Frequently Asked Questions (FAQ) for the UCD/Net-SNMP package

      =============================================================

		       FAQ Author: Dave Shield

			Net-SNMP Version: 5.8

	    Net-SNMP/UCD-SNMP Project Leader: Wes Hardaker

	     Email: net-snmp-coders@lists.sourceforge.net

TABLE OF CONTENTS

=================

 TABLE OF CONTENTS

 GENERAL

   What is it?

   Where can I get it?

   What documentation is available?

   Are there binaries available?

   What's the difference between UCD-SNMP and Net-SNMP?

   What operating systems does it run on?

   What happens if mine isn't listed?

   Does it run on Windows?

   How do I find out about new releases?

   How can I find out what other people are doing?

   How do I submit a patch or bug report?

   Can I reuse the code in my commercial application?

   What's the difference between SNMPv1, SNMPv2 and SNMPv3?

   What's the difference between SNMPv2 and SNMPv2c?

   Which versions of SNMP are supported in this package?

   Can I use SNMPv1 requests with an SNMPv2 MIB (or vice versa)?

   How can I monitor my system with SNMP?

   Where can I find more information about network management?

   What ports does SNMP use?

   Is Net-SNMP thread safe?

 APPLICATIONS

   How do I add a MIB?

   How do I add a MIB to the tools?

   Why can't I see anything from the agent?

   Why doesn't the agent respond?

   I can see the system group, but nothing else.  Why?

   Why can't I see values in the <ENTERPRISE> tree?

   The agent worked for a while, then stopped responding.  Why?

   Requesting an object fails with "Unknown Object Identifier"  Why?

   Why do I get "noSuchName" when asking for "sysUpTime" (or similar)?

   Why do I sometimes get "End of MIB" when walking a tree, and sometimes not?

   How do I use SNMPv3?

   Why can't I set any variables in the MIB?

   Variables seem to disappear when I try to set them.  Why?

   Why can't I change sysLocation (or sysContact)?

   I get an error when trying to set a negative value - why?

   I get an error when trying to query a string-indexed table value - why?

   How should I specify string-indexed table values?

   How do I send traps and notifications?

   How do I receive traps and notifications?

   How do I receive SNMPv1 traps?

   Why don't I receive incoming traps?

   My traphandler script doesn't work when run like this - why not?

   How can the agent receive traps and notifications?

   How big can an SNMP request (or reply) be?

   How can I monitor my systems (disk, memory, etc)?

   Applications complain about entries in your example 'snmp.conf' file.  Why?

   OK, what should I put in snmp.conf?

   How do I specify IPv6 addresses in tools command line arguments?

 PERL

   What is the purpose of the Perl SNMP module?

   Where can I get the Perl SNMP package?

   How do I install the Perl SNMP modules?

   But compiling this fails! Why?

   Compiling the Perl module works OK, but 'make test' fails. Why?

   Why can't mib2c (or tkmib) locate SNMP.pm?

   Why can't mib2c (or tkmib) load SNMP.so?

   Why can't tkmib locate Tk.pm?

   Why does your RPM complain about missing Perl modules?

   I've got a problem with the Net-SNMP module.  Can you help?

 MIBS

   Where can I find a MIB compiler?

   Why aren't my MIB files being read in?

   Where should I put my MIB files?

   What does "Cannot find module (XXX-MIB)" mean?

   I'm getting answers, but they're all numbers. Why?

   What does "unlinked OID" mean?

   The parser doesn't handle comments properly. Why not?

   How can I get more information about problems with MIB files?

   What's this about "too many imported symbols"?

   Do I actually need the MIB files?

 AGENT

   What MIBs are supported?

   What protocols are supported?

   How do I configure the agent?

   How do I remove a MIB from the agent?

   I've installed a new MIB file.  Why can't I query it?

   How do I add a MIB to the agent?

   What's the difference between 'exec', 'sh', 'extend' and 'pass'?

   What's the difference between AgentX, SMUX and proxied SNMP?

   What is the purpose of 'dlmod'?

