[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:46299] [Q] snmpd No Response

æŸå´Žï¼ åŒ—æµ·é“ã§ã™ï¼Ž

以下ã®ã‚ˆã†ãªãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã§ snmp ã«ã‚ˆã‚‹ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ç›£è¦–ã‚’è¡ŒãŠã†ã¨ã—ã¦
ãŠã‚Šã¾ã™ï¼Ž

                    : -> 133.87.2.0/24
+---------+   +-----------+       +----------+
| outhost +---+ GW Router +---+---+  inhost  |
+---------+   +-----------+   |   +----------+
                              |
                              |   +----------+
                              +---+  sclient |
                                  +----------+

監視ã™ã‚‹ã®ã¯ãƒ›ã‚¹ãƒˆå "sclient" ã§ï¼Œ"outhost" 㨠"inhost" 㧠snmpd ã‚’
å‹•ã‹ã—ã¦ãŠã‚Šï¼Œ/etc/snmp/snmpd.conf ã®ä¸»ãªè¨­å®šã¯ä»¥ä¸‹ã®é€šã‚Šã§ã™ï¼Ž

  <主ãªè¨­å®š>
  com2sec  readonly   133.87.2.0/24   hogehoge
  com2sec  readwrite  127.0.0.1       fugafuga
  
  group MyROGroup v1  readonly
  group MyROGroup v2c readonly
  group MyROGroup usm readonly
  group MyRWGroup v1  readwrite
  group MyRWGroup v2c readwrite
  group MyRWGroup usm readwrite
  
  access MyROGroup "" any noauth exact all none none
  access MyRWGroup "" any noauth exact all all  none
  </主ãªè¨­å®š>

ã§ï¼Œsclient ã‹ã‚‰ inhost ã¸ã® snmpwalk ã¯æˆåŠŸã—ã¾ã™ï¼Ž

  sclient% snmpwalk -v1 -c hogehoge inhost
  SNMPv2-MIB::sysDescr.0 = STRING: Linux inhost 2.6.8-2-686 #1 Tue Aug 16
  (snip...)
  
  sclient% snmpwalk -v2c -c hogehoge inhost
  SNMPv2-MIB::sysDescr.0 = STRING: Linux inhost 2.6.8-2-686 #1 Tue Aug 16
  (snip...)
  

ãŒï¼Œsclient ã‹ã‚‰ outhost ã¸ã® snmpwalk ã¯å¤±æ•—ã—ã¾ã™ï¼Ž

  sclient% snmpwalk -v1 -c hogehoge outhost
  Timeout: No Response from outhost
  
  sclient% snmpwalk -v2c -c hogehoge outhost
  Timeout: No Response from outhost
  

パケットãŒå±Šã„ã¦ã„ãªã„ã®ã‹ãªã¨æ€ã„,outhost 㧠tcpdump ã—ã¦ã¿ã‚‹ã¨
パケットã¯åˆ°ç€ã—ã¦ã„るよã†ã§ã™ï¼Ž

  outhost% sudo /usr/sbin/tcpdump port snmp
  tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
  10:05:49.734583 IP sclient.cc.hokudai.ac.jp.64830 > outhost.cc.hokudai.ac.jp.snmp:  C=hogehoge GetNextRequest(25)
  (snip)

  (6回繰り返ã—㦠sclient ㌠No Response from outhost ã¨ãªã‚‹)
  ^C
  6 packets captured
  6 packets received by filter
  0 packets dropped by kernel


一方,outhost 㧠localhost ã«å¯¾ã—㦠snmpwalk ã‚’è¡Œã†ã¨æˆåŠŸã—ã¾ã™ï¼Ž

  outhost% snmpwalk -v1 -c fugafuga localhost
  SNMPv2-MIB::sysDescr.0 = STRING: Linux outhost 2.6.8-11-amd64-generic #1
  (snip...)
  
  outhost% snmpwalk -v2c -c fugafuga localhost
  SNMPv2-MIB::sysDescr.0 = STRING: Linux outhost 2.6.8-11-amd64-generic #1
  (snip...)
  

ã¾ãŸ /etc/default/snmpd 㧠SNMPDOPTS='-a -p /var/run/snmpd.pid' ã¨ã—ã¦
ãŠã‚Šï¼Œ/var/log/snmpd.log ã«ãƒ­ã‚°ãŒå‡ºåŠ›ã•ã‚Œã¦ã„ã‚‹ã®ã§ã™ãŒï¼Œlocalhostã¸ã®
snmpwalk ã®éš›ã«ã¯ Connection from 127.0.0.1ã¨æ›¸ãè¾¼ã¾ã‚Œã¾ã™ãŒï¼Œsclient
ã‹ã‚‰ã® snmpwalk ã®å ´åˆã¯ä½•ã‚‰æ›¸ãè¾¼ã¾ã‚Œã¾ã›ã‚“.

å•é¡Œè§£æ±ºã®ãŸã‚ã«ï¼Œã•ã‚‰ã«ã©ã®ã‚ˆã†ãªã“ã¨ã‚’è¡Œãˆã°è‰¯ã„ã‹ï¼Œãªã‚“ã‹ã‚„ã‚Šå°½ãã—
ãŸæ„ŸãŒã‚ã‚‹ã®ã§ã™ãŒï¼Œã¾ã ä½•ã‹è¡Œã†ã¹ãã“ã¨ãŒã‚ã‚Šã¾ã—ãŸã‚‰ãŠçŸ¥æµã‚’ãŠè²¸ã—ã
ã ã•ã‚Œã°å¹¸ã„ã§ã™ï¼Ž

挙動ã¨ã—ã¦ã¯ community åã‚’é–“é•ã£ãŸæ™‚ã«ä¼¼ã¦ã„ã‚‹ã®ã§ã™ãŒï¼Œsnmpd ãŒå‹•ä½œ
ã—ã¦ã„ã‚‹ inhost 㨠outhost 㧠snmpd.conf ã‚’åŒã˜ã‚‚ã®ã«ã—ã¦ãƒ†ã‚¹ãƒˆã‚’è¡Œã£
ã¦ã‚‚ã‚„ã¯ã‚Š inhost ã¨ã¯ snmp 通信ãŒè¡Œãˆã¦ï¼Œouthostã¨ã¯å‡ºæ¥ãªã„ã¨ã„ã†äº‹
ã‹ã‚‰ï¼Œcommunity åã®é–“é•ã„ã§ã¯ãªã‹ã‚ã†ãªã‚ã¨ï¼Ž

-- 
æŸå´Ž 礼生 (Hiroki Kashiwazaki)@HUIST
Research Associate @ Graduate School of Information Science and
Technology, Hokkaido University
mailto:reo@xxxxxxxxxxxxxxxxx
Tel:+81-11-706-2056 (Office), +81-706-2998 (Takai Lab.)