How to Configure snmp in broadcom sonic

How to Configure snmp in broadcom sonic

SNMP 

Overview 

Simple Network Management Protocol (SNMP) is a widely used application-layer protocol that enables centralized monitoring and management of network devices such as switches, routers, and servers. It supports real-time alerts, performance tracking, and remote configuration, making it essential for network operations in enterprise and data center environments. 

 

Feature Description 

SNMP enables the following capabilities: 

Monitoring 

  • Query device/system information using SNMP GET or GETNEXT 

  • Monitor interface status, traffic statistics, and system uptime 

Configuration (if SET is enabled) 

  • Modify device parameters remotely (requires proper access controls) 

Event Notification 

  • Devices send asynchronous notifications (TRAP/INFORM) to SNMP managers when events like interface state changes occur 

NMS Integration 

  • Compatible with Network Management Systems (e.g., SolarWinds, Zabbix, LibreNMS) 

 

Prerequisites 

Hardware Requirements 

  • SONiC-supported switches (e.g., Edgecore, UfiSpace) 

Software Requirements 

  • Network OS: SONiC-OS Enterprise 4.4.x or later 

  • SNMP Daemon: snmpd must be installed and running 

Access Requirements 

  • Admin or root access via CLI/GUI 

  • SNMP utilities installed on management host: snmpwalk, snmpget, snmpset, snmptrap. 

 

Topology: 


 

Configuration Steps 

1. Enable SNMP Service 

snmp-server enable trap 

 

2. Add SNMP Agent Address 

#syntax 
snmp-server agentaddress <device-ip> 

 
# Example: 
snmp-server agentaddress 172.27.1.117 

3. Create SNMP View 

snmp-server view view1 1 included 

 

4. Add SNMP Group 

snmp-server group group1 v2c read view1 

 

5. Add SNMP Community 

snmp-server community test1 group group1 

 

6. Set SNMP Location (optional but recommended) 

snmp-server location DC-Rack-22 

 

7. Set SNMP Contact (optional) 

snmp-server contact admin@example.com 

 

Verification Steps 

1. Verify SNMP Configuration 

show running-configuration | grep snmp 

snmp-server location "DC-Rack-22" 
snmp-server contact "admin@example.com" 
snmp-server enable trap 
snmp-server agentaddress 172.27.1.117 
snmp-server community test1 group group1 
snmp-server group group1 v2c read view1 
snmp-server view view1 1 included 

 
 

2. View SNMP some other info using this command: 

sonic# show snmp-server ? 

  community        Display SNMP community configuration 

  group            Display SNMP group configuration 

  host             Display SNMP trap and notification configuration 

  interface-traps  Display interface SNMP traps configuration 

  traps            Display SNMP traps configuration 

  user             Display SNMP user configuration 

  view             Display SNMP view configuration 

 

3. SNMP Walk - Basic System Info on SNMP collector 

snmpwalk -v2c -c test1 172.27.1.117 .1.3.6.1.2.1.1 

 
iso.3.6.1.2.1.1.1.0 = STRING: "SONiC Software Version: SONiC.4.4.2..." 
iso.3.6.1.2.1.1.5.0 = STRING: "sonic.PALCNETWORKS.COM" 

 

 
4. SNMP Get – SysName 

snmpget -v2c -c test1 172.27.1.117 .1.3.6.1.2.1.1.5.0 
iso.3.6.1.2.1.1.5.0 = STRING: "sonic.PALCNETWORKS.COM" 

 

Troubleshooting Tips 

  • Ensure SNMP daemon is running: 

docker exec -it snmp cat /etc/snmp/snmpd.conf 

 

  • Validate that snmp-server view is configured and used in the group 

  • Check firewall rules to ensure SNMP UDP port 161 is open 

  • Use tcpdump to confirm SNMP queries are reaching the device. 

 

SNMPv3 Configuration on SONiC (Broadcom Platform) 

Create SNMP Group and Bind the View (if using custom views): 

 snmp-server group group2 v3 auth read view1 

Create SNMPv3 User with AuthPriv (secure mode) 

Syntax: 

snmp-server user <username> group <group-name> auth sha auth-password <auth-password> priv aes-128 priv-password <priv-password> 

Example 

 snmp-server user admin group group2 auth sha auth-password admin1234 priv aes-128 priv-password admin5678 

Validate the user information: 

 sonic# show snmp-server user 

  

           User Name                        Group Name            Auth  Privacy 

-------------------------------- -------------------------------- ----- ------- 

admin                                         group2                                sha   aes-128 


Test SNMPv3 from a Remote Client 

 root@sonic:/# snmpwalk -v3 -u admin -l authPriv -a SHA -A admin1234 -x AES -X admin5678 172.27.1.117 

iso.3.6.1.2.1.1.1.0 = STRING: "SONiC Software Version: SONiC.4.4.2-Enterprise_Base - HwSku: UFISPACE-S9110-32X - Distribution: Debian 11.11 - Kernel: 5.10.0-21-amd64 

" 

iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.4413.1.2.1.9.2 

iso.3.6.1.2.1.1.3.0 = Timeticks: (580525) 1:36:45.25 

iso.3.6.1.2.1.1.4.0 = STRING: "admin@palcnetworks.com" 

iso.3.6.1.2.1.1.5.0 = STRING: "sonic" 

iso.3.6.1.2.1.1.6.0 = STRING: "test123" 

............................................. 


    • Related Articles

    • How to configure snmp in community sonic

      SNMP Overview Simple Network Management Protocol (SNMP) is a widely used application-layer protocol that enables centralized monitoring and management of network devices such as switches, routers, and servers. It supports real-time alerts, ...
    • Basic Show Commands in Broadcom sonic

      Basic Show Commands Objective This document explains how to use basic show commands on broadcom sonic to retrieve system information, hardware details, software versions, and transceiver status. These commands help network administrators quickly ...
    • Supported ACL Features in Broadcom

      Supported ACL Features in Broadcom Objective This document explains the key ACL (Access Control List) features supported in Broadcom ASICs. ACLs are used to control and filter network traffic based on rules matching packet headers, providing ...
    • How to Configure ACL (Access Control List)

      ACL (Access Control List) Objective This document explains how to configure Access Control Lists (ACLs) on broadcom sonic. ACLs consist of one or more access control entries (ACEs) that define rules to permit or deny network traffic based on ...
    • How to configure subinterface

      Sub-Interface: Sub interfaces divide the parent interface into two or more virtual interfaces on which you can assign unique Layer 3 parameters such as IP addresses and dynamic routing protocols. The IP address for each sub interface should be in a ...