   Which should I use?

   Can I use AgentX when running under Windows?

   How can I run AgentX with a different socket address?

   How can I turn off SMUX support?

   How can I combine two copies of the 'mib2' tree from separate subagents?

   What traps are sent by the agent?

   Where are these traps sent to?

   How can I send a particular trap to selected destinations?

   When I run the agent it runs and then quits without staying around. Why?

   After a while the agent stops responding, and starts eating CPU time.  Why?

   How can I stop other people getting at my agent?

   How can I listen on just one particular interface?

   The agent is complaining about 'snmpd.conf'.  Where is this?

   Why does the agent complain about 'no access control information'?

   How do I configure access control?

   How do I configure SNMPv3 users?

   The 'createUser' line disappears when I start the agent.  Why?

   What's the difference between /var/net-snmp and /usr/local/share/snmp?

   My new agent is ignoring the old snmpd.conf file. Why?

   Where should the snmpd.conf file go?

   Why am I getting "Connection refused"?

   Why can't I see values in the UCDavis 'extensible' or 'disk' trees?

   Why can't I see values in the UCDavis 'memory' or 'vmstat' tree?

   What do the CPU statistics mean - is this the load average?

   How do I get percentage CPU utilization using ssCpuRawIdle?

   What about multi-processor systems?

   The speed/type of my network interfaces is wrong - how can I fix it?

   The interface statistics for my subinterfaces are all zero - why?

   Does the agent support the RMON-MIB?

   What does "klread:  bad address" mean?

   What does "nlist err:  wombat not found" (or similar) mean?

   What does "Can't open /dev/kmem" mean?

   The system uptime (sysUpTime) returned is wrong!

   Can the agent run multi-threaded?

   Can I use AgentX (or an embedded SNMP agent) in a threaded application?

 COMPILING

   How do I control the environment used to compile the software?

   How do I control the environment used to compile the software under Windows?

   Why does the compilation complain about missing libraries?

   How can I reduce the memory footprint?

   How can I reduce the installation footprint or speed up compilation?

   How can I compile the project for use on an embedded system?

   How can I compile the project to use static linking?

   Why does 'make test' skip various tests?

   Why does 'make test' complain about a pid file?

 CODING

   How do I write C code to integrate with the agent?

   How does the agent fetch the value of a MIB variable from the system?

   Mib2c complains about a missing "mib reference" - what does this mean?

   Mib2c complains about not having a "valid OID" - what does this mean?

   Why doesn't mib2c like the MIB file I'm giving it?

   Mib2c ignores my MIB and generates a pair of 'mib-2' code files.  Why?

   What's the difference between the various mib2c configuration files?

   Which mib2c configuration file should I use?

   How can I have mib2c generate code for both scalars and tables?

   Are there any examples, or documentation for developing MIB modules?

   Where should I put the files produced by 'mib2c'?

   Why doesn't my new MIB module report anything?

   Why does the iterator call my get_{first,next} routines so often?

   How can I get the agent to generate a trap (or inform)?

   How can I get an AgentX sub-agent to generate a trap (or inform)?

   How can I get the agent to send an SNMPv1 (or SNMPv2c) trap?

   How can I get the agent to include varbinds with an SNMPv1 trap?

   How can I get the agent to send an SNMPv1 enterprise-specific trap?

   How can I get the agent to send an SNMPv3 trap (or inform)?

   Why does calling 'send_v2trap' generate an SNMPv1 trap (or vice versa)?

   How can I register a MIB module in a different (SNMPv3) context?

 MISC

   What ASN.1 parser is used?

   What is the Official Slogan of the net-snmp-coders list?

GENERAL

=======

What is it?

----------

  - Various tools relating to the Simple Network Management Protocol

    including:

	* An extensible agent

	* An SNMP library

	* tools to request or set information from SNMP agents

	* tools to generate and handle SNMP traps

	* a version of the unix 'netstat' command using SNMP

	* a graphical Perl/Tk/SNMP based mib browser

    This package is originally based on the Carnegie Mellon University

    SNMP implementation (version 2.1.2.1), but has developed significantly

    since then.

