Votes:
I've been following instructions to monitor my Linux server (Dell server - opensuse) and installed net-snmp.
According to http://www.debianhelp.co.uk/snmp.htm I changed the snmpd.conf file and I think I've done everything correctly, but when I test with "snmpwalk localhost -c public -v1", I get the following error "timeout: no response from localhost"
Can someone help with this problem?
Thanks
Last change on Jan 4, 2023 11:45:48 AM by
Votes:
This article applies as of PRTG 22
Note: This article applies to Debian-based systems. For other Linux distributions like RedHat, CentOS, and Suse, you must slightly adapt the following steps. See SNMP installation and configuration for more details.
Every so often, monitoring devices via SNMP causes issues. We collect the most common problems with SNMP in the article SNMP and PRTG: Basic Troubleshooting. On Linux systems, some additional points have to be considered. This article sums up the basic steps to set up SNMP on Debian-based systems for monitoring with PRTG. However, specific problems often require deeper analysis. If you followed the checklist below and monitoring still does not work, do not hesitate to contact our support.
Good resources for information about SNMP on Linux systems are the articles on Sijoe Web's: SNMP Server (snmpd) and Client (snmp) Installation and Configuration in Debian and on ubuntuusers Wiki: SNMP (German). Refer to these pages if you need more details on this topic.
First, you need an SNMP server on your Linux machine. Install the packet snmpd to query network components, and the packet snmp to request values (for example walk or get). Use the following commands:
sudo apt-get install snmpd
sudo apt-get install snmp
After you installed these packets, you must follow the configuration steps below.
The configuration file snmpd.conf is located in the /etc/snmp directory. Make a backup of the original file before you edit it.
You have to set up the SNMP server in order to allow read access from other machines. Open the configuration file with an editor.
# sec.name source community
com2sec paranoid default public
Change the entry paranoid to readonly or readwrite. You can define sources as you want (for example 127.0.0.1 to only allow access from the local machine), and you can modify the community string as well. Save the changes to the configuration and restart the SNMP daemon:
sudo service snmpd restart
If you want to use SNMP v3, you need the packet openssl in addition. Stop the SNMP daemon and create an SNMP v3 user:
sudo service snmpd stop
sudo net-snmp-config --create-snmpv3-user -ro -X DES -A MD5 -a "SNMP_PWD" -x "SNMP_PWD" username
After that, force encryption in the file /usr/share/snmp/snmpd.conf by adding AuthPriv:
rouser username AuthPriv
Furthermore, delete the file /etc/snmp/snmpd.conf, and create a new one with the following content:
group groupv3 usm username
view all included .iso 80
Note: Ubuntu 18.04 implements stronger security mechanisms, so you have to provide a wider path in /etc/snmp/snmpd.conf: view systemonly included .1.3.6.1
# context sec.model sec.level match read write notif
access groupv3 "" any auth exact all all all
syslocation Unknown
syscontact Root <root@localhost>
Then start the daemon again:
sudo service snmpd start
By default, only requests on localhost are allowed. In order to allow access for other IPs on the monitored computer, modify the start options in the file /etc/default/snmpd. There you will find the following line:
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
You have two options now:
# com2sec paranoid default public
# com2sec readonly default public
com2sec readonly xxx.xxx.xxx.xxx/32 public
com2sec readonly yyy.yyy.yyy.yyy/32 public
Note: If you have a firewall, you need to open the UDP port 161 to get access from other computers. For example, use the following commands to open access:
iptables -A OUTPUT -p udp -m udp --sport 161 -j ACCEPT
iptables -A ufw-user-input -p udp -m udp --dport 161 -j ACCEPT
You can test your configuration with an SNMP walk. A walk shows you lists of return values requested from a specific device. Use the following command to show a list of available data on your Linux machine:
snmpwalk –v1 –c public localhost
With the following command, a list of memory values on a specific device (indicated with <IP>) is returned:
snmpwalk v1 –c –private <IP> memory
Note: Do not only use 127.0.0.1 for testing, but also external IP addresses.
Use the SNMP Tester to run test queries against your Linux device. This tool enables you to debug SNMP activities in order to find problems in your SNMP configuration. For more information, the download, and the manual, please refer to Paessler SNMP Tester.
PRTG already provides several SNMP sensors for Linux monitoring out of the box. You can natively monitor for example free disk space, load average, memory usage, and I/O on physical disks via SNMP.
You can also use the SNMP Library sensor to adjust monitoring to your needs. PRTG already includes a basic Linux OID library (ucd-snmp-mib).
PRTG will start to monitor your Linux device immediately.
