snmpd(1M)snmpd(1M)NAME
snmpd — snmpd, snmpdm - Simple Network Management Protocol (SNMP)
process
SYNOPSIS
snmpd [-a] [-authfail] [-C contact] [-Contact contact] [-h]
[-help] [-L location][-Location location] [-l logfile]
[-logfile logfile] [-P portnum] [-Port portnum] [-m logmask]
[-mask logmask] [-n] [-sys description]
[-sysDescr description]
snmpd [-e extendFile]
snmpdm [-apall] [-aperror] [-aptrace] [-apwarn]
[-a] [-authfail] [-C contact] [-Contact contact] [-h]
[-help] [-L location] [-Location location] [-l logfile]
[-logfile logfile] [-m logmask] [-mask logmask]
[-log_format value] [-n] [-sys description]
[-sysDescr description] [-tcpany ] [-tcplocal ] [-tcpnone ]
DESCRIPTION
The master SNMP agent (snmpdm) and the collection of subagents
(/usr/sbin/*agt) that have attached to the master agent, collectively
form a single SNMP agent. The SNMP agent accepts SNMP Get, GetNext and
Set requests from an SNMP Manager which cause it to read or write the
Management Information Base (MIB). The MIB objects are instrumented by
the subagents.
The master agent can bind to separate process subagents.
Parameters
The master agent (snmpdm) and the manual startup script (snmpd) recog‐
nize the following options:
-apall Log all error messages, warning messages, and trace message.
This option forces snmpdm to run in the foreground .
-aperror Log all error messages. This option can be used in conjunc‐
tion with -aptrace and -apwarn.
-aptrace Log all trace messages. This option can be used in conjunc‐
tion with -aperror and -apwarn.
-apwarn Log all warning messages. This option can be used in conjunc‐
tion with -aperror and -aptrace.
-a
-authfail Suppress sending authentication failure traps.
-Contact contact
-C contact
This option overrides the contact person specified in the
master agent configuration file /etc/SnmpAgent.d/snmpd.conf.
It does not alter the value in /etc/SnmpAgent.d/snmpd.conf.
By default, the agent's contact is a blank string. To config‐
ure the agent's contact, add the contact to /etc/SnmpA‐
gent.d/snmpd.conf or use the -C option.
-e extendFile
This option is provided for backward compatibility with the
pre-emanate snmpd.ea extensible SNMP agent. It is applicable
only if the emanate extensible agent is installed. It is
installed if the file /usr/sbin/extsubagt exists. This
option causes the extsubagt to use extendFile instead of the
default /etc/SnmpAgent.d/snmpd.extend file to add user
defined MIB objects to the SNMP agent.
-help
-h Display command line options and log mask values.
-Location location
-L location
This option overrides the location specified in /etc/SnmpA‐
gent.d/snmpd.conf. It does not alter the value in /etc/SnmpA‐
gent.d/snmpd.conf. By default, the agent's location is a
blank string. To configure the agent's location, add the
location to /etc/SnmpAgent.d/snmpd.conf or use the -L option.
-l logfile
Use logfile for logging rather than the default logfile,
/var/adm/snmpd.log. A value of - will direct logging to std‐
out.
-mask logmask
-m logmask
See the SNMP Agent Logging section for valid values. This
argument only takes effect as you are starting the agent. To
change the mask of an agent that is already running use
option -M.
-log_format value
The value can be 0 or 1. 0 means use traditional logging
fomat for /var/adm/snmpd.log file. 1 means use new logging
format. The new logging format gives the Log level, Time‐
stamp, Program Name, File name, Line number and message in
seperate lines.
-n Normally snmpdm puts itself into the background as if the
command was terminated with an ampersand (&). This option
inhibits that behavior.
-Port portnum
-P portnum
Specify the UDP port number that the agent will listen on for
SNMP requests. The default is port 161. The value can also
be specified in /etc/services. Only the superuser can start
snmpdm and only one snmpdm can execute on a particular UDP
port.
-sysDescr description
-sys description
Allows the user to specify the value for the system.sysDescr
MIB object. The format is a text string enclosed in quotes.
