[HOWTO] Graph multiple servers using an SNMP proxy

[fmangeant]

This HowTo will explain how to graph multiple device by querying a single host, using an SNMP proxy and "contexts".
It's useful if you don't want/can't open many firewall ports between your Cacti server and your target hosts.

• Version 0.2 (07/23/2008) : few typos
• Version 0.1 (07/11/2008) : initial release

This HowTo is based on the Net-SNMP wiki.

This has been tested with Net-SNMP 5.4
Note that it seems "community string/context mapping" has been correctly implemented with Net-SNMP 5.3



In this example, the Cacti server can reach the Gateway, which can itself reach the target server.
IP forwarding is not needed.


First of all, set up the Net-SNMP agent on the target host (192.168.1.2) :

Code: Select all

rocommunity public
disk /

From the "gateway" server, check that SNMP requests work as expected :

Code: Select all

$ snmpwalk -v 1 -c public 192.168.1.2 sysname
SNMPv2-MIB::sysName.0 = STRING: hades

Next step is to configure the SNMP proxy on the "gateway" host :

Code: Select all

# Define a simple view 'systemview', which includes everthing under .1.3.6.1
view    systemview     included      .1.3.6.1

# Map 'public' community to the 'notConfigUser'
com2sec notConfigUser  default       public

# Map 'notConfigUser' to 'notConfigGroup'
group   notConfigGroup v1            notConfigUser
group   notConfigGroup v2c           notConfigUser

# Give 'notConfigGroup' read access to objects in the view 'systemview'
access  notConfigGroup ""            any       noauth    exact  systemview none none

# v1/v2c community string for each proxied host
com2sec -Cn ctx_hades notConfigUser  default       cmty_hades

# Allow the 'notConfigUser' (a member of 'notConfigGroup') access for these contexts
access  notConfigGroup ctx_hades        any     noauth  prefix  systemview none none

# Setting up the proxy configuration
proxy -Cn ctx_hades -v 2c -c public 192.168.1.2 .1.3

Start (or restart) the SNMP agent on the "gateway" host, and run this SNMP request from the "gateway" host :

Code: Select all

$ snmpwalk -v 1 -c cmty_hades localhost sysname
SNMPv2-MIB::sysName.0 = STRING: hades

If it's working as expected, run this SNMP request from your Cacti server :

Code: Select all

$ snmpwalk -v 1 -c cmty_hades 192.168.0.2 sysname
SNMPv2-MIB::sysName.0 = STRING: hades

Voila ! Your target server can now be graphed in Cacti

If you want to proxy some other hosts, you'll have to duplicate the last 3 lines of the previous configuration example :

Code: Select all

com2sec -Cn ctx_foo notConfigUser  default       cmty_foo
access  notConfigGroup ctx_foo        any     noauth  prefix  systemview none none
proxy -Cn ctx_foo -v 2c -c public 10.20.30.40 .1.3

[gandalf]

I love you, Frederic
Reinhard

[fmangeant]

Sorry Reinhard, you're not my type

[eky ramadhan]

dear developer ,
I have install cacti and thold plugin successfully. and I can receive email when threshold is breached. but I don't know how to send alert text both via email and sms..

thanks

[gandalf]

This is a THOLD related question. Please ask at the appropriate forum
R.

[drake]

Hello, I followed the guide but I'm having troubles to launch proxied monitoring with cacti. I'm using SNMP v3 and cacti 0.8.7e.
I'm getting correct results testing with snmpwalk from cacti host, but in cacti something is not right. Although the device's SNMP information and output from 'verbose query' are fine, when I create graphs there's no data. In log I can see following errors:



The doubledot in the ending part of the OID seems strange.
Of course I tried setting MAX_OIDS to 1 but that doesn't help.
I checked the traffic with wireshark and cacti actually is not sending any packets. When i check this on the target device directly, whithout proxying (and thus without snmp context usage) the packet flow is ok and I'm getting data and graphs.

Do you have any ideas what might be wrong? Any help would be much appreciated.

[zhujvnrou]

I have install cacti and thold plugin successfully. and I can receive email when threshold is breached. but I don't know how to send alert text both via email and sms..

[gotthimself]

Thanks for this guide!

I want to connect from my Cacti server to the gateway via snmp v3 but don't know how to do that. Could somebody please help me?

[Eliran]

10x!
This is a grate.

I am using it and it helps me allot.
I have one thing that i cant do, can i use it to get snmp back from Cisco switch?
I dont get an error i get this "IF-MIB::ifIndex = No more variables left in this MIB View (It is past the end of the MIB tree)"

can i?

[orbert]

Is there an easier way of doing this or a more detailed video showing how graph multiple servers using an snmp proxy as I can't seem to get it to work even after following the guide.