Elastix Application Note #201110101:

Installing SNMP on Elastix

Title Installing SNMP on Elastix

Author Bob Fryer
Date Written 10th October 2011
Revision 1.0
Replaces Document N/A
Tested on Elastix Version 2.2RC3
Backward Compatible
Disclaimer: Your use of these application notes is subject Yes See
to the FAQsconditions:
following
Elastix*Level Beginner to Experienced
Your application of these notes are entirely at your own risk.
Linux Level
* While tested in a Lab environment, I know nothing of your Intermediate
environmentto Experienced
and may be totally unsuitable.
Network will not hold myself or any company I am associatedIntermediate
Level
* You with responsible for any damages arising from
Latest these
Document Source available from www.elastixconnection.com
notes. It is up to you to test in your environment to its suitability.
Credits N/A
Licence GNU FDL
Foreword

These application notes are intended to be a guide to implement features or extend the features of
the Elastix IP PBX system.

Whilst many (but not all) guides available are basically a random collection of notes, usually while
someone is implementing a feature for themselves, these guides are meant to be more definitive
guide that has been tested in a lab with specific equipment, and particular versions of Elastix.

Finding information on the Internet can be haphazard due to the lack of document version control,
lack of attention to software versions, and in some cases they are wrong. Then you have the cross
pollination issues, where a guide has been done for another distribution, which may or may not be
applicable to your Elastix system.

You will note on the front page of every Application note written in this way, will be an easy to read
summary, regarding the Elastix system it was tested on, when the document was written, whether it
is backward compatible, and the level of expertise needed to accomplish the implementation.

These application notes are written up and tested in a lab that has been specially setup to write
these notes. This includes

5 x Elastix IP PBX Hardware with a mixture of SIP only, Digium, Sangoma, OpenVox Cards
1 x WAN Simulator (including latency, jitter, random disconnects, random packet drop)
8 x Consumer / Business routers, including Drayteks, Cisco 1842, Cisco 877, Linksys WRT54GL
2 x IBM XSeries servers running VMware with 8 images of various versions of Elastix IP PBX
1 x Standard Microsoft SBS Network providing DHCP and DNS and Mail system
2 x Linux Servers

The Elastix IP PBX systems, both hardware and Virtual based have image systems to refresh the
systems to limit infection from other testing. Combined with a range of Phones, which include
Aastra, Linksys, Cisco, Yealink, it provides a reasonable cross section of typical systems currently in
the field.

These application notes are not just done in isolation either. Behind them is over 6-7 years of
commercial implementation of IP PBX systems, utilising these methods and concepts. The Lab is just
used to reconfirm the implementation in a less production like environment.

How you use these application notes is entirely up to you. However, it is highly recommended that in
the first instance, that you follow the notes and configurations in their entirety (except for IP
addresses) of course. If you follow it exactly, then it will be easier for others to assist you when you
do have an issue.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Introduction

Simple Network Management Protocol (SNMP) is a protocol that enables Network administrators to
manage devices on the Network. Almost any manageable device on the Network supports SNMP.
This may include Routers, Managed and Semi-Managed switches, Servers and other devices.

Some products that utilise SNMP for management are NAGIOS/OPSVIEW, CACTI, OPENNMS, as well
as almost any Commercial Enterprise Network Management product.

In simple words, it is a way for a management interface to request and obtain hardware information,
configuration details, versions, and performance statistics, amongst other objects from these
devices.

These objects are arranged in a sort of database called a MIB (Management Information Base),
which is why we talk about MIBs in this application note.

These Objects are uniquely identified as OIDs (Object Identifiers) which normally return a result
when queried.

I wont go much deeper than this on SNMP, as it is outside the scope of this document. There are
some great resources on the Internet about SNMP, so it is not worth re-inventing the wheel here.

Implementation

Many of the guides on the internet assume that net-snmp has not be installed. In Elastix 2.0, it has
already been installed.

