Set up and troubleshoot SNMP on an ESXi 5.5 host

Here are some quick notes how to troubleshoot and set up SNMP on an ESXi host.
The below also includes how to install snmpwalk and request info from an snmp server.

STEPS HOW TO PROPERLY SET UP SNMP ON AN ESXi 5.5 HOST
===========================================
esxcli system snmp set -r
esxcli system snmp set -e false
esxcli system snmp set –communities public
esxcli system snmp set –targets 192.168.11.12@162/public
esxcli system snmp set -l info
esxcli system snmp set -e true
/etc/init.d/snmpd start
esxcli system snmp test

INCREASE LOGGING LEVEL TO DEBUG FOR SNMP
=======================================
Increase log level of snmp:
esxcli system snmp set -l debug
To bring back log level to normal:
esxcli system snmp set -l info

Confirm log level has been increased:
/var/log # esxcli system snmp get | grep -i Loglevel
Loglevel: debug

Restart snmp service:
/etc/init.d/snmpd restart

CONFIG FILE FOR SNMP
====================
SNMP Config file: /etc/vmware/snmp.xml

Contents of snmp.xml
# cat /etc/vmware/snmp.xml

true 161indicationspublic192.168.11.12@162 publicdebug 00000063000000a100000000

TEST IF SNMP IS SENDING OUT TEST TRAPS
======================================
You should see these test traps in the SNMP Software:
/var/log # esxcli system snmp test
Comments: There is 1 target configured, send warmStart requested, test completed normally.

From another putty session on the same host, is the trap file being sent out?:
example – We can see 1 test trap being sent out from the host in the below tcpdump capture:
/etc # tcpdump-uw -v -i vmk0 -s 1514 port 162
tcpdump-uw: listening on vmk0, link-type EN10MB (Ethernet), capture size 1514 bytes
20:38:57.781717 IP (tos 0x0, ttl 64, id 3530, offset 0, flags [none], proto UDP (17), length 72)
esxi551.37746 > 192.168.11.12.snmptrap: { SNMPv1 { Trap(29) S:1.1.5 192.168.11.7 warmStart 162500 } }

TEST IF SNMP IS RESPONDING TO QUERIES:
======================================
Install “net-snmp-5.6.1.1-1.x86” on a Windows machine:
http://sourceforge.net/projects/net-snmp/

Run the following command to test if snmp is responding to the below requests:
Example 1 – Getting a DATE from host:
C:\usr\bin>snmpwalk -v 1 -c public 192.168.11.16 hrSystemDate
HOST-RESOURCES-MIB::hrSystemDate.0 = STRING: 2014-7-31,13:42:58.0

Example 2 – List all settings from host:
C:\usr\bin>snmpwalk -v 2c -c public 192.168.11.16
HOST-RESOURCES-MIB::hrStorageIndex.7 = INTEGER: 7
HOST-RESOURCES-MIB::hrStorageIndex.8 = INTEGER: 8
HOST-RESOURCES-MIB::hrStorageIndex.9 = INTEGER: 9
HOST-RESOURCES-MIB::hrStorageIndex.10 = INTEGER: 10
HOST-RESOURCES-MIB::hrStorageType.1 = OID: HOST-RESOURCES-MIB::hrStorageTypes.8
HOST-RESOURCES-MIB::hrStorageType.2 = OID: HOST-RESOURCES-MIB::hrStorageTypes.8

Example 3 – Getting a NAME from host:
C:\usr\bin>snmpwalk -v 2c -O n -c public 192.168.11.16 .1.3.6.1.4.1.6876.1.1
.1.3.6.1.4.1.6876.1.1.0 = STRING: “VMware ESXi”

Example 4 – Getting a VERSION from host:
C:\usr\bin>snmpwalk -v 2c -O n -c public 192.168.11.16 .1.3.6.1.4.1.6876.1.2
.1.3.6.1.4.1.6876.1.2.0 = STRING: “5.1.0”

Example 5 – Continuous snmpwalk command to generate traffic on Linux
while true; do date “+%F %T”; do snmpwalk -v 1 -c public 192.168.11.7 hrSystemDate; sleep 1; done

