variables by the AgentX registration mechanism. Registrations made in the default mode are not part of the cluster alias MIB view; they are available only when processing SNMP requests received on non-alias addresses. Registra- tions using the AgentX context "cluster-alias" are made part of the cluster alias view; they available when processing messages received on cluster alias addresses. (Native Tru64 UNIX subagents can accomplish this by using the esnmp_register2 function. See the Network Program- mer's Guide for more information. The snmpd daemon does not communicate with subagents on different cluster members. A subagent that registers MIB variables in the cluster alias view is responsible for ensuring that those variables are identical in name and value on each cluster member. FILES
The snmpd daemon configuration file. The file containing the port number on which snmpd listens. The system daemon log file, where date is the date. This directory contains sample MIBs and scripts. The file containing a dump of the snmpd daemon's MIB registry. This direc- tory contains snmpd daemon's UNIX domain socket directory. This socket listens for connection requests from subagent processes. SEE ALSO
Commands: syslog(3), os_mibs(8), snmp_request(8), snmp_traprcv(8) Network Administration Network Programmer's Guide For SNMP Version 1: RFC 1155, Structure and Identification of Management Information for TCP/IP-Based Internets RFC 1157, A Simple Network Management Protocol RFC 1212, Concise MIB Definitions RFC 1215, Conventions for Defining Traps for Use With the SNMP For SNMP Version 2: RFC 1901, Introduction to Community-based SNMPv2 RFC 1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1903, Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1904, Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1906, Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2) RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 within a bi-lingual SNMP Agent RFC 2741, Agent Extensibility (AgentX) Protocol Version 1 RFC 2742, Definitions of Managed Objects for Extensible SNMP Agents snmpd(8)
Man Page