Monitoroing: Missing SNMP Agent support

[spetrillo]

net-snmp and bsnmpd are two DIFFERENT snmpd applications. Both run on port 161/udp and are in conflict with one another. Why is this important?  The plugin that is the currently supported SNMPd system is the UCD-snmp application (now called net-snmpd). The OS level plugin (bsnmpd) included the BEGEMOT-PF-MIB with it that allows for a ton of performance monitoring, alerting on failed applications, etc.  Most of these options were not duplicated with the net-snmpd plugin (there are other threads on the missing Enterprise level monitoring that disappeared with this change).

I've personally been experimenting trying to get one of the daemons to run on a non-standard port so that I can make use of both but so far am running into other problems/issues.

Note that despite multiple requests, there still is no published documentation on what MIBs the net-snmpd plugin is presenting and I didn't have the time to go thru the source code of the pluging to see what is being incorporated.

Monitoring and alerting of these things from an Enterprise level has not been a priority for the development team. I can understand why, but it has relegated this product to the back seat for many of our suggested customer deployments due to the inability to alert based on off the shelf monitoring and alerting systems.

Marcos

Could not agree more! I am using Opnsense in one production deployment but since I cannot monitor the services of OPNsense I will not put ot out anywhere else. This needs to get solved!

[Patrick M. Hausen]

Note that despite multiple requests, there still is no published documentation on what MIBs the net-snmpd plugin is presenting and I didn't have the time to go thru the source code of the pluging to see what is being incorporated.

Are you really requesting that OPNsense duplicate all the documentation that already exists? Just like with NginX or  HAproxy or NUT the net-snmp plugin simply integrates the standard open source SNMP suite.

The full documentation can be found here: http://www.net-snmp.org/docs/readmefiles.html
And specifically the list of implemented MIBs in the agent here: http://www.net-snmp.org/docs/README.agent-mibs.html

I am aware of the lack of BEGEMOT-PF-MIB but how do you suggest to get that integrated? Fork the net-snmp project?

I use Observium as an NMS and I have had way better (read: more consistent and meaningful) results specifically for the HOST-RESOURCES-MIB compared to bsnmpd.

bsnmpd is highly FreeBSD specific and development seems to have somewhat stalled. net-snmp is the standard suite everybody including Linux uses.

Perhaps I am really missing something? What "performance monitoring" is there in bsdnmpd that isn't in net-snmp? I am interested in RAM/swap, CPU, disk utilisation, ... the regular stuff you monitor for a host. And I am perfectly content with what Observium presents me in the UI.

[spetrillo]

I can only speak for myself. I use Zabbix and there is no way to monitor services that are not OS level. Items like DNS, DHCP, and other 'application' services were available with SNMP and Begemot, but no longer available.

If we want to use OPNsense in prod environments we must be able to monitor every major service on OPNsense.

If you have a solution I am happy to hear about.

[Patrick M. Hausen]

Doesn't the Zabbix agent running on OPNsense provide that?

Other than that what we do are active checks for all the service we provide, e.g. with Icinga2.

Check if DNS is running - throw a request at the server. Etc.

[spetrillo]

No it only provides OS level monitoring. It goes no further.

[Patrick M. Hausen]

From parsing the docs I got the impression that Zabbix can do everything Icinga and Nagios can do, too.

If you mean "just connect the agent and everything works", you are probably right. But you can write your own templates to monitor whatever you like.

[spetrillo]

Yes I could write my own template but that's why the snmp option was enticing.

[gcorre]

I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.

Did you check if another service was already listening on port 161?
That is why I was unable to launch bsnmpd. I had to kill the process (I don't remember the name of the process).

[Isabella Borgward]

This is all rather confusing. bsnmpd is no longer supported but ships with OpnSense? OK...
At what point are the bsnmpd scripts and binaries going to disappear?

[Patrick M. Hausen]

bsnmpd is part of the FreeBSD base system. OPNnsense does not use it but the more widely used and better supported net-snmp package instead. Just install the plugin and enjoy.

I monitor all my devices with Observium and all of them use net-snmp if they are in any way Unix-y.

[Isabella Borgward]

Supported in what sense? If it's still present and works then that'll do for me.
bsnmpd provides features that the Zabbix agent and net-snmpd does not - notably, sensible names for interfaces and firewall metrics.

[Patrick M. Hausen]

Supported by third party network management systems. The host resources MIB works way better at least for me.

Would you do me a favour? Run an snmpwalk of a firewall with bsnmpd running and send me the part with the firewall metrics in a DM?

I'm interested what OIDs they use. Because another advantage of net-snmp is: it can be extended by mere configuration and a shell script. See my howto I am linking in the Observium thread.

So maybe I can retrofit the firewall metrics into net-snmp ...

[Isabella Borgward]

Yeah, you're right, bsnmpd does not return much useful for system resources.
So I had a test firewall set up with both bsnmpd and Zabbix agent, so we had interface traffic and systems resources.
Unfortunately it looks like /etc/snmpd.config got overwritten by an update [or something - it happened when I was on holiday so must have been a colleague] and was reverted to the default community string, etc. Not sure if this is the expected behaviour but if bsnmpd is "unsupported" then I guess I can expect the unexpected?!

[Patrick M. Hausen]

The config file is part of the regular system baseline and if not managed by OPNsense (which it isn't) overwritten with the default version by every update.

Would you be so kind and send me the snmpwalk output I asked for? I'm looking into a way to implement the pf metrics in net-snmpd but without knowing what they actuallly look like that's difficult.

[Isabella Borgward]

Just trying to find somewhere to put this...too big for pastebin, no attachments on here.