Where can I get it?

------------------

  Download:

    - http://www.net-snmp.org/download/

  Web page:

    - http://www.net-snmp.org/

  Sourceforge Project page:

    - http://www.net-snmp.org/project/

  Mirrors (note that sourceforge download servers are mirrored themselves):

    - Greece:      ftp://ftp.ntua.gr/pub/net/snmp/net-snmp/

What documentation is available?

-------------------------------

	This FAQ (!)

	README and individual READMEs for various platforms

	README.thread (discusses threading issues)

	INSTALL

	PORTING

	EXAMPLE.conf

	man pages for the individual tools, files and the API

	A guide for extending the agent

	Tutorials for both ucd-snmp v4 and net-snmp v5

           at  http://www.net-snmp.org/tutorial/

           and http://www.net-snmp.org/tutorial-5/ respectively

      Most of this documentation (plus archives of the mailing lists)

	 is also available on our web page:

        	http://www.net-snmp.org/

      There is also a Wiki (including a community-maintained version

      of this FAQ) at

                http://www.net-snmp.org/wiki/

Are there binaries available?

----------------------------

  There are binaries for some versions/systems available under

  the "net-snmp binaries" package on the SourceForge "Files"

  page, which is linked to from the main project download web

  page at http://www.net-snmp.org/download.html.

  These binaries are also available on the project FTP site,

  with a link on the same web page.

What's the difference between UCD-SNMP and Net-SNMP?

---------------------------------------------------

  Not a great deal, really.

  Although the project originally started at UC Davis (hence the name),

  and it has always been based there, most of the contributors have had

  little or no connection with this institution.

    The move to SourceForge was intended to provide a more flexible

  environment for the project, and to distribute the administrative

  workload more evenly.  The change of name simply reflects this move,

  which was the last remaining link with UC Davis.

    The 4.2.x line saw the last releases made using the ucd-snmp name,

  and all releases on this line have been been bug-fixes only.  Release

  5.0 was the first version released under the Net-SNMP name, and all

  further development is being done on the 5.x code base.  The 4.2.x

  code line is now effectively closed down, as are the older 5.x branches.

    Much of the work done for the various 5.x releases has involved

  some fairly significant changes to the code - in particular the

  architecture of the agent.  However attempts have been made to retain

  backwards compatibility as much as possible, and most code written

  for earlier releases should continue to work.  The most visible

  change from the 4.2.x UCD suite to the 5.x Net-SNMP releases was a

  restructuring of the header file organisation - not least a change

  from <ucd-snmp/xxx.h> to <net-snmp/yyy.h>.

    But given the maturity of the Net-SNMP code, this should be less

  of a consideration for most current SNMP development projects.

What operating systems does it run on?

-------------------------------------

  Both the applications and the agent have been reported as running

  (at least in part) on the following operating systems:

	* Linux (kernels 2.6 to 1.3)

	* Solaris/SPARC (11 to 2.3), Solaris/Intel (10, 9) -- see 

	  README.solaris

	* HP-UX (11.31 to 9.01) -- see README.hpux11

	* Mac OS X (10.5 to 10.1) -- see README.osX

	* NetBSD (2.0 to 1.0)

	* FreeBSD (7.0 to 2.2)

	* OpenBSD (4.0 to 2.6)

	* BSDi (4.0.1 to 2.1)

	* AIX (6.1, 5.3, 5.2, 5.1, 4.3.3, 4.1.5, 3.2.5) -- see README.aix

	* IRIX (6.5 to 5.1)

	* OSF (4.0, 3.2 and Tru64 Unix 5.1B) -- see README.tru64

	* SunOS 4 (4.1.4 to 4.1.2)

	* Ultrix (4.5 to 4.2)

	* Dynix/PTX 4.4

	* QNX 6.2.1A

  We have also been informed about a port to the Stratus VOS.

  See http://ftp.stratus.com/vos/network/network.html for details.

