10.2 Remote Administration with SNMP

The Simple Network Management Protocol (SNMP) allows the remote management of devices on TCP/IP networks. Though networking equipment, such as routers and switches, is the most likely to be SNMP-enabled, almost any device that connects to a TCP/IP network can be equipped with an SNMP agent.[3] An SNMP agent allows you to monitor the target remotely and automatically. In other words, you don't need to have an operator stand by the system and make sure it's still alive and watch over its current performance. The SNMP agent allows you to automatically query the device for its status using an SNMP manager[4] application running on a separate system. The agent running in your target can also be configured to send SNMP traps to the SNMP manager to inform it of software or hardware failure. If your target is part of a complex network or if you need to be able to constantly monitor its status remotely, you should think about including an SNMP agent in it.

[3] Basically, an agent is the SNMP software component that runs in the networked device to enable it to be managed remotely.

[4] A manager is an SNMP software component that runs on a normal workstation or server and that is responsible for monitoring remote systems running SNMP agents.

There are quite a few SNMP agents and packages that enable interaction with SNMP-enabled devices, many of them are quite expensive. In the open source world, Net-SNMP is the standard package for building and managing SNMP-enabled systems. Net-SNMP is distributed at http://net-snmp.sourceforge.net/ under a composite license that is similar to the BSD license.[5]

[5] See the COPYING file in the Net-SNMP package for the complete details about the license.

The Net-SNMP package is relatively large and contains many software components. For most targets, however, we will be interested only in the SNMP agent, since this is the software component that will allow our device to be remotely managed. Start by downloading and extracting the Net-SNMP package to your ${PRJROOT}/sysapps directory. For my SYSM module, for example, I used Net-SNMP Version 5.0.6. Now, move to the package's directory for the rest of the manipulations:

$ cd ${PRJROOT}/sysapps/net-snmp-5.0.6

The Net-SNMP package can be compiled with both uClibc and glibc. There are a few requirements when using uClibc, however, as we'll see. In addition to the C library, Net-SNMP depends on the shared object dynamic loading library (libdl) and the math library (libm).

To configure Net-SNMP for building with glibc enter:

$ CC=arm-linux-gcc ./configure --host=$TARGET --with-endianness=little

To link Net-SNMP against uClibc, uClibc must be configured with IPv6 support. If it isn't, you can add the ?disable-ipv6 option to Net-SNMP's configuration command line to disable IPv6 support within Net-SNMP. Also, you will need to fix the agent/mibgroup/ucd-snmp/disk.c file so that it compiles properly with uClibc. Edit the file and look for the following declaration:

        endfsent(  );

Replace that declaration with the following one:

#if !defined HAVE_GETMNTENT && defined HAVE_FSTAB_H
        endfsent(  );

Finally, issue the configure command using arm-uclibc-gcc instead of arm-linux-gcc.

Note that we avoid using the - -prefix option when configuring Net-SNMP. If we used it, the resulting SNMP agent would always look for its files in the directory provided in the option. Instead, we want the SNMP agent to take its configuration from the default /usr/local/share/snmp directory. To control the directory where the SNMP components are installed, we will set the values of prefix and exec_prefix when issuing the make install command.

During its execution, the configuration script will prompt you for certain information regarding the functionality of the SNMP agent, including the SNMP version to use, the contact information for the device, and the system's location. The instructions provided by the configuration script are usually sufficient to understand the purpose of the information requested. If you need more information regarding the configuration process of the Net-SNMP agent, look at the Essential SNMP book by Douglas Mauro and Kevin Schmidt (O'Reilly).

Once the configuration script has completed, build and install the Net-SNMP components:

$ make
$ make prefix=${TARGET_PREFIX} exec_prefix=${TARGET_PREFIX} install

The values we provide for the prefix and exec_prefix variables determine the main directory where the Net-SNMP components are installed. By avoiding the use of the - -prefix option during the configuration earlier and by setting the prefix and exec_prefix variables here, we ensure that the SNMP agent runs from the target's /usr/local/share/snmp directory even though its components are initially installed in the ${TARGET_PREFIX} directory on the host. If you forget to set exec_prefix, the installation will fail, because the scripts will try to install components into your host's /usr directory.

The SNMP agent built by Net-SNMP is a very large binary. If you compile it against glibc and strip it, it will measure 650 KB when linked dynamically and 1.1 MB when linked statically. If you compile it against uClibc and strip it, it will measure 625 KB when linked dynamically and 680 KB when linked statically. Because the figures for the unstripped binaries all exceed 1.7 MB, I strongly encourage you to strip the agent binary.

The complete build and installation will take around 10 minutes, depending on your hardware, because Net-SNMP is quite a large package. In addition to copying binaries, the installation copies manpages and headers into the ${TARGET_PREFIX} directory. The SNMP daemon (snmpd), which is the actual SNMP agent, is installed in ${TARGET_PREFIX}/sbin. The other SNMP utilities, such as snmpget, are installed in ${TARGET_PREFIX}/bin. The SNMP trap daemon is also installed in ${TARGET_PREFIX}/sbin (this daemon is used to monitor incoming traps). The MIB information required by the SNMP daemon is installed in ${TARGET_PREFIX}/share/snmp.

With all the Net-SNMP components installed in your development workspace on the host, copy the SNMP daemon to your target's root filesystem:

$ cp ${TARGET_PREFIX}/sbin/snmpd ${PRJROOT}/rootfs/usr/sbin

Copy the relevant components found in ${TARGET_PREFIX}/share/snmp to the /usr/local/share/snmp directory of your target's root filesystem:

$ mkdir -p ${PRJROOT}/rootfs/usr/local/share
$ cp -r ${TARGET_PREFIX}/share/snmp ${PRJROOT}/rootfs/usr/local/share

The SNMP MIB information weighs in at around 1.3 MB. Added with the stripped binary, this brings the minimum cost of the total SNMP package to a little over 2 MB in storage. This is a fairly large package for most embedded Linux systems.

To run properly, the SNMP agent requires a configuration file. An EXAMPLE.conf example configuration has been created during the build of the Net-SNMP package in the package's root directory. Customize that file and copy it to your ${PRJROOT}/rootfs/usr/local/share/snmp directory:

$ cp EXAMPLE.conf ${PRJROOT}/rootfs/usr/local/share/snmp/snmpd.conf

Finally, edit your target's /etc/inittab file to add a line for snmpd. Here is the line I add for snmpd in my SYSM module's inittab:

::respawn:/usr/sbin/snmpd -f

The -f option instructs snmpd not to fork from the calling shell. In other words, snmpd will not become a daemon and init will respawn it if it dies.

For more information regarding SNMP, including the configuration and use of Net-SNMP, look at the Essential SNMP book mentioned earlier. The Net-SNMP project's web site contains quite a few resources, including an FAQ, various documents, and a mailing list. The manpages installed by Net-SNMP are also informative.