snmpd(1M) snmpd(1M)
snmpd - Simple Network Management Protocol daemon
/usr/etc/snmpd [ -d debug ] [ -l loglevel ]
[-u namelist ] [-p alternatePort] [-t trapPort]
snmpd is a daemon for the Simple Network Management Protocol (SNMP) as
specified in Internet RFC 1157, and supports MIB II, as specified in
Internet RFC 1213. The daemon, called the SNMP agent, can be configured
to run from the network star-tup script at boot time by the command
chkconfig snmpd on or started from the command line. You must be
superuser (root) to run snmpd. snmpd listens on a udp(7P) socket for the
snmp service for SNMP queries. If no such service can be found, a
default port of 161 is used. By default, snmpd logs its messages to
syslog(3B).
snmpd checks that each incoming request is authorized. The file
/etc/snmpd.auth is used to specify sets of hosts and SNMP communities
that have either get or set privileges. Entries in the file have the
form
accept hostname:community/operation ...
reject hostname:community/operation ...
where the wildcard character * can stand for all hosts or all
communities. A comma can be used to list multiple hosts or communities.
For example, suppose snmpd were to accept get and set requests from the
host iris1 or iris2 with the community sgi and accept get requests from
any host with the community public. The /etc/snmpd.auth entries would be
accept iris1:sgi
accept iris2:sgi
accept *:public/get
or equivalently, on one line
accept iris1,iris2:sgi *:public/get
Supported Sets [Toc] [Back]
snmpd supports SNMP sets when authorized by the above mechanism. There
are some caveats to using sets, however:
The deprecated Address Translation table does not support sets. Use the
IP Net-to-Media table instead.
Page 1
snmpd(1M) snmpd(1M)
The IP forwarding flag, ipForwarding, cannot be set.
The IP default time to live, ipDefaultTTL, cannot be set.
Existing rows in the IP Route table, for which ipRouteType is not
invalid, cannot be modified. A row may be removed by setting ipRouteType
to invalid, as stated in RFC 1213. A row may be added by sets to the IP
Route table with the new variables. Default values are added for
variables that are not included. The row is committed and added to the
kernel route table when the ipRouteType is set from invalid to any other
state.
Existing rows in the IP Net-to-Media table, for which ipNettoMediaType is
not invalid, cannot be modified. A row may be removed by setting
ipNettoMediaType to invalid as stated in RFC 1213. A row may be added by
sets to IP Net-to-Media table with the new variables. Default values are
added for variables that are not included. The row is committed and
added to the kernel arp table when the ipNettoMediaType is set from
invalid to any other state.
The TCP connection state, tcpConnState, cannot be set.
Remote Subagents [Toc] [Back]
snmpd supports forwarding requests to subagents. These subagents manage
proprietary parts of the MIB. They must be able to handle the snmp
protocol, including the ASN1 encoding and decoding of packets. The
subagents must not use the standard snmp port 161udp, which is used by
snmpd.
At start-up snmpd reads the file /etc/snmp.remote.conf to determine the
existence of subagents, the parts of the MIB that they support, and the
udp port to use to communicate with them. The format of the file is
mib-tree-identifier IP-address port timeout subagent-name
The subagent-name is optional. All other parts of the entry are
required. The fields are separated by white-space (tab or space).
An example of an entry is
1.3.6.1.4.1.59.3 192.26.75.178 3333 3 sgi-experimental
This entry says that the subagent supporting the mib tree rooted at
1.3.6.1.4.1.59.3 is located at IP address 192.26.75.178. It uses udp
port 3333. snmpd-forwarded requests to the subagent should time out
after 3 seconds. The name of the agent is the sgi-experimental agent.
Because snmpd reads and processes lines in the file in order, multiple
subagents can be configured that operate on nested parts of the mib. For
all agents to be seen, the more deeply nested agents should come first in
Page 2
snmpd(1M) snmpd(1M)
the file. For example
1.3.6.1.4.1.59.3.26 192.26.75.1178 6666 4 sgi-exp-tv
1.3.6.1.4.1.59.3 192.26.75.178 3333 3 sgi-experimental
If the above two lines were reversed, snmpd would never forward requests
to the sgi-exp-tv agent.
Traps [Toc] [Back]
snmpd issues some standard SNMP traps. At start-up it reads the
/etc/snmpd.trap.conf file to determine which traps to send to which
destinations and what community string to use when sending traps. There
are two types of entries in the file, one for traps and destinations and
one for the community string. The format of the trap lines is
trap destination-list
The trap can be either a number or a string from RFC 1157 naming the
trap. The destination list is a white space and/or comma-separated set
of IP addresses and/or hostnames. For example
1 192.26.75.178, bubba
authenticationFailure 192.26.75.109
The community string entry has the format:
community name
The string in the name field is used for all traps.
To determine whether it has cold started or warm started, snmpd uses the
file /etc/snmpd.start.
Options [Toc] [Back]
-d debug Set debugging modes of snmpd. Possible values for debug
are dump, which will hex dump incoming and outgoing
packets; input, which will display decoded incoming
packets; output, which will display decoded outgoing
packets; and foreground, which makes the daemon run in
the foreground and log messages to the standard output.
The dump, input, and output flags all imply the
foreground flag.
-l loglevel Control the level of messages produced by snmpd. The
levels are those used by syslog(3B). The value of
loglevel is the text string for that level. The default
loglevel is error. To see warnings, the loglevel would
be warning. The acceptable values for loglevel can be
Page 3
snmpd(1M) snmpd(1M)
found in /usr/include/sys/syslog.h.
-u namelist Specify a system namelist. The default is /unix.
-p alternatePort
Specify an alternate UDP port to listen for SNMP
requests. The default UDP port is 161. Since only one
SNMP Agent can listen on UDP/161, if there are multiple
agents running on the system, using the -p option, you
can specify an alternate UDP port for snmpd to listen for
SNMP requests.
-t trapPort By default, snmpd sends all trap messages to UDP port 162
on the SNMP Manager station(s). By using this option,
you can specify an alternate trap port on the Manager
station(s), to which snmpd will send its trap messages.
Currently snmpd supports the following traps only:
coldStart warmStart authenticationFailure
/usr/etc/snmpd
/etc/snmpd.auth
/etc/snmpd.data
/etc/snmpd.trap.conf
/etc/snmpd.remote.conf
/etc/snmpd.start
RFC 1157, RFC 1213
P�P�P�Pa�a�a�ag�g�g�ge�e�e�e 4�4�4�4 [ Back ]
|
