SNMP interface status

gadams999 · Jun 11, 2010, 8:32 PM

Hi,

Just did an fresh install of 2.0BETA2 (2.0-BETA2 built on Fri Jun 11 03:35:31 EDT 2010) and am liking it.

My Nagios monitors are complaining about SNMP values. I've got SNMP fully enabled and when I snmpwalk it, get back just a subset of values:

[root@nms02 libexec]# snmpwalk -c public -v 2c  patti
SNMPv2-MIB::sysDescr.0 = STRING: patti.peanuts.local 3577635749 FreeBSD 8.1-PRERELEASE
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.12325.1.1.2.1.1
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (288019) 0:48:00.19
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: patti.peanuts.local
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 76
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.2
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.3
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.12325.1.1
SNMPv2-MIB::sysORDescr.1 = STRING: udp transport mapping
SNMPv2-MIB::sysORDescr.2 = STRING: lsock transport mapping
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for SNMPv2 entities.
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for the Begemot SNMPd.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::snmpInPkts.0 = Counter32: 267
SNMPv2-MIB::snmpInBadVersions.0 = Counter32: 6
SNMPv2-MIB::snmpInBadCommunityNames.0 = Counter32: 0
SNMPv2-MIB::snmpInBadCommunityUses.0 = Counter32: 0
SNMPv2-MIB::snmpInASNParseErrs.0 = Counter32: 0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
SNMPv2-MIB::snmpSilentDrops.0 = Counter32: 0
SNMPv2-MIB::snmpProxyDrops.0 = Counter32: 0

Not a biggie, but are there any known problems with SNMP? Tried a search, but not much came up here or on the bug tracker.

Great work!

cmb · Jun 12, 2010, 5:27 AM

That's all the output you get with snmpwalk? SNMP works fine on all my installs, and snmpwalk shows vastly more than that. I'm not aware of any issues with it.

gadams999 · Jun 12, 2010, 1:15 PM

That appears to be the only information listed. I also did a query starting at .1 and similar results are returned:

$ snmpwalk -v 2c -c peanuts patti .1
SNMPv2-MIB::sysDescr.0 = STRING: patti.peanuts.local 3577635749 FreeBSD 8.1-PRERELEASE
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.12325.1.1.2.1.1
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3283) 0:00:32.83
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: patti.peanuts.local
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 76
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.2
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.3
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.12325.1.1
SNMPv2-MIB::sysORDescr.1 = STRING: udp transport mapping
SNMPv2-MIB::sysORDescr.2 = STRING: lsock transport mapping
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for SNMPv2 entities.
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for the Begemot SNMPd.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::snmpInPkts.0 = Counter32: 52
SNMPv2-MIB::snmpInBadVersions.0 = Counter32: 0
SNMPv2-MIB::snmpInBadCommunityNames.0 = Counter32: 0
SNMPv2-MIB::snmpInBadCommunityUses.0 = Counter32: 0
SNMPv2-MIB::snmpInASNParseErrs.0 = Counter32: 0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
SNMPv2-MIB::snmpSilentDrops.0 = Counter32: 0
SNMPv2-MIB::snmpProxyDrops.0 = Counter32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.1.1.0 = INTEGER: 2048
SNMPv2-SMI::enterprises.12325.1.1.1.1.2.0 = INTEGER: 2048
SNMPv2-SMI::enterprises.12325.1.1.1.1.3.0 = INTEGER: 1
SNMPv2-SMI::enterprises.12325.1.1.1.1.4.0 = IpAddress: 0.0.0.0
SNMPv2-SMI::enterprises.12325.1.1.1.1.5.0 = Gauge32: 3
SNMPv2-SMI::enterprises.12325.1.1.1.4.1.3.0.0.0.0.161 = INTEGER: 1
SNMPv2-SMI::enterprises.12325.1.1.1.7.1.0 = Counter32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.7.2.0 = Counter32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.7.3.0 = Counter32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.7.4.0 = Counter32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.8.1.0 = INTEGER: 2
SNMPv2-SMI::enterprises.12325.1.1.1.8.2.0 = Gauge32: 0
SNMPv2-SMI::enterprises.12325.1.1.1.8.3.0 = INTEGER: 7
SNMPv2-SMI::enterprises.12325.1.1.1.9.1.2.19.47.118.97.114.47.114.117.110.47.115.110.109.112.100.46.115.111.99.107 = INTEGER: 1
SNMPv2-SMI::enterprises.12325.1.1.1.9.1.3.19.47.118.97.114.47.114.117.110.47.115.110.109.112.100.46.115.111.99.107 = INTEGER: 4
SNMPv2-SMI::enterprises.12325.1.1.1.10.1.1.2.3.117.100.112 = INTEGER: 1
SNMPv2-SMI::enterprises.12325.1.1.1.10.1.1.2.5.108.115.111.99.107 = INTEGER: 1
SNMPv2-SMI::enterprises.12325.1.1.1.10.1.1.3.3.117.100.112 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.2
SNMPv2-SMI::enterprises.12325.1.1.1.10.1.1.3.5.108.115.111.99.107 = OID: SNMPv2-SMI::enterprises.12325.1.1.1.10.3
SNMPv2-MIB::snmpSetSerialNo.0 = INTEGER: 1203067178
SNMPv2-MIB::snmpSetSerialNo.0 = No more variables left in this MIB View (It is past the end of the MIB tree)

