SNMP (Simple Network Management Protocol) is a protocol for managing networks. Each managed entity in the network will run an snmp server (snmpd) which is going to collect datas from the server such as networking, load, cpu …
This tutorial will show how to configure the network manager to use Cacti and how to set up snmp on the managed host.
In this how-to, we are going to run the SNMP server and cacti on the same host and bind the service to localhost. This way, SNMP service won’t be accessible from the outside. This is a good configuration when all you want to do is monitoring your home network router for instance.
If you intend to deploy this on a network, just keep in mind that SNMP server as to accept connection from the manager network wise (The remote IP need to be able to connect to the server) and within SNMPD configuration (The service as to return collected datas to the manager).
In the first part of this article, we are going to install and configure the SNMP server.
A second part will present how to install and configure Cacti on the manager.
Finally, we are going to configure Cacti to collect and display CPU, Load, Memory and Network statistic of the SNMP server.
This article was made using Debian Etch and Ubuntu Feisty but should also work out of the box for previous version of those distributions.
SNMPD is the service running SNMP on a managed entity. SNMP comes in 3 versions. Version 1, the one we are going to use here is not secured, therefore we are going to make sure that only localhost is going to be able to access it.
People opening the service to the outside should make sure that trusted hosts can access the service either though the use of iptables or through the use of /etc/hosts.allow.
1.1. Installing the SNMP server
The only package which is required on the server site is snmpd, the SNMP daemon.
To install it type:
sudo apt-get install snmpd
snmpd is now installed but we still have to tweak it a little bit to make it work as we want.
1.2. Configuring SNMPD
The first thing we want to make sure is that snmpd is only going to wait for connections on localhost. To do this, edit file
/etc/default/snmpd and make sure those values are set:
SNMPDRUN=yes SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
If you want your server to listen on all interfaces, remove the 127.0.0.1 bit.
This setting will make sure that the service will be started and that the service is going to bind to localhost.
Finally, we are going to configure snmpd in such a way that it will only return datas to trusted host for a specific community.
/etc/snmp/snmpd.conf and make sure that com2sec it only set to:
com2sec readonly localhost mycommunity
If you want a remote machine to be able to gather information for the community mycommunity, make sure you replace localhost by mynetwork, where mynetwork can be of the form: 22.214.171.124 or 126.96.36.199/16.
1.3. Checking SNMP configuration:
We are going to use the snmpwalk utility to verify that the server is working as wanted.
Here we want snmp to reply only to localhost for the community mycommunity.
snmpwalk -Os -c mycommunity -v 1 localhost system
Should return a lot of output and:
snmpwalk -Os -c public -v 1 localhost system Timeout: No Response from localhost
If the second command returns result, it might be because you did not comment the line starting with com2sec.
Now let go ahead and install cacti.