Created on Aug 16, 2013 3:23:34 PM by
Last change on Jan 4, 2023 11:46:06 AM by
14 Replies
Votes:
Also I'm getting the following error in the net-snmpd.log...
error on subcontainer 'ia_addr' insert (-1)
Last change on Jun 10, 2010 12:11:57 PM by
Votes:
Hello,
is the SNMP service running on the system at all? Because when we shut down a SNMP service on an Ubuntu - machine we received the same result:
# /etc/init.d/snmpd stop * Stopping network management services: # snmpwalk localhost -c public -v1 Timeout: No Response from localhost
whereas with a running service, the service was correctly listening on port 161:
# /etc/init.d/snmpd start # netstat -apn|grep snmpd udp 0 0 0.0.0.0:161 0.0.0.0:* 21018/snmpd
and also responding with 3424 lines of SNMP counters to the # snmpwalk localhost -c public -v1. Please understand that this we cannot try debugging the issue any deeper in your systems, however, maybe other users experienced something similar.
Best Regards.
Created on Jun 10, 2010 11:58:30 AM by
Votes:
seems to be up and running when I type in:
# servcie snmpd status checking for service snmpd running # netstat -apn |grep snmpd tcp 0 0 127.0.0.1:199 0.0.0.0:* 15364/snmpd upd 0 0 10.99.108.250:161 0.0.0.0:* 15364/snmpd #snmpwalk localhost -c public -v1 Timeout: No Response from localhost
Any help with this would be appreciated.
Last change on Jun 10, 2010 2:43:39 PM by
Votes:
Hello,
as SNMP is traditionally UPD, can you please try to do a snmpwalk on 10.99.108.250?
Best regards.
Created on Jun 10, 2010 2:44:17 PM by
Votes:
Hello,
at first it would be interesting what version of snmpwalk (or what version of the snmp-package on your system) you are using. You could check this by using the following command which is linux distribution independend:
# snmpwalk -V NET-SNMP version: 5.4.1
"snmpwalk: No securityName specified."
This message seems to appear with older versions of SNMPd-installations. Therefor you would have to adjust the command as follows:
# snmpwalk 10.99.108.250 -c public -v1
If this doesn't succeed try the following command by switching to the SNMP-protocol version 2c:
# snmpwalk 10.99.108.250 -c public -v2c
Best regards.
Created on Jun 15, 2010 8:08:37 AM by
Votes:
Hello,
I would recommend checking the routing table for the proper entry for the appropriate destination and network device (see "man route"). You could achieve this by using the "route -n" command. If the routing table is right I would afterwards check whether UDP packets are filtered by a possible running firewall blocking those packets by using the "iptables -L" command. As an alternative to check if UDP packets are filtered by a firewall you also could use "nmap -sU -p 161 10.99.108.250" (see "man nmap").
Created on Jun 16, 2010 10:26:35 AM by
Last change on Jun 16, 2010 10:31:09 AM by
Votes:
Hi the routing table seems to be correct. In snmpd.conf 10.99.108.0 is being used.
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.99.108.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.99.108.1 0.0.0.0 UG 0 0 0 eth1
There does not seem to be blocking from a firewall.
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # nmap -sU -p 161 10.99.108.250
Starting Nmap 5.00 ( http://nmap.org ) at 2010-06-16 10:11 EDT
Interesting ports on OpenXLX (10.99.108.250):
PORT STATE SERVICE 161/udp open|filtered snmp
Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds
In my log files /var/log/net-snmpd.log I'm getting the following errors...
NET-SNMP version 5.4.2.1
error on subcontainer 'ia_addr' insert (-1)
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.30]:2884
Connection from UDP: [10.99.108.30]:2891
Connection from UDP: [10.99.108.30]:2900
Connection from UDP: [10.99.108.30]:2908
Connection from UDP: [10.99.108.30]:2930
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.30]:2931
Connection from UDP: [10.99.108.30]:2933
Connection from UDP: [10.99.108.30]:2937
Connection from UDP: [10.99.108.30]:2938
Connection from UDP: [10.99.108.30]:2939
Connection from UDP: [10.99.108.30]:2942
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.30]:2946
Connection from UDP: [10.99.108.30]:2948
Connection from UDP: [10.99.108.30]:2955
Connection from UDP: [10.99.108.30]:2964
Connection from UDP: [10.99.108.30]:2971
Connection from UDP: [10.99.108.30]:2994
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.30]:2995
Connection from UDP: [10.99.108.30]:2997
Connection from UDP: [10.99.108.30]:3001
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.250]:35993
Connection from UDP: [10.99.108.250]:45494
error on subcontainer 'ia_addr' insert (-1)
error on subcontainer 'ia_addr' insert (-1)
Connection from UDP: [10.99.108.250]:51412
[init_smux] bind failed: Address already in use
getaddrinfo("10.99.108.250", NULL, ...): Address family for hostname not supported
Last change on Jun 16, 2010 3:21:48 PM by
Votes:
This article applies as of PRTG 22
Note: This article applies to Debian-based systems. For other Linux distributions like RedHat, CentOS, and Suse, you must slightly adapt the following steps. See SNMP installation and configuration for more details.
