Differenze tra le versioni di "AdminGuide:Service:SNMP/en"
|  (Creata pagina con "* '''TRAP send mode''': specify whether you want to send the trap in version 1 or 2. * '''TRAP destination address''': indicate IP address of the monitoring server to send TRA...") | |||
| Riga 25: | Riga 25: | ||
| The iReasoning MI Browser client was used for the configuration examples, it can make SNMP queries and shows the subtree organization. | The iReasoning MI Browser client was used for the configuration examples, it can make SNMP queries and shows the subtree organization. | ||
| ===System settings=== | ===System settings=== | ||
| [[File:Ireasoning.png|350px|destra] | [[File:Ireasoning.png|350px|destra]] | ||
| The following information is mandatory; if it is not entered, the SNMP service cannot start. | The following information is mandatory; if it is not entered, the SNMP service cannot start. | ||
Versione delle 15:21, 21 giu 2022
Return to AdminGuide:Service
Description
Protocol Operation
SNMP is the standard for network management and monitoring. Thus, it is a protocol used to monitor the state of a machine, specifically, to acquire from a monitoring server external to Kalliope status parameters related to CPU load, memory occupancy, disk space, and concurrent calls. It is a standard protocol available on Kalliope; OIDs (monitored objects) are made available on the central. Those defined in the standard MIB 2 are used, where object identifiers are made available through the agent. The server is the monitoring system that queries, while the SNMP agent is the service used to expose the data to a client that requests it. SNMP involves the client requesting the agent to find out the value of the OID, and the agent returns the value.
The data within the agent is organized in the form of a tree. The data indicate, for example, the version of the primary and secondary firmware, information regarding telephone services, the size of virtual memory occupied by the process, and the total number of failed authentication attempts by SIP clients.
Objects are defined as an index of a leaf under a parent: a tree structure allows you to access by specifying the path address between the subtrees to the leaf, which is the object you want to monitor. SNMP provides:
- Manager
- Agent
- Protocol
The representation of an OIP is done as a sequence of numbers, e.g., 1.3.6.1.2.1.4.6 is the path within the tree, and each point in the path has its textual correspondence.
Configuration
To enable NSMP support, go to "System Settings > SNMP Settings" and hit the "Enabled" checkmark.
The iReasoning MI Browser client was used for the configuration examples, it can make SNMP queries and shows the subtree organization.
System settings
The following information is mandatory; if it is not entered, the SNMP service cannot start.
- sysName: is a particular OID under the system tree (which is the first child and is denoted as 1.3.1.2.1.1), sysName is the machine name and is 1.3.6.1.2.1.5.0 (the 0 at the bottom since it is scalar type).
- sysLocation : is the physical location, it acts as a kind of inventory
- sysContact : email address of the contact person to contact if there is an anomaly in that particular node
In the defined settings, MIB tree 2 and host-resources (1.3.6.1.25) are the two that are exposed on Kalliope. Proprietary MIBs are also exposed and the software can read the whole tree since it scans it entirely, and it is the agent's job to return the values. The MIBs file allows the software monitoring to know the single leaf that only knows by number what it is.
SNMP access settings
- Listening address: e.g., by default 0.0.0.0 means it listens on all interfaces of the central unit. But, if we have a PBX with multiple network interfaces (some public and some private) and you want the SNMP service to be accessible from only one of these interfaces, you can put the IP address of the interface you want the service to be active. Then you can do a bind of the service on the IP entered; this must be one of the central unit's IPs (either one of its interfaces or that of the High Reliability in the case of a cluster). In the last case, in the case of HA, explicit monitoring should be done not pointing to the resource IP but the individual IPs of the two nodes.
- Listen port: 161 is the standard port since SNMP uses the UDP transport protocol.
- Community v1/v2: these are the basic versions of SNMP supported by monitoring systems, SNMP v3 support is not yet enabled. The default value that is used is "public"
- ACL': Access Control List, is a restriction on which IP address the client must have for querying. If an SNMP request comes in outside the ACL, it is rejected.
CAUTION: ACL 0.0.0.0/0 is not recommended, it is always good to restrict access only to authorized IPs
TRAP settings
Traps are a reactive-type mechanism that SNMP agents have for notifying the occurrence of events. Kalliope has not added specifications to the system, and basic ones are present:
- 0: ColdStart
- 1: WarmStart
- 2: linkDOwn
- 3: linkUp
- 4: authenticationFailure
- 5: egpNeighbortLoss
- 6: enterpreseSpecific
Directions on the configuration of TRAPs:
- TRAP send mode: specify whether you want to send the trap in version 1 or 2
- TRAP destination address: indicate IP address of the monitoring server to send TRAPs to
- TRAP destination port: e.g. 162 is the standard one
On the dashboard, the execution of the SNMP service is indicated by the green dot and the "Active" status.
You can do an agent query on Kalliope via any SNMP client (in this case you can use the iReasoning MIB Browser). You need to indicate the IP address to connect to and then set up
- Agent NSMP Version: the default values with which to make the request, i.e. you can choose whether to make it in version 1 or 2
- Agent Read Community: what is the read community in order to get access to the data
- Agent Port: you can indicate the standard port, 161
- Agent Write Community': the ability to do write via SNMP is not enabled
After making the query, it is possible to read the contents of the tree that is present on Kalliope. The reading can be done on an object-by-object basis: The subtree system present the following information including the sysContact, sysName and sysLocation.
The interfaces panel returns the various interfaces present and for each indicates the operational status and bytes exchanged in and out, this allows monitoring systems to show the occupancy graph:
kpbxNode example:
'N.B. The counter of failed authentications (highlighted in blue) is essential data because if a burst of failed authentications comes in, it is likely to be an attack from outside.
KalliopePBX implements MIBs that allow you to monitor the functioning of the equipment through the SNMP standard communication protocol. 
The MIBs that can be consulted are:
- RFC1213-MIB - This MIB defines objects for managing and monitoring an entity in a TCP/IP network. On KalliopePBX the following subtrees are implemented: system, interfaces, at, ip, icmp, tcp, udp, transmission, snmp OID: 1.3.6.1.2.1.1/2/3/4/5/6/7/10/11
https://datatracker.ietf.org/doc/rfc1213/
- RFC 2790 Host Resources MIB - This MIB defines a set of objects containing the configuration of hosts (servers/computers) connected to a TCP/IP network independently of the operating system, the network services, and the installed software. OID: 1.3.6.1.2.1.25
https://datatracker.ietf.org/doc/rfc2790/
- UCD-SNMP-MIB - This MIB defines objects for monitoring the performance of a host (e.g. CPU /RAM / disk occupation). OID: 1.3.6.1.4.1.2021
http://www.net-snmp.org/mibs/UCD-SNMP-MIB.txt
- Kalliope MIB - This proprietary MIB provides information on the configuration and the functioning of the services implemented on the Kalliope node, such as number of configured or registered accounts, simultaneous calls, total number of calls. OID:1.3.6.1.4.1.33732
Download the MIB definitions files:






