[plug] Determining ip address

Craig Ringer craig at postnewspapers.com.au
Wed Dec 17 19:14:00 WST 2003 

Cameron Patrick wrote:
> On Wed, Dec 17, 2003 at 06:00:03PM +0800, Craig Ringer wrote:
> 
> | If you can snmpwalk with '-c private' then it's probably time to look
> | at the web interface or serial console and see if you can change that
> | community name.
> 
> Well, it looks as though I can.  What is the significance of this,
> besides it being Bad?  :-/

Well, it means that the settings /might/ be writeable over SNMP using 
the default, well known "password" for SNMP write access. You probably 
want to change this, even if it turns out that the device doesn't allow 
write access.

> | This command may give you a slightly more controlled level of output, 
> | restricted to network interfaces and closely related info:
> | 
> | snmpwalk -v 1 -c public $HOSTNAME .iso.org.dod.internet.mgmt.mib-2.ip
> 
> Good lord.  This is where those dribbly candles make their return, I see :-)
> The output still looks like so much gibberish, but at least there's less
> of it this time.

Indeed. When targeted at net-snmp linux host, you can get rather 
self-explanatory info like:

IP-MIB::ipForwarding.0 = INTEGER: forwarding(1)

There are also simple queries like:

$ snmpget -v 1 -c public $HOSTNAME system.sysUpTime.0
SNMPv2-MIB::sysUpTime.0 = Timeticks: (113890042) 13 days, 4:21:40.42

which may help you get your head around the formatting. If you read 'man 
snmpcmd' you'll find lots of useful info about the output formatting. 
For example, it might sometimes be easier to understand if you initially 
exclude type information using ' -OQ ':

$ snmpget -v 1 -c public -OQ $HOSTNAME system.sysUpTime.0
SNMPv2-MIB::sysUpTime.0 = 13:4:23:08.70

BTW, it would've helped if I'd pointed you to:

.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry

not

.iso.org.dod.internet.mgmt.mib-2.ip

as the former makes a _lot_ more sense, and is the most commonly used 
bit of the common SNMP structures.

Part of the confusion is because snmp often presents tabular data in a 
linear way. For example, under

.iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry

there's a list of interfaces and information about them. While it's 
presented as a linear stream of info, it can be thought of like this:

----------------------------------------------------------
ifIndex       |    1     |     2     |     3       |     4
ifDescr       |    lo    |    eth0   |    eth1     |    ppp0
ifMtu         |  16436   |   1500    |   1500      |   1432
ifAdminStatus |    up    |     up    |     up      |     up

(that's only some of the info, there are lots of other rows I've ignored).

The SNMP output I used to generate this was:

IF-MIB::ifIndex.1 = INTEGER: 1
IF-MIB::ifIndex.2 = INTEGER: 2
IF-MIB::ifIndex.3 = INTEGER: 3
IF-MIB::ifIndex.4 = INTEGER: 4
IF-MIB::ifDescr.1 = STRING: lo
IF-MIB::ifDescr.2 = STRING: eth0
IF-MIB::ifDescr.3 = STRING: eth1
IF-MIB::ifDescr.4 = STRING: ppp1
IF-MIB::ifType.1 = INTEGER: softwareLoopback(24)
IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.3 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.4 = INTEGER: ppp(23)
IF-MIB::ifMtu.1 = INTEGER: 16436
IF-MIB::ifMtu.2 = INTEGER: 1500
IF-MIB::ifMtu.3 = INTEGER: 1500
IF-MIB::ifMtu.4 = INTEGER: 1432
IF-MIB::ifSpeed.1 = Gauge32: 10000000
IF-MIB::ifSpeed.2 = Gauge32: 10000000
IF-MIB::ifSpeed.3 = Gauge32: 10000000
IF-MIB::ifSpeed.4 = Gauge32: 0
IF-MIB::ifPhysAddress.1 = STRING:
IF-MIB::ifPhysAddress.2 = STRING: 0:00:00:00:00:00 [I've altered this]
IF-MIB::ifPhysAddress.3 = STRING: 0:00:00:00:00:00 [also altered]
IF-MIB::ifPhysAddress.4 = STRING:
IF-MIB::ifAdminStatus.1 = INTEGER: up(1)
IF-MIB::ifAdminStatus.2 = INTEGER: up(1)
IF-MIB::ifAdminStatus.3 = INTEGER: up(1)
IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
IF-MIB::ifOperStatus.1 = INTEGER: up(1)
IF-MIB::ifOperStatus.2 = INTEGER: up(1)
IF-MIB::ifOperStatus.3 = INTEGER: up(1)
IF-MIB::ifOperStatus.4 = INTEGER: up(1)
[snip]

Presented like that, does it make more sense? Note the index numbers on 
each line, like '.1', and how they match up to the ifIndex lines?

Yeah, I'm at work and things are going OK for once, so I have a bit of 
time. I'm learning to use UML so I can test installers and distro 
modifications as well. OOh... scary thought: UML virtual network with 
"clients" and "routers" running Zebra.

> *sigh*  This one doesn't appear to have any way to set a password from
> the web interface, or to change the community string. (I take that's the
> SMTP equivalent of a password, and what goes with the -c option?)

Yeah. SNMP3 supports things like passwords and transport security, but 
I'm yet to see a network device that supports it. Perhaps if it has 
'Cisco' written on it...

Craig Ringer

More information about the plug mailing list