snmpd(1M)
NAME
snmpd, snmpdm − Simple Network Management Protocol (SNMP) Daemon
SYNOPSIS
snmpd [−a] [−authfail] [−C contact] [−Contact contact] [−h] [−help] [−L location] [−Location location] [−l logfile] [−logfile logfile] [−P portnum] [−Port portnum] [−m logmask] [−mask logmask] [−n] [−sys description] [−sysDescr description]
snmpd [−c] [−configure] [−h] [−help] [−k] [−kill] [−M logmask] [−Mask logmask]
snmpdm [−a] [−authfail] [−C contact] [−Contact contact] [−h] [−help] [−L location] [−Location location] [−l logfile] [−logfile logfile] [−P portnum] [−Port portnum] [−m logmask] [−mask logmask] [−n] [−sys description] [−sysDescr description]
snmpdm [−c] [−configure] [−h] [−help] [−k] [−kill] [−M logmask] [−Mask logmask]
subagt_ld SharedLibrarySubAgentPath
subagt_unld SharedLibrarySubAgentPath
DESCRIPTION
The Master SNMP Agent ( snmpdm) and the collection of subAgents ( /usr/lib/libSa...sl ) that have attached to the Master Agent collectively form a single SNMP Agent. The SNMP Agent accepts SNMP Get, GetNext and Set requests from an SNMP Manager which cause it to read or write the Management Information Base ( MIB). The MIB objects are instrumented by the subAgents.
The Master Agent can bind to separate process subAgents and to shared library subAgents. The subagt_ld command is used to bind a shared library subAgent to the Master Agent process. The subagt_unld is used to remove or unload a shared library subAgent from the Master Agent process.
Options
snmpd and snmpdm recognizes the following options:
−authfail
−a Suppress sending authenticationFailure traps.
−configure
−c Send a special SNMP message to the running snmpdm which causes it to reconfigure itself (force the running snmpdm to re-read /etc/SnmpAgent.d/snmpd.conf). This does not reset the subAgents. To reset a subAgent you must stop the subAgent and then restart it. This option should not be used when starting up the Master Agent. Attempting to start snmpdm with this option will generate an error message since there is no agent running to receive the message.
−Contact contact
−C contact Specify the contact person responsible for the network management agent. This option overrides the contact person specified in the Master Agent configuration file /etc/SnmpAgent.d/snmpd.conf. It does not alter the value in /etc/SnmpAgent.d/snmpd.conf. By default, the agent’s contact is a blank string. To configure the agent’s contact, add the contact to /etc/SnmpAgent.d/snmpd.conf or use the -C option.
−help
−h Display command line options and log mask values.
−kill
−k Send a special SNMP message to the running snmpdm which causes it to terminate. This will also terminate all shared library subAgents which have connected to the Master Agent. The subsequent behavior of separate process subAgents is subAgent dependent. This option should not be used when starting up the Master Agent. Attempting to start snmpdm with this option will generate an error message since there is no agent running to receive the message.
−Location location
−L location Specify the location of the agent. This option overrides the location specified in /etc/SnmpAgent.d/snmpd.conf. It does not alter the value in /etc/SnmpAgent.d/snmpd.conf. By default, the agent’s location is a blank string. To configure the agent’s location, add the location to /etc/SnmpAgent.d/snmpd.conf or use the -L option.
−logfile logfile
−l logfile Use logfile for logging rather than the default logfile, /var/adm/snmpd.log. A value of − will direct logging to stdout.
−Mask logmask
−M logmask Send a message to the currently running snmpdm to change its logging mask to logmask. See the SNMP Agent Logging section for valid values. To set the snmpdm logging mask at startup, see option -m. This option should not be used when starting up the Master Agent. Attempting to start snmpdm with this option will generate an error message since there is no agent running to receive the message.
This command line option only changes the logging mask within the Master Agent. SubAgents typically read the Master Agent’s logging mask when they connect to the Master Agent. Whether a particular subAgent subsequently re-reads the Master Agent’s logging mask is subAgent dependent.
−mask logmask
−m logmask Sets the initial logging mask to logmask. See the SNMP Agent Logging section for valid values. This argument only takes effect as you are starting the agent. To change the mask of an agent that is already running use option -M.
−n Normally snmpdm puts itself into the background as if the command was terminated with an ampersand. This option inhibits that behavior.