This option overrides the sysDescr specified in /etc/SnmpA‐
gent.d/snmpd.conf.
For example, snmpdm -sys "nsmd1, test system"
-tcpany Allow Master agent to accept connections from any subagent.
This is the default option.
-tcplocal Allow Master agent to accept connections from local TCP sub‐
agents.
-tcpnone Do not allow master agent to accept connections from any TCP
subagent.
SNMPv1 Security
Each SNMP request is accompanied by a community name, which is essen‐
tially a password that enables SNMP access to MIB values on an agent. A
manager can request to read a MIB value by issuing an SNMP GetRe‐
quest/GetNextRequest, or a manager may request to alter a MIB value by
issuing an SNMP SetRequest.
By default, the agent does not respond to any SNMP requests, regardless
of the community name used in the request. To configure the agent to
respond to SNMP GetRequests/GetNextRequests, add a get-community-name
to /etc/SnmpAgent.d/snmpd.conf. See the snmpd.conf(4) manpage. To con‐
figure the agent to respond to SNMP SetRequests AND GetRequests/GetNex‐
tRequests, add a set-community-name to /etc/SnmpAgent.d/snmpd.conf.
SNMPv2c
Simple Network Management Protocol Version 2 (SNMPv2c) is supported in
this version of the SNMP agent.
Traps
The agent also sends information to a manager without an explicit
request from the manager. Such an operation is called a trap. By
default, SNMP traps are not sent to any destination. To configure the
agent to send traps to one or more specific destinations, add the trap
destinations to /etc/SnmpAgent.d/snmpd.conf.
The master agent (snmpdm) and the MIB-2 subagent (mib2agt) collaborate
to send the following SNMP traps:
coldStart Sends a coldStart trap when the SNMP agent is invoked.
linkDown Sends a linkDown trap when an interface goes down.
linkUp Sends a linkUp trap when an interface comes up
authenticationFailure
Sends an authenticationFailure trap when an SNMP request is
sent to the SNMP agent with a community name that does not
match the community names specified in /etc/SnmpA‐
gent.d/snmpd.conf
The master agent (snmpdm) and the IPv6 subagent (ipv6agt) collaborate
to send the following SNMP traps:
linkDown Sends a linkDown trap when an IPv6 interface goes down.
linkUp Sends a linkUp trap when an IPv6 interface comes up
SNMP Agent Logging
The SNMP agent provides the capability to log various types of errors
and events. There are three types of logging; traces, warnings, and
errors.
Log Masks
Log masks enable the user to specify the particular classes of messages
that should be logged to /var/adm/snmpd.log or the specified logfile.
There are three different ways that you can specify the logmask that
you want. They are; (1) decimal number, (2) hexadecimal number, or (3)
text string. The three may not be used in combination.
To select multiple output types do the following. For decimal or hex
format simply add the individual logmask values together and enter that
number. When entering strings, place multiple strings on the same line,
space separated, without quotes.
Log Mask Values Function Decimal
Turn off logging 0 0x00000000 LOGGING_OFF
Log factory trace messages 8388608 0x00800000 FACTORY_TRACE
Log factory warning messages 268435456 0x10000000 FACTORY_WARN
Log factory error messages 536870912 0x20000000 FACTORY_ERROR
Log factory configure messages 65536 0x00010000 FACTORY_CONFIG
Log factory packet messages 131072 0x00020000 FACTORY_PACKET
Log factory trap messages 262144 0x00040000 FACTORY_TRAP
Log factory access messages 524288 0x00080000 FACTORY_ACCESS
Log factory emanate messages 1048576 0x00100000 FACTORY_EMANATE
Log factory verbose messages 2097152 0x00200000 FACTORY_VERBOSE
Log factory user messages 4194304 0x00400000 FACTORY_USER
Log factory thread messages 1073741824 0x40000000 FACTORY_THREAD
Log factory timer messages 2147483648 0x80000000 FACTORY_TIMER
Turn on error logging messages:
decimal format : snmpdm -m 536870912
hex format :snmpdm -m 0x20000000
string format : snmpdm -m FACTORY_ERROR
Supported MIB Objects
The Management Information Base (MIB) is a conceptual database of val‐
ues on the agent. The master SNMP agent implements a small number of
MIB objects but most MIB objects are implemented by subagents that have
attached to the master agent. See /var/opt/OV/share/snmp_mibs on sys‐
tems with HP OpenView products installed for definitions of particular
MIB objects.
