Ubuntu

SNMP binds only to 127.0.0.1 (localhost)

Asked by Stephen Gornick

The net-snmp FAQ says "Normally, the agent will bind to the specified port on all interfaces
  on the system, and accept requests received from any of them."

http://net-snmp.sourceforge.net/docs/FAQ.html#How_can_I_listen_on_just_one_particular_interface_

However I see that on my Feisty system the /etc/init.d/snmpd startup script bound snmpd to only the localhost interface:

$ ps -ef|grep snmp
snmp 6591 1 0 04:11 ? 00:00:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1

$ netstat -natup|grep 161
udp 0 0 127.0.0.1:161 0.0.0.0:*

I can manually launch snmpd without the 127.0.0.1 parameter and then it will not bind to any specific interface:

$ sudo netstat -natup|grep snmpd
udp 0 0 0.0.0.0:161 0.0.0.0:* 7178/snmpd

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
Matt Mossholder
Solved:
Last query:
Last reply:
Revision history for this message
Stephen Gornick (sgornick) said : 		#1

Here are my network interfaces. Not sure if it is relevant, ... I do have VMWare installed.

$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:02:3F:6B:E1:C0
          inet addr:192.168.10.118 Bcast:192.168.10.255 Mask:255.255.255.0
          inet6 addr: fe80::202:3fff:fe6b:e1c0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:6007 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5705 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2075792 (1.9 MiB) TX bytes:648863 (633.6 KiB)
          Interrupt:18 Base address:0x4800

eth1 Link encap:Ethernet HWaddr 00:90:4B:4D:D4:8C
          inet6 addr: fe80::290:4bff:fe4d:d48c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:7989 errors:0 dropped:9 overruns:0 frame:0
          TX packets:472 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:740690 (723.3 KiB) TX bytes:19998 (19.5 KiB)
          Interrupt:5 Base address:0x8000

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:15702 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15702 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1328981 (1.2 MiB) TX bytes:1328981 (1.2 MiB)

vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01
          inet addr:192.168.51.1 Bcast:192.168.51.255 Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:77 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08
          inet addr:192.168.35.1 Bcast:192.168.35.255 Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Revision history for this message
Best Matt Mossholder (matt-mossholder) said : 		#2

You need to update /etc/default/snmpd .. The SNMPDOPTS line needs to look like this:

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'

The default setting tells SNMPD to only listen on the loopback address

Revision history for this message
Stephen Gornick (sgornick) said : 		#3

Thanks Matt Mossholder, that solved my question.

Revision history for this message
Tim Ehlers (ehlerst-yahoo) said : 		#4

Created a bug report for this. It is still a problem in ubuntu 10.04 LTS 64bit. Just searching for this problem on forums/google shows it really is mass confusion. Binding to 127.0.0.1 by default seems like a bug to me.