SNMP MIBs and how to cook them
Good day, reader.
I have been working for 5 years in a company that provides broadband access to the world wide web. I am engaged in direct control of equipment, as well as network planning and monitoring. At the time of my arrival in the network there were a little more than 100 pieces of equipment managed by vendors Cisco and D-Link. We drew a network map in the old-fashioned way in visio, ip-addresses were in the same place, but at that time my manager began to write some software for inventory of equipment - it all started with taking into account the issued ip-addresses. Given the growth of the network (or rather, modernization in the face of replacing stupid soap boxes with “controllers”), we decided that we lacked the usual Cacti. We collected standard SNMP counters right away, but it was difficult to find something more necessary and interesting. Repeated attempts to master other options did not lead to the final result, but not so long ago we managed to “curb” the MIB files for D-Link switches and I believe that this article will speed up the process of studying switches and the SNMP protocol. This will allow faster and better network management.
MIBs are usually distributed as an archive with a bunch of files. Many of them, compiled in iana and ietf, are repeated in each archive, but transmitted for compatibility.
To work in the default system (specifically for Debian), they should be approximately in / usr / share / mibs
First, install the standard mibs in the system.
In the configuration file /etc/snmp/snmp.conf include the necessary. Example:
')
mibs: ALL includes everything that is not quite good. I recommend for each equipment to have a folder with mibs, since They may differ from one firmware to another.
Following the example of the D-Link DGS-3120-24SC switch, we are downloading the archive.
ftp.dlink.ru/pub/Switch/DGS-3120_Series/SNMP/DGS-3120_MIB_of_FW_v2.50.015.rar
After unpacking, the structure is as follows:
The first attempt to use these MIBs was made in the D-View utility from the switch manufacturer. The package includes MIB Browser and MIB Compiler. After some attempts, I managed to see the tree for the DGS3120-24SC-L2MGMT-MIB module, but there was no search by oid and when loading the module, you need to manually specify several additional MIB files, which slowed down the work. Everything becomes complicated if you have only a numeric oid on your hands and you don’t know which of the MIB modules it can be - you will have to download all the MIBs from the folder one by one and check each one. At this point I finished studying the D-View program - it does not suit me.
Returning to where I started the post:
We downloaded the archive from the MIBs and will use the snmptranslate utility from the Net-SNMP package. For convenience, we put all the mibs in one directory, but this is still not enough:
In order not to suffer for a long time, copy the missing files from the des-3200 switch mibs with the option not to overwrite the existing ones. And here we already get a positive result:
UPD: You can not copy files, and specify the directory local and standard from the system -M ./:/usr/share/mibs/ietf:/usr/share/mibs/iana (for convenience, you can do alias in the shell)
About flags:
Now that the translation works, you can taste the beauty of the OIDs hierarchy. For this there are flags:
You can scan all mibs and see that swL2macNotifyInfo is on other switches.
There is also a feature in mibs for 3200, that Object Name loop_detect is present in them. The "_" symbol in net-snmp is not supported, so for prevention we do:% sed -i 's / _ / - /' * in the directory with mibs. You can see an error about this symbol if you return error output (remove the -Ln key):
Here we see that the hierarchy has not developed to the end.
After correction it becomes so:
UPD: You can use the -P u flag (-P MIBOPTS Toggle various defaults controlling mibing: u: allow
It should be noted that I indicated a specific MIB in which to search (the rest will “pull up” from the ./ directory). In this case, there are no errors, well, the speed of work is higher.
If you do not specify a specific MIB, then we get errors in other mibs
You can see all the mibs that the switch supports:
Here we see the mib that was previously used in the -m key DES3200-10-L2MGMT-MIB
SNMPv2-MIB :: sysORID.49 = OID: DES3200-10-L2MGMT-MIB :: swL2MgmtMIB
Another bonus in the form of the snmptable command
At the moment, I am transferring the SNMP Traps OID from the switches into an operator-friendly format. This will serve as the basis for the event recording system on the equipment. We are not going to use MIBs in the application due to intolerance and not universality. I think the vast majority of libraries use the MIBs and the /etc/snmp/snmp.conf config for OID (the Net-SNMP uses them, and the library refers to the latter), but we don’t want to include these MIBs globally. This data can be used for experiments and to achieve a more universal option for using MIBs, but for me this is enough.
UPD:
Useful keys:
-TB searches in MIBs for Object Name by regexp
-On prints Object ID
Examples:
Prehistory
I have been working for 5 years in a company that provides broadband access to the world wide web. I am engaged in direct control of equipment, as well as network planning and monitoring. At the time of my arrival in the network there were a little more than 100 pieces of equipment managed by vendors Cisco and D-Link. We drew a network map in the old-fashioned way in visio, ip-addresses were in the same place, but at that time my manager began to write some software for inventory of equipment - it all started with taking into account the issued ip-addresses. Given the growth of the network (or rather, modernization in the face of replacing stupid soap boxes with “controllers”), we decided that we lacked the usual Cacti. We collected standard SNMP counters right away, but it was difficult to find something more necessary and interesting. Repeated attempts to master other options did not lead to the final result, but not so long ago we managed to “curb” the MIB files for D-Link switches and I believe that this article will speed up the process of studying switches and the SNMP protocol. This will allow faster and better network management.