This version of the SNMP agent includes the subagents,
/usr/sbin/mib2agt , /usr/sbin/hp_unixagt and /usr/sbin/ipv6agt which
implement the MIB-2 , HP UNIX and IPv6 MIBs respectively. The IPv6 sub‐
agent is supported ONLY on the HPUX 11.11 platform with the IPv6 depot
installed. The MIB-II and HPUX MIBs are described in
/var/opt/OV/share/snmp_mibs/Standard/rfc1213-MIB-II and
/var/opt/OV/share/snmp_mibs/Vendor/Hewlett-Packard/hp-unix on systems
with HP OpenView products installed.
It also includes the subagents /usr/sbin/trapdestagt and
/usr/sbin/naaagt. The trapdestagt supports the MIB variables used for
updating the trapdest entries in the snmpd.conf file. For details on
the naaagt subagent please refer the naaagt manpage.
The MIB-2 subagent supports most of the objects in RFC1213. The EGP
group is not supported. The HP-UX subagent supports most of the objects
in the HP-UX MIB. The IPv6 subagent supports most of the objects in
RFC2452, RFC2454, RFC2465 and RFC2466.
Deprecated MIBS
The ieee8023Mac MIB group corresponding to the following OID is no
longer supported:
private(4).enterprises(1).hp(11).nm(2).interface(4).ieee8023Mac(1)
This MIB group is replaced with the Ether-Like MIB group (RFC1398)
which corresponds to OID:
mgmt(2).mib-2(1).transmission(10).dot3(7)
SNMP Agent Startup
The SNMP agent startup mechanism is built upon the System V.4 file sys‐
tem paradigm. The startup scripts /etc/netmanrc and /etc/netmgr, which
were used in previous releases of the SNMP agent, are no longer used
for starting the SNMP agent.
Automatic Startup
As installed, the SNMP master agent and all subagents should startup
automatically each time the system reboots or anytime the system tran‐
sitions from run level 1 to run level 2. When the system enters run
level 2 the operating system will execute /sbin/init.d/SnmpMaster which
will startup the master agent. Similarly, /sbin/init.d/SnmpMib2 ,
/sbin/init.d/SnmpHpunix and /sbin/init.d/SnmpIpv6 will startup the MIB2
, HP-UX and IPv6 subagents respectively immediately after the master
agent is started. The trapdestagt and naaagt subagents are started by
/sbin/init.d/SnmpTrpDst and /sbin/init.d/SnmpNaa.
Prior to executing these startup scripts the system will examine all
scripts in /etc/rc.config.d for environment variables which could
potentially influence the startup of the master agent and each sub‐
agent. See the particular startup script or configuration file for
details on supported environment variables. The user should never mod‐
ify scripts in /sbin/init.d. Instead the startup behavior should be
controlled by adjusting values in the appropriate configuration script
in /etc/rc.config.d.
The interactions and relationships among these processes and files at
invocation time is shown below.
