snmpd(8)snmpd(8)NAME
snmpd, snmpd.conf - Simple Network Management Protocol (SNMP) agent
daemon
SYNOPSIS
/usr/sbin/snmpd [-t] [-d] [-p port]
OPTIONS
Specifies debug mode. If you specify this option, snmpd prints error
information to stdout, but does not run as a daemon. Specifies the
port to which the snmpd daemon listens for SNMP requests. The default
is port 161, the well-known SNMP port. Specifies trace mode. If you
specify this option, snmpd prints trace information to stdout. You
must specify the -d option with the -t option.
DESCRIPTION
The snmpd daemon is an extensible SNMP agent that starts automatically
at boot time. It listens on the snmp service port specified in the
/etc/services file for SNMP requests and for local subagents wishing to
register extended MIBs. The snmpd daemon processes SNMP requests for
MIB objects by communicating with registered subagents. The snmpd dae‐
mon receives and organizes the subagent replies and sends the SNMP
response to logically remote network management stations.
The snmpd daemon is a bilingual master agent, and is capable of han‐
dling both SNMPv1 and SNMPv2c requests. For information about building
subagents and extensible SNMP support, refer to the Network Program‐
mer's Guide.
Tru64 UNIX standard MIB support is implemented in the subagent process
/usr/sbin/os_mibs. This process is typically started and stopped auto‐
matically in conjunction with the snmpd daemon.
The snmpd daemon reads its configuration file, /etc/snmpd.conf, at
startup time. You can change the configuration by editing the
/etc/snmpd.conf file, as described in the Configuring snmpd section in
this reference page.
Note
The default configuration grants only read access to the world, and
does not generate any traps.
The snmpd daemon logs error messages through the syslog function to the
/usr/var/adm/syslog.dated/date/daemon.log log file.
Configuring snmpd
The /etc/snmpd.conf file defines the initial values for four MIB vari‐
ables, as well as access control based on community names and trap
information, as follows:
sysName name sysLocation location sysContact
contact snmpEnableAuthenTraps n community community-name
IP-address privileges trap [v1|v2c] trap-community-name IP-
address[:port]
If no trap version is specified, v1 is the default. White space (tabs,
spaces, line feeds, and carriage returns) and blank lines are ignored.
The /etc/snmpd.conf file is defined as a Context-Dependent Symbolic
Link (CDSL), and must be maintained as such. See the System Adminis‐
tration manual for more information.
MIB Variable Initialization
When an entry in the /etc/snmpd.conf file is one of the following MIB
variables, it is assigned the value that follows it:
sysName name sysLocation location sysContact
contact snmpEnableAuthenTraps n
According to MIB-II, the variables sysName, sysLocation, and sysContact
can be any display string of 0 to 255 NVT ASCII characters. The value
of the snmpEnableAuthenTraps entry can be either 1 (enable traps) or 2
(disable traps); for example:
sysName Presto sysLocation City, USA
sysContact Kathy Berberian 555-7667 snmpEnableAuthenTraps
1
If the values of the sysName, sysLocation, and sysContact variables are
modified by SNMP set commands, the new values are updated in the
snmpd.conf file. (The sysName variable does not affect the system's
host name.) If sysName is not present or commented out in the
snmpd.conf file, the system's host name is used.
Community Entries
Community entries have the following format: community-name IP-address
privileges
Can be any string. Indicates the remote site for which this community
is valid. If the IP address is 0.0.0.0, any address can communicate
using that community name. Can be read for read-only or write for read
and write.
The following is a sample entry for the community variable:
community test1 130.117.1.20 read
This example defines a community named test1 that allows read-only
access from the IP address 130.117.1.20.
Note
On Tru64 UNIX, the MIB-II implementation supports write access to all
MIB-II variables so defined. Authorized parties are able to change the
Tru64 UNIX environment; such as bring down an interface or delete an
entry from the routing table.
Disabling snmpd
By default, the snmpd.conf file contains a community entry that permits
read access of all MIB variables via the community public. You can
constrain access to different communities by removing this default
entry and by adding entries with different community names.
If you want to disable access to MIB variables completely (some sites
might want to do this), the recommended method is to remove all commu‐
nity entries in the snmpd.conf file and to issue the /sbin/init.d/snmpd
read command to force snmpd to reload its configuration.
Trap Community Entries
Trap entries have the following format: trap [version] trap-community-
name IP-address [:port]
Specifies the SNMP version, either v1 or v2c. If not specified, v1 is
the default. Can be any string. Indicates the destination address, in
dot notation, to which to send the trap PDU. Specifies the port at the
destination address to which to send the trap PDU. If no port is speci‐
fied, port 162 is the default.
