Home   Profile   Fun
#179 Linux  30.03.2009

snmpd binds to 127.0.0.1 only


When snmpd is started on a Debian system it binds to localhost (127.0.0.1) only.
This is the default configuration and you can access it with snmp queries only from the same machine.

# netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
...
udp        0      0 172.0.0.1:161             0.0.0.0:*                           0          16214      5639/snmpd
...


To make the snmp daemon accessible from the network it must bind to at least one public IP addresses. This can be achieved by changing the default options.
# vi /etc/default/snmpd
Change line
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
to
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'

The result is that snmpd binds to all IP addresses (public and localhost).
(If you want snmpd to bind to one public IP address only just change 127.0.0.1 accordingly.)

To activate this new configuration snmpd must be restarted.
#/etc/init.d/snmpd restart

# netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
...
udp        0      0 0.0.0.0:161             0.0.0.0:*                           0          16214      5655/snmpd
...

The result can be seen in column "Local Address". Here 127.0.0.1:161 changed to 0.0.0.0:161.
0.0.0.0 stands for all available IP addresses including localhost. Now snmpd can be accessed from the network.