Solaris
/etc/rc2 invokes /etc/rc2.d/S98SnmpMaster
/etc/rc2.d/S98SnmpMaster invokes /sbin/init.d/SnmpMaster
/sbin/init.d/SnmpMaster invokes /usr/sbin/snmpdm
/usr/sbin/snmpdm reads /etc/SnmpAgent.d/snmpd.conf
/etc/rc2 invokes /etc/rc2.d/S97SnmpMib2
/etc/rc2.d/S97SnmpMib2 invokes /sbin/init.d/SnmpMib2
/sbin/init.d/SnmpMib2 invokes /usr/sbin/mib2agt
/etc/rc2 invokes /etc/rc2.d/S97SnmpHpunix
/etc/rc2.d/S97SnmpHpunix invokes /sbin/init.d/SnmpHpunix
/sbin/init.d/SnmpHpunix invokes /usr/sbin/hp_unixagt
/etc/rc2 invokes /etc/rc2.d/S97SnmpTrpDst
/etc/rc2.d/S97SnmpTrpDst invokes /sbin/init.d/SnmpTrpDst
/sbin/init.d/SnmpTrpDst invokes /usr/sbin/trapdestagt
/etc/rc2 invokes /etc/rc2.d/S97Naa
/etc/rc2.d/S97SnmpNaa invokes /sbin/init.d/SnmpNaa
/sbin/init.d/SnmpNaa invokes /usr/sbin/naaagt
HP-UX 10.X, 11.X
/sbin/rc invokes /sbin/rc2.d/S560SnmpMaster
/sbin/rc2.d/S560SnmpMaster invokes /sbin/init.d/SnmpMaster
/sbin/init.d/SnmpMaster invokes /usr/sbin/snmpdm
/usr/sbin/snmpdm reads /etc/SnmpAgent.d/snmpd.conf
/sbin/rc invokes /sbin/rc2.d/s565SnmpMib2
/sbin/rc2.d/s565SnmpMib2 invokes /sbin/init.d/SnmpMib2
/sbin/init.d/SnmpMib2 invokes /usr/sbin/mib2agt
/sbin/rc invokes /sbin/rc2.d/s565SnmpHpunix
/sbin/rc2.d/s565SnmpHpunix invokes /sbin/init.d/SnmpHpunix
/sbin/init.d/SnmpHpunix invokes /usr/sbin/hp_unixagt
/sbin/rc invokes /sbin/rc2.d/s565SnmpTrpDst
/sbin/rc2.d/s565SnmpTrpDst invokes /sbin/init.d/SnmpTrpDst
/sbin/init.d/SnmpTrpDst invokes /usr/sbin/trapdestagt
HP-UX 11.11 (with IPv6 depot installed)
/sbin/rc invokes /sbin/rc2.d/S560SnmpMaster
/sbin/rc2.d/S560SnmpMaster invokes /sbin/init.d/SnmpMaster
/sbin/init.d/SnmpMaster invokes /usr/sbin/snmpdm
/usr/sbin/snmpdm reads /etc/SnmpAgent.d/snmpd.conf
/sbin/rc invokes /sbin/rc2.d/s565SnmpMib2
/sbin/rc2.d/s565SnmpMib2 invokes /sbin/init.d/SnmpMib2
/sbin/init.d/SnmpMib2 invokes /usr/sbin/mib2agt
/sbin/rc invokes /sbin/rc2.d/s565SnmpHpunix
/sbin/rc2.d/s565SnmpHpunix invokes /sbin/init.d/SnmpHpunix
/sbin/init.d/SnmpHpunix invokes /usr/sbin/hp_unixagt
/sbin/rc invokes /sbin/rc2.d/s565SnmpIpv6
/sbin/rc2.d/s565SnmpIpv6 invokes /sbin/init.d/SnmpIpv6
/sbin/init.d/SnmpIpv6 invokes /usr/sbin/ipv6agt
/sbin/rc invokes /sbin/rc2.d/s565SnmpTrpDst
/sbin/rc2.d/s565SnmpTrpDst invokes /sbin/init.d/SnmpTrpDst
sbin/init.d/SnmpTrpDst invokes /usr/sbin/trapdestagt
Manual Startup
There are two ways to start the SNMP agent manually. The first way is
to execute snmpdm and then start each subagent. Separate process sub‐
agents are started by invoking the particular subagent executable.
The second and simplest way to start the SNMP agent manually is to exe‐
cute the snmpd startup script which will invoke the master agent and
all subagents which have been installed and designed to operate in this
paradigm. The snmpd script is layered upon the V.4 startup paradigm
and so makes use of the component startup scripts in /sbin/init.d and
configuration scripts in /etc/rc.config.d. When snmpd is invoked it
passes all its command line arguments to snmpdm and then executes each
start script (S*) found in /sbin/SnmpAgtStart.d.
