ECS:如何在 SNMP 代理程式上啟用 TCP 和/或 UDP

Summary: 根據預設,Simple Network Management Protocol (SNMP) 會使用使用者資料包通訊協定 (UDP) 傳輸層通訊協定,以報告 Elastic Cloud Storage (ECS) 上個別節點的健全狀況。有時會使用 Transmission Control Protocol (TCP),這是以工作階段為基礎的 SNMP 通訊協定。這是需要使用 TCP 通訊協定的特定安全性或作業考量所必備的。 ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

根據預設,Simple Network Management Protocol (SNMP) 會使用使用者資料包通訊協定 (UDP) 傳輸層通訊協定,以報告 Elastic Cloud Storage (ECS) 上個別節點的健全狀況。有時會使用 Transmission Control Protocol (TCP),這是以工作階段為基礎的 SNMP 通訊協定。這是需要使用 TCP 通訊協定的特定安全性或作業考量所必備的。

下列設定可允許 TCP 和 UDP 透過 SNMP 進行通訊:
  1. 新增 agentaddress udp:161,tcp:161 以允許在節點 SNMP 代理程式上使用 TCP 和 UDP 通訊協定:
命令:
# sudo vi /etc/snmp/snmpd.conf

範例: 
#       sec.name  source          community
com2sec local       localhost       secret42
com2sec cust1_sec   192.0.2.0/24    public
com2sec cust1_sec   192.0.2.0/24    public
com2sec cust1_sec   0.0.0.0/0    happyplace
com2sec snmpv3_user 198.51.100.0/24 public
com2sec snmpv3_user 198.51.100.0/24 public

agentaddress udp:161,tcp:161

...
 
  1. 在節點上重新啟動 SNMP 代理程式,以讓組態的新變更生效:
命令:
# sudo systemctl restart snmpd
# sudo systemctl status snmpd

範例: 
admin@node1:~> sudo systemctl restart snmpd
admin@node1:~> sudo systemctl status snmpd
  snmpd.service - LSB: Net-SNMP agent
   Loaded: loaded (/etc/init.d/snmpd; bad; vendor preset: disabled)
   Active: active (running) since Fri 2020-05-01 15:16:52 UTC; 20min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 80940 ExecStop=/etc/init.d/snmpd stop (code=exited, status=0/SUCCESS)
  Process: 80948 ExecStart=/etc/init.d/snmpd start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 512)
   Memory: 4.5M
      CPU: 802ms
   CGroup: /system.slice/snmpd.service
             80959 /usr/sbin/snmpd -r -A -LF n /var/log/net-snmpd.log -p /var/run/snmpd.pid

May 01 15:16:52 ecsnode1.gslabs.lab.emc.com systemd[1]: Starting LSB: Net-SNMP agent...
May 01 15:16:52 node1 snmpd[80948]: Starting snmpd..done
May 01 15:16:52 node1 systemd[1]: Started LSB: Net-SNMP agent.
 
  1. 確認已進行變更,且 SNMP 正在聆聽 TCP 和 UDP 通訊協定:
命令:
# sudo netstat -lntup | grep snmp

範例: 
admin@node1:~> sudo netstat -lntup | grep snmp
tcp        0      0 127.0.0.1:199           0.0.0.0:*               LISTEN      80959/snmpd
tcp        0      0 0.0.0.0:161             0.0.0.0:*               LISTEN      80959/snmpd
udp        0      0 0.0.0.0:161             0.0.0.0:*                           80959/snmpd

This change to the SNMP agents on the nodes can be done during the agent deployments in KB ECS: How to setup SNMP v2c and v3 monitoring support

Affected Products

ECS Appliance

Products

ECS Appliance, ECS Appliance Gen 1, ECS Appliance Gen 2, ECS Appliance Gen 3
Article Properties
Article Number: 000021179
Article Type: How To
Last Modified: 03 Mar 2023
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.