−Port portnum
−P portnum Specify the UDP port number that the agent will listen on for SNMP requests. The default is port 161. The value can also be specified in /etc/services. Only the super-user can start snmpdm and only one snmpdm can execute on a particular UDP port.
−sysDescr description
−sys description
Allows the user to specify the value for the system.sysDescr MIB object. The format is a text string enclosed in quotes. This option overrides the sysDescr specified in /etc/SnmpAgent.d/snmpd.conf.
For example,
snmpdm -sys "nsmd1, test system"
SNMPv1 Security
Each SNMP request is accompanied by a community name, which is essentially a password that enables SNMP access to MIB values on an agent. A manager can request to read a MIB value by issuing an SNMP GetRequest, or a manager may request to alter a MIB value by issuing an SNMP SetRequest.
By default, the agent responds to all SNMP GetRequests, regardless of the community name used in the request. To configure the agent to respond only to a specific community name, add a get-community-name to /etc/SnmpAgent.d/snmpd.conf. See the snmpd.conf(4) man page.
By default, the agent does not allow managers to alter MIB values (it returns errors for SNMP SetRequests). To configure the agent to respond to SNMP SetRequests, add a set-community-name to /etc/SnmpAgent.d/snmpd.conf.
SNMPv2 Security
Simple Network Management Protocol Version 2 ( SNMPv2) is not supported in this version of the SNMP Agent.
Traps
The agent also sends information to a manager without an explicit request from the manager. Such an operation is called a "trap." By default, SNMP traps are not sent to any destination. To configure the agent to send traps to one or more specific destinations, add the trap destinations to /etc/SnmpAgent.d/snmpd.conf.
Then Master Agent ( snmpdm) and the MIB-2 subAgent ( libSaMib2.sl) collaborate to send the following SNMP traps:
coldStart Sends a coldStart trap when the SNMP Agent is invoked.
linkDown Sends a linkDown trap when an interface goes down.
linkUp Sends a linkUp trap when an interface comes up.
authenticationFailure
Sends an authenticationFailure trap when an SNMP request is sent to the SNMP Agent with a community name that does not match the community names specified in /etc/SnmpAgent.d/snmpd.conf.
SNMP Agent Logging
The SNMP Agent provides the capability to log various types of errors and events. Two levels of reporting are available Customer and Factory logging. Note that in previous releases the agent provided error logging and some degree of tracing. This capability is preserved and accessed as Customer Error, WarningandTrace logging. Factory logs (error, warn, and trace) provide additional information that is typically only used by factory engineers or subAgent developers.
Log Masks
Log masks enable the user to specify the particular classes of messages that should be logged to /var/adm/snmpd.log or logfile. There are three different ways that you can specify the logmask that you want. They are; (1) decimal number, (2) hex number, or (3) text string. The three may not be used in combination.
To select multiple output types do the following. For decimal or hex format simply add the individual logmask values together and enter that number. When entering strings, place multiple strings on the same line, space separated, without quotes.
===================================================================
LOG MASK VALUES
FUNCTION Decimal Hex String
===================================================================
Turn off logging. 0 0x00000000 LOGGING_OFF
Log authenticationFailure traps 1 0x00000001 AUTH_FAIL
Log customer errors 2 0x00000002 CUST_ERROR
Log configuration requests 4 0x00000004 CONFIG_REQ
Log requests and replies 8 0x00000008 REQ_REPLY
Log requests and replies for 16 0x00000010 ADD_OBJ
objects that have been added
Log hexdumps of packets 32 0x00000020 EA_PKTS
received and sent by snmpd
Log customer trace messages 64 0x00000040 CUST_TRACE
Log customer warning messages 128 0x00000080 CUST_WARN
Log factory trace messages 8388608 0x00800000 FACTORY_TRACE
Log factory warning messages 268435456 0x10000000 FACTORY_WARN
Log factory error messages 536870912 0x20000000 FACTORY_ERROR
EXAMPLES:
Turn on authenticationFailure traps and trace messages:
decimal format: snmpdm -m 65
hex format: snmpdm -m 0x41
string format: snmpdm -m AUTH_FAIL USER_TRACE
Log File Format:
These customer logs are printed in an easy to read format. A log entry will contain the following header information:
IDstring: A unique string placed in each log that maps the
specific log back to the call made in the code.
Date: The date and time of the log was made.
Level: Basically represents the log mask that you entered.
