What cluster interface is used for SNMP communication? | NetApp | Page 1

echo raft Feb 14, 2024, 1:01 AM

#

We have Icinga tool using SNMP communication to monitor Netapp cluster. Can somebody please tell me how can I indetify which cluster interface(s) is configured for SNMP communication with Icinga server?

mighty furnace Feb 14, 2024, 3:31 AM

#

If I’m not mistaken, any lif with a service policy of cluster-mgmt or node-mgmt

echo raft Feb 14, 2024, 11:20 AM

#

I don’t know where is your assumption coming from, but, just checked all cluster and node mgmt LIF’s , port 161 which is for snmp on all these LIF’s is not open, how could you explain that?

fresh quail Feb 14, 2024, 11:45 AM

#

you didn't specify polling... you just said snmp... which could also be for outgoing traps

fresh quail Feb 14, 2024, 12:00 PM

#

checked options -option-name snmp.enable?

echo raft Feb 14, 2024, 12:14 PM

#

snmp.enable is on.
My understanding is that we are doing both polling from Icinga server and outgoing trap from the cluster. What interfaces being used in this two respective cases?

cyan hemlock Feb 14, 2024, 12:25 PM

#

Check the service management-snmp-server in the service-policies attached to your mgmt-LIFs.

#

https://docs.netapp.com/us-en/ontap/networking/lifs_and_service_policies96.html

LIFs and service policies in ONTAP 9.6 and later

Assign service policies to LIFs to specify the supported traffic

#

You can use network interface service show to check which services are available on your ONTAP-version and which ports they're using.

mighty furnace Feb 14, 2024, 12:32 PM

#

You just asked what was used. Not what is being used. Typically the mgmt lifs have a service policy that usually include snmp. Unless you turn it on it will only send traps in which case it will not respond to snmp queries.

Additionally, querying ONTAP for snmp is almost useless. I’ve looked at the “documented” MIB file and compared to snmpwalk and they do not even come close to matching up. Snmpwalk finds far fewer OIDs and some of the documented ones don’t even return values.

#

network interface service-policy show -vserver admin_svm

Look at default-management
Is there any snmp service? If not you would need to add it

echo raft Feb 14, 2024, 12:56 PM

#

@OG1 @mighty furnace You are correct, cluster-mgmt and node-mgmt LIF's include "management-snmp-server".
So, here are my questions:

How can I found out the port numbers this process is going to use?
If I run "nmap cluster-mgmt", the output doesn't include SNMP port 161, or 162.
the command "network interface service-policy show -vserver admin_svm" doesn't show me any ports number

mighty furnace Feb 14, 2024, 1:27 PM

#

network interface service show

echo raft Feb 14, 2024, 2:47 PM

#

"network interface service show" helps me to identify what services are corresponding to what ports in genric. But, when it came down to any cluster-mgmt or node-mgmt LIF's, 161/udp for snmp is closed, although the service "management-snmp-server" is assoicated with these LIF's. That is the part I still don't understand about...

fresh quail Feb 14, 2024, 6:59 PM

#

perhaps there's a better way to do monitoring... what software do you use that uses snmp?

echo raft Feb 14, 2024, 7:05 PM

#

Icinga, that's the monitoring tool.
I know now that the NetApp cluster uses mgmt LIF's to communicate with Icinga based on the service-policy on the LIF's.
Don't know why or what made 161 port closed, with the closed port how these two get communicated to each other?

lime stirrup Feb 15, 2024, 12:03 AM

#

SNMP uses UDP, I think nmap by default only scans for TCP ports

fresh quail Feb 15, 2024, 7:51 AM

#

it seems Icinga has some integrations with grafana/prometheus... then you could use Harvest to gather metrics...

#What cluster interface is used for SNMP communication?