Later today I'll try a restart of pfsense and if that doesn't work, apply the latest daily build and report the results.

jimp · Jun 14, 2010, 3:11 PM

Which options do you have checked in the SNMP config?

gadams999 · Jun 14, 2010, 3:26 PM

@jimp:

Which options do you have checked in the SNMP config?

All are active. For SNMP modules, all four (MibII, Netgraph, PF and Host Resources) are selected. Traps are disabled, but the Daemon and community string are set. I do see that interface RRDgraphs are being populated, so maybe it's a OID filter or something for non-local SNMP queries?

I haven't tried an update on the 20100610 that I'm running.

jimp · Jun 14, 2010, 6:50 PM

I enabled the SNMP server on a VM running a snap from the 10th and it returned over 7000 lines for the same query you ran.

gadams999 · Jun 14, 2010, 6:59 PM

Okay, progress. Since it worked for you, I started to change what modules were active. Initially, all four modules were active yet only returning 15-20 results. Once I turned off "host resources" the count of objects went to approx 1700. when I turned "host resources" back on (now all 4 are active again), I'm getting 6714 objects.

Things are working again!

jimp · Jun 14, 2010, 7:02 PM

There's proably not a good way to reproduce it, but it would be nice to have seen the snmpd config file from /var/etc when it was misbehaving.

gadams999 · Jun 14, 2010, 7:12 PM

I would have grabbed the config but didn't think of it. However, I get the same amount of objects returned with SNMP is enabled, but all of the modules are deselected. Possible the GUI had the modules checked when they really weren't?

jimp · Jun 14, 2010, 7:26 PM

It's possible. When I first enabled the daemon it had the module boxes all checked but greyed out, then when I saved it came back with the boxes enabled but not checked. I had to check them and save again.

gadams999 · Jun 14, 2010, 7:41 PM

That may have been it. I probably looked and same the modules checked prior to starting the service.

From a usability point of view, I'd expect that when the service is disabled the module boxes would be unchecked. Then upon enabling the daemon, the modules could be selected. I probably saw the selected checkboxes and hit "save", but never reviewed.

I'll keep on eye out for it in the future. It's working, so that's good in my books. Now on to traffic shaping.

jimp · Jun 14, 2010, 7:45 PM

I opened a ticket for the GUI inconsistency. It should be fairly easy to fix.

http://redmine.pfsense.org/issues/659