Installing MIBs
Standard
MIBs are usually distributed as an archive with a bunch of files. Many of them, compiled in iana and ietf, are repeated in each archive, but transmitted for compatibility.
To work in the default system (specifically for Debian), they should be approximately in / usr / share / mibs
First, install the standard mibs in the system.
$ sudo apt-get install snmp-mibs-downloader In the configuration file /etc/snmp/snmp.conf include the necessary. Example:
% cat /etc/snmp/snmp.conf # # As the snmp packages come without MIB files due to license reasons, loading # of MIBs is disabled by default. If you added the MIBs you can reenable # loaging them by commenting out the following line. mibs :BRIDGE-MIB:Q-BRIDGE-MIB:IP-MIB:IF-MIB #mibs :ALL ')
mibs: ALL includes everything that is not quite good. I recommend for each equipment to have a folder with mibs, since They may differ from one firmware to another.
Special case
Following the example of the D-Link DGS-3120-24SC switch, we are downloading the archive.
ftp.dlink.ru/pub/Switch/DGS-3120_Series/SNMP/DGS-3120_MIB_of_FW_v2.50.015.rar
After unpacking, the structure is as follows:
$ tree -d . ├── proprietaryMIB │ ├── Dlink-common-mgmt │ └── Dlink-mgmt └── standardMIB Software
D-view
The first attempt to use these MIBs was made in the D-View utility from the switch manufacturer. The package includes MIB Browser and MIB Compiler. After some attempts, I managed to see the tree for the DGS3120-24SC-L2MGMT-MIB module, but there was no search by oid and when loading the module, you need to manually specify several additional MIB files, which slowed down the work. Everything becomes complicated if you have only a numeric oid on your hands and you don’t know which of the MIB modules it can be - you will have to download all the MIBs from the folder one by one and check each one. At this point I finished studying the D-View program - it does not suit me.
Net-snmp
Returning to where I started the post:
We downloaded the archive from the MIBs and will use the snmptranslate utility from the Net-SNMP package. For convenience, we put all the mibs in one directory, but this is still not enough:
% snmptranslate -M ./ -m DGS3120-24SC-L2MGMT-MIB -Ln 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2.0.1 iso.3.6.1.4.1.171.11.117.1.3.2.100.1.2.0.1 In order not to suffer for a long time, copy the missing files from the des-3200 switch mibs with the option not to overwrite the existing ones. And here we already get a positive result:
% snmptranslate -M ./ -m DGS3120-24SC-L2MGMT-MIB -Ln 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2.0.1 DGS3120-24SC-L2MGMT-MIB::swL2macNotification UPD: You can not copy files, and specify the directory local and standard from the system -M ./:/usr/share/mibs/ietf:/usr/share/mibs/iana (for convenience, you can do alias in the shell)
About flags:
- -M Indicates the directory where to find mibs (can be listed, separated by ":")
Thus, it was possible not to add all MIBS to one directory, but then you need to specify all directories from the original archive with the -M flag. - -m Specifies which module to activate (can be listed, separated by ":")
Without the indication of the module, those specified in /etc/snmp/snmp.conf will be used
% snmptranslate -m ./ -Ln 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2.0.1
RFC1155-SMI :: enterprises.171.11.117.1.3.2.100.1.2.0.1 - -Ln Delivers us from the infinite footwoman of errors in the mibs hierarchy. More precisely -Ln disables errors in stdout
Now that the translation works, you can taste the beauty of the OIDs hierarchy. For this there are flags:
-Td Print full details of the specified OID. -Tp Print a graphical tree, rooted at the specified OID. -Ta Dump the loaded MIB in a trivial form. -Tl Dump a labeled form of all objects. -To Dump a numeric form of all objects. -Ts Dump a symbolic form of all objects. -Tt Dump a tree form of the loaded MIBs (mostly useful for debugging). -Tz Dump a numeric and labeled form of all objects (compatible with MIB2SCHEMA format) Examples of using
% snmptranslate -M ./ -m ALL -Ln -Td 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2.1.1 DGS3120-24SC-L2MGMT-MIB::swL2macNotifyInfo swL2macNotifyInfo OBJECT-TYPE -- FROM DGS3120-24SC-L2MGMT-MIB SYNTAX OCTET STRING (0..1024) MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates information about the last time the system rebooted." ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) dlink(171) dlink-mgmt(11) dlink-Dgs3120Proj(117) dlink-Dgs3120ProjModel(1) dlink-Dgs3120Proj-Dgs3120-24SC(3) swL2MgmtMIB(2) swL2MgmtMIBTraps(100) swL2Notify(1) swL2NotifyPrefix(2) swl2NotificationBidings(1) 1 } % snmptranslate -M ./ -m ALL -Ln -Onf 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2 .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-24SC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix % snmptranslate -M ./ -m ALL -Ln -Tp -OS 1.3.6.1.4.1.171.11.117.1.3.2.100.1.2 +--swL2NotifyPrefix(2) | +--swL2NotifFirmware(0) | | | +--swL2macNotification(1) | +--swL2PortSecurityViolationTrap(2) | +--swl2NotificationBidings(1) | +-- -R-- String swL2macNotifyInfo(1) | Size: 0..1024 +-- ---N String swL2PortSecurityViolationMac(2) Textual Convention: MacAddress Size: 6 You can scan all mibs and see that swL2macNotifyInfo is on other switches.