If you want to check that the net-snmp packages are already installed. You can check this yourself by

yum list installed net-snmp*

Which should list the installed packages with the name beginning with net-snmp and will list similar
to the following diagram on the next page.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
There is one package that needs to be installed which is net-snmp-utils. We can complete this step
easily by:

yum install net-snmp-utils

You should see the following screen once completed

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
The Configuration Files

One of the things that is not provided on the Elastix 2.0 is the digium-mib.txt and asterisk-mib.txt
files. These are critical to allow us to extract SNMP data from Asterisk. So we need to create these
files.

cd /usr/share/snmp/mibs

using the standard editor I use which is nano or your own that your familiar with

nano DIGIUM-MIB.txt

go to https://wiki.asterisk.org/wiki/display/AST/Digium+MIB+Definitions and copy the entire

contents in the code box into this file and save.

then

nano ASTERISK-MIB.txt

go to https://wiki.asterisk.org/wiki/display/AST/Asterisk+MIB+Definitions and copy the entire

contents in the code box to this file and save.

You will note that the MIB names we created are in uppercase. It does not really matter, except
general convention is uppercase, and the rest of this Application Note uses this uppercase method.

So far so good. Now we need to edit the /etc/asterisk/res_snmp.conf file to uncomment the
subagent=yes and uncomment the enable=yes which we will do with the following:

nano /etc/asterisk/res_snmp.conf

So you should have a couple of lines looking like the following:

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Now we are going to modify the the main /etc/snmp/snmpd.conf file, but lets make backup of it
first (this way once you are comfortable with SNMP, you can look at the original file and review
other options).

cp /etc/snmp/snmpd.conf /etc/snmp/snmpdoriginal.conf

now edit it

nano /etc/snmp/snmpd.conf

Remove all the lines (ctrl-k in Nano to delete a line) and add the following lines

syslocation Linux Elastix2, Sydney DataCentre

syscontact Bob Fryer bob@elastixconnection.com.au

com2sec local localhost public

com2sec localnet 172.22.22.30 public
com2sec monitornet 192.168.200.0/24 public

group MyROGroup v2c local

group MyROGroup v2c localnet
group MyROGroup v2c monitornet

view all included .1

access MyROGroup "" any noauth 0 all none none

# Asterisk configuration
master agentx
agentXSocket /var/agentx/master
agentXPerms 0660 0550 nobody asterisk

# Asterisk user

rwuser asteriskUser priv

createUser asteriskUser SHA p0lly10abc AES

Now there are a couple of things you may wish to change. The first two lines, you may wish to
change the syslocation and syscontact. You can change these without and concerns.

The next are your community strings. It is good practice to change these from the default PUBLIC
entry, but whilst you are setting up and testing, leave them as public. Many SNMP applications use
the PUBLIC string as standard, so you can test easily until you get the hang of things. You may also
wish to change the IP addresses. These IP Addresses tell SNMP what IP addresses are allowed to
communicate with SNMP.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
So in a nutshell, 172.22.22.30 is a local SNMP monitoring tool on my workstation, and the other is
the companies Enterprise Monitoring solution. There is also an entry for the localhost as well, in case
you are running a tool that utilises SNMP on the Server.

You will note that you can set a community string for each type of access, e.g. being performed on
the local machine, being performed on the local network, and as is many cases, your monitoring
system. For the time being we have set them all to public until we are ready to secure it further.

The last main item you may want to change is the password on the last line (p0lly10abc). This is a
password I selected, but it can be anything you want (at least 8 chars). However, this is only for
SNMP V3, and we are using V2c for our implementation.

One last thing is to fix up the permissions on the following file by issuing the following command

/etc/init.d/snmpd start

and you should see the following

And now type the following command

chmod 755 /var/agentx

it wont provide any feedback, it just drops to the next line.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Restarting the Services

The next two lines restart the services after we have modified the config files. The first one restarts
SNMPD, and the second restarts the Asterisk system using the standard method for Elastix.

/etc/init.d/snmpd restart

Which should show up like the following

amportal restart

Now just issue the following commands at the Linux prompt, so that the SNMP Service starts upon
boot.

service snmpd start

chkconfig snmpd on

thats it!!

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Testing that it all works

Now part of the reason why we loaded net-snmp-utils is to obtain the well know snmpwalk tool that
allows us to test SNMP. So now issue the following command:

snmpwalk -On -c public -v 2c localhost ASTERISK-MIB::astChanTypeChannels.7

If all is successful then you should see the response similar to the one below.

This means that we have successfully completed the SNMP installation for Elastix and it is in a
working state.

