Hello Giovanni
Yes that is correct. There’s no problem with the questions, keep them coming, that’s what we’re here for!
Stay healthy and safe!
Laz
1 Like
The SNMP manager will be able to send periodic polls to the router and it will use store this information.
I think there is grammatical error in this sentence.
This is best place to learn networking 
Hello Namrata
Thanks for pointing that out, I’ll let Rene know to fix it…
Thanks for your kind words as well, we try to do our best, and we’re happy that you find it useful! 
Laz
apparently, Obsevium and other monitoring software are under Linux.
Hello Berthol
Observium is indeed only available to be run on Ubuntu/Debian and RHEL/CentOS operating systems. However, there are other SNMP servers that can be run on a Windows server such as SolarWinds for example.
I hope this has been helpful!
Laz
Thank you very much it helped me
1 Like
Hello, everyone!
Could someone please explain the function of the GetNext message and where it would be useful to me? The general is explanation is “It asks the managed device for the next variable in the MIB” but I am not quite sure what that means…
Thank you in advance.
David
I try to configure SNMP v3 for NXOS 9000
hostname R1
!
username MYUSER password password1 role MYGROUP
snmp-server group MYGROUP v3 priv
snmp-server user MYUSER MYGROUP v3 auth md5 MYPASS123 priv aes 128 MYKEY12
!
end
I can ping R1, but can not get SNMP back by R1. I use Nagios SNMP as server. i did make sure MYPASS123 , MYKEY12 enter correctly, but nothing work.
PLEASE, PLEASE help. is it the right configuration? do I need the first command “username Myusr…”
Hello, everyone!
There’s something that’s been confusing me for a while now. In the DHCP DORA process, the client uses a port of 68 and the server uses a port of 67.
However, when it comes to applications like SNMP or BGP, for example, why does one of the devices use a randomly generated source port?
I expected my SNMP server to interact with the device it’s managing by sending out a GET packet with the following port numbers:
Source: Port - 162
Destination Port - 161
But that wasn’t the case, the source port was randomly generated
What’s going on here? Just wondering, why was the port dynamically generated? Could anything go wrong if the NMS just used 162 instead?
Thank you in advance for your help.
David
Hello Thao
The configuration you’ve provided seems correct from the point of view of R1. However, based on your description, you may also want to check some of the following to help you in your troubleshooting process:
- Make sure the SNMP service is running on R1. You can check this by running the command “show snmp”.
- Check if there are any ACLs that might be blocking SNMP traffic. If there are, you will need to modify them to allow SNMP traffic.
- The
username MYUSER password password1 role MYGROUPcommand is used for local authentication, not for SNMP. For SNMPv3, the user is specified in the “snmp-server user” command, which you have correctly configured. - Make sure your Nagios server is configured to use SNMPv3 with the correct user, authentication password, and privacy key.
- Also, ensure the Nagios server is configured to use the correct SNMP port (default is 161).
If all of these are correct and you’re still having issues, I would recommend enabling SNMP debugging on the NXOS 9000 using the debug snmp packets command and see if there are any error messages when you try to poll it from the Nagios server.
Below you will find detailed Cisco documentation for the configuration of SNMP on a Nexus 9000 device, for your reference.
Let us know how you get along in your troubleshooting so we can see if we can help you out further.
I hope this has been helpful!
Laz
Hello David!
The GetNext message is part of SNMP, which is a protocol for managing devices on IP networks.
In SNMP, a MIB (Management Information Base) is a structured database that stores the information about the device’s status, parameters, and configuration. The MIB is made up of different variables, each representing a particular aspect of the device.
The GetNext message is used to retrieve the next variable in the MIB. It’s essentially a way to sequentially read the variables in the MIB. When a GetNext message is sent to the device, it responds with the value of the next variable in the MIB.
This is useful in several scenarios, such as when you want to walk through the MIB to discover all the variables it contains (a process known as an SNMP walk), or when you want to monitor the values of a sequence of variables over time. An SNMP walk is a common process that is often used to gain a general overview of the status of a device.
I hope this has been helpful!
Laz
1 Like
Hello David
This issue has less to do with SNMP and more to do with how the Transport Layer leverages and manages port numbers.
