SNMP
Overview
Simple Network Management Protocol (SNMP) is a widely used application-layer protocol that enables centralized monitoring and management of network devices such as switches, routers, and servers. It supports real-time alerts, performance tracking, and remote configuration, making it essential for network operations in enterprise and data center environments.
Feature Description
SNMP enables the following capabilities:
Monitoring
Query device/system information using SNMP GET or GETNEXT
Monitor interface status, traffic statistics, and system uptime
Configuration (if SET is enabled)
Modify device parameters remotely (requires proper access controls)
Event Notification
Devices send asynchronous notifications (TRAP/INFORM) to SNMP managers when events like interface state changes occur
NMS Integration
Compatible with Network Management Systems (e.g., SolarWinds, Zabbix, LibreNMS)
Prerequisites
Hardware Requirements
SONiC-supported switches (e.g., Edgecore, UfiSpace)
Software Requirements
Network OS: SONiC-OS Enterprise 4.4.x or later
SNMP Daemon: snmpd must be installed and running
Access Requirements
Admin or root access via CLI/GUI
SNMP utilities installed on management host: snmpwalk, snmpget, snmpset, snmptrap.
Topology:
Configuration Steps
1. Enable SNMP Service
snmp-server enable trap
2. Add SNMP Agent Address
#syntax
snmp-server agentaddress <device-ip>
# Example:
snmp-server agentaddress 172.27.1.117
3. Create SNMP View
snmp-server view view1 1 included
4. Add SNMP Group
snmp-server group group1 v2c read view1
5. Add SNMP Community
snmp-server community test1 group group1
6. Set SNMP Location (optional but recommended)
snmp-server location DC-Rack-22
7. Set SNMP Contact (optional)
snmp-server contact admin@example.com
Verification Steps
1. Verify SNMP Configuration
show running-configuration | grep snmp
snmp-server location "DC-Rack-22"
snmp-server contact "admin@example.com"
snmp-server enable trap
snmp-server agentaddress 172.27.1.117
snmp-server community test1 group group1
snmp-server group group1 v2c read view1
snmp-server view view1 1 included
2. View SNMP some other info using this command:
sonic# show snmp-server ?
community Display SNMP community configuration
group Display SNMP group configuration
host Display SNMP trap and notification configuration
interface-traps Display interface SNMP traps configuration
traps Display SNMP traps configuration
user Display SNMP user configuration
view Display SNMP view configuration
3. SNMP Walk - Basic System Info on SNMP collector
snmpwalk -v2c -c test1 172.27.1.117 .1.3.6.1.2.1.1
iso.3.6.1.2.1.1.1.0 = STRING: "SONiC Software Version: SONiC.4.4.2..."
iso.3.6.1.2.1.1.5.0 = STRING: "sonic.PALCNETWORKS.COM"
4. SNMP Get – SysName
snmpget -v2c -c test1 172.27.1.117 .1.3.6.1.2.1.1.5.0
iso.3.6.1.2.1.1.5.0 = STRING: "sonic.PALCNETWORKS.COM"
Troubleshooting Tips
Ensure SNMP daemon is running:
docker exec -it snmp cat /etc/snmp/snmpd.conf
Validate that snmp-server view is configured and used in the group
Check firewall rules to ensure SNMP UDP port 161 is open
Use tcpdump to confirm SNMP queries are reaching the device.
SNMPv3 Configuration on SONiC (Broadcom Platform)
Create SNMP Group and Bind the View (if using custom views):
snmp-server group group2 v3 auth read view1
Create SNMPv3 User with AuthPriv (secure mode)
Syntax:
Example
snmp-server user admin group group2 auth sha auth-password admin1234 priv aes-128 priv-password admin5678
Validate the user information:
sonic# show snmp-server user
User Name Group Name Auth Privacy
-------------------------------- -------------------------------- ----- -------
admin group2 sha aes-128
Test SNMPv3 from a Remote Client
root@sonic:/# snmpwalk -v3 -u admin -l authPriv -a SHA -A admin1234 -x AES -X admin5678 172.27.1.117
iso.3.6.1.2.1.1.1.0 = STRING: "SONiC Software Version: SONiC.4.4.2-Enterprise_Base - HwSku: UFISPACE-S9110-32X - Distribution: Debian 11.11 - Kernel: 5.10.0-21-amd64
"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.4413.1.2.1.9.2
iso.3.6.1.2.1.1.3.0 = Timeticks: (580525) 1:36:45.25
iso.3.6.1.2.1.1.4.0 = STRING: "admin@palcnetworks.com"
iso.3.6.1.2.1.1.5.0 = STRING: "sonic"
iso.3.6.1.2.1.1.6.0 = STRING: "test123"
.............................................