Every so often, monitoring devices via SNMP causes issues. We collect the most common problems with SNMP in the article SNMP and PRTG: Basic Troubleshooting. On Linux systems, some additional points have to be considered. This article sums up the basic steps to set up SNMP on Debian-based systems for monitoring with PRTG. However, specific problems often require deeper analysis. If you followed the checklist below and monitoring still does not work, do not hesitate to contact our support.
Good resources for information about SNMP on Linux systems are the articles on Sijoe Web's: SNMP Server (snmpd) and Client (snmp) Installation and Configuration in Debian and on ubuntuusers Wiki: SNMP (German). Refer to these pages if you need more details on this topic.
First, you need an SNMP server on your Linux machine. Install the packet snmpd to query network components, and the packet snmp to request values (for example walk or get). Use the following commands:
sudo apt-get install snmpd
sudo apt-get install snmp
After you installed these packets, you must follow the configuration steps below.
The configuration file snmpd.conf is located in the /etc/snmp directory. Make a backup of the original file before you edit it.
You have to set up the SNMP server in order to allow read access from other machines. Open the configuration file with an editor.
# sec.name source community
com2sec paranoid default public
Change the entry paranoid to readonly or readwrite. You can define sources as you want (for example 127.0.0.1 to only allow access from the local machine), and you can modify the community string as well. Save the changes to the configuration and restart the SNMP daemon:
sudo service snmpd restart
If you want to use SNMP v3, you need the packet openssl in addition. Stop the SNMP daemon and create an SNMP v3 user:
sudo service snmpd stop
sudo net-snmp-config --create-snmpv3-user -ro -X DES -A MD5 -a "SNMP_PWD" -x "SNMP_PWD" username
After that, force encryption in the file /usr/share/snmp/snmpd.conf by adding AuthPriv:
rouser username AuthPriv
Furthermore, delete the file /etc/snmp/snmpd.conf, and create a new one with the following content:
group groupv3 usm username
view all included .iso 80
Note: Ubuntu 18.04 implements stronger security mechanisms, so you have to provide a wider path in /etc/snmp/snmpd.conf: view systemonly included .1.3.6.1
# context sec.model sec.level match read write notif
access groupv3 "" any auth exact all all all
syslocation Unknown
syscontact Root <root@localhost>
Then start the daemon again:
sudo service snmpd start
By default, only requests on localhost are allowed. In order to allow access for other IPs on the monitored computer, modify the start options in the file /etc/default/snmpd. There you will find the following line:
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
You have two options now:
# com2sec paranoid default public
# com2sec readonly default public
com2sec readonly xxx.xxx.xxx.xxx/32 public
com2sec readonly yyy.yyy.yyy.yyy/32 public
Note: If you have a firewall, you need to open the UDP port 161 to get access from other computers. For example, use the following commands to open access:
iptables -A OUTPUT -p udp -m udp --sport 161 -j ACCEPT
iptables -A ufw-user-input -p udp -m udp --dport 161 -j ACCEPT
You can test your configuration with an SNMP walk. A walk shows you lists of return values requested from a specific device. Use the following command to show a list of available data on your Linux machine:
snmpwalk –v1 –c public localhost
With the following command, a list of memory values on a specific device (indicated with <IP>) is returned:
snmpwalk v1 –c –private <IP> memory
Note: Do not only use 127.0.0.1 for testing, but also external IP addresses.
Use the SNMP Tester to run test queries against your Linux device. This tool enables you to debug SNMP activities in order to find problems in your SNMP configuration. For more information, the download, and the manual, please refer to Paessler SNMP Tester.
PRTG already provides several SNMP sensors for Linux monitoring out of the box. You can natively monitor for example free disk space, load average, memory usage, and I/O on physical disks via SNMP.
You can also use the SNMP Library sensor to adjust monitoring to your needs. PRTG already includes a basic Linux OID library (ucd-snmp-mib).
PRTG will start to monitor your Linux device immediately.
Created on Aug 16, 2013 3:23:34 PM by
Last change on Jan 4, 2023 11:46:06 AM by
Votes:
Hello Artius,
thank you for your reply.
There are multiple different ways to configure the snmpd.conf file. Please refer to:
The easiest way to validate the SNMP configuration is using our SNMP Tester. Please download our latest SNMP Tester, ideally run it on the PRTG Host (or host of the Remote Probe), and perform the "Read Device Uptime" test against the target device, it will allow you to easily confirm if the device responds.
By installing the net-snmp tools on your linux system (apt-get install snmp), you can also do something like the following to test it locally:
| snmpwalk -v "2c" -c "public" 127.0.0.1:161 .1.3.6.1.2.1.1 |
If this works locally but not from the SNMP Tester, the issue could be a firewall, or the binding of the TCP IP/Port. If the SNMP Agent is only listening on 127.0.0.1, you won't be able to monitor it with PRTG.
On the host I tested the above, snmpd.conf was configured as follows:
agentAddress udp:161,udp6:[::1]:161 view iso included .1 rocommunity public default -V iso
Best Regards,
Luciano Lingnau [Paessler Support]
Created on Jun 11, 2018 11:57:22 AM by
Add comment