May 6, 2021

MRTG and SNMP howto

MRTG graphs stuff, and SNMP sends information about different network devices like how health, throughput, and possibly lots of other stuff. This howto will give you a simple, low-level dashboard of what your devices are doing and how much traffic is going through them. There are lots of ways to do this, like cacti, munin, zabbix, etc., but I wanted something simple, and plan to manage it from the command line, which is a preference. If you need web-management, look at some pre-existing packages like those listed above.

MRTG/SNMP howto

MRTG graphs stuff, and it doesn’t really matter what. SNMP reports to it what to graph from across the network.

apt-get install mrtg snmpd snmp
mkdir /var/www/mrtg
vi /etc/snmp/snmpd.conf
  agentAddress  udp:127.0.0.1:161 (change line to look like one below)
  agentAddress  udp:161
/etc/init.d/snmpd restart
netstat -au | grep snmp (you should see line below, which means listening on all interfaces)
  udp        0      0 *:snmp                  *:*
cp /etc/mrtg.cfg /etc/mrtg.cfg.orig
vi /etc/mrtg.cfg
  #Global Settings
  #
  RunAsDaemon: yes
  EnableIPv6: no
  WorkDir: /var/www/mrtg
  Options[_]: bits,growright
  #
  # Targets
  #
  Target[127.0.0.1]: /127.0.0.1:public@127.0.0.1
  MaxBytes[127.0.0.1]: 1250000
  Title[127.0.0.1]: Localhost
  PageTop[127.0.0.1]: <h1>Localhost - 127.0.0.1</h1>
  Unscaled[127.0.0.1]: ymwd
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html

Now, to add snmp monitoring from some remote device you only have to do a few things. Understanding what you’re doing and why it far more diffficult to grasp. Basically, snmpwalk command goes looking at a router, in this example your home router at 192.168.1.1, and trying to get snmp information out of it to make sure you can compile stats from info it’s spitting out. But first you have to make it spit that information out. To do that you have to set up snmp on your router, so you’ll have to login to it and enable snmp. On some routers you have to do much more, like tell it which source interface, stuff like that. We’ll keep it simplified here. Once it’s enabled, you have to give the snmp monitoring part a name that you can reference from your MRTG box, which called a community name. So call it something like “homeciscobox” or whatever, just don’t call it “public” (frequently the default), that could result in evil in certain cases if bad folks guess what it is and control or monitor your router. If you want more security, enable version 2 or 3 of snmp, there’s a BIG difference on how secure they are, and also how irritating they are to configure correctly. I recommend testing with version 1, then once you get it working, switch to 2 or 3 variants to secure it.

If the snmpwalk command below worked, you should see a butt-load of lines output, like 300 maybe, depending on your router. That means it connected and got information. Now you have to use cfgmaker to turn that info into a config file the MRTG can use. You can see the command below. Make sure to use the >> rather than a single >, so it will append your existing config file if you have one, rather than overwriting it.

If that worked, you can use a utility called indexmaker to build an index.html to display what MRTG found through its polling. The command is below. Now you should be able to go to http://serverip.or.host.name/index.html and see some data.

snmpwalk -v 1 -c homeciscobox 192.168.1.1 (snmp router IP, you should see tons of information output, like 300 lines)
cfgmaker homeciscobox@192.168.1.1 >> /etc/mrtg.cfg
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html

Monitor remote servers

To monitor a remote server, like for interface bandwidth, you have to load a SERVER on the REMOTE host, then use your mrtg CLIENT on the SERVER you just set up. It’s kind of confusing, but the remote box has to serve up information for you to read on your mrtg box via snmp. Here’s how you configure your REMOTE box first (make sure contrib and non-free repos are enabled for the snmp-mibs-downloader, or you won’t see the package because of licensing issues):

apt-get install snmpd lm-sensors snmp snmp-mibs-downloader 	 
vi /etc/snmp/snmp.conf	 	 
  MIB : (change this line to the one below)	 	 
  MIB +ALL
vi /etc/default/snmpd 
  export MIBS= (change to look like next line)
  export MIBS=/usr/share/mibs
  (change these next two lines to look like this)
  SNMPDOPTS='-LS6d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
  TRAPDOPTS='-LS6d -p /var/run/snmptrapd.pid'
vi /etc/snmp/snmpd.conf
  #agentAddress  udp:127.0.0.1:161 (comment this line out)
  agentAddress udp:161,udp6:[::1]:161 (uncomment this line)
  view   systemonly  included   .1.3.6.1.2.1 (add this line below the other view/systemonly/included lines)
  rocommunity public  default    -V systemonly (change this line to look like the next one)
  rocommunity whatevernameyouwanttocallit  default    -V systemonly
  sysLocation    location where your server physically is located
  sysContact     Yourname <your@emailaddress.com>
  interface eth0 6 1000000000 (add this somewhere after the proc lines)
/etc/init.d/snmpd restart

Now, if snmp server is behaving, you can use snmpwalk to find out what it’s reporting like:

snmpwalk -v 1 -c whateveryouwanttocallit localhost
  SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-TC::linux
  ...
  bunch of stuff in the middle
  ...
  SNMPv2-MIB::sysORID.8 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
  End of MIB

Now go back to your monitoring server that’s keeping track of things on your remote server, and see if you can see snmp information coming across the wire:

snmpwalk -v 1 -c whateveryoucalleditontheserver i.p.of.remoteserver
  iso.3.6.1.2.1.1.1.0 = STRING: "Linux www.example.com 3.-amd64 #1 SMP Debian 351-1 x86_64"
  iso.3.6.1.2.1.1.4.0 = STRING: "yourname <you@youremail.com>"
  iso.3.6.1.2.1.1.5.0 = STRING: "www.hostnameofserver.com"
  iso.3.6.1.2.1.1.6.0 = STRING: "whateverlocationyouputinhere"
  ...
  bunch of stuff
  ...
  iso.3.6.1.2.1.25.1.6.0 = Gauge32: 114   
  iso.3.6.1.2.1.25.1.7.0 = INTEGER: 0

So now you probably want mrtg to make a graph out of some system information on your remote server, so