How do I configure snmpd (NOT mini-snmpd)?

Hello,

I'd like to enable SNMP on my openwrt router to have it monitored.
However since I'm stuck on a old version of openwrt I can't install mini-snmpd (which seems to be the go-to snmp daemon) therefore I have to resort to snmpd; How do I configure it? I've checked the wiki but it doesn't contain much information.

Thanks!

It pretty much runs out-of-the-box.

  • What problems are you having?
  • Are you trying to push (traps) or pull (queries)?

Mini is actually larger [now] and doesn't do 64-bit counters.

I'm trying to add my router to my NMS (LibreNMS) but it errors out reporting "Could not connect to 192.168.1.1, please check the snmp details and snmp reachability"

  • Did you make sure it's enabled on the System > Startup page?
  • Can you see it running on the System> Processes page?
  • Did you start the service or reboot after installing?
  • Do you allow inbound on LAN?
  • Can you paste the result of: netstat -lup | grep 'snmpd'

It is enabled under System > Startup but it doesn't show up under Status > Processes (even after i did service snmpd start)

netstat -lup | grep 'snmpd' doesn't return anything

  • Can you show your /etc/config/snmpd config?
  • Let's see if there was an error: logread | grep 'snmpd'

This is my config

config agent
        option agentaddress 'UDP:161'

config com2sec 'public'
        option secname 'ro'
        option source 'default'
        option community 'public'

config com2sec 'private'
        option secname 'rw'
        option source 'localhost'
        option community 'private'

config group 'public_v1'
        option group 'public'
        option version 'v1'
        option secname 'ro'

config group 'public_v2c'
        option group 'public'
        option version 'v2c'
        option secname 'ro'

config group 'public_usm'
        option group 'public'
        option version 'usm'
        option secname 'ro'

config group 'private_v1'
        option group 'private'
        option version 'v1'
        option secname 'rw'

config group 'private_v2c'
        option group 'private'
        option version 'v2c'
        option secname 'rw'

config group 'private_usm'
        option group 'private'
        option version 'usm'
        option secname 'rw'

config view 'all'
        option viewname 'all'
        option type 'included'
        option oid '.1'

config access 'public_access'
        option group 'public'
        option context 'none'
        option version 'any'
        option level 'noauth'
        option prefix 'exact'
        option read 'all'
        option write 'none'
        option notify 'none'

config access 'private_access'
        option group 'private'
        option context 'none'
        option version 'any'
        option level 'noauth'
        option prefix 'exact'
        option read 'all'
        option write 'all'
        option notify 'all'

config system
        option sysLocation 'office'
        option sysContact 'bofh@example.com'
        option sysName 'HeartOfGold'

config exec
        option name 'filedescriptors'
        option prog '/bin/cat'
        option args '/proc/sys/fs/file-nr'

config bridgename
        option bridge 'br-lan'

config snmpd 'general'
        option enable '0'
        list network 'wan'

config com2sec 'lte'
        option secname 'rw'
        option source 'default'
        option community 'private'

config group 'lte_v2c'
        option group 'lte'
        option version 'v2c'
        option secname 'rw'

config access 'lte_access'
        option group 'lte'
        option context 'none'
        option version 'any'
        option level 'noauth'
        option prefix 'exact'
        option read 'all'
        option write 'all'
        option notify 'all'

logread | grep 'snmpd' doesn't return anything

ehm........

1 Like

Ops, didn't see that :sweat_smile:

Now I have snmpd running, but I still can't connect with LibreNMS

Netstat:
udp 0 0 0.0.0.0:snmp 0.0.0.0:* 7846/snmpd

Well, as you can see, snmpd is running now...

Did you alter the firewall?

1 Like

I did not alter the firewall; However after reflashing the firmware I now have snmpd running and working :slight_smile:

One last thing, is this the way to change the community string?

config group 'public_v2c'
        option group 'new_string_goes_here'
        option version 'v2c'
        option secname 'ro'

Did you change and restart work (I'd have to test by doing the same)?

You mean the community string? No I haven't changed it, I just wanted to know how I would change it

I mean whatever you asked.

I hope the best.

In short: I had trouble getting snmpd to work but now it does; I still need to figure out how to change the community string but whatever

I'd have to test it on the bench or edit a system in production. If you're using "public" - I surmise you change and restart. I'm simply saying I haven't tried.

?
Is there a reason you cannot test - I'll be happy to at an appropriate time if so.

EDIT: I should note I've edited snmpd on other Linux systems. It is exctly the same. I just have never changed the /etc/config file on an OpenWrt system. It's the same software, so yes.

Nope, that is the way:

config com2sec 'public'
        option secname 'ro'
        option source 'default'
        option community 'your_new_community'

I wasn't sure which section of the config needed to be modified; But @trendy came through so problem solved

snmpd config file on openwrt has a unique structure, quite cryptic IMO

Not really, it tries to follow the standard uci format.

Unique compared to the snmpd config file on other linux distros