  See the next question but one for the status of Windows support.

  Certain systems fail to compile particular portions of the agent.

  These can usually be persuaded to compile (at the loss of some

  functionality) by omitting the modules affected.

  See the next question for more details.

  Also note that the presence of a particular configuration in this

  list does not imply a perfect or complete implementation.  This

  is simply what various people have reported as seeming to work.

 (Or more frequently, the configurations where people have reported

  problems that we think we've subsequently fixed!)

What happens if mine isn't listed?

---------------------------------

  It's probably worth trying to compile it anyway.  Unless your

  system is significantly different to the supported configurations,

  most of the code (library, applications and the agent infrastructure)

  should probably compile with little or no difficulty.  The most

  likely source of problems will be MIB modules within the agent,

  as this tends to be where the most system-specific code is found.

    If only a few modules fail to compile, try removing them from

  the agent by running "configure --with-out-mib-module=xxx,yyy",

  and re-compiling.  If a large number of modules fail, then it

  might be easier to start from a relatively bare system, using

  "configure --enable-mini-agent --with-defaults".  Then if this

  minimal agent compiles and runs successfully, try adding each of

  the missing mibgroups individually using the configure option

  '--with-mib-module'.

    If configure fails with "invalid configuration" messages, or

  you get completely stuck, contact the coders list for advice.

  Similarly, if you manage to get this working on a new system,

  please let us know of any code changes that you needed to make,

  together with details of the hardware you're using, and what

  versions of the operating system you've tried it on.  The entry

  'host' in the file 'config.status' should show this information.

  Oh, and congratulations!

Does it run on Windows?

----------------------

    The suite should compile and run on Win32 platforms, including

  the library, command-line tools and the basic agent framework.

  Note that the agent now includes support for the MIB-II module,

  but this requires Microsoft's Core Platform SDK.  Instructions

  for how to install this are given in README.win32.

    Pre-compiled binaries are available from the project web site.

    As of v5.4, the Net-SNMP agent is able to load the Windows SNMP

  service extension DLLs by using the Net-SNMP winExtDLL extension.

    Some other Net-SNMP MIB modules, including the UCD pass-through

  extensions, do not currently work under Windows.  Volunteers to assist

  with these missing modules are likely to welcomed with open arms :-)

    Further details of Windows support (currently Visual C++, MinGW

  and Cygnus cygwin32) is available in the file README.win32.

How do I find out about new releases?

------------------------------------

  There is a mailing list for these announcements

  	net-snmp-announce@lists.sourceforge.net

  To be added to (or removed from) this list, visit

        http://www.net-snmp.org/lists/net-snmp-announce/

  Or you can send a message to the address

        net-snmp-announce-request@lists.sourceforge.net

  with a subject line of 'subscribe' (or 'unsubscribe' as appropriate).

  Advance notice of upcoming releases are also made on the

  net-snmp-users list (for "release candidates") for a week

  or two before the full release, and on the net-snmp-coders

  list (for "pre-releases") during the period prior to this.

  Major code revisions may be announced more widely, but these

  lists are the most reliable way to keep in touch with the

  status of the package.

  Patches to fix known problems are also made available via the web site:

        http://www.net-snmp.org/patches/

How can I find out what other people are doing?

----------------------------------------------

  There is a general purpose discussion list

  	net-snmp-users@lists.sourceforge.net

  To be added to (or removed from) this list, visit

        http://www.net-snmp.org/lists/net-snmp-users/

  Or you can send a message to the address

        net-snmp-users-request@lists.sourceforge.net

  with a subject line of 'subscribe' (or 'unsubscribe' as appropriate).

  To find out what the developers are doing, and to help them

  out, please read the PORTING file enclosed with the package.

  There is also a #net-snmp IRC channel set up on the freenode.net

  chat system.  You can connect to this via chat.freenode.net.

  See http://www.freenode.net/ for more information on getting

  started with IRC.

    Several core developers hang out on this channel on a fairly

  regular basis.

How do I submit a patch or bug report?

