KB ID 0001629
Problem
We had to enable SNMP on a XenServer today, I’d never even logged onto one, but it turns out, much like ESX, it’s just a Linux server, at least the good folk at Citrix included nano on there so I didn’t have to struggle with the vi editor!
Solution
First from the web console ensure that SSH access is enabled > Remote Services Configuration > Enable/Disable Remote Shell.
SSH into the host and execute the following commands to start the SNMP daemon, take a backup of the config file, and finally edit the ‘live’ config file.
[box]
chkconfig snmpd cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.backup nano /etc/snmp/snmpd.conf
[/box]
You can delete EVERYTHING (At the beginning of the file press CTRL+6 to mark the file, then Press ALT+Shif+T (or ALT+T) to cut the text away). Then type in;
[box]
rocommunity {SNMP-String} {IP address or range with /{bits}} i.e.
rocommunity public 192.168.1.0/24
[/box]
Save and Exit (CTRL+X > ‘Y’ > {Enter}). Now you need to edit the firewall on the host (iptables). To allow the IP addresses of your SNMP collector(s).
[box]
nano /etc/sysconfig/iptables
[/box]
At the bottom, (usually) you will see a deny for ICMP, put an entry for each collector BEFORE that in the following format;
[box]
-A RH-Firewall-1-INPUT -s {Collector-IP-Address} -p udp -m udp --dport 161 -j ACCEPT
[/box]
Save and Exit (CTRL+X > ‘Y’ > {Enter}). then restart iptables and the snmp daemon.
[box]
service iptables restart service snmpd restart
[/box]
If you are polling it though a firewall you can test it locally using this piece of freeware, (I use this to test, but remember to add the local IP you are testing from to the sump config and the iptables!)
Related Articles, References, Credits, or External Links
NA