Current checks while configuring SNMP are not entirely correct.
Example 1: configure snmp listen-address with an IP which is not defined in the router:
No error while commiting, but snmp is not running. A warning message is printed.
vyos@vyos# run show config comm | grep "address\|vrf"
set interfaces ethernet eth0 address '192.168.56.2/24'
set interfaces ethernet eth0 vrf 'MGMT'
set interfaces ethernet eth1 address '10.10.10.10/24'
set service ntp allow-client address '0.0.0.0/0'
set service ntp allow-client address '::/0'
set vrf name MGMT protocols static route 0.0.0.0/0 next-hop 192.168.56.1
set vrf name MGMT table '101'
[edit]
vyos@vyos# set service snmp listen-address 198.51.100.99
[edit]
vyos@vyos# commit
[ service snmp ]
WARNING: SNMP listen address "198.51.100.99" not configured!
[edit]
vyos@vyos# sudo netstat -putane | grep 161
[edit]
vyos@vyos# sudo systemctl status snmpd.service
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; disabled; preset: enabl>
Drop-In: /run/systemd/system/snmpd.service.d
└─override.conf
Active: activating (auto-restart) (Result: exit-code) since Wed 2023-07-05>
Process: 5641 ExecStart=ip vrf exec MGMT /usr/sbin/snmpd -LS0-5d -Lf /dev/n>
Main PID: 5641 (code=exited, status=1/FAILURE)
CPU: 17ms
Jul 05 10:28:06 vyos systemd[1]: snmpd.service: Main process exited, code=exite>
Jul 05 10:28:06 vyos systemd[1]: snmpd.service: Failed with result 'exit-code'.
Jul 05 10:28:06 vyos systemd[1]: Failed to start snmpd.service - Simple Network>Example 2 - Define VRF but assign ip address which is not assigned to the vrf
No error while commiting, but snmp is not running
vyos@vyos# run show config comm | grep "address\|vrf"
set interfaces ethernet eth0 address '192.168.56.2/24'
set interfaces ethernet eth0 vrf 'MGMT'
set interfaces ethernet eth1 address '10.10.10.10/24'
set service ntp allow-client address '0.0.0.0/0'
set service ntp allow-client address '::/0'
set vrf name MGMT protocols static route 0.0.0.0/0 next-hop 192.168.56.1
set vrf name MGMT table '101'
[edit]
vyos@vyos# set service snmp vrf MGMT
[edit]
vyos@vyos# set service snmp listen-address 10.10.10.10
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# sudo netstat -putane | grep 161
[edit]
vyos@vyos# sudo systemctl status snmpd.service
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; disabled; preset: enabl>
Drop-In: /run/systemd/system/snmpd.service.d
└─override.conf
Active: activating (auto-restart) (Result: exit-code) since Wed 2023-07-05>
Process: 5439 ExecStart=ip vrf exec MGMT /usr/sbin/snmpd -LS0-5d -Lf /dev/n>
Main PID: 5439 (code=exited, status=1/FAILURE)
CPU: 16ms
Jul 05 10:25:04 vyos systemd[1]: snmpd.service: Main process exited, code=exite>
Jul 05 10:25:04 vyos systemd[1]: snmpd.service: Failed with result 'exit-code'.
Jul 05 10:25:04 vyos systemd[1]: Failed to start snmpd.service - Simple Network>Example 03: define vrf and configure listen-address with an IP attached to such VRF.
Everything works as expected, but a warning message is printed (not correct)
vyos@vyos# set service snmp vrf MGMT
[edit]
vyos@vyos# set service snmp listen-address 192.168.56.2
[edit]
vyos@vyos# commit
[ service snmp ]
WARNING: SNMP listen address "192.168.56.2" not configured!
[edit]
vyos@vyos# sudo netstat -putane | grep 161
udp 0 0 127.0.0.1:161 0.0.0.0:* 0 49345 6074/snmpd
udp 0 0 192.168.56.2:161 0.0.0.0:* 0 49344 6074/snmpd
udp6 0 0 ::1:161 :::* 0 49346 6074/snmpd
[edit]
vyos@vyos# sudo systemctl status snmpd.service
● snmpd.service - Simple Network Management Protocol (SNMP) Daemon.
Loaded: loaded (/lib/systemd/system/snmpd.service; disabled; preset: enabl>
Drop-In: /run/systemd/system/snmpd.service.d
└─override.conf
Active: active (running) since Wed 2023-07-05 10:31:59 UTC; 6s agoTested on VyOS 1.4-rolling-202306080317