With Simple Network Management Protocol (SNMP) , you can get information about the current status of servers, network equipment, printers, or other IP devices.

Most Linux users might want to know the following:

• How to install snmp service ?
• How to start and enable the service with systemd ?
• How to open udp port 161 for remote access ?
• How to test the service with snmpwalk from localhost and remove machine ?

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related RHEL queries.

In this context, we shall look into how to install an SNMP (and SNMP v3) agent on a Linux host running CentOS, RHEL, or Fedora.

How to Install SNMP on RHEL ?

With SNMP, we get different metrics. For example, CPU utilization, the number of processes, state of services, etc.

Its major advantage includes, it is supported by almost any device. In addition, it does not require the installation of a separate monitoring system agent.

To Install SNMP Agent and Diagnostic Tools on Linux

Before we proceed with SNMP packages, we install the latest updates on the server using dnf (yum):

# dnf update -y

Then we install the SNMP agent and additional tools from the base repository:

# dnf install net-snmp net-snmp-utils -y

To Enable and Configure SNMP Agent on Linux

Prior to SNMP configuration, we create a copy of the original config file:

# mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

Then we edit the SNMP agent settings:

# nano /etc/snmp/snmpd.conf

Here, we add the following lines:

rocommunity public
syslocation GE-DC2
syscontact gedc2-admins@outsourcepath.com

The above are three basic SNMP parameters.

Eventually, we save the file. 

We recommend entering a correct location and a valid email address.

Then we enable the snmpd service and start it:

# systemctl enable snmpd.service
# systemctl start snmpd

To ensure the service is running, we use:

# systemctl status snmpd

In case we use a firewall on the server, we allow connections to TCP/UDP ports 161 and 162.

To open SNMP ports in firewalld, we run:

# firewall-cmd –zone=public –add-port=161/udp –permanent
# firewall-cmd –zone=public –add-port=161/tcp –permanent
# firewall-cmd –zone=public –add-port=162/udp –permanent
# firewall-cmd –zone=public –add-port=162/tcp –permanent
# firewall-cmd –reload

Poll SNMP Agent Using Snmpwalk

To poll the SNMP agent, we use the snmpwalk tool.

We then check the service locally using the SMMPv2 protocol:

# snmpwalk -v 2c -c public -O e 127.0.0.1

If the SNMP configuration is correct, we will receive a set of SNMP data from the agent.

Once we set the configuration file and run a test command, we may receive:

Timeout: No Response from localhost

We can fix this error by clearing the configuration file and adding only the lines specified above.

Since the service starts without any problems, but it is not working, we check everything specifically.

We also query our server locally using:

# snmpwalk -v2c -c public localhost system
SNMPv2-MIB::sysDescr.0 = STRING: Linux server1.test.com 4.18.0-147.8.1.el8_1.x86_64 #1 SMP Thu Apr 9 13:49:54 UTC 2020 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (106564) 0:17:45.64
SNMPv2-MIB::sysContact.0 = STRING: gedc2-admins@linuxapt.com
SNMPv2-MIB::sysName.0 = STRING: server1.test.com
SNMPv2-MIB::sysLocation.0 = STRING: GE-DC2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.9 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.10 = Timeticks: (0) 0:00:00.00

We ensure that our SNMP agent is available remotely.

In addition, on another server (install snmp tools prior to doing it) we run:

# snmpwalk -v2c -c public 192.168.20.105 system

Since the remote server receives the information from the server over SNMP, we can add the server to any SNMP monitoring system.

How to Configure SNMPv3 on Linux CentOS/RHEL/Fedora ?

SNMPv3 is a newer and more secure version of the protocol with support for authentication and encryption.

In order to configure SNMPv3, we create a user with a password, set an encryption password, access rights, and an encryption algorithm (MD5 or SHA).

To create a user for SNMPv3, we stop the snmpd daemon:

# systemctl stop snmpd

Then we can create a user:

# net-snmp-create-v3-user -ro -A o2ps2w0dD -a SHA -X r30svV33 -x AES snmpuser

The syntax of net-snmp-create-v3-user is:

net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass][-x DES|AES] [username]

• -ro – user has read-only privileges
• Authpass -authentication password
• Privpass – private key

Once done, it will create a user with the specified password and key.

Then we start the service:

# systemctl start snmpd

Eventually, we try to poll the SNMP agent using snmpwalk.

Make note that to poll over SNMPv3, we must specify the username, the password, and the key.

# snmpwalk -v3 -a SHA -A o2ps2w0dD -x AES -X r30svV33 -l authPriv -u snmpuser 192.168.20.105 | head

[Need help with SNMP installation? We'd be happy to assist you. ]