-------------------------------------

  The best way to submit a bug report is via the bug database through

  the interface found at

         http://www.net-snmp.org/bugs/

  Be sure to include the version of the package that you've been working

  with, the output of the command 'uname -a', the precise configuration

  or command that triggers the problem and a copy of any output produced.

    Questions about using the package should be directed at the

  net-snmp-users@lists.sourceforge.net mailing list.  Note that this

  mailing list is relatively busy, and the people answering these

  questions are doing so out of the goodness of their hearts, and in

  addition to their main employment.  Please note the following:

     - use plain text mail, rather than HTML

     - don't resend questions more than once

          (even if no-one answered immediately)

     - include full details of exact commands and error messages

          ("I've tried everything, and it doesn't work" isn't much use!)

     - do *NOT* send messages to -users and -coders mailing lists

          (most developers read both anyway)

     - don't mail the developers privately - keep everything on the list

    We can't promise to be able to solve all problems, but we'll

  certainly try and help.  But remember that this is basically an

  unsupported package.  It's Open Source, so if you need something

  fixing badly enough,  fundamentally it's up to you to do the work.

    All patches should be submitted to the patch manager at

         http://www.net-snmp.org/patches/

  If possible, submit a bug report describing the patch as well

  (referencing it by its patch number) since the patch manager

  doesn't contain a decent description field.

  The best way to submit patch (diff) information is by checking out

  the current code from the development git trunk, making your changes

  and then running "git diff" or "git format-patch" after you're done.

  (Please see http://www.net-snmp.org/wiki/index.php/Git for further

  information on using git with the Net-SNMP project)

  If you're working from a source code distribution, and comparing old

  and new versions of a code file, use "diff -u OLDFILE NEWFILE" 

Can I reuse the code in my commercial application?

-------------------------------------------------

  The details of the COPYRIGHTs on the package can be found in the COPYING

  file.  You should have your lawyer read this file if you wish to use the

  code in your commercial application.  We will not summarize here what is

  in the file, as we're not lawyers and are unqualified to do so.

What's the difference between SNMPv1, SNMPv2 and SNMPv3?

-------------------------------------------------------

What's the difference between SNMPv2 and SNMPv2c?

------------------------------------------------

  A full description is probably beyond the scope of this FAQ.

  Very briefly, the original protocol and admin framework was

  described in RFCs 1155-1157, and is now known as SNMPv1.

    Practical experience showed up various problems and deficiencies

  with this, and a number of revised frameworks were developed to try

  and address these problems.  Unfortunately, it proved difficult to

  achieve any sort of agreement - particularly over the details of

  the administrative framework to use.

    There was less disagreement over the proposed changes to the

  protocol operations.  These included:

        * increasing the range of errors that could be reported

        * introducing "exception values"

            (so a single missing value didn't affect

             the other varbinds in the same request)

        * a new GETBULK operation

            (a supercharged GETNEXT)

        * new notification PDUs

            (closer in structure to the other request PDUs)

  Strictly speaking, it's this revised protocol (originally defined

  in RFC 1905, and most recently in RFC 3416) that is "SNMPv2".

  The only framework based on this protocol that saw a significant

  level of use was "Community-based SNMPv2" or "SNMPv2c" (defined

  in RFC 1901). This retained the same administrative framework

  as SNMPv1 (with all of the accompanying limitations), but using

  the new protocol operations.

  More recently, a new administrative framework has been developed,

  building on the various competing SNMPv2 proposals, and using the

  same SNMPv2 protocol operations.  This is SNMPv3, which is defined

  in RFCs 3411-3418.    It addresses some of the deficiencies of the

  community-based versions, including significant improvements to

  the security of SNMP requests (like it finally has some!).

     SNMPv3 is now a full IETF standard protocol.

  Strictly speaking, SNMPv3 just defines a fairly abstract framework,

  based around the idea of "Security Models" and "Access Control Models".

  It's this combination of SNMPv3 plus accompanying models that actually

  provides a working SNMP system.

