How can I configure my Linode to respond to SNMP?
Hi,
When I try to use snmpwalk against my server it fails with a timeout:
snmpwalk -Os -c public -v 2c 123.456.789.111
Timeout: No Response from 123.456.789.111
1 Reply
Hi,
You'll need to first ensure that you've installed snmpd with one of the following commands, depending on your distribution:
yum install snmpd
apt install snmpd
You can verify what port/IP combination that SNMP is responding on by examining the output of netstat or ss.
# netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 11070/sshd
tcp6 0 0 :::22 :::* LISTEN 11070/sshd
udp 16896 0 127.0.0.1:161 0.0.0.0:* 18670/snmpd
udp 0 0 0.0.0.0:52067 0.0.0.0:* 18670/snmpd
udp6 15360 0 :::44191 :::* 3018/systemd-timesy
From the output above, we can see that snmpd is only listening on the localhost. If you'd like your server to respond remotely, you'll need to configure snmpd to listen on your public IP or all IPs with the agentAddress directive in etc/snmp/snmpd.conf and restart snmpd:
# AGENT BEHAVIOUR
#
# Listen for connections from the local system only
agentAddress udp:127.0.0.1:161
# Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161
You should also ensure that your firewall rules are configured properly to allow UDP traffic on port 161. I would suggest whitelisting IPs that you use in your monitoring for snmp traffic or editing snmpd.conf to disable the default public community setting as leaving this service open to the public leaves you vulnerable to participating in amplification attacks.