I am trying to have our Nagios monitoringsystem look at our ESXi 5.1 vSphere Host servere via SNMP, but I cannot make it work. I have enabled SNMP
C:\Program Files\VMware\VMware vSphere CLI\bin>vicfg-snmp.pl --server MYSERVER--username root --password MyPASSWORD--show
Current SNMP agent settings:
Enabled : 1
UDP port : 161
Communities :
public
Notification targets :
MYTARGETNAGIOS@161/public
Options :
EnvEventSource=indications
But i cannot retrieve anything from the server.
I am then trying to find the HP agents for vSphere/ ESXi5, but they seem to lost?!? - they are not on the HP drivers page?
has anyone been able to install any HP agents on a BL460c G7 server with ESXi5 installed?
Hi
This is the link to the HP bundles: http://h18000.www1.hp.com/products/servers/software/vmware-esxi/offline_bundle.html
Correct, but I have already installed these, so I am a little confused why I cannot make SNMP request to the servers.
>esxcli -s BL460CG7 -u root -p PASSWORD software vib list
char-hpcru 5.0.2.21-1OEM.500.0.0.434156 Hewlett-Packard PartnerSupported 2012-10-23
char-hpilo 500.9.0.0.9-1OEM.500.0.0.434156 Hewlett-Packard PartnerSupported 2012-10-23
hp-ams 500.9.2.0-11.434156 Hewlett-Packard PartnerSupported 2012-10-23
hp-smx-provider 500.03.01.00.5-434156 Hewlett-Packard VMwareAccepted 2012-10-24
hpacucli 9.20-9.0 Hewlett-Packard PartnerSupported 2012-10-23
hpbootcfg 01-01.02 Hewlett-Packard PartnerSupported 2012-10-23
hponcfg 04-00.10 Hewlett-Packard PartnerSupported 2012-10-23
scsi-hpsa 5.0.0-28OEM.500.0.0.472560 Hewlett-Packard VMwareCertified 2012-10-24
I think there is some general problem, because even if you didn´t install the hp management stuff, you should see the standard snmp data from the esx server.
Maybe you can check the firewall settings via vSphere CLI with the command:
esxcli --server=SERVERIP --user=USERNAMER --password=YOURPASSWORD network firewall ruleset list
the list should contain:
Name Enabled
--------------------------
snmp true
Hi Lace666
Already enabled.
Name Enabled
------------------ -------
HPProvider true
sshServer true
sshClient false
nfsClient false
dhcp true
dns true
snmp true
ntpClient true
CIMHttpServer false
CIMHttpsServer true
CIMSLP true
iSCSI true
vpxHeartbeats true
updateManager false
faultTolerance true
webAccess true
vMotion true
vSphereClient true
activeDirectoryAll false
NFC true
HBR true
ftpClient false
httpClient false
gdbserver false
DVFilter false
DHCPv6 false
DVSSync false
syslog false
IKED false
WOL true
vSPC false
remoteSerialPort false
netDump true
fdm false
dynamicruleset true
Hmm, here is a weird part...
I have another python-script on my Nagios-server, that make queries throught https and this works.?!?
Did you try snmpwalk (on your nagios host) to check out the connection?
snmpwalk -v2c -c public VMWARESERVERIP
You should see the snmp tree information
No success.
Got this message.
[root@srv-nag-nsb1 libexec]# snmpwalk -c public srv-esx-nsb07
No log handling enabled - turning on stderr logging
snmpwalk: Timeout
(I just reinstalled the BL460cG7 server to ESXi 5.1 (HP Custom image) to see if that helped anything. but same result.
Don't think this is the problem for querying via SNMP, but SNMP trap notifications go to the destination port 162 and not 161 (listening port for queries).
Configure it like this:
vicfg-snmp --enable --communities public --targets 192.168.1.1@162/public
I also know someone had problems with using DNS names instead of IPs.
Now make sure the change is reflected in the actual configuration on the host in /etc/vmware/snmp.xml, it should look like this for the example above:
# cat /etc/vmware/snmp.xml
<config>
<snmpSettings>
<communities>public</communities>
<enable>true</enable>
<targets>192.168.1.1@162 public</targets>
</snmpSettings>
</config>
If that's correct, make sure your ESXi host actually listens for connections on UDP port 161:
# esxcli network ip connection list | grep 161
udp 0 0 0.0.0.0:161 0.0.0.0:0 2810 hostd-worker
The timeout message indicates something could be dropped along the way. Also try the IP for snmpwalk. Any network firewalls in between? Check the ESXi host firewall again to be sure too:
# esxcli network firewall ruleset rule list | grep -i snmp
snmp Inbound UDP Dst 161 161# esxcli network firewall ruleset list | grep snmp
snmp true
If all that fails, use tcpdump-uw to see if the host actually receives the SNMP queries (adjust the "-i vmkX" interface parameter accordingly):
# tcpdump-uw -i vmk0 -nnvvve udp port 161
or filter by IP of the querying system:
# tcpdump-uw -i vmk0 -nnvvve host 192.168.1.2
Hi MKgu
Checked the snmp.xml :
<?xml version="1.0" encoding="ISO-8859-1"?>
<config><snmpSettings>
<enable>true</enable>
<port>161</port>
<syscontact/><syslocation/>
<EnvEventSource>indications</EnvEventSource>
<communities>public</communities>
<targets>NAGIOS-SERVERNAME@162 public</targets>
<loglevel>info</loglevel>
<authProtocol/><privProtocol/>
<engineid>00000063000000a10a0a0ae3</engineid>
</snmpSettings>
</config>
here is the result.
~ # esxcli network ip connection list | grep 161
udp 0 0 0.0.0.0:161 0.0.0.0:0 9604 snmpd
~ # esxcli network firewall ruleset rule list | grep -i snmp
snmp Inbound UDP Dst 161 161~ # esxcli network firewall ruleset list | grep snmp
snmp true
Not sure what to make of this
A tcpdump shows below after I make a snmpwalk against the server
~ # tcpdump-uw -i vmk0 -nnvvve udp port 161
tcpdump-uw: listening on vmk0, link-type EN10MB (Ethernet), capture size 96 bytes
12:47:29.786001 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52611, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
12:47:30.787131 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52614, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
12:47:31.788251 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52616, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
12:47:32.789462 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52618, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
12:47:33.790580 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52647, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
12:47:34.791689 00:50:56:60:ec:d1 > 00:50:56:8d:3e:9c, ethertype IPv4 (0x0800), length 96: truncated-ip - 50 bytes missing! (tos 0x0, ttl 64, id 52649, offset 0, flags [none], proto UDP (17), length 132)
10.10.10.237.161 > 10.10.10.157.44011: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU [|snmp]} }
So what we see is that the server receives queries fine but does not answer even though it listens on a socket.
Your snmp.xml looks fishy, I have no idea where some of the tags like "<authProtocol/><privProtocol/>" (SNMPv2/v3 stuff?) come from if you executed the vicfg-snmp(.pl) command like in the example. Try overwriting it's content with what I provided (adjust trap target IP(!)/community obviously)
It might just be a tcpdump protocol display default, but to my knowledge snmpv3 is not supported. Execute snmpwalk with the parameter "-v1".
Edit: Or wait, forget everything I wrote, the config is probably specific to 5.1 which at officially supports SNMPv3. I haven't tested any SNMP functionality with 5.1 yet though.