Now the SNMP example may be somewhat confusing because what we call the “SNMP Server” is actually playing the role of the client in this interaction, while the managed device is playing the role of the server. Just keep that in mind for our terminology below.
When a client (in this case, your SNMP server) initiates a connection to a server (the managed device), it uses a dynamically generated source port number. This is known as an ephemeral port, sometimes referred to as a dynamic or private port number. The server’s port number (in this case, port 161 for SNMP) is a well-known port and remains constant.
The reason for using ephemeral ports is to make it possible for a client to establish multiple simultaneous connections to a server. If the client used the same source port for every connection, it would be impossible to distinguish between different sessions.
In the case of SNMP, the NMS (the client) uses a random source port to send the GET request, and the managed device (server) responds back to that same port. The destination port on the managed device is always 161, which is the well-known port for SNMP.
Port 162 is used by SNMP servers as the source port for sending SNMP traps. If the NMS used port 162 as its source port for GET requests, it could lead to confusion since SNMP traps are unsolicited messages sent from the managed device to the NMS. In other words, the managed device would be expecting to send messages to port 162, not receive them there.
Take a look at this NetworkLessons note on the topic of Transport Layer port numbers to learn more about the role of each range of ports.
I hope this has been helpful!
Laz
Thank you for your help.
snmp-server user
It will create user for you if you do not create yourself.
Can SNMP handle vPC like diagram on the left ?
what if all ports from SW1-2-3 connect to FEX and all servers connect to these FEX ( with separated VLANs and SVI on all of them are in SW1-2) , can SNMP able to monitor that Interfaces on SW1-2-3?
Your help is helping me a lot.
Thank
Thao
Hello Thao
Thanks for this information, that’s very helpful!
SNMP is not affected by the physical or logical topologies of the network devices, nor is it affected by the modules or components of particular devices such as Fabric Extenders (FEXs) and others. As long as the devices themselves, in particular, the Nexus switches you use, support SNMP, you are good to go.
SNMP as a standard is the same across all vendors, devices, and platforms. However, each vendor can develop their own vendor-specific or even model-specific MIBs (Management Information Bases) for their devices. This is because each vendor might have unique features or attributes that aren’t covered by standard MIBs, as would be the case with the use of a FEXs.
The SNMP framework allows for both standardized and proprietary MIBs. Standard MIBs (like MIB-II, IF-MIB, etc.) provide information that’s common across many devices regardless of the vendor. Vendor-specific or proprietary MIBs provide details unique to a particular vendor’s devices.
So topology and specific device setups do not affect the operation of SNMP, as long as it is configured correctly in the network device (SNMP agent) and the SNMP management system, and connectivity is achieved between these two, SNMP should function correctly.
I hope this has been helpful!
Laz
hi Rene … can I download the lessons in PDF or Word form … thanx
Hello Hismam,
I’m afraid not. We only offer everything online.
Rene
ok thanx…
I have Q … I use observium as u recommended, but I could not find how can I add sensors like snmp trap receiver to my agent… thanx again
Hello Hisham
Our focus on the forum is on Cisco devices and their configurations, however, I can give you some guidelines that may help you out.
To add SNMP traps in Observium, you have to follow these steps:
- First, you need to configure your device to send SNMP traps to your Observium server. This process varies depending on the device you’re using. For a Cisco device, take a look at the lesson.
- Once your device is set up to send SNMP traps, you need to configure your Observium server to accept and process these traps. This can be done by editing the
snmptrapd.conffile usually located in/etc/snmp/directory.
Add the following lines to the snmptrapd.conf file:
disableAuthorization yes
traphandle default /opt/observium/scripts/snmptrapd-ipv6.py
- Restart the SNMP trap service using the following command:
sudo service snmptrapd restart - Finally, you need to add the SNMP trap sensor to your Observium agent. This can be done in the Observium web interface, by going to the device’s settings page and adding a new SNMP trap sensor.
Please note that the exact steps might vary slightly depending on your specific setup and Observium version. For more information, take a look at the official Observium page:
https://www.observium.org/
Keep in mind that currently a more powerful and possibly preferable option is to use LibreNMS which is an open-source fork of Observium:
You can find out more about how LIbreNMS came about and how it compares with Observium at this NetworkLessons note.
I hope this has been helpful!
Laz
1 Like
Thanx Laz and I appreciate it
1 Like