[HOWTO] Graph multiple servers using an SNMP proxy

fmangeant · **Posted:** Fri Jul 11, 2008 5:11 am

This HowTo will explain how to graph multiple device by querying a single host, using an SNMP proxy and "contexts".
It's useful if you don't want/can't open many firewall ports between your Cacti server and your target hosts.

Version 0.2 (07/23/2008) : few typos
Version 0.1 (07/11/2008) : initial release

This HowTo is based on the Net-SNMP wiki.

This has been tested with Net-SNMP 5.4
Note that it seems "community string/context mapping" has been correctly implemented with Net-SNMP 5.3

In this example, the Cacti server can reach the Gateway, which can itself reach the target server.
IP forwarding is not needed.

First of all, set up the Net-SNMP agent on the target host (192.168.1.2) :

Code:

rocommunity public
disk /

From the "gateway" server, check that SNMP requests work as expected :

Code:

$ snmpwalk -v 1 -c public 192.168.1.2 sysname
SNMPv2-MIB::sysName.0 = STRING: hades

Next step is to configure the SNMP proxy on the "gateway" host :

Code:

# Define a simple view 'systemview', which includes everthing under .1.3.6.1
view    systemview     included      .1.3.6.1

# Map 'public' community to the 'notConfigUser'
com2sec notConfigUser  default       public

# Map 'notConfigUser' to 'notConfigGroup'
group   notConfigGroup v1            notConfigUser
group   notConfigGroup v2c           notConfigUser

# Give 'notConfigGroup' read access to objects in the view 'systemview'
access  notConfigGroup ""            any       noauth    exact  systemview none none

# v1/v2c community string for each proxied host
com2sec -Cn ctx_hades notConfigUser  default       cmty_hades

# Allow the 'notConfigUser' (a member of 'notConfigGroup') access for these contexts
access  notConfigGroup ctx_hades        any     noauth  prefix  systemview none none

# Setting up the proxy configuration
proxy -Cn ctx_hades -v 2c -c public 192.168.1.2 .1.3

Start (or restart) the SNMP agent on the "gateway" host, and run this SNMP request from the "gateway" host :

Code:

$ snmpwalk -v 1 -c cmty_hades localhost sysname
SNMPv2-MIB::sysName.0 = STRING: hades

If it's working as expected, run this SNMP request from your Cacti server :

Code:

$ snmpwalk -v 1 -c cmty_hades 192.168.0.2 sysname
SNMPv2-MIB::sysName.0 = STRING: hades

Voila ! Your target server can now be graphed in Cacti

If you want to proxy some other hosts, you'll have to duplicate the last 3 lines of the previous configuration example :

Code:

com2sec -Cn ctx_foo notConfigUser  default       cmty_foo
access  notConfigGroup ctx_foo        any     noauth  prefix  systemview none none
proxy -Cn ctx_foo -v 2c -c public 10.20.30.40 .1.3

gandalf · **Posted:** Fri Jul 11, 2008 3:18 pm

I love you, Frederic :wink:

Reinhard

fmangeant · **Posted:** Wed Jul 23, 2008 4:47 am

Sorry Reinhard, you're not my type

eky ramadhan · **Joined:** Thu Oct 01, 2009 3:15 am **Posts:** 4

dear developer ,
I have install cacti and thold plugin successfully. and I can receive email when threshold is breached. but I don't know how to send alert text both via email and sms..

thanks

gandalf · **Posted:** Mon Dec 07, 2009 3:27 pm

This is a THOLD related question. Please ask at the appropriate forum
R.

drake · **Joined:** Tue Jun 23, 2009 10:13 am **Posts:** 3

Hello, I followed the guide but I'm having troubles to launch proxied monitoring with cacti. I'm using SNMP v3 and cacti 0.8.7e.
I'm getting correct results testing with snmpwalk from cacti host, but in cacti something is not right. Although the device's SNMP information and output from 'verbose query' are fine, when I create graphs there's no data. In log I can see following errors:

The doubledot in the ending part of the OID seems strange.
Of course I tried setting MAX_OIDS to 1 but that doesn't help.
I checked the traffic with wireshark and cacti actually is not sending any packets. When i check this on the target device directly, whithout proxying (and thus without snmp context usage) the packet flow is ok and I'm getting data and graphs.

Do you have any ideas what might be wrong? Any help would be much appreciated.

zhujvnrou · **Joined:** Fri Jul 01, 2011 4:16 am **Posts:** 2

I have install cacti and thold plugin successfully. and I can receive email when threshold is breached. but I don't know how to send alert text both via email and sms..

brobon · **Joined:** Wed Jul 27, 2011 6:09 am **Posts:** 1

I found your post comments while searching Google. Very relevant information. Great work. Regularly I do not make posts on blogs, but I have to say that this posting really forced me to do so. Really awesome post. Really fantastic and I will be coming back for more information at your site and revisit it! Thank you.

gotthimself · **Joined:** Fri Aug 05, 2011 6:26 am **Posts:** 1

Thanks for this guide!

I want to connect from my Cacti server to the gateway via snmp v3 but don't know how to do that. Could somebody please help me?

Eliran · **Joined:** Sun Jul 10, 2011 8:22 am **Posts:** 19

10x!
This is a grate.

I am using it and it helps me allot.
I have one thing that i cant do, can i use it to get snmp back from Cisco switch?
I dont get an error i get this "IF-MIB::ifIndex = No more variables left in this MIB View (It is past the end of the MIB tree)"

can i?

[HOWTO] Graph multiple servers using an SNMP proxy

Who is online