Proxying requests through the Solaris SNMP daemon
Earlier this month I described how Orca could be used to graph JVM utilization. In order to get this solution working, you need to enable the Java SNMP agent. This can be a problem if you are running multiple SNMP agents on the server, and want both agents to use the standard SNMP port (UDP port 161). Fortunately the Solaris SNMP daemon (and anything derived from the net-snmp SNMP implementation) can be configured to proxy requests to one or more agents on the local machine (it can also proxy requests to remote systems).
To configure the Solaris SNMP daemon to proxy requests to a secondary agent, you can add one or more “proxy” statement to your snmpd.conf configuration file. The following example shows a sample snmpd.conf entry that can be used to proxy incoming requests for the JVM management MIB namespace to an agent that is bound to localhost on UDP port 8161, using version two of the SNMP protocol to communicate with this agent:
proxy -v 2c -c public localhost:8161 .1.3.6.1.4.1.42.2.145.3.163.1
As you can imagine, this opens up a number of interesting possibilities. This allows you to enforce access policies from a single location (the snmpd.conf configuration file), and limit the number of services that need to use the wildcard address when binding to a socket. Niiiiice!
Athanasios Douitsis on November 19th, 2007
Yeah, very good idea, snmp proxy feature rocks.
One other very good idea is to provide an SNMPv3 frontend for agents that do not have v3 capability.
Cheers,
Athanasios