% snmptranslate -M ./ -m ALL -Ln -Ts|grep swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.des3200SeriesProd.des3200-28.des3200-28-cx.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-24TC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-24PC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-24SC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-48TC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-48PC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo .iso.org.dod.internet.private.enterprises.dlink.dlink-mgmt.dlink-Dgs3120Proj.dlink-Dgs3120ProjModel.dlink-Dgs3120Proj-Dgs3120-24SC-DC.swL2MgmtMIB.swL2MgmtMIBTraps.swL2Notify.swL2NotifyPrefix.swl2NotificationBidings.swL2macNotifyInfo D-Link Pitfalls
There is also a feature in mibs for 3200, that Object Name loop_detect is present in them. The "_" symbol in net-snmp is not supported, so for prevention we do:% sed -i 's / _ / - /' * in the directory with mibs. You can see an error about this symbol if you return error output (remove the -Ln key):
% snmptranslate -M ./ -m DES3200-10-L2MGMT-MIB -Td 1.3.6.1.4.1.171.11.113.2.1.2.100.1.2.0.1 No log handling enabled - turning on stderr logging Expected "(" (_): At line 5892 in .//L2mgmtDES3200-10.mib Should be ACCESS (detected): At line 5892 in .//L2mgmtDES3200-10.mib Bad parse of OBJECT-TYPE: At line 5892 in .//L2mgmtDES3200-10.mib SWPRIMGMT-DES3200-MIB::des3200-10-cx.2.100.1.2.0.1 des3200-10-cx OBJECT-TYPE -- FROM SWPRIMGMT-DES3200-MIB ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) dlink(171) dlink-mgmt(11) des3200SeriesProd(113) des3200-10(2) des3200-10-cx(1) 2 100 1 2 0 1 } Here we see that the hierarchy has not developed to the end.
After correction it becomes so:
% snmptranslate -M ./ -m DES3200-10-L2MGMT-MIB -Td 1.3.6.1.4.1.171.11.113.2.1.2.100.1.2.0.1 DES3200-10-L2MGMT-MIB::swL2macNotification swL2macNotification NOTIFICATION-TYPE -- FROM DES3200-10-L2MGMT-MIB OBJECTS { swL2macNotifyInfo } DESCRIPTION " This trap indicates the MAC address variations in the address table . " ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) dlink(171) dlink-mgmt(11) des3200SeriesProd(113) des3200-10(2) des3200-10-cx(1) swL2MgmtMIB(2) swL2MgmtMIBTraps(100) swL2Notify(1) swL2NotifyPrefix(2) swL2NotifFirmware(0) 1 } UPD: You can use the -P u flag (-P MIBOPTS Toggle various defaults controlling mibing: u: allow
It should be noted that I indicated a specific MIB in which to search (the rest will “pull up” from the ./ directory). In this case, there are no errors, well, the speed of work is higher.
