I have a Ubiquiti UDM-Pro firewall and a Cisco 3750-X L3 switch. I’ve been trying to find the best way to monitor upload/download bandwidth using one or the other. Following some research, it appears I can’t go down the UDMP path because SNMP here is kneecapped. So, I’m refocusing on the Cisco switch.
How would I monitor port traffic in HA using SNMP? Do I need to set up an SNMP sensor? I already have SNMP enabled on the switch. I also have a SPAN port configured (left over from a dead project) if it helps. The modem is connected to Gi1/0/1, the UDMP is on Gi1/0/12, and SPAN is monitoring Gi1/0/12, redirecting to Gi1/0/46.
I was able to get SNMP running on the UDMP, and I added the following YAML, but I’m not seeing any of the sensors I created. For the sake of simplicity for the first try, I’m going with v2c instead of 3.
The first two sensors were not created, no. When I walked SNMP from the firewall using snmpwalk -Os -c public -v 2c localhost I got the following OIDs back. None of which appear to be the baseoids that the sensors are looking for.
root@UDMPro:/usr/share/snmp# snmpwalk -Os -c public -v 2c localhost
iso.3.6.1.2.1.1.1.0 = STRING: "Linux UDMPro 4.19.152-ui-alpine #4.19.152 SMP Fri Nov 24 21:03:15 CST 2023 aarch64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (17337114) 2 days, 0:09:31.14
iso.3.6.1.2.1.1.4.0 = STRING: "Me <[email protected]>"
iso.3.6.1.2.1.1.5.0 = STRING: "UDMPro"
iso.3.6.1.2.1.1.6.0 = STRING: "Sitting on the Dock of the Bay"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.10.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.4 = OID: iso.3.6.1.6.3.1
iso.3.6.1.2.1.1.9.1.2.5 = OID: iso.3.6.1.6.3.16.2.2.1
iso.3.6.1.2.1.1.9.1.2.6 = OID: iso.3.6.1.2.1.49
iso.3.6.1.2.1.1.9.1.2.7 = OID: iso.3.6.1.2.1.50
iso.3.6.1.2.1.1.9.1.2.8 = OID: iso.3.6.1.2.1.4
iso.3.6.1.2.1.1.9.1.2.9 = OID: iso.3.6.1.6.3.13.3.1.3
iso.3.6.1.2.1.1.9.1.2.10 = OID: iso.3.6.1.2.1.92
iso.3.6.1.2.1.1.9.1.3.1 = STRING: "The SNMP Management Architecture MIB."
iso.3.6.1.2.1.1.9.1.3.2 = STRING: "The MIB for Message Processing and Dispatching."
iso.3.6.1.2.1.1.9.1.3.3 = STRING: "The management information definitions for the SNMP User-based Security Model."
iso.3.6.1.2.1.1.9.1.3.4 = STRING: "The MIB module for SNMPv2 entities"
iso.3.6.1.2.1.1.9.1.3.5 = STRING: "View-based Access Control Model for SNMP."
iso.3.6.1.2.1.1.9.1.3.6 = STRING: "The MIB module for managing TCP implementations"
iso.3.6.1.2.1.1.9.1.3.7 = STRING: "The MIB module for managing UDP implementations"
iso.3.6.1.2.1.1.9.1.3.8 = STRING: "The MIB module for managing IP and ICMP implementations"
iso.3.6.1.2.1.1.9.1.3.9 = STRING: "The MIB modules for managing SNMP Notification, plus filtering."
iso.3.6.1.2.1.1.9.1.3.10 = STRING: "The MIB module for logging SNMP Notifications."
iso.3.6.1.2.1.1.9.1.4.1 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.2 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.3 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.4 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.5 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.6 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.7 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.8 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.9 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.1.9.1.4.10 = Timeticks: (1) 0:00:00.01
iso.3.6.1.2.1.25.1.1.0 = Timeticks: (17364408) 2 days, 0:14:04.08
iso.3.6.1.2.1.25.1.2.0 = Hex-STRING: 07 E8 01 0B 17 05 29 00 2D 06 00
iso.3.6.1.2.1.25.1.3.0 = INTEGER: 393216
iso.3.6.1.2.1.25.1.4.0 = STRING: "pci=pcie_bus_perf console=ttyS0,115200 net.ifnames=0 sysid=ea15 boot_carrier=4 root=
"
iso.3.6.1.2.1.25.1.5.0 = Gauge32: 1
iso.3.6.1.2.1.25.1.6.0 = Gauge32: 185
iso.3.6.1.2.1.25.1.7.0 = INTEGER: 0
iso.3.6.1.2.1.25.1.7.0 = No more variables left in this MIB View (It is past the end of the MIB tree)
The link also says to copy the snmpd.conf to /usr/share/snmp. If I do that, the SNMP daemon fails to start. But if I rename the file to .old or delete it, the service can start.
I found an unrelated thread googling, and I added two OID trees in the snmpd.conf file. After restarting the snmpd service and rebooting HA, I can now see sensor.udm_wan_in_stats and udm_wan_out_stats. Though, they both report ‘unavailable’ in HA.
I checked the snmpwalk output and couldn’t find the OIDs listed, so I opened it up to .1.3.6.1.2.1.2.2.1 in snmpd.conf. Now, the output does show the 10.4 OID for WAN In and 16.4 for WAN Out. However, the sensor still comes back as unavailable. This feels like a format issue.
The OIDs in the snmpwalk seem to have a different format on the UDM (iso.3.6.1.2.1 vs 1.3.6.1.2.1).
Those OID’s do look like the right ones now. Most likely the issue is then on the HA side. Maybe enabling debug logging for the SNMP integration will tell you what’s not linking.
I started looking back at this again, and double checked the SNMP configuration on the UDM Pro side. Everything looked good, and I made sure my /24 subnet was in the conf file.
The sensors started populating once I commented out the “agentaddress” line in the snmpd.conf file. Supposedly, doing this allows access on interfaces.
Makes sense because because agentaddress 127.0.0.1, [::1] would make the SNMP agent listen only on localhost and thus not allow external access. For security, I’d just whitelist the internal IP HA connects to.
