Lab 5 ‐ SNMP - PasRP-Theo/Admin-III GitHub Wiki

Lab 5 — SNMP & Monitoring with LibreNMS

1. Introduction

This laboratory aims to practice concepts related to infrastructure supervision. The exercise consists of installing a LibreNMS server, then adding your two Proxmox hosts to monitor their activity via the SNMP protocol.

This document describes:

  • complete LibreNMS deployment,
  • Proxmox host configuration,
  • fundamental SNMP concepts (OID, MIB, community, SNMPv3, traps),
  • necessary Wireshark analysis,
  • all steps allowing a beginner to reproduce the infrastructure.

2. Prerequisites

Proxmox Infrastructure

  • A cluster composed of 2 operational Proxmox hosts.
  • Ability to deploy virtual machines.
  • Internet connection to download packages.

Machine for LibreNMS

  • Linux VM (Ubuntu)
    • 2 vCPU
    • 2–4 GB RAM
    • 20 GB disk
  • SSH access
  • Internet connection

3. LibreNMS Deployment

There are several methods (packages, Docker, OVA). The following method uses Ubuntu + official installation.

3.1 System Installation

Create a VM in Proxmox with Ubuntu Server. Then update:

sudo apt update && sudo apt upgrade -y

3.2 Installation of Dependencies

sudo apt install -y software-properties-common \
    mariadb-server mariadb-client \
    nginx-full \
    php php-cli php-fpm php-mysql php-curl php-gd php-xml php-mbstring \
    snmp snmpd fping git unzip

3.3 MariaDB Configuration

sudo mysql -u root -p

In the SQL shell:

CREATE DATABASE librenms CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
EXIT;

3.4 LibreNMS Installation

cd /opt
sudo git clone https://github.com/librenms/librenms.git
sudo chown -R www-data:www-data /opt/librenms

3.5 Nginx Configuration

Create the file /etc/nginx/conf.d/librenms.conf:

server {
    listen 80;
    server_name _;

    root /opt/librenms/html;
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/run/php/php-fpm.sock;
        include fastcgi.conf;
    }
}

Restart:

sudo systemctl restart nginx php-fpm

3.6 SNMP Configuration on LibreNMS Server

sudo nano /etc/snmp/snmpd.conf

Modify:

rocommunity public
sysLocation Data Center Room
sysContact [email protected]

Then:

sudo systemctl restart snmpd

3.7 Access to LibreNMS

Open in a web browser:

http://VM_IP_ADDRESS

Complete the installation via the interface.

4. Adding Proxmox Hosts to LibreNMS

4.1 Enable SNMP on Proxmox

On each host:

apt install snmpd

Edit /etc/snmp/snmpd.conf:

rocommunity public
agentAddress udp:161

Restart:

systemctl restart snmpd

Test from LibreNMS:

snmpwalk -v2c -c public PROXMOX_IP

4.2 Add Host in LibreNMS

In the web interface:

  1. Devices → Add Device
  2. Enter:
    • Hostname/IP: IP of the Proxmox node
    • SNMP version: v2c
    • Community: public
  3. Save

Repeat for both hosts.

5. Summary of SNMP Concepts

5.1 OID and MIB

An OID (Object Identifier) is a unique numeric address pointing to a monitorable piece of information, for example:

1.3.6.1.2.1.1.5.0

A MIB (Management Information Base) is a file that translates OIDs into readable names and organizes this information. It allows you to understand what each OID represents.

5.2 Community and Authentication

SNMPv1/v2c uses a community string, similar to a password transmitted in clear text.

Types:

  • rocommunity: read-only
  • rwcommunity: read + write (to be avoided)

This mechanism is simple, but not secure.

5.3 Advantages of SNMPv3

  • Strong authentication (hash)
  • Traffic encryption (AES)
  • Advanced access control

SNMPv3 is the recommended version in a secure environment.

5.4 SNMP Traps

Unlike classical requests (pull), a trap is pushed automatically by the equipment.

Use cases:

  • Link loss
  • CPU overload
  • Hardware failure

They allow near-instantaneous detection.

6. Wireshark Analysis (to be completed with captures)

Recommended captures:

1. SNMPv2c Request

  • Show the community in clear text
  • Identify the interrogated OID
  • Comment on the PDU structure

2. SNMPv3 Request

  • Show encrypted traffic
  • Compare with v2c

3. SNMP Trap

  • Show the absence of preliminary interrogation
  • Identify the trap type

7. Infrastructure Documentation

Include:

  • Proxmox + LibreNMS VM diagram
  • Ports used:
    • 161/UDP (SNMP)
    • 162/UDP (Traps)
    • 80/443 (LibreNMS Web)
  • Deployment steps
  • SNMP configuration
  • Verifications (snmpwalk)

Use of IA for translation https://www.perplexity.ai/search/lab-5-snmp-monitoring-avec-lib-Uldtwyq4Rz27X9qIQkpbZQ?preview=1#0