If you do not specify a specific MIB, then we get errors in other mibs
% snmptranslate -M ./ -Td 1.3.6.1.4.1.171.11.113.2.1.2.100.1.2.0.1
% snmptranslate -M ./ -Td 1.3.6.1.4.1.171.11.113.2.1.2.100.1.2.0.1 No log handling enabled - turning on stderr logging Attempt to define a root oid (iso): At line 5 in .//SNMPv2-SMI.mib Bad parse of OBJECT IDENTIFIER: At line 5 in .//SNMPv2-SMI.mib Did not find 'snmpModules' in module SNMPv2-SMI (.//SNMPv2-MIB.mib) Did not find 'mib-2' in module SNMPv2-SMI (.//SNMPv2-MIB.mib) Unlinked OID in SNMPv2-MIB: snmp ::= { mib-2 11 } Undefined identifier: mib-2 near line 230 of .//SNMPv2-MIB.mib Unlinked OID in SNMPv2-MIB: system ::= { mib-2 1 } Undefined identifier: mib-2 near line 46 of .//SNMPv2-MIB.mib Unlinked OID in SNMPv2-MIB: snmpMIB ::= { snmpModules 1 } Undefined identifier: snmpModules near line 12 of .//SNMPv2-MIB.mib Did not find 'mib-2' in module SNMPv2-SMI (.//IF-MIB.mib) Did not find 'snmpTraps' in module SNMPv2-MIB (.//IF-MIB.mib) Unlinked OID in IF-MIB: interfaces ::= { mib-2 2 } Undefined identifier: mib-2 near line 41 of .//IF-MIB.mib Unlinked OID in IF-MIB: ifMIB ::= { mib-2 31 } Undefined identifier: mib-2 near line 13 of .//IF-MIB.mib Unlinked OID in IF-MIB: linkUp ::= { snmpTraps 4 } Undefined identifier: snmpTraps near line 1356 of .//IF-MIB.mib Unlinked OID in IF-MIB: linkDown ::= { snmpTraps 3 } Undefined identifier: snmpTraps near line 1344 of .//IF-MIB.mib Did not find 'mib-2' in module SNMPv2-SMI (.//BRIDGE-MIB.mib) Unlinked OID in BRIDGE-MIB: dot1dBridge ::= { mib-2 17 } Undefined identifier: mib-2 near line 17 of .//BRIDGE-MIB.mib Did not find 'snmpModules' in module SNMPv2-SMI (.//rfc3411.mib) Unlinked OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIB ::= { snmpModules 10 } Undefined identifier: snmpModules near line 10 of .//rfc3411.mib Did not find 'dot1dTp' in module BRIDGE-MIB (.//P-BRIDGE-MIB.mib) Did not find 'dot1dTpPort' in module BRIDGE-MIB (.//P-BRIDGE-MIB.mib) Did not find 'dot1dBridge' in module BRIDGE-MIB (.//P-BRIDGE-MIB.mib) Did not find 'dot1dBasePortEntry' in module BRIDGE-MIB (.//P-BRIDGE-MIB.mib) Did not find 'dot1dBasePort' in module BRIDGE-MIB (.//P-BRIDGE-MIB.mib) Unlinked OID in P-BRIDGE-MIB: dot1dTpPortOverflowTable ::= { dot1dTp 6 } Undefined identifier: dot1dTp near line 740 of .//P-BRIDGE-MIB.mib Unlinked OID in P-BRIDGE-MIB: dot1dTpHCPortTable ::= { dot1dTp 5 } Undefined identifier: dot1dTp near line 664 of .//P-BRIDGE-MIB.mib Unlinked OID in P-BRIDGE-MIB: pBridgeMIB ::= { dot1dBridge 6 } Undefined identifier: dot1dBridge near line 18 of .//P-BRIDGE-MIB.mib Did not find 'mib-2' in module SNMPv2-SMI (.//RMON-MIB.mib) Unlinked OID in RMON-MIB: rmon ::= { mib-2 16 } Undefined identifier: mib-2 near line 88 of .//RMON-MIB.mib Did not find 'statistics' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'history' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'hosts' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'matrix' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'filter' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'etherStatsEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'historyControlEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'hostControlEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'matrixControlEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'filterEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Did not find 'channelEntry' in module RMON-MIB (.//RMON2-MIB.MIB) Unlinked OID in RMON2-MIB: filter2Table ::= { filter 4 } Undefined identifier: filter near line 4931 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: channel2Table ::= { filter 3 } Undefined identifier: filter near line 4675 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: historyControl2Table ::= { history 5 } Undefined identifier: history near line 4531 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: matrixControl2Table ::= { matrix 4 } Undefined identifier: matrix near line 4623 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: hostControl2Table ::= { hosts 4 } Undefined identifier: hosts near line 4571 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: tokenRingPStats2Table ::= { statistics 6 } Undefined identifier: statistics near line 4778 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: tokenRingMLStats2Table ::= { statistics 5 } Undefined identifier: statistics near line 4727 of .