     However, the only models in common use are the "User-based Security

  Model" (RFC 3414) and the "View-based Access Control Model" (RFC 3415).

  So "SNMPv3" is frequently used to mean the combination of the basic

  SNMPv3 framework with these two particular models.

     This is also sometimes described as "SNMPv3/USM".

  So in brief:

        - SNMPv2c updated the protocol operations

                  but left the administrative framework unchanged.

        - SNMPv3  updated the administrative framework

                  but left the protocol operations unchanged.

Which versions of SNMP are supported in this package?

----------------------------------------------------

  This package currently supports the original SNMPv1 (RFC 1157),

  Community-based SNMPv2 (RFCs 1901-1908), and SNMPv3 (RFCs 3411-3418).

    The agent will respond to requests using any of these protocols,

  and all the tools take a command-line option to determine which

  version to use.

  Support for SNMPv2 classic (a.k.a. "SNMPv2 historic" - RFCs 1441-1452)

  was dropped with the 4.0 release of the UCD-snmp package.

Can I use SNMPv1 requests with an SNMPv2 MIB (or vice versa)?

------------------------------------------------------------

    Yes.

    The syntax used to specify a MIB file (better referred

  to as SMIv1 or SMIv2) is purely concerned with how to define

  the characteristics of various management objects.  This is

  (almost) completely unrelated to the versions of the protocol

  used to operate on these values.  So it is quite reasonable to

  use SNMPv1 requests on objects defined using SMIv2, or SNMPv2

 (or SNMPv3) requests on objects defined using SMIv1.

    The one exception is objects of syntax Counter64, which are

  only accessible using SNMPv2 or higher.  SNMPv1 requests will

  either treat such objects as an error, or skip them completely.

  Note that SMIv1 is effectively obsolete, and all new MIBs

  should be written using SMIv2.

How can I monitor my system with SNMP?

-------------------------------------

  There are two main methods of using SNMP for monitoring.  One is to regularly

  query the SNMP agent for information of interest, graphing these values and/or

  saving them for later analysis.  That's not really the focus of the Net-SNMP

  project - our tools are more low-level, single-shot commands.  For this sort

  of high-level management, you're really looking at a management console

  application (such as Nagios or OpenNMS), or a data logging application

  (such as RRDtool, or one of its front-ends - MRTG, Cacti, etc).

  The other approach is to configure the SNMP agent to monitor the relevant

  information itself, and issue an alert when the values pass suitable limits.

  See the section ACTIVE MONITORING in the snmpd.conf(5) man page for details.

  Note that this entry makes no reference as to _what_ you should monitor, or

  what values might be significant.  That's because it is impossible to provide

  a universal answer to these questions.  The information to monitor, and the

  normal operating values will ultimately depend on your local environment.

  SNMP is simply a tool to _help_ you manage your systems - it isn't a magic

  panacea - you still have to think for yourself!

Where can I find more information about network management?

----------------------------------------------------------

  There are a number of sites with network management information on

  the World Wide Web.  Some of the most useful are

      http://www.simpleweb.org/

      http://www.snmplink.org/

      http://www.mibdepot.com/

  The SNMP Usenet newsgroup is now mostly defunct, but although the

  FAQ hasn't been updated for a while, it still contains a large

  amount of useful information relating to SNMP, including books,

  software, other sites, how to get an enterprise number, etc, etc.

  This is available from

      ftp://rtfm.mit.edu/pub/usenet/comp.protocols.snmp/

  or via any of the Web sites above.

What ports does SNMP use?

------------------------

  There are three main network ports (and one named socket), which are 

  typically used by SNMP.  These are:

    - UDP port 161       - SNMP requests (GET* and SET)

    - UDP port 162       - SNMP notifications  (Traps/Informs)

    - TCP port 705       - AgentX

    - /var/agentx/master - AgentX

  However, these are simply the default "well-known" ports for these purposes,

  and it is perfectly possible to accept requests on other ports.

Is Net-SNMP thread safe?

