öffnen Tags

öffnen Kategorien

Vom WebReader vorlesen lassen

Switch monitoring via SNMP

21. Nov 2009, 01:22

As promised, I uploaded my Nagios-plugins. You'll find them by entering the Software sector.

Now, I've updated the IOS of all Switches to the newest version, the memory leak is history and I'll give you some short informations about configuring Catalysts to listen to SNMP.

Tutorial in configuring Catalysts to listen to SNMP queries

I'm not trying to introduce the SNMP (Simple Network Management Protocol), maybe it's a topic for a further article, I'll just a briefly describe how to configure the SNMP agent in a Cisco Catalyst.

First of all it's necessary to go to privileged EXEC mode, so you have to login and type enable. Now you're root and are able to change the router configuration.
Next you have to add an access-list, to make sure the Nagios server is able to contact this Catalyst. Lets assume our server comes with ip 1.2.3.4, we can define the following access-list:

1
access-list 60 permit 1.2.3.4

60 identifies this list, and using this list 1.2.3.4 is allowed to do anything on any ports/protocols. You can restrict this rights, but this shouldn't be of interest now.

By default, SNMP access isn't enabled, so we need to design the policy to enable SNMP:

1
snmp-server community [COMMUNITYSTRING] RO 60

COMMUNITYSTRING acts like a simple password, the management server has to use it to ask for informations. RO (read only) determines the access mode. It's also possible to assign RW (read/write), so the management station is allowed to change different issues, but typically SNMP management station should only read values. 60 is the number of our previous defined access-list, only questions from hosts that passes this access-list are answered.

You should know, that there are different versions of SNMP, actually v1-v3. SNMPv1's implementation will communicate the COMMUNITYSTRING in plain text through your network, so it's something insecure!

Thats it! Now it's time for testing. Log in to 1.2.3.4 and try something like:

1
snmpwalk -Os -c [COMMUNITYSTRING] -v2c [SWITCHIP] 1.3.6.1.4.1.9.9.13.1.3.1

This will show you some temperature informations from SWITCHIP via SNMPv2. Which SNMP versions your routers can speak will be found at Ciscos website.

There's a lot more you can do with SNMP, just play around a little bit!

Tags: Cisco Hardware IOS Nagios Netzwerk Software

Kategorien: Betriebssystem Hardware Netzwerk Software

© 2009-2018 by Martin Scharm