//RMON2-MIB.MIB Unlinked OID in RMON2-MIB: etherStats2Table ::= { statistics 4 } Undefined identifier: statistics near line 4479 of .//RMON2-MIB.MIB Did not find 'dot1dBridge' in module BRIDGE-MIB (.//Q-BRIDGE-MIB.mib) Did not find 'dot1dBasePortEntry' in module BRIDGE-MIB (.//Q-BRIDGE-MIB.mib) Did not find 'dot1dBasePort' in module BRIDGE-MIB (.//Q-BRIDGE-MIB.mib) Unlinked OID in Q-BRIDGE-MIB: qBridgeMIB ::= { dot1dBridge 7 } Undefined identifier: dot1dBridge near line 24 of .//Q-BRIDGE-MIB.mib Did not find 'mib-2' in module SNMPv2-SMI (.//INET-ADDRESS-MIB.mib) Unlinked OID in INET-ADDRESS-MIB: inetAddressMIB ::= { mib-2 76 } Undefined identifier: mib-2 near line 7 of .//INET-ADDRESS-MIB.mib Did not find 'mib-2' in module SNMPv2-SMI (.//IP-MIB.MIB) Did not find 'zeroDotZero' in module SNMPv2-SMI (.//IP-MIB.MIB) Unlinked OID in IP-MIB: icmp ::= { mib-2 5 } Undefined identifier: mib-2 near line 3291 of .//IP-MIB.MIB Unlinked OID in IP-MIB: ip ::= { mib-2 4 } Undefined identifier: mib-2 near line 184 of .//IP-MIB.MIB Unlinked OID in IP-MIB: ipMIB ::= { mib-2 48 } Undefined identifier: mib-2 near line 18 of .//IP-MIB.MIB Cannot adopt OID in SNMPv2-MIB: snmpMIBGroups ::= { snmpMIBConformance 2 } Cannot adopt OID in SNMPv2-MIB: snmpMIBCompliances ::= { snmpMIBConformance 1 } Cannot adopt OID in SNMPv2-MIB: snmpBasicCompliance ::= { snmpMIBCompliances 2 } Cannot adopt OID in SNMPv2-MIB: snmpSetSerialNo ::= { snmpSet 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpPrivProtocols ::= { snmpFrameworkAdmin 2 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpAuthProtocols ::= { snmpFrameworkAdmin 1 } Cannot adopt OID in SNMPv2-MIB: snmpObsoleteGroup ::= { snmpMIBGroups 10 } Cannot adopt OID in SNMPv2-MIB: snmpBasicNotificationsGroup ::= { snmpMIBGroups 7 } Cannot adopt OID in SNMPv2-MIB: systemGroup ::= { snmpMIBGroups 6 } Cannot adopt OID in SNMPv2-MIB: snmpSetGroup ::= { snmpMIBGroups 5 } Cannot adopt OID in SNMPv2-MIB: snmpCommunityGroup ::= { snmpMIBGroups 9 } Cannot adopt OID in SNMPv2-MIB: snmpGroup ::= { snmpMIBGroups 8 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngine ::= { snmpFrameworkMIBObjects 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngineMaxMessageSize ::= { snmpEngine 4 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngineTime ::= { snmpEngine 3 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngineBoots ::= { snmpEngine 2 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngineID ::= { snmpEngine 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIB ::= { snmpModules 10 } Cannot adopt OID in SNMPv2-MIB: snmpMIB ::= { snmpModules 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIBConformance ::= { snmpFrameworkMIB 3 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIBObjects ::= { snmpFrameworkMIB 2 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkAdmin ::= { snmpFrameworkMIB 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIBGroups ::= { snmpFrameworkMIBConformance 2 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIBCompliances ::= { snmpFrameworkMIBConformance 1 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpFrameworkMIBCompliance ::= { snmpFrameworkMIBCompliances 1 } Cannot adopt OID in SNMPv2-MIB: snmpSet ::= { snmpMIBObjects 6 } Cannot adopt OID in SNMPv2-MIB: snmpTraps ::= { snmpMIBObjects 5 } Cannot adopt OID in SNMPv2-MIB: snmpTrap ::= { snmpMIBObjects 4 } Cannot adopt OID in SNMP-FRAMEWORK-MIB: snmpEngineGroup ::= { snmpFrameworkMIBGroups 1 } Cannot adopt OID in IF-MIB: linkDown ::= { snmpTraps 