SNMP + DrayTek monitoring

Currently I have a DrayTek 2820vn router that I would like to monitor. Having gone through the management options I noticed that it has some SNMP options:
Code:
 SNMP Setup 
  Enable SNMP Agent 
  Get Community  
  Set Community  
  Manager Host IP  
  Trap Community  
  Notification Host IP  
  Trap Timeout   seconds

What I was wondering is, can I use my FreeBSD server (which sits behind this router) to monitor and graph the activity on the router?

I'm not too familiar with SNMP so this is all quite new to me. I'd like to start with some obvious items to monitor like uptime and bandwidth usage. The router does have some basic built in graphs, unfortunately once you reboot it, all the history is lost.

What ports would help me achieve the above and can someone recommend a (basic) SNMP guide to get me going? Am I on the right path even with SNMP to achieve this?

Many thanks all :e
 
xy16644 said:
What I was wondering is, can I use my FreeBSD server (which sits behind this router) to monitor and graph the activity on the router?
It certainly looks that way.

What ports would help me achieve the above and can someone recommend a (basic) SNMP guide to get me going?
net-mgmt/net-snmp for starters.

Am I on the right path even with SNMP to achieve this?
Yes, you are. Also look at net-mgmt/mrtg, net-mgmt/cacti and a few others that can get the info for you.
 
SirDice said:
It certainly looks that way.


net-mgmt/net-snmp for starters.


Yes, you are. Also look at net-mgmt/mrtg, net-mgmt/cacti and a few others that can get the info for you.
Thanks for all the recommendations!

I have installed the net-mgmt/net-snmp port.

In my /etc/rc.conf I added:
Code:
snmptrapd_enable="YES"
snmptrapd_flags="-a -p /var/run/snmptrapd.pid"

I did not add:
Code:
snmpd_enable="YES"
snmpd_conffile="/usr/local/etc/snmpd.conf"

as I only want to receive traps? I only want my server to query the router.

If I run:
Code:
snmpwalk -v1 -c public 192.168.0.1
 (this is my routers internal IP)

I get a WHOLE bunch of stuff returned:
Code:
SNMPv2-MIB::snmpOutNoSuchNames.0 = Counter32: 2
SNMPv2-MIB::snmpOutBadValues.0 = Counter32: 0
SNMPv2-MIB::snmpOutGenErrs.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetNexts.0 = Counter32: 0
SNMPv2-MIB::snmpOutSetRequests.0 = Counter32: 0
SNMPv2-MIB::snmpOutGetResponses.0 = Counter32: 929
SNMPv2-MIB::snmpOutTraps.0 = Counter32: 2
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: enabled(1)

(This is just some of the output otherwise theres too much).

I assume that because I am getting some output from the router that this is working?

On the router itself I set up the SNMP agent as follows:
Code:
SNMP Setup 
  Get Community  public
  Set Community  private
  Manager Host IP  192.168.0.200
  Trap Community  public
  Notification Host IP  192.168.0.200
  Trap Timeout   10 seconds

Am I on the right track here? What do I do with the output from the router now? I'm busy reading about the snmptrapd.conf right now but it's not making much sense yet...
 
Looks good. I do advise you to change the community strings. Both public and private are well known. Keep in mind that the "set community" string allows settings to be changed on your router. And you don't want someone else messing with your router's settings.

SNMP traps can be set so the router sends a signal when your connection goes down for instance. The snmp daemon shouldn't be needed, that's only used if you want to query your FreeBSD machine with SNMP.

Using snmpwalk find out which MIB has the number of bytes in/out of the interfaces. Use that MIB with MRTG. It will be queried every 5 minutes and MRTG will create nice looking graphs showing the bandwidth usage.
 
Thanks SirDice. I understand that the defaults are insecure at this stage ;-)

I must say, I am really battling with this SNMP stuff so far. I think the router's SNMP agent is configured correctly. I have installed Cacti but I just cannot add my router as an SNMP device to monitor it? Cacti looks quite nice but am battling to figure it out.

I'm about to give MRTG a go but would really like to see Cacti in action with my router!
 
The tricky bit is finding the correct MIB to use. Snmpwalk is helpful with this as it will "walk" the entire tree showing everything that's available.
 
SirDice said:
Looks good. I do advise you to change the community strings. Both public and private are well known. Keep in mind that the "set community" string allows settings to be changed on your router. And you don't want someone else messing with your router's settings.

