Quagga, Debian and SNMP-Support
Currently I try to make the Quagga Routing Daemon talk SNMP in order to monitor it's status (number of routes, changes, etc.).
It's not as straight-forward as it could be. First of all, Quagga has to be complied with the "--enable-snmp" option. Due to licensing issues with the OpenSSL library, the Debian maintainer of the quagga-package had to build the package in Debian without that option. So, the best way is to rebuild the package from Debianized sources with that option enabled.
Here is a 3-Step recipe / howto / tutorial:Step 1: Build Quagga with --enable-snmp
# cd /usr/local/src
# apt-get source quagga
# apt-get build-dep quagga
# apt-get install libsnmp-dev libsnmp9-dev libsnmp9 libsnmp-base debhelper dpkg-dev snmpd snmp
# echo edit quagga-0.99.10/debian/quagga.preinst
… remove the "grep ^smux" block at the end …
# echo be sure to be in still in /usr/local/src !
# export WANT_SNMP=1
# apt-get -b source quagga
Hint: If you are on a 64-bit system, you currently need that patch additionally: http://lists.quagga.net/pipermail/quagga-dev/2008-December/006301.html
Update: The newest release included the 64-bit fix. See changelog: smux 64-bit fix for lib/smux.h SNMP_INTEGER() macro
The is result will be a .deb paackage, e.g. quagga_0.99.10-1lenny2_amd64.deb.
# dpkg -i quagga_0.99.10-1lenny2_amd64.deb
...to install it. Quagga is now prepared to connect to snmpd via "smux". But before smux must be enabled in the snmpd.Step 2: Prepare and configure snmpd
To do so, edit /etc/default/snmpd. Remove the "-smux" option from the SNMPDOPTS line. By that way you probably want to add additional IPs snmpd should, listen on. By default it only listens to localhost, but your monitor will be probably on a different box. Then add to /etc/snmp/snmpd.conf
smuxpeer .18.104.22.168.4.1.3322.214.171.124. yourpasszebra
smuxpeer .126.96.36.199.4.1.33188.8.131.52. yourpassbgpd
smuxpeer .184.108.40.206.4.1.33220.127.116.11. yourpassospfd
(For details about the OIDs see here: Quagga MIBs
. Mind the dots after the OIDs! They currently do matter! )
# /etc/init.d/snmpd restart
Now prepare each of quagga's daemon to talk to snmpd's smux. (in the above example only the OIDs for zebra, bgpd, ospfd were added). vtysh does _not_ work here!Step 3: configure Quagga
# telnet localhost 2601
Connected to localhost.
Escape character is '^]'.
Hello, this is Quagga (version 0.99.10).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
User Access Verification
quagga# conf terminal
quagga(config)# smux peer 18.104.22.168.4.1.3322.214.171.124 yourpasszebra
quagga# conf terminal
quagga# wr mem
Now you should set up snmpd ACLs and users as usual. Use snmpwalk to test, if you see .126.96.36.199.188.8.131.52 etc.
An example how to find out the AS number:
# snmpwalk -v 2c -c $community -O fn $ip .184.108.40.206.220.127.116.11
.18.104.22.168.22.214.171.124.0 = INTEGER: 20755
You can find more about the BGP MIB in an OID browser