SNMP

normis · March 20, 2006, 9:28am

We are working on a completely new SNMP for RouterOS and we are going to also support SNMP write. Could you please write what you wish to see in RouterOS SNMP support, and what network management programs you now use that have SNMP write support.

ice · March 20, 2006, 10:53am

Cool!
SNMP TRAP and GET features are required.

Denis_Basta · March 20, 2006, 10:53am

We’re using self-written SNMP client script + iReasoning MIB Browser 3.0.1…

Would be great to have read/write access to:

interfaces
ip addresses
routes
queues
system settings

mag · March 20, 2006, 4:48pm

Very good! Looking forward to it.

Now we’re using Ipswitch WhatsUp (fading out), InterMapper (my favorite:), Nagios (testing) and a few minor tools.

SNMP-related things springing to mind are:
Traps
Configuration access e.g. interfaces, firewall rules, activating scripts,…

(one more thing, not sure if its possible at all: custom variables by scripting, reachable through SNMP, e.g. for creating own counters or thresholds.)

driton · March 20, 2006, 4:55pm

Bandwidth description is very helpful, e.g. if you have a 100mbps interface but it is giving only 512kbps why should the interface appear as 100mb when you config the MRTG graph or similar (even if you can do it manually).
Interface flaps (down/up) should be available via snmp.

jarosoup · March 20, 2006, 8:10pm

Here are a few requests:

More SNMP support for WDS interfaces. Currently, they support ethernet-like interfaces, but it would be nice to join or index based on the registration table so that there are wireless OIDs available along with the standard ethernet statistics. Please let me know if you need more info about this. We currently do this manually by looking up the OIDs.
OID support for firewall connection counts. We currently do this with scripting, but after so many networks with this running, the script can “miss”. What we need is the value for “/ip firewall connection tracking print count-only”.
OID support for DHCP lease count. Similar to above, we run a script that returns “/ip dhcp-server lease print count-only” to obtain lease counts. It’d be handy to poll this with SNMP.
Apparently there is now support via SNMP for hotspot active user counts. I haven’t upgraded to a version that supports this, but please retain it as this is a great one to have.
In general, anything that supports “print count-only” would be a helpful addition.

Glad to hear you guys are working to improve SNMP support. Keep up the good work!

eflanery · March 20, 2006, 8:26pm

I would say that it would not just be nice to have everything that has a “print count-only” option, but everything that has a “print” command of any sort.

In fact, I would like to see SNMP become as full-featured as the command line. It should be quite possable, even if some parts get a bit confusing.

Also, adding something like “send SNMP-trap” as a logging action would be pretty cool.

I don’t think SNMP is really all that great a management protocol, but it could certainly do the job, and would be better than the hack-job scripts I use now. (In my ideal world, each MT would make it’s entire self available as a full featured CORBA object, but that is probably asking way, way too much.)

–Eric

cmit · March 20, 2006, 8:38pm

Hah! Don’t expect the standard router user to even know what CORBA is?!
Sounds like you are way to software-addicted for a router admin…

Best regards,
Christian Meis

eflanery · March 20, 2006, 9:10pm

Yeah, I’ve worn a few too many hats in my time. Once upon a time, I even wrote shim code to tie ancient USDA Fortran code in with modern DoD CORBA systems, how wrong is that?

No, I wouldn’t expect the “standard router user” to know about CORBA, but MT isn’t exactly a “standard router”, nor are it’s adherants “standard users”.

It’s not unheard of to use CORBA systems for network management, though. Actually it’s a rather nice fit, being super abstract as it is. While “vendor C” doesn’t really do that sort of thing, if you look a bit higher at the likes of Nortel, Lucent, Hauwei, or others in that class, you will find plenty of IDL files available.

I did say it was asking a bit too much, though. Didn’t I?

–Eric

kapusta_kiszona · March 20, 2006, 9:46pm

Cacti support and feature using scripts on linux/bsd machine for managing MikroTik via SNMP.

jp1 · March 21, 2006, 2:58am

My SNMP wishes…

read access:

MT version. There is no excuse for not having that now. I have a database to keep track of my MTs, and use SNMP to keep some of the fields updated. We do this with lots of other hardware. I don’t have a way to easily determine the version in the MT.
arp table (real handy in the ISP world since customer computers and firewalls are rarely pingable now)
dhcp leases
as many wireless measurements as possible. See what alvarion and other snmp-ready wireless equipment vendors provide by looking at their MIBs.
mac address of associated/registered radios would be good for my homemade monitoring systems to automatically figure out what is associated to what.
perhaps temperature/voltage measurements when hardware makes it possible.
UPS status via SNMP if a Smart-UPS is attached.

Write access:

ip configuration
reboot
factory reset
bandwidth test server and client functionality. I could have a nasty bash script cronjob on my linux monitoring systems that automatically setup and take down the bandwdith server to run a test between any two systems at various times.
sniffer streaming start/stop capture and interface selection. To automate traffic capture to my machine running trafr. A tech could enter one command on my system which would start trafr, connect to a MT, stream sniffed data for 30 seconds, stop the stream, stop trafr, and open the data up in ethereal or another program, or perhaps just archive it if I am looking to get samplings over time if the interesting traffic is intermittent.

either a default input rule to block SNMP access not from a particular IP , would be a good default security configuration as well. The user would just set the IP that is allowed and enable the rule, after setting a write community string.

For SNMP software, we use net-snmp (mostly in bash scripts to get snmp data into a text file or mysql), and MRTG on linux.

normis · March 21, 2006, 6:58am

cacti? no problem with it already:
http://forum.mikrotik.com//viewtopic.php?t=4164&highlight=cacti

normis · March 21, 2006, 8:08am

actually we are also preparing an open API for configuration of the router, so you can develop your own applications that connect to the router and configure/control it. this is not connected to SNMP but i guess you will also like that

sten · March 21, 2006, 8:53am

An oid to reboot, but not oids for reset or shutdown as they would be unnecessary and potentially harmful.

Oid’s to execute scripts. E.g. write 0 => 1 (equals reboot)

Oid’s to save config to specified name. E.g. “” => “myconfig” (equals saving config as myconfig.backup)

Oid’s to restort config from specified name. E.g. “” => “myconfig” (equals loading myconfig.backup)

Oid’s for (for example) 5-10 static oids which one may put strings and which scripts could read.

Error counters for all interfaces.

bjohns · March 21, 2006, 12:48pm

Love the idea of an API - I can only imagine the amount of flexibility it would provide, especially with the more dynamic functions such as hotspot/ppp connections etc.

GotNet · March 21, 2006, 3:14pm

Answer to a prayer! Holy crap, I just did a cartwheel!

andreacoppini · March 21, 2006, 3:21pm

Now where did I put that little thermal printer I had???

csickles · March 21, 2006, 5:38pm

Hot “DARN !!”…

eflanery · March 21, 2006, 6:47pm

Sweet!

Thank you, thank you, thank you!!!

–Eric

incoming429 · March 22, 2006, 1:18am

i use this oid to get the fw version (2.9 only): .1.3.6.1.4.1.14988.1.1.4.4.0

the docs are incomplete about the oids
just do a snmpwalk and you get quite an interesting list

regards,
michal