3 } Cannot adopt OID in IF-MIB: linkUp ::= { snmpTraps 4 } Cannot adopt OID in SNMPv2-MIB: authenticationFailure ::= { snmpTraps 5 } Cannot adopt OID in SNMPv2-MIB: warmStart ::= { snmpTraps 2 } Cannot adopt OID in SNMPv2-MIB: coldStart ::= { snmpTraps 1 } Cannot adopt OID in SNMPv2-MIB: snmpTrapEnterprise ::= { snmpTrap 3 } Cannot adopt OID in SNMPv2-MIB: snmpTrapOID ::= { snmpTrap 1 } Cannot adopt OID in SNMPv2-MIB: snmpMIBConformance ::= { snmpMIB 2 } Cannot adopt OID in SNMPv2-MIB: snmpMIBObjects ::= { snmpMIB 1 } RFC1155-SMI::enterprises.171.11.113.2.1.2.100.1.2.0.1 enterprises OBJECT-TYPE -- FROM RFC1155-SMI ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) 171 11 113 2 1 2 100 1 2 0 1 } Another example
You can see all the mibs that the switch supports:
% snmpwalk -v2c -c qqq -M ./ -Ln -m ALL 172.11.11.166 sysORID
% snmpwalk -v2c -c qqq -M ./ -Ln -m ALL 172.11.11.166 sysORID SNMPv2-MIB::sysORID.1 = OID: FILE-SYSTEM-MIB::swFileSystemMIB SNMPv2-MIB::sysORID.2 = OID: L2PROTOCOL-TUNNEL-MIB::swL2ProtocolTunnelMIB SNMPv2-MIB::sysORID.3 = OID: CABLE-DIAG-MIB::swCableDiagMIB SNMPv2-MIB::sysORID.4 = OID: DDM-MGMT-MIB::swDdmMIB SNMPv2-MIB::sysORID.5 = OID: ACLMGMT-MIB::swAclMgmtMIB SNMPv2-MIB::sysORID.6 = OID: iso.2.840.802.10006.300.43 SNMPv2-MIB::sysORID.7 = OID: LLDP-MIB::lldpMIB.65538.131072.2156632268 SNMPv2-MIB::sysORID.8 = OID: LLDP-MIB::lldpMIB.65538.131072.2156662528.12.8802.1 SNMPv2-MIB::sysORID.9 = OID: LLDP-EXT-DOT3-MIB::lldpXdot3MIB.65540.131072.2156670924 SNMPv2-MIB::sysORID.10 = OID: LLDP-EXT-MED-MIB::lldpXMedMIB SNMPv2-MIB::sysORID.11 = OID: SWPROTOCOLVLAN-MIB::swProtocolVLANMIB SNMPv2-MIB::sysORID.12 = OID: STATIC-MAC-BASED-VLAN-MIB::swSMBVMIB SNMPv2-MIB::sysORID.13 = OID: VOICE-VLAN-MIB::swVoiceVLANMIB SNMPv2-MIB::sysORID.14 = OID: Q-IN-Q-MIB::swQinQMIB SNMPv2-MIB::sysORID.15 = OID: MSTP-MIB::swMSTPMIB SNMPv2-MIB::sysORID.16 = OID: ERPS-MIB::swERPSMIB SNMPv2-MIB::sysORID.17 = OID: PoE-MIB::swPoEMIB SNMPv2-MIB::sysORID.18 = OID: DOT3-OAM-MIB::dot3OamMIB SNMPv2-MIB::sysORID.19 = OID: DULD-MIB::swDULDMIB SNMPv2-MIB::sysORID.20 = OID: IEEE8021-CFM-MIB::ieee8021CfmMib SNMPv2-MIB::sysORID.21 = OID: NLB-MIB::swNlbMIB SNMPv2-MIB::sysORID.22 = OID: QoS-MIB::swQoSMIB SNMPv2-MIB::sysORID.23 = OID: MCAST-SNOOPING-MIB::swMcastSnoopingMIB SNMPv2-MIB::sysORID.24 = OID: MCAST-FILTER-MIB::swMcastFilterMgmt SNMPv2-MIB::sysORID.25 = OID: MCAST-VLAN-MIB::swMcastVlanMIB SNMPv2-MIB::sysORID.26 = OID: SFLOW-MIB::sFlowMIB SNMPv2-MIB::sysORID.27 = OID: PPPOE-MGMT-MIB::swPPPoEMIB SNMPv2-MIB::sysORID.28 = OID: IPV6-STATIC-ROUTE-MIB::swIPv6StaticRouteMIB SNMPv2-MIB::sysORID.29 = OID: SRC-IPIF-MIB::swSrcIpIfMIB SNMPv2-MIB::sysORID.30 = OID: SYSLOG-MIB::swSysLogMIB SNMPv2-MIB::sysORID.31 = OID: BRIDGE-MIB::dot1dBridge SNMPv2-MIB::sysORID.32 = OID: RFC1155-SMI::internet.6.3.1 SNMPv2-MIB::sysORID.33 = OID: RFC1271-MIB::rmon SNMPv2-MIB::sysORID.34 = OID: RFC1155-SMI::internet.6.3.10 SNMPv2-MIB::sysORID.35 = OID: RFC1155-SMI::internet.6.3.11 SNMPv2-MIB::sysORID.36 = OID: STATICFDB-MIB::swStaticFdbMIB SNMPv2-MIB::sysORID.37 = OID: RFC1155-SMI::internet.6.3.13 SNMPv2-MIB::sysORID.38 = OID: RFC1155-SMI::internet.6.3.12 SNMPv2-MIB::sysORID.39 = OID: RFC1155-SMI::internet.6.3.15 SNMPv2-MIB::sysORID.40 = OID: RFC1155-SMI::internet.6.3.16 SNMPv2-MIB::sysORID.41 = OID: RFC1155-SMI::internet.6.3.18 SNMPv2-MIB::sysORID.42 = OID: EtherLike-MIB::etherMIB SNMPv2-MIB::sysORID.43 = OID: P-BRIDGE-MIB::pBridgeMIB SNMPv2-MIB::sysORID.44 = OID: Q-BRIDGE-MIB::qBridgeMIB SNMPv2-MIB::sysORID.45 = OID: RMON-MIB::rmonMibModule SNMPv2-MIB::sysORID.46 = OID: IF-MIB::ifMIB SNMPv2-MIB::sysORID.47 = OID: ENTITY-MIB::entityMIB SNMPv2-MIB::sysORID.48 = OID: AGENT-GENERAL-MIB::agentGeneralMgmt SNMPv2-MIB::sysORID.49 = OID: DES3200-10-L2MGMT-MIB::swL2MgmtMIB SNMPv2-MIB::sysORID.50 = OID: SSL-MIB::swSSLMIB SNMPv2-MIB::sysORID.51 = OID: SINGLE-IP-MIB::swSingleIPMIB SNMPv2-MIB::sysORID.52 = OID: EQUIPMENT-MIB::swEquipmentMIB SNMPv2-MIB::sysORID.53 = OID: TIMERANGE-MIB::swTimeRangeMIB SNMPv2-MIB::sysORID.54 = OID: DES3200-10-L3MGMT-MIB::swL3MgmtMIB SNMPv2-MIB::sysORID.55 = OID: SRED-MIB::swSredMIB SNMPv2-MIB::sysORID.56 = OID: FILTER-MIB::swFilterMIB SNMPv2-MIB::sysORID.57 = OID: ARP-Spoofing-Prevent-MIB::swARPSpoofingPreventMIB SNMPv2-MIB::sysORID.58 = OID: BPDU-PROTECTION-MIB::swBpduProtectionMIB SNMPv2-MIB::sysORID.59 = OID: LOOPBACK-DETECT-MIB::swLoopDetectMIB SNMPv2-MIB::sysORID.60 = OID: DISMAN-PING-MIB::pingMIB SNMPv2-MIB::sysORID.61 = OID: DISMAN-TRACEROUTE-MIB::traceRouteMIB SNMPv2-MIB::sysORID.62 = OID: DHCP-RELAY-MGMT-MIB::swDHCPRelayMIB SNMPv2-MIB::sysORID.63 = OID: DOS-PREV-MIB::swDoSMgmtMIB SNMPv2-MIB::sysORID.64 = OID: TIME-MIB::swTimeMIB SNMPv2-MIB::sysORID.65 = OID: RFC1213-MIB::mib-2 SNMPv2-MIB::sysORID.66 = OID: TCP-MIB::tcpMIB SNMPv2-MIB::sysORID.67 = OID: UDP-MIB::udpMIB SNMPv2-MIB::sysORID.68 = OID: RFC1213-MIB::mib-2 SNMPv2-MIB::sysORID.69 = OID: SMTP-MIB::swSMTPMIB SNMPv2-MIB::sysORID.70 = OID: ZONE-DEFENSE-MGMT-MIB::swZoneDefenseMIB SNMPv2-MIB::sysORID.71 = OID: AUTH-MIB::swAuthCtrl SNMPv2-MIB::sysORID.72 = OID: IEEE8021-PAE-MIB::ieee8021paeMIB SNMPv2-MIB::sysORID.73 = OID: Dot1xMGMT-MIB::swdot1xMGMTMIB SNMPv2-MIB::sysORID.74 = OID: RADIUS-ACCOUNTING-MIB::swRadiusAccountMGMTMIB SNMPv2-MIB::sysORID.75 = OID: RADIUS-AUTH-CLIENT-MIB::radiusAuthClientMIB SNMPv2-MIB::sysORID.76 = OID: RADIUS-ACC-CLIENT-MIB::radiusAccClientMIB SNMPv2-MIB::sysORID.77 = OID: DLINK-ID-REC-MIB::dlink-common-mgmt.35 SNMPv2-MIB::sysORID.78 = OID: IP-MAC-BIND-MIB::swIpMacBindMIB SNMPv2-MIB::sysORID.79 = OID: AAC-MIB::swAACMIB SNMPv2-MIB::sysORID.80 = OID: PORT-SECURITY-MIB::swPortSecMIB SNMPv2-MIB::sysORID.81 = OID: SAFEGUARD-ENGINE-MIB::swSafeGuardMIB SNMPv2-MIB::sysORID.82 = OID: SSH-MIB::swSSHMIB SNMPv2-MIB::sysORID.83 = OID: PKT-STORM-CTRL-MIB::swPktStormMIB Here we see the mib that was previously used in the -m key DES3200-10-L2MGMT-MIB
SNMPv2-MIB :: sysORID.49 = OID: DES3200-10-L2MGMT-MIB :: swL2MgmtMIB
Another bonus in the form of the snmptable command
% snmptable -v2c -c eee -M ./ -m ALL -Ln 172.11.11.4
% snmptable -v2c -c eee -M ./ -m ALL -Ln 172.11.11.4 1.3.6.1.4.1.171.11.117.1.3.2.3.1 SNMP table: DGS3120-24SC-L2MGMT-MIB::swL2PortInfoTable swL2PortInfoPortIndex swL2PortInfoMediumType swL2PortInfoUnitID swL2PortInfoType swL2PortInfoLinkStatus swL2PortInfoNwayStatus swL2PortInfoErrorDisabled 1 copper 1 portType-1000Base-T link-pass full-1Gigabps-none none 1 fiber 1 portType-1000Base-X link-fail link-down none 2 copper 1 portType-1000Base-T link-pass full-1Gigabps-none none 2 fiber 1 portType-1000Base-X link-fail link-down none 3 copper 1 portType-1000Base-T link-fail link-down none 3 fiber 1 portType-1000Base-X link-fail link-down none 4 copper 1 portType-1000Base-T link-fail link-down none 4 fiber 1 portType-1000Base-X link-fail link-down none 5 copper 1 portType-1000Base-T link-fail link-down none 5 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 6 copper 1 portType-1000Base-T link-fail link-down none 6 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 7 copper 1 portType-1000Base-T link-pass full-100Mbps-none none 7 fiber 1 portType-1000Base-X link-fail link-down none 8 copper 1 portType-1000Base-T link-pass full-100Mbps-none none 8 fiber 1 portType-1000Base-X link-fail link-down none 9 fiber 1 portType-1000Base-X link-fail link-down none 10 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 11 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 12 fiber 1 portType-1000Base-X link-fail link-down none 13 fiber 1 portType-1000Base-X link-fail link-down none 14 fiber 1 portType-1000Base-X link-fail link-down none 15 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 16 fiber 1 portType-1000Base-X link-fail link-down none 17 fiber 1 portType-1000Base-X link-fail link-down none 18 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 19 fiber 1 portType-1000Base-X link-fail link-down none 20 fiber 1 portType-1000Base-X link-fail