-----------------------

  Strictly speaking, no.  However, it is possible to use the library within

  a multi-threaded management application.  This is covered in detail in

  the file README.thread (shipped with the standard distribution), but can

  be summarised as follows:

    -	Call 'snmp_sess_init()' prior to activating any threads.

	This reads in and parses MIB information (which isn't thread-safe)

	as well as preparing a session structure for subsequent use.

    -	Open an SNMP session using 'snmp_sess_open()' which returns an

	opaque session handle, which is essentially independent of any

	other sessions (regardless of thread).

    -	Resource locking is not handled within the library, and is the

	responsibility of the main application.

  The Net-SNMP agent has not been designed for multi-threaded use.  It

  should be safe to use the agent library to embed a subagent within a

  threaded application as long as *all* SNMP-related activity (including

  generating traps, and parsing MIBs) is handled within a single thread.

  The command-line tools shipped as part of the Net-SNMP distribution

  are simple single-threaded applications, and are not designed for

  multi-threaded use.  Adapting these to a threaded model is left as

  an exercise for the student.

    The same holds true for the notification receiver (snmptrapd).

  Unfortunately, the SNMPv3 support was added about the same time as

  the thread support and since they occurred in parallel the SNMPv3

  support was never checked for multi-threading correctness.  It is

  most likely that it is not thread-safe at this time.

APPLICATIONS

============

How do I add a MIB?

------------------

  This is actually two separate questions, depending on whether you

  are referring to the tools, or the agent (or both).

    See the next question or the next section respectively.

How do I add a MIB to the tools?

-------------------------------

  Adding a MIB to the client-side tools has two main effects:

    -  it allows you to refer to MIB objects by name

         (rather than having to use the numeric OIDs)

    -  it allows the results to be displayed in a more immediately

       meaningful fashion.  Not just giving the object names, but

       also showing named enumeration values, and interpreting table

       indexes properly (particularly for string and OID index values).

  There are two steps required to add a new MIB file to the tools.

  Firstly, copy the MIB file into the appropriate location:

	cp MY-MIB.txt /usr/local/share/snmp/mibs

            (which makes it available to everyone on the system)

    or

        mkdir $HOME/.snmp

        mkdir $HOME/.snmp/mibs

	cp MY-MIB.txt $HOME/.snmp/mibs

            (which makes it available to you only)

  Note that the location of the shared MIB directory may be different

  from that given here - see the FAQ entry "Where should I put my MIB

  files?" for more information.

  Secondly, tell the tools to load this MIB:

        snmpwalk -m +MY-MIB .....

            (load it for this command only)

    or

	export MIBS=+MY-MIB

            (load it for this session only)

    or

        echo "mibs +MY-MIB" >> $HOME/.snmp/snmp.conf

            (load it every time)

  Note that the value for this variable is the name of the MIB

  module, *not* the name of the MIB file.   These are typically the

  same (apart from the .txt suffix), but if in doubt, check the contents

  of the file.  The value to use is the token immediately before the

  word DEFINITIONS at the start of the file.

  Or use the special value "all" to have the tools load all available

  MIBs (which may slow them down, particularly if you have a large

  number of MIB files.

  Note that you need *both* steps.

  Adding a MIB in this way does *not* mean that the agent will

  automatically return values from this MIB.  The agent needs to be

  explicitly extended to support the new MIB objects, which typically

  involves writing new code.

    See the AGENT section for details.

  Most of the tools (apart from 'snmptable') will work quite happily

  without any MIB files at all - although the results won't be displayed

  in quite the same way.  Similarly, the agent doesn't need MIB files

  either (other than to handle MIB object names in the configuration file).

Why can't I see anything from the agent?

---------------------------------------

  Fundamentally, there are two basic reasons why a request may go

  unanswered.  Either the management application does not like the

  request (so never sends it), or the agent does not like the request

  (so never responds).  The simplest way to distinguish between the

  two is to run the command with the command-line option '-d'.

  If this doesn't display a hex dump of the raw outgoing packet, then

  it's the client side which is dropping the request.  Hopefully you

  should also see an error message, to help identify what's wrong.