If the above fails, on the ESXi host monitor to see if snmp requst is coming IN:
example:
/var/log # tcpdump-uw -v -i vmk0 -s 1514 port 161
13:42:14.866068 IP (tos 0x0, ttl 128, id 13624, offset 0, flags [none], proto UDP (17), length 69)
192.168.11.12.63136 > esxi511.snmp: { SNMPv1 { GetNextRequest(26) R=2135 25.1.2 } }
13:42:14.868554 IP (tos 0x0, ttl 64, id 4140, offset 0, flags [none], proto UDP (17), length 78)
esxi511.snmp > 192.168.11.12.63136: { SNMPv1 { GetResponse(35) R=2135 25.1.2.0=07_de_07_1f_0d_2a_0e_00 } }
13:42:14.874856 IP (tos 0x0, ttl 128, id 13625, offset 0, flags [DF], proto UDP (17), length 70)
192.168.11.12.63136 > esxi511.snmp: { SNMPv1 { GetNextRequest(27) R=2136 25.1.2.0 } }
13:42:14.875672 IP (tos 0x0, ttl 64, id 4146, offset 0, flags [none], proto UDP (17), length 71)
esxi511.snmp > 192.168.11.12.63136: { SNMPv1 { GetResponse(28) R=2136 25.1.3.0=12 } }

SNMP LOGS
=========
Take a look at live view of syslog.log, see if it reports any errors.
example:
/var/log # tail -f syslog.log
2014-07-31T13:42:58Z snmpd: snmpd: ReceiveFromIpTransport: recvfrom(fd=5, length=2048) rc = 41
2014-07-31T13:42:58Z snmpd: snmpd: snmp_main: rx packet size=41 from: 192.168.11.12:63137
2014-07-31T13:42:58Z snmpd: snmpd: SrDoSnmp: received get-next pdu
2014-07-31T13:42:58Z snmpd: snmpd: CheckClassMIBView: all included
2014-07-31T13:42:58Z snmpd: snmpd: Searching for next instance of hrSystemDate
2014-07-31T13:42:58Z snmpd: load_proc_data: completed 15 cartels loaded
2014-07-31T13:42:58Z snmpd: GetProcInfo: 65 cartels retrieved
2014-07-31T13:42:58Z snmpd: GetProcInfo: cache miss, loaded 65 cartels into proc cache
2014-07-31T13:42:58Z snmpd: snmpd: SendToIpTransport: sendto(fd=5, length=50) rc = 50
2014-07-31T13:42:58Z snmpd: snmpd: ReceiveFromIpTransport: recvfrom(fd=5, length=2048) rc = 42
2014-07-31T13:42:58Z snmpd: snmpd: snmp_main: rx packet size=42 from: 192.168.11.12:63137
2014-07-31T13:42:58Z snmpd: snmpd: SrDoSnmp: received get-next pdu
2014-07-31T13:42:58Z snmpd: snmpd: CheckClassMIBView: all included
2014-07-31T13:42:58Z snmpd: snmpd: Searching for next instance of hrSystemDate
2014-07-31T13:42:58Z snmpd: snmpd: CheckClassMIBView: all included
2014-07-31T13:42:58Z snmpd: snmpd: Searching for next instance of hrSystemInitialLoadDevice
2014-07-31T13:42:58Z snmpd: GetProcInfo: cache hit
2014-07-31T13:42:58Z snmpd: snmpd: SendToIpTransport: sendto(fd=5, length=43) rc = 43

Timeout Errors:
===============

C:\usr\bin>snmpwalk -v 2c -c 192.168.11.16

HOST-RESOURCES-MIB::hrMemorySize.0 = INTEGER: 4193780 KBytes
Timeout: No Response from 192.168.11.16

If you are getting a timeout error you can increase re-tries and timeout values for snmpwalk add -r 3 and -t 30 to the command. -r will increase retries and -t 30 will increase timeout to 30 seconds.
C:\usr\bin>snmpwalk -v 2c -c -r 3 -t 30 public 192.168.11.16

Increase CPU Limit for snmpd service on the host
Connect directly to the ESXi host with a vsphere client.
1. Click on host > Configuration tab.
2. Under Software > Click System Resource Allocation and then click Advanced.
3. Expand host > vim > vmvisor.
4. Click snmpd, the parent resource pool not the actual process with the number beside it.
5. Click Edit Settings.
6. Under CPU Resources, increase the limit for CPU incrementally.
***Adjusting these settings can impact other services on the host

SPONSOR:

This entry was posted in Linux, Networking, Scripting, VMware and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *