[13]With this method, we can try to guess what the community string is. In our case, we try public or private. If we don't get a response, it might mean either that we guessed wrong or that the agent isn't set up/configured.
[14]Chapter 7, "Configuring SNMP Agents" discusses installing the Net-SNMP agent and toolkit, which comes with utilities such as snmpget.
The response from linuxserver.ora.com is typical of most managed devices. Note, however, that there's nothing sacred about the actual description; the text you retrieve will vary from vendor to vendor. Issuing an snmpget against a Cisco 2503 router should return something like this:$ snmpget linuxserver.ora.com public system.sysDescr.0 system.sysDescr.0 = "Linux version 2.0.34 (root@porky.redhat.com) (gcc version 2.7.2.3) #1 Fri May 8 16:05:57 EDT 1998"
This router's system description tells us that it is running Version 11.2(5) of the Cisco IOS. This sort of information is generally useless, but it does tell us that the device is running an SNMP agent. Here's what happens when something goes wrong:$ snmpget orarouter.ora.com public system.sysDescr.0 system.sysDescr.0 = "Cisco Internetwork Operating System Software ..IOS (tm) 2500 Software (C2500-I-L), Version 11.2(5), RELEASE SOFTWARE (fc1)..Copyright (c) 1986-1997 by cisco Systems, Inc... Compiled Mon 31-Mar-97 19:53 by ckralik"
This message means that the Net-SNMP snmpget command did not receive a response from linuxserver.ora.com. A number of things could be wrong, one of which is that there is no SNMP agent running on the target host. But it's also possible that linuxserver has crashed, that there's some sort of network problem, or that everything is running correctly but you aren't using the correct community string. It's even possible that the device you're querying has SNMP capabilities, but the SNMP agent won't be enabled until you explicitly configure it. If you suspect you have manageable equipment but are not sure, it is good to know that most vendors ship their products with the read and write community strings set to public and private, respectively. (The Net-SNMP tools we're using here use private as the default for both community strings.[15])$ snmpget linuxserver.ora.com public system.sysDescr.0 Timeout: No Response from linuxserver.ora.com.
[15]Since our agents use public for the community string and Net-SNMP defaults to private, we needed to specify the community string public on the command line.Once you verify that the device you're testing is SNMP-manageable, you should immediately change the community strings. Leaving the community strings set to well-known values like public and private is a serious security problem. Once you've established that your device supports SNMP, you can go further to check if it supports Version 2. A good way to do that is to make a request that can be answered only by a Version 2 agent, such as the bulk-get request. You can use the snmpbulkget command we demonstrated in Chapter 2, "A Closer Look at SNMP" to make such a request:
Now we know that linux.ora.com supports SNMPv2 -- in particular, v2c. Can we go further, and check for Version 3 support? For Version 3, you're better off checking your vendor's documentation. Most vendors don't support Version 3 yet, and we expect adoption to be fairly slow -- many vendors still support only Version 1.$ snmpbulkget -v2c -B 1 3 linux.ora.com public sysDescr ifInOctets ifOutOctets system.sysDescr.0 = "Linux linux 2.2.5-15 #3 Thu May 27 19:33:18 EDT 1999 i686" interfaces.ifTable.ifEntry.ifInOctets.1 = 70840 interfaces.ifTable.ifEntry.ifOutOctets.1 = 70840 interfaces.ifTable.ifEntry.ifInOctets.2 = 143548020 interfaces.ifTable.ifEntry.ifOutOctets.2 = 111725152 interfaces.ifTable.ifEntry.ifInOctets.3 = 0 interfaces.ifTable.ifEntry.ifOutOctets.3 = 0
Copyright © 2002 O'Reilly & Associates. All rights reserved.