  If this displays one or more outgoing dumps (but nothing coming back),

  then the request is failing at the agent end.  See the next entry for

  more details.

    There are three further possibilities to consider:

  One is that the agent may return a response to the original query,

  but the management application may not like this response, and refuse

  to display it.  This is relatively unusual, and typically indicates

  a flaw with the remote agent.  (I hope you're not contemplating the

  suggestion that the Net-SNMP command-line tools might contain bugs!)

    The typical symptoms of this would be that the '-d' option would

  display a sequence of sending and received packet dumps, with the

  same contents each time.  Ask on the mailing list for advice.

  Alternatively, the agent may simply not support the MIB objects being

  requested.  This is most commonly seen when using the "snmpwalk" tool

  (particularly with SNMPv1).

  The symptoms here would be that '-d' would show two pairs of raw

  packet dumps - one a GETNEXT request (A1 in the sending packet),

  followed by a GET request (A0).  Repeating the same request with the

  "snmpgetnext" command-line tool should show the information (if any)

  that the agent returned, which was then discarded by snmpwalk as

  irrelevant.

  Note that this is how snmpwalk was designed to work.  It is not an error.

  Finally, it may be that the agent is simply taking too long to respond.

  The easiest way to test for this is to add the command-line options

  "-t 60 -r 0", which will send a single request (with no repetitions)

  and wait for a minute before giving up.  This ought to be long enough

  for all but the most-overloaded agent, or inefficient MIB module!

  If this turns out to be the cause, then ask on the mailing list for

  advice on options for improving the performance.

Why doesn't the agent respond?

-----------------------------

  Assuming that the tests outlined in the previous entry indicate that

  the problem lies with the agent not responding, the obvious question 

  is "why not".

  Again, there are two basic possibilities - either the agent never

  sees the request, or it receives it but is unwilling (or unable) to

  process it.  If the remote system is running the Net-SNMP agent,

  then the easiest way to distinguish between these two cases is to

  shut down the agent, and re-start it manually using the options

              -f -Le -d

  Then send the same query as before.  This should display raw dumps of

  packets seen (or sent) by the agent, just as with the client side in

  the previous entry.

  If the agent does not display anything, then it is simply not receiving

  the requests.  This may be because they are being blocked by network

  or local firewall settings ('iptables -L'),  or the agent may not be

  listening on the expected interfaces ('netstat -a').

  This is most commonly encountered when running queries from a remote

  host, particularly if the same request succeeds when run on the same

  system as the agent itself.

  If the agent displays a dump of the incoming request, but nothing going

  out, then the most likely cause is access control settings.  See the

  relevant entries in the AGENT section for details.  Note that if the agent

  receives an SNMPv1 or SNMPv2c request with a unknown community string,

  then it will not return an error response - the request is simply discarded.

  Another possibility is that the request may be rejected by settings in

  /etc/hosts.{allow,deny}.  Again, '-d' will display an incoming packet

  dump but no corresponding outgoing response.  However in this situation,

  the agent should also log a message that the request is being refused.

  Running the agent with '-d' can also help identify situations where the

  agent *is* responding to the request, but only after a long delay.  This

  would be indicated by a series of incoming packet dumps (showing various

  retries from the client side), followed by several outgoing dumps - possibly

  long after the client tool has given up in disgust.

    See the entry

      The agent worked for a while, then stopped responding.  Why?

  later in this section.

I can see the system group, but nothing else.  Why?

--------------------------------------------------

  This is almost definitely due to the access configuration of the agent.

  Many pre-configured systems (such as most Linux distributions) will only

  allow access to the system group by default, and need to be configured

  to enable more general access.

    The easiest way to test this is to try a GETNEXT request on one of

  the other standard groups

  e.g.

	snmpgetnext  .....  interfaces

  If the agent responds with "hrSystemUptime.0" or "end of MIB", then it

  is clearly configured in this way.  See the entries on access control

  in the AGENT section for more information.

Why can't I see values in the <ENTERPRISE> tree?

-----------------------------------------------