SNMP traps can be set so the router sends a signal when your connection goes down for instance. The snmp daemon shouldn't be needed, that's only used if you want to query your FreeBSD machine with SNMP.

Using snmpwalk find out which MIB has the number of bytes in/out of the interfaces. Use that MIB with MRTG. It will be queried every 5 minutes and MRTG will create nice looking graphs showing the bandwidth usage.

According to DrayTek web site they support:


Code:
Vigor Routers support MIB II. Please download the standard MIB II and ADSL-LINE-MIB.

The items below are the ADSL-LINE-MIB that Vigor Routers support.

OID for supported ADSL LINE MIB

----------------------------------------------------------

1.3.6.1.2.1.10.94.1.1.1.1.1 adslLineCoding
1.3.6.1.2.1.10.94.1.1.1.1.2 adslLineType
1.3.6.1.2.1.10.94.1.1.1.1.3 adslLineSpecific
1.3.6.1.2.1.10.94.1.1.1.1.4 adslLineConfProfile
1.3.6.1.2.1.10.94.1.1.1.1.5 adslLineAlarmConfProfile

1.3.6.1.2.1.10.94.1.1.3.1.1 adslAturInvSerialNumber
1.3.6.1.2.1.10.94.1.1.3.1.2 adslAturInvVendorID
1.3.6.1.2.1.10.94.1.1.3.1.3 adslAturInvVersionNumber
1.3.6.1.2.1.10.94.1.1.3.1.4 adslAturCurrSnrMgn
1.3.6.1.2.1.10.94.1.1.3.1.5 adslAturCurrAtn
1.3.6.1.2.1.10.94.1.1.3.1.6 adslAturCurrStatus
1.3.6.1.2.1.10.94.1.1.3.1.7 adslAturCurrOutputPwr
1.3.6.1.2.1.10.94.1.1.3.1.8 adslAturCurrAttainableRate

1.3.6.1.2.1.10.94.1.1.5.1.1 adslAturChanInterleaveDelay
1.3.6.1.2.1.10.94.1.1.5.1.2 adslAturChanCurrTxRate
1.3.6.1.2.1.10.94.1.1.5.1.3 adslAturChanPrevTxRate
1.3.6.1.2.1.10.94.1.1.5.1.4 adslAturChanCrcBlockLength

I have been able to successfully run:
[cmd=]snmpwalk -v1 -c public 192.168.0.1[/cmd]

and

[cmd=]snmpget -v 2c -c public 192.168.0.1 SNMPv2-MIB::sysUpTime.0[/cmd]

It's the next bit I am battling with :\
 
So I think I am very *slowly* making process with this. I have installed MRTG and have managed to get a graph going that now monitors my WAN port. I did this by running cfgmaker and pointing it to my router with the correct community password.

The next question I have is, how do I manually add some other items to MRTG? For instance I would like to see how many bytes have been sent/received in total and to view the traffic usage by IP address.

When I ran:
[cmd=]snmpwalk -v1 -c public 192.168.0.1[/cmd]

I noticed that there were:
Code:
IF-MIB::ifOutOctets.1 = Counter32: 645027496
IF-MIB::ifOutOctets.4 = Counter32: 101653294

which I *think* are for the interface and for outgoing traffic. Either way, how do I include this in the mrtg.cfg file?

BTW, mrtg is super cool :e
 
SirDice said:
Using snmpwalk find out which MIB has the number of bytes in/out of the interfaces. Use that MIB with MRTG. It will be queried every 5 minutes and MRTG will create nice looking graphs showing the bandwidth usage.

SirDice, would you be able to explain to me in detail how you achive the above? I just can't seem to figure this out ;-(
 
Hello,

Someone has noticed that with the new firmware SNMP ADSL doesn't work fine?

Please see my attachment.

Regards.
 

Attachments

  • snmp Vigor 2820n.JPG
    snmp Vigor 2820n.JPG
    72 KB · Views: 2,766
I ended up rolling back my firmware as I just couldn't get my graphing to work correctly after updating the firmware. I also contacted DrayTeks support but didn't solve the issue in the end.

PS: Your graphs look cool, is that MRTG or something else?
 
Firmware

I know this thread is almost a month old now, but I am also having issues with the SNMP. The data that is gives me is nowhere near what the built in traffic analysis gives. I have 3.3.7_232201 but I would like to go down to 3.3.5.2. I have scoured the internet and cannot seem to find the firmware anywhere. Can anyone help?

Thanks in advance.

James
 
Back
Top