To confirm that it is actively monitoring, use one SIP extension and dial another SIP extension, leave
the line open and type the command again...

You will note that the value at the end of the response line is now 2 instead of 0. From what I can
gather, this is the OID for active SIP Channels. I might be wrong, but it appears to be the case.

Now the hard part is that there appear to be plenty of lists available for Asterisk 1.4 and Asterisk 1.6
OIDs, but very thin on the ground in terms of Asterisk 1.8. I believe that it is a case of waiting for
someone to release their list, or doing a bit of homework, working with the old lists, and translating
the information to make up a new definitive list for Asterisk 1.8. Its also a case of reading through
the ASTERISK-MIB.txt file to get a handle on the requests and outputs.

You will note on the snmpwalk command, I am using the name specified in the ASTERISK-MIB.txt file,
and besides providing a result, it is also supplying a OID that can be used in an external software
SNMP tool or monitoring system.

You may want to try these following commands

snmpwalk -On -c public -v 2c localhost .1.3.6.1.4.1.22736

This lists all the OIDS available using the Asterisk MIB

Likewise you can also perform this command

snmpwalk -On -c public -v 2c localhost ASTERISK-MIB::astChanTypeChannels

which will provide all the OIDs and results relating to astChanTypeChannels

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Remember, whilst we have been concentrating on the ASTERISK MIB, there is a whole lot more to
explore including other areas that can be measured, now that you have SNMP running on your
Elastix System

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
 FREQUENTLY ASKED QUESTIONS (FAQs)

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Why is there no list for common OIDs for Asterisk 1.8?

Be honest with you, no idea....it seems to be an area lacking on the Asterisk Documentation. Whats
worse is that the OIDs differ from Asterisk 1.4 to Asterisk 1.6 and Asterisk 1.8. I would have thought
that it would be normal to maintain compatibility between versions. Originally thats what threw me
off when I wrote these notes a year or two ago.

I was checking that it was reading the number of SIP channels open, and was getting a result of 0,
even though I had SIP channels open. In the meantime, learnt a little more about the OIDs and
realised that they changed between versions.

Now to qualify this, I am no expert on SNMP, and likewise, I know nothing of the Asterisk SNMP MIB
design. There are probably very good reasons, and in fact I found that products other than Asterisk
have also done the same thing.

So how to develop a template for the OIDs for my Network Management tool, especially if
the OIDs change from Asterisk version to Asterisk version. ?

In your coding, the OIDs that appear to remain the same are at the top of the MIB, which include
the Asterisk Version. So your code could read this version number and perform a SNMP Query based
on the version number

I am using a SNMP Tool on my workstation, but I am not able to connect to Elastix SNMP

If you are using a firewall, you need to open UDP Port 161. This is even more important if you have
turned on the firewall on in Elastix 2.2, as Port 161 is not part of the Elastix firewall default port
setup.

You may need to open Port 162 as well, if you decide to use SNMP Traps.

You talk about SNMP Traps, but you have not talked about it in this Application Note.

The purpose of this application note was mainly to enable and configure SNMP on your Elastix
system. Traps are another subject on their own, and again there is a large amount of information on
the Internet.

If you can imagine that your Network Management system is requesting data from your Elastix
system at regular intervals.

Traps are the reverse, where you set a limit on a particular OID, and when this limit is reached (e.g.
temperature limit is reached), it sends a trap to the Network Management System, the minute that
it happens, allowing the Network Management System to alert the Network staff of a critical event.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.
Otherwise, this event may only be realised when the Elastix system is next polled which could be 5-
10 minutes away.

Is this Application Note suitable for Elastix 1.6 and Elastix 2.03?

Considering that this application note commenced originally using an Elastix 1.6 system, I believe so.
I have, however, not tested it recently on an Elastix system earlier than 2.2. These notes were
completely revised from my original notes, and have been tested against 3 different Elastix 2.2rc3
systems.

Disclaimer: Your use of these application notes is subject to the following conditions:
* Your application of these notes are entirely at your own risk.
* While tested in a Lab environment, I know nothing of your environment and may be totally unsuitable.
* You will not hold myself or any company I am associated with responsible for any damages arising from
these notes. It is up to you to test in your environment to its suitability.