Objects on which the agent supports snmpset requests
· syscontact
sysName
sysLocation
ifAdminStatus
atPhysAddress
ipRouteNextHop
ipRouteType
ipRouteAge
ipNetToMediaPhysAddress
ipNetToMediaTypesysName
snmpEnableAuthTraps
ipv6Forwarding
ipv6DefaultHopLimit
ipv6IfAdminStatus
ipv6RouteValid
ipv6NetToMediaValid
ipv6TcpConnState
Objects that Return Null Values (Solaris only)
· ifInNUcastPkts
ifInDiscards
ifOutNUcastPkts
ifOutDiscards
Objects that Return noSuchName Errors (Solaris only)
· ifLastChange
ifInOctets
ifInUnknownProtos
ifOutOctets
· ipInReceives
ipInAddrErrors
ipForwDatagrams
ipInUnknownProtos
ipInDiscards
ipInDelivers
ipOutRequests
ipOutDiscards
ipOutNoRoutes
ipReasmTimeout
ipReasmReqds
ipReasmOKs
ipReasmFails
ipFragOKs
ipFragFails
ipFragCreates
ipAdEntReasmMaxSize
ipRouteAge
ipRoutingDiscards
· tcpActiveOpens
tcpPassiveOpens
tcpAttemptFails
tcpEstabResets
tcpInSegs
tcpOutSegs
tcpRetransSegs
tcpInErrs
tcpOutRsts
· udpInDatagrams
udpNoPorts
udpOutDatagrams
· egp group
ERRORS
Duplicate community names may not be used in the configuration file. In
the past the agent allowed a user to have the same name used many times
in the file. This typically happens when the user would set the same
name for a get and set community name. The implication being that the
name could be used for gets and sets. Due to the new Emanate agent, it
would cause problems to allow this. So, now the set community names
have read/write access. That is, they are both a set and get community
name. When this error occurs the agent will still start. However, an
ERROR log will be written in the logfile and you will likely end up
with undesirable results.
EXTERNAL INFLUENCES
Environmental Variables
$LANG determines the language in which messages appear. If $LANG is not
specified or is set to the empty string, a default of C (see lang(5))
is used instead of $LANG. If any internationalization variable contains
an invalid setting, snmpdm behaves as if all internationalization vari‐
ables are set to C. See environ(5).
The environment variables specific to the master agent snmpdm are as
below:
Environment Variables
SNMP_LOG_SIZE Exporting this variable to
>= 1MB restricts the size of
the snmp log file. When the
size grows beyond the value
exported, the log file rolls
over.
SR_SNMP_TEST_PORT This variable can be
exported to change the
default port on which snmpdm
listens
SR_TRAP_TEST_PORT This variable can be
exported to change the
default port to which snmpdm
sends traps
COLDSTART_TIMEOUT Exporting this variable to
any value between 1 and 600
seconds will control the be‐
haviour of snmpdm in sending
the coldstart trap. The trap
will be sent after the
expiry of the number of sec‐
onds specified or mib2agt
registering, whichever is
earlier.
SR_LOG_DIR This variable can be
exported to specify the
directory where the log file
snmpd.log will be created.
SR_AGT_CONF_DIR This variable can be
exported to specify the
directory in which the con‐
figuration file snmpd.conf
is available.
International Code Set Support
Supports single-byte character code sets.
AUTHOR
snmpd was developed by Hewlett-Packard, Massachusetts Institute of
Technology, and SNMP Research.
FILES
/usr/sbin/snmpd
/usr/sbin/snmpdm
/usr/sbin/mib2agt
/usr/sbin/hp_unixagt
/usr/sbin/ipv6agt
/etc/SnmpAgent.d/snmpd.conf
/var/adm/snmpd.log
/opt/OV/snmp_mibs
/sbin/SnmpAgtStart.d
SEE ALSOsnmpd.conf(4).
RFC 1155, RFC 1157, RFC 1212, RFC 1213, RFC 1231, RFC 1398. RFC 2452,
RFC 2454, RFC 2465, RFC 2466
snmpd(1M)