Following this header will be the actual log data.
Below is an example authentication failure log.
==================================================================
IDstring: MASTER200
Date: Wed Mar 15 16:21:43 1995
Level: AUTHENTICATION_FAILURE
Authentication failure:
Source IP & Port: 0x7f000001, 4130
==================================================================
Supported MIB Objects
The Management Information Base ( MIB) is a conceptual database of values on the agent. The Master SNMP Agent implements a small number of MIB objects but most MIB objects are implemented by subAgents that have attached to the Master Agent. See /opt/OV/snmp_mibs/ on systems with OpenView products installed for definitions of particular MIB objects.
This version of the SNMP Agent includes two subAgents, libSaMib2.sl and libSaHpunix.sl which implement the MIB-2 and hp-unix MIBs respectfully. These MIBs are described by /opt/OV/snmp_mibs/rfc1213-MIB-II and /opt/OV/snmp_mibs/hp-unix on systems with OpenView products installed.
The MIB-2 subAgent supports most of the objects in RFC1213. The EGP group is not supported. The hp-unix subAgent supports most of the objects in the hp-unix MIB.
DEPRECATED MIBS
The ieee8023Mac MIB group corresponding to the following OID is no longer supported:
private(4).enterprises(1).hp(11).nm(2).interface(4).ieee8023Mac(1)
This MIB group is replaced with the "Ether-Like" MIB group (RFC1398) which corresponds to OID:
mgmt(2).mib-2(1).transmission(10).dot3(7)
SNMP Agent Startup
The SNMP Agent startup mechanism is built upon the System V.4 file system paradigm. The startup script, /etc/netmanrc, which was used in previous releases of the SNMP Agent is no longer used.
Automatic Startup:
As installed, the SNMP Master Agent and all subAgents should startup automatically each time the system re-boots or anytime the system transitions from run level 1 to run level 2. When the system enters run level 2 the operating system will execute /sbin/init.d/SnmpMaster which will startup the Master Agent. Similarly, /sbin/init.d/SnmpMib2 and /sbin/init.d/SnmpHpunix will startup the MIB2 and HP Unix subAgents respectfully immediately after the Master Agent is started.
Prior to executing these startup scripts the system will examine all scripts in /etc/rc.config.d for environment variables which could potentially influence the startup of the Master Agent and each subAgent. See the particular startup script or configuration file for details on supported environment variables. The user should never modify scripts in /sbin/init.d. Instead the startup behavior should be controlled by adjusting values in the appropriate configuration script in /etc/rc.config.d.
Manual Startup:
There are two ways to start the SNMP Agent manually. The first way is to execute snmpdm and then start each subAgent. Separate process subAgents are started by invoking the particular subAgent executable. Shared library subAgents are started by executing the subagt_ld command with the absolute path to the shared library as an argument.
The second and simplest way to start the SNMP Agent manually is to execute the snmpd startup script which will invoke the Master Agent and all subAgents who have been installed and designed to operate in this paradigm. The snmpd script script is layered upon the V.4 startup paradigm and so makes use of the component startup scripts in /sbin/init.d and configuration scripts in /etc/rc.config.d. When snmpd is invoked it passes all its command line arguments to snmpdm and then executes each script found in /sbin/SnmpAgtStart.d.
EXTERNAL INFLUENCES
Environment Variables
LANG determines the language in which messages appear. If LANG is not specified or is set to the empty string, a default of "C" (see lang(5)) is used instead of LANG. If any internationalization variable contains an invalid setting, snmpd behaves as if all internationalization variables are set to "C." See environ(5). Many SNMP Agent log messages are only available in English.
International Code Set Support
Supports single-byte character code sets.
AUTHOR
snmpd was developed by HP, Massachusetts Institute of Technology and SNMP Research.
FILES
/usr/sbin/snmpd
/usr/sbin/snmpdm
/usr/lib/libSaMib2.sl
/usr/lib/libSaHpunix.sl
/usr/sbin/subagt_ld
/usr/sbin/subagt_unld
/etc/SnmpAgent.d/snmpd.conf
/var/adm/snmpd.log
/opt/OV/snmp_mibs/
/sbin/SnmpAgtStart.d/
SEE ALSO
RFC 1155, RFC 1157, RFC 1212, RFC 1213, RFC 1231, RFC 1398.
Hewlett-Packard Company — HP-UX Release 10.20: July 1996