I’m trying to setup net-snmpd
configuration and the service is running properly but I am unable to get any reply; all my requests end in timeouts.
Here is my config:
environment.systemPackages = with pkgs; [
net-snmp
];
networking.firewall.allowedUDPPorts = [ 161 ];
systemd.services.snmpd = {
enable = true;
wantedBy = [ "multi-user.target" ];
description = "Net-SNMP daemon";
after = [ "network.target" ];
restartIfChanged = true;
serviceConfig = {
User = "root";
Group = "root";
Restart = "always";
ExecStart = "${pkgs.net-snmp}/bin/snmpd -Lf /var/log/snmpd.log -f -c /etc/snmp/snmpd.conf";
};
};
environment.etc."snmp/snmpd.conf".text = lib.mkForce ''
rocommunity <my comm string> <my home IP>/32
rocommunity <my comm string> 127.0.0.1/32
rocommunity6 <my comm string> ::1/128
com2sec notConfigUser default public
com2sec6 notConfigUser default public
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
access notConfigGroup "" any noauth exact systemview none none
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
sysLocation AWS, North Virginia, USA
sysContact <my email>
sysServices 72
sysName <my hostname>
dontLogTCPWrappersConnects yes
'';
My config is exactly copied from a Debian host that has been working for years.
I’m testing it by doing this: snmpget -t 90 -v2c -c <community string> 127.0.0.1 .1.3.6.1.2.1.25.1.1
After timeout I get this message: Timeout: No Response from 127.0.0.1.
No logs in /var/log/snmpd.log
when hitting it. I turned on -Dall
but didn’t see any relevant messages.
I tried tcpdump -i any port 161 -vv
and I am seeing incoming traffic to the host but I am no expert at looking at that.