Extracting Router Information via SNMP Tools
Problem
You wish to extract or change router information via SNMP.
Solution
To extract router information via SNMP, we will use the suite of SNMP tools provided with the NET-SNMP toolkit (see Appendix A for more details).
Use snmpget to extract a single MIB object from the router's MIB tree. This example uses snmpget to extract the router's system contact information:
freebsd% snmpget v1 c ORARO Router .1.3.6.1.2.1.1.4.0
system.sysContact.0 = Helpdesk 800-555-2992
Use snmpset to alter MIB objects within the router's MIB tree. The next example demonstrates how to modify MIB variables, using snmpset to change the system contact information:
freebsd% snmpset v1 c ORARW Router .1.3.6.1.2.1.1.4.0 s "Ian Brown 555-1221"
system.sysContact.0 = Ian Brown 555-1221
freebsd% snmpget v1 c ORARO Router sysContact.0
system.sysContact.0 = Ian Brown 555-1221
The snmpwalk utility extracts a series of MIB objects from the router's MIB tree. This example uses snmpwalk to extract all of the router's interface descriptions:
freebsd% snmpwalk v1 -c ORARO Router ifDescr
interfaces.ifTable.ifEntry.ifDescr.1 = "Ethernet0"
interfaces.ifTable.ifEntry.ifDescr.2 = "Serial0"
interfaces.ifTable.ifEntry.ifDescr.3 = "Serial1"
interfaces.ifTable.ifEntry.ifDescr.4 = "Null0"
interfaces.ifTable.ifEntry.ifDescr.5 = "Loopback0"
interfaces.ifTable.ifEntry.ifDescr.6 = "Serial0.1"
freebsd%
Discussion
For this recipe, we chose to demonstrate basic SNMP functionality by using the suite of SNMP tools provided by the NET-SNMP project (formerly UCD-SNMP). NET-SNMP provides a variety of useful SNMP tools that you can run from the command line interface of any Unix or Windows workstation. This software is freely distributed and available on a variety of platforms, which makes it extremely popular for scripts of all shapes and sizes. We consider NET-SNMP to be a sort of Swiss Army knife of SNMP that wonderfully illustrates the usefulness of SNMP for working with Cisco routers. Of course, many commercial software vendors also provide SNMP tools that are equally effective, frequently including a graphical user interface. The underlying concepts remain the same, even if the command syntax differs. In some cases, it is easier to do the types of SNMP commands shown in this recipe using a graphical user interface rather than a command line utility.
NET-SNMP provides a set of SNMP utilities for performing various useful SNMP functions. This recipe used three of the most basic tools:
-
Gets a single MIB object and displays its contents. To do this, it sends the router an SNMP "get" request for a particular MIB object. The router responds with the value of the MIB object, if present. The command syntax for SNMPv1 and SNMPv2c queries is:
snmpget [options] {c
} [ ]
-
Asks the router for a group of related MIB objects and displays their contents. It does this by sending the router a series of SNMP "get-next" commands to list all available MIB objects under the specified node in a MIB tree. The router will continue to respond to the server's "get-next" requests until it reaches the end of the MIB subtree. The command syntax is as follows:
snmpwalk [options] {-c
} [ ] Note that leaving out the MIB object or OID causes snmpwalk to walk the entire MIB tree. This can cause CPU overload problems on the router as well as congestion problems on low-speed links.
-
Modifies the contents of a MIB object and displays the changed variable, if successful. It works by sending the router an SNMP "set" request for the specified MIB object. If the requested change is legal, the router will change the value of the corresponding MIB variable and respond back.
Not all MIB entries can be changed by an SNMP set. For example, it doesn't make sense to change the physical media type of an interface. And, of course, the router has to be configured to allow SNMP read-write access. The command syntax is as follows:
snmpset [options] {-c
} [ ]
Most NMS systems have similar commands that you can access from the command line and use in scripts. See your software documentation for details.
Table 17-2 shows a number of useful MIB entries and their associated OID numbers. Several of these variables are Cisco-specific, and will not make sense if used on equipment from other vendors.
Description | MIB name | OID |
---|---|---|
Hostname | sysName | .1.3.6.1.2.1.1.5.0 |
Uptime | sysUpTime | .1.3.6.1.2.1.1.3.0 |
System Description | sysDescr | .1.3.6.1.2.1.1.1.0 |
System Contact | sysContact | .1.3.6.1.2.1.1.4.0 |
System Location | sysLocation | .1.3.6.1.2.1.1.6.0 |
IOS Version | ciscoImageString.5 | .1.3.6.1.4.1.9.9.25.1.1.1.2.5 |
1 Minute CPU Util. | avgBusy1 | .1.3.6.1.4.1.9.2.1.57.0 |
5 Minute CPU Util. | avgBusy5 | .1.3.6.1.4.1.9.2.1.58.0 |
Free Memory | freeMem | .1.3.6.1.4.1.9.2.1.8.0 |
IOS Feature Set | ciscoImageString.4 | .1.3.6.1.4.1.9.9.25.1.1.1.2.4 |
Reload Reason | whyReload | .1.3.6.1.4.1.9.2.1.2.0 |
A complete listing of Cisco supported MIBs are located at the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml. Note that this includes a huge amount of information. However, with a little time and effort you should be able to find a way to extract exactly the information you need.
You can extract the same MIB objects by using SNMPv2c:
freebsd% snmpget -v 2c -c ORARO Router sysContact.0
system.sysContact.0 = Ian Brown 416-555-2943
freebsd%
The only difference in this example is that we specified the SNMP version number as part of the snmpget command syntax. This is useful because SNMPv2c introduced 64-bit counters. Cisco supports a small number of MIB objects that can only be accessed using SNMPv2c (or SNMPv3). One such MIB object is ifHCInOctets:
Freebsd% snmpwalk -v 2c -c ORARO Router ifHCInOctets
ifHCInOctets.7 = Counter64: 145362298
ifHCInOctets.8 = Counter64: 85311547
Freebsd%
This MIB object counts the number of inbound bytes (octets) received by an interface. The older SNMPv1 ifInOctets MIB object counts exactly the same thing, but uses a 32-bit variable to hold the number. So the newer object does not roll over to zero as often, making it more useful for high-speed interfaces. If you attempt to get one of these 64-bit counter objects by using SNMPv1, the query will fail.