link-down none 21 fiber 1 portType-1000Base-X link-fail link-down none 22 fiber 1 portType-1000Base-X link-fail link-down none 23 fiber 1 portType-1000Base-X link-fail link-down none 24 fiber 1 portType-1000Base-X link-pass full-1Gigabps-none none 65 copper 2 portType-1000Base-T link-pass full-1Gigabps-none none 65 fiber 2 portType-1000Base-X link-fail link-down none 66 copper 2 portType-1000Base-T link-pass full-1Gigabps-none none 66 fiber 2 portType-1000Base-X link-fail link-down none 67 copper 2 portType-1000Base-T link-fail link-down none 67 fiber 2 portType-1000Base-X link-fail link-down none 68 copper 2 portType-1000Base-T link-fail link-down none 68 fiber 2 portType-1000Base-X link-fail link-down none 69 copper 2 portType-1000Base-T link-fail link-down none 69 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 70 copper 2 portType-1000Base-T link-fail link-down none 70 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 71 copper 2 portType-1000Base-T link-fail link-down none 71 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 72 copper 2 portType-1000Base-T link-fail link-down none 72 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 73 fiber 2 portType-1000Base-X link-fail link-down none 74 fiber 2 portType-1000Base-X link-fail link-down none 75 fiber 2 portType-1000Base-X link-fail link-down none 76 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 77 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 78 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 79 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 80 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 81 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 82 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 83 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 84 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 85 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 86 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 87 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none 88 fiber 2 portType-1000Base-X link-pass full-1Gigabps-none none Total
At the moment, I am transferring the SNMP Traps OID from the switches into an operator-friendly format. This will serve as the basis for the event recording system on the equipment. We are not going to use MIBs in the application due to intolerance and not universality. I think the vast majority of libraries use the MIBs and the /etc/snmp/snmp.conf config for OID (the Net-SNMP uses them, and the library refers to the latter), but we don’t want to include these MIBs globally. This data can be used for experiments and to achieve a more universal option for using MIBs, but for me this is enough.
UPD:
Useful keys:
-TB searches in MIBs for Object Name by regexp
-On prints Object ID
Examples:
% snmptranslate -M ./ -m DGS3120-24SC-L2MGMT-MIB -TB swPortSecPortLockAddrMode PORT-SECURITY-MIB::swPortSecPortLockAddrMode % snmptranslate -M ./ -m DGS3120-24SC-L2MGMT-MIB -On -TB swPortSecPortLockAddrMode .1.3.6.1.4.1.171.12.63.3.1.1.1.3 % snmptranslate -M ./ -m DGS3120-24SC-L2MGMT-MIB -On -TBd swPortSecPortLockAddrMode .1.3.6.1.4.1.171.12.63.3.1.1.1.3 swPortSecPortLockAddrMode OBJECT-TYPE -- FROM PORT-SECURITY-MIB SYNTAX INTEGER {permanent(1), deleteOnTimeout(2), deleteOnReset(3)} MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the mode of locking address. In deleteOnTimeout(2) mode, the locked addresses can be aged out after the aging timer expires. In this mode, when the locked address is aged out, the number of addresses that can be learned has to be increased by one. In deleteOnReset (3) mode, locked addresses never age out unless the system restarts which will prevent port movement or intrusion." ::= { iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) dlink(171) dlink-common-mgmt(12) swPortSecMIB(63) swPortSecMgmt(3) swPortSecMgmtByPort(1) swPortSecPortTable(1) swPortSecPortEntry(1) 3 } Source: https://habr.com/ru/post/206612/
All Articles