Networking / Beginners

Simple Network Management Protocol (SNMP)

SNMP is a protocol to monitor and control network attached devices. SNMP agents that run on the devices can provide status information about the device upon request, or even send TRAP messages to specific hosts, when an event occurs. SNMP can also be used to manage devices over the network by setting the given parameter on the device.

SNMP is a client/server protocol. A SNMP server (or agent) is a piece of software that runs on hosts and keeps one or more databases of almost live information about the host. These databases are called Management Information Bases (MIBs).

On the other hand, the SNMP client queries SNMP servers/agents for information. This information can be used in a Network Management System (NMS) to monitor the status of the device, or can be used to draw statistics graphs.

There are various open-source SNMP suites available that can be used in FreeBSD. This tutorial discusses two important SNMP implementations in FreeBSD as shown here:

  • Net-SNMP, that is available via ports system, is a very popular open-source SNMP toolkit.
  • bsnmpd is a light-weight SNMP agent that is available in FreeBSD's base system.


The bsnmpd(1) daemon is a very light-weight SNMP daemon that is supposed to serve only the basic SNMP MIBS, and the other MIBS through loadable modules. The bsnmpd(1) is available in FreeBSD base system, out of the box.

Setting up a basic SNMP server using bsnmpd is pretty straightforward:


Adding this line to /etc/rc.conf file will enable the daemon so that it is started automatically, upon system start up. You should then start the daemon, manually, for the first time:

# /etc/rc.d/bsnmpd start

And you are set.

Now bsnmpd(1) is running with the default configuration (which is not always secure) and it is highly recommended that you customize the configuration for your needs.

The configuration file is located at /etc/snmpd.config. You need to change a few basic things, such as location and contact fields, and most importantly, the read and write to community strings.

In SNMP, the community strings are almost equal to passwords. Anyone who knows your community string can poll status information from your SNMP server, or even change the variables over the network.

Following is a sample of secured snmpd.config file:

location := "Datacenter"
contact := ""
system := 1 # FreeBSD
traphost := localhost
trapport := 162
read := "p^49Gb*z0n$0"
write := "wMt54%z@0Rcj3"

The sample configuration file also contains a modules section in which it loads appropriate modules, if necessary. One module that is loaded by default is SNMP MIB II module that contains basic information about the host. There are also a few other modules available such as Netgraph Module, PF Module, and Bridge Module. For more information about the other modules, please see documents and MIBs under the /usr/share/snmp directory.


NET-SNMP is a complete suite of open-source SNMP tools, including client and server components, and supports the SNMP v1, v2c, and v3 protocols. NET-SNMP is very popular, and has many modules that can be used to extend its functionality.

Unlike bsnmpd(1), the NET-SNMP is a fully loaded SNMP toolkit that contains many MIBs and supports many protocol extensions, and also includes a handful of client and test tools. NET-SNMP is the right choice for a complex SNMP scenario.

NET-SNMP is available in ports tree under the /usr/ports/net-mgmt/net-snmp directory. After installing the port, you can enable the NET-SNMP in the /etc/ rc.conf file using appropriate configuration variable:


You can then manually start the daemon by issuing the following command:

# /usr/local/etc/rc.d/snmpd start

The NET-SNMP configuration is somehow complicated, as compared to bsnmpd. The configuration consists of a set of configuration files that can be found under the /usr/local/share/snmp subdirectory. The most important configuration file is snmpd.conf,which contains configuration information for the SNMP server component.

You do not have to edit the configuration files manually. The snmpconf(1) utility can be used to edit the configuration in a step-by-step manner.

You need to perform some basic initial setup for your NET-SNMP daemon, before you can actually use it. These configuration parameters consist of the basic contact and location information, as well as community names and network access policies. All these steps can be done using the following command:

# snmpconf -i

The snmpconf(1) utility then asks you, which component you want to configure and starts asking you questions about your preferred setup parameters. Once finished, it will automatically install the configuration file in the correct location, and all you need to do is to start or restart the SNMP daemon.

Client Tools

The NET-SNMP is bundled with a Swiss army knife of SNMP client and test tools. Using these utilities, you can perform various SNMP operations from the command line. The client set consists of the following tools:

Utility Name 	Description of functionality
snmpget 	Queries SNMP server for a specific variable using
                GET request.
snmpgetnext 	Queries SNMP server for a specific variable using
                GETNEXT request.
snmpset 	Sends a SET request to SNMP server to update a
                specific variable.
snmpwalk 	Retrieves a subtree of variables from SNMP server.
snmpbulkget 	Queries SNMP server for a set of variables using
                GETBULK request.
snmpbulkwalk 	Retrieves a subtree of variable from SNMP server
                using GETBULK request.
snmpdelta 	Monitors delta differences in SNMP counter values.
snmpinform 	Sends an INFORM-PDU to the trap receiver.
snmpnetstat 	Displays network status and configuration information
                of a SNMP server.
snmptest 	Communicates with SNMP servers using user specified
                SNMP requests.
snmpstatus 	Retrieves a fixed set of management information
                from SNMP server.
snmptable 	Retrieves an SNMP table and displays it in tabular
snmptranslate 	Translates OID names from numeric to text and vice
snmpusm 	Manages SNMPv3 users on SNMP servers.
snmpvacm 	Manages SNMPv3 View-based Access Control on SNMP
snmpdf 		Retrieves disk usage information from SNMP server.
snmptrap 	Sends TRAP-PDU or TRAP2-PDU to trap receiver.

The snmpget(1) utility is a handy tool to retrieve SNMP variables from an SNMP agent.

# snmpget -v 1 -c public sysName.0

    SNMPv2-MIB::sysName.0 = STRING:

This example shows retrieveing sysName variable from host This query is initiaited using SNMP version 1 (hence the -v parameter) and a read-only community named public is configured on the SNMP server.

On the other hand, snmpwalk(1) actually retrieves a complete sub-tree from the SNMP server. It can be used to populate a complete set of data from an SNMP-enabled host.

# snmpwalk -v 1 -c public IF-MIB::ifDescr
    IF-MIB::ifDescr.1 = STRING: sis0
    IF-MIB::ifDescr.2 = STRING: xl0
    IF-MIB::ifDescr.3 = STRING: lo0

This example shows how to retrieve the ifDescr sub-tree from IF-MIB. Note that you can retrieve the complete SNMP MIB tree from the host, if you do not specify any SNMP OID in parameters. This will most likely give a huge amount of output, but it is useful to see what kind of information you can get from the host.

[Previous] [Contents] [Next]