The following sample trap entry indicates to the agent that if a trap
needs to be sent, the trap PDU should be built using the community name
test2 and sent to the trap port at 128.169.4.15:
trap test2 128.169.4.15
The following sample trap entry indicates to the agent that if a trap
needs to be sent, the SNMPv1 trap PDU should be built using the commu‐
nity name test1 and sent to the trap port at 128.169.4.15:
trap v1 test1 128.169.4.15
The following sample trap entry indicates to the agent that if a trap
needs to be sent, the SNMPv2 trap PDU should be built using the commu‐
nity name test2 and sent to the port 5008 at 128.169.4.15:
trap v2 test2 128.169.4.15:5008
Rereading the Daemon Configuration File (snmpd.conf)
Sending the SIGHUP signal to snmpd causes it to reread the
/etc/snmpd.conf file and and reload that information. To do this,
issue the /sbin/init.d/snmpd read command.
Dumping the Registry of MIBs and Subagents
Sending the SIGUSR1 signal to snmpd causes it to dump its subagent reg‐
istration database to the /var/tmp/snmpd_dump.log file. To do this,
issue the /sbin/init.d/snmpd dump command.
Agent Extensibility (AgentX)
The snmpd daemon supports RFC 2741 for communication with MIB implemen‐
tations (called subagents), for example os_mibs and cpq_mibs. This
permits third-party subagents that support AgentX to interoperate at
the protocol level with Tru64 UNIX snmpd. These subagents do not
require their own private SNMP agent.
Since the operating system's libesnmp.so library also uses AgentX, all
native subagents will interoperate with third-party SNMP agents that
support AgentX.
Cluster Alias Support
SNMP is a multi-instance service. Therefore, snmpd runs on each member
of a cluster. The snmpd daemon will accept SNMP messages received on
cluster alias addresses, but will process them differently than those
received on non-alias addresses.
Since SNMP/UDP messages sent to the same cluster alias address are
delivered in round-robin fashion to different cluster members, snmpd
processes them in the context of a restricted “MIB view”. This MIB
view is the set of MIB variables that are identical in name and value
on each cluster member. Only these variables are exported via cluster
alias addresses.
The snmpd daemon is made aware of subagent MIB variables by the AgentX
registration mechanism. Registrations made in the default mode are not
part of the cluster alias MIB view; they are available only when pro‐
cessing SNMP requests received on non-alias addresses. Registrations
using the AgentX context “cluster-alias” are made part of the cluster
alias view; they available when processing messages received on cluster
alias addresses. (Native Tru64 UNIX subagents can accomplish this by
using the esnmp_register2 function. See the Network Programmer's Guide
for more information.
The snmpd daemon does not communicate with subagents on different clus‐
ter members. A subagent that registers MIB variables in the cluster
alias view is responsible for ensuring that those variables are identi‐
cal in name and value on each cluster member.
FILES
The snmpd daemon configuration file. The file containing the port num‐
ber on which snmpd listens. The system daemon log file, where date is
the date. This directory contains sample MIBs and scripts. The file
containing a dump of the snmpd daemon's MIB registry. This directory
contains snmpd daemon's UNIX domain socket directory. This socket lis‐
tens for connection requests from subagent processes.
SEE ALSO
Commands: syslog(3), os_mibs(8), snmp_request(8), snmp_traprcv(8)
Network Administration: Services
Network Programmer's Guide
For SNMP Version 1:
RFC 1155, Structure and Identification of Management Information for
TCP/IP-Based Internets
RFC 1157, A Simple Network Management Protocol
RFC 1212, Concise MIB Definitions
RFC 1215, Conventions for Defining Traps for Use With the SNMP
For SNMP Version 2:
RFC 1901, Introduction to Community-based SNMPv2
RFC 1902, Structure of Management Information for Version 2 of the Sim‐
ple Network Management Protocol (SNMPv2)
RFC 1903, Textual Conventions for Version 2 of the Simple Network Man‐
agement Protocol (SNMPv2)
RFC 1904, Conformance Statements for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1905, Protocol Operations for Version 2 of the Simple Network Man‐
agement Protocol (SNMPv2)
RFC 1906, Transport Mappings for Version 2 of the Simple Network Man‐
agement Protocol (SNMPv2)
RFC 1907, Management Information Base for Version 2 of the Simple Net‐
work Management Protocol (SNMPv2)
RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-
standard Network Management Framework
RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 within a bi-lingual SNMP
Agent
RFC 2741, Agent Extensibility (AgentX) Protocol Version 1
RFC 2742, Definitions of Managed Objects for Extensible SNMP Agents
snmpd(8)