How to get SNMP daemon working on Ubuntu 18.04/20.04 LTS

Background

Getting SNMP working on Ubuntu 18.04 can be a challenge. The reason is the default SNMP configuration file contains so many entries it’s totally overwhelming and additionally it might be configured to only listen on localhost. Finally if you don’t have UDP port 161 allowed on your firewall you will endless be going in circles.

In this article we will attempt to install SNMP on Ubuntu so that an external server can access your setup.

We’ll install the libraries, then do a backup and minimal configuration, and then start testing. Optionally we’ll check if there is a localhost restriction. I’ll leave the firewall checking to you or contact us if you require additional assistance.

SNMP library to install

sudo apt-get install snmpd

For testing, you would need snmpwalk, so do this

sudo apt-get install snmp

Configuration

The default snmpd.conf file provided with Ubuntu is overly complicated and we really only need a few entries. So what we’ll do is first back it up so that we can start from scratch with some intelligent defaults:

cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.backup

Now you can edit the file using your favourite text editor, e.g. vi /etc/snmp/snmpd.conf and remove everything.

Note about Firewalls

You have to enable UDP port 161 on your firewall if you’re monitoring your server from the outside. Firewall configuration can prove one of the more challenging aspects of SNMP monitoring, because at times you might be going through multiple firewall, e.g. an AWS firewall, and a local Virtualmin firewall. If you get the following problem, you might well be dealing with a firewall issue:

Timeout: No Response from host.domain.com

Here is an example of a config that works.

If you’re using a system such as PRTG to monitor your servers, try the following settings:

# cat /etc/snmp/snmpd.conf
com2sec readonly your_secret_community
syslocation "Server Location"
syscontact Firstname Lastname
sysservices 76
master yes
agentaddress udp:161
rocommunity your_secret_community

Once you’ve save the snmpd.conf file, restart the SNMPD daemon.

service snmpd restart

Testing

You can use snmpwalk to test SNMP, provided it’s installed. Install this utility by doing this:

apt install snmp

Then do: snmpwalk -c your_secret_community -v1 localhost from the localhost or remote host to test. First try localhost then try the IP address of your server. Ideally you also want to perform this test from your NMS to the remote host.

Localhost Restriction?

Check /etc/default/snmpd for localhost restriction

You may have to check the following line to see if your SNMP is not locked to localhost:

# cat /etc/default/snmpd
SNMPDOPTS='-Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'

If you see 127.0.0.1 but you’re trying to connect SNMP from a remote system, remove the 127.0.0.1

Test to see if SNMP is listening on all ports:

root@server:~# netstat -ulnp | grep 161
udp      0      0 0.0.0.0:161      0.0.0.0:*      33914/snmpd

Missing Community Parameter

When you do service snmpd status   you might see the following message:

/etc/snmp/snmpd.conf: line 1: Error: missing COMMUNITY parameter

Ignore the error. It’s bogus.

References

https://community.spiceworks.com/how_to/70628-using-snmpwalk-to-test-snmp-devices-from-ubuntu
https://support.atera.com/hc/en-us/articles/220109447-How-To-Monitor-Linux-Servers-Using-SNMP
https://kb.vander.host/knowledgebase/operating-systems/how-to-set-up-snmp-for-centos/

Share this article

1 thought on “How to get SNMP daemon working on Ubuntu 18.04/20.04 LTS”

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top