xFelix
xFelix

Use SNMP to monitor your home network by LibreNMS

Use SNMP to monitor your home network by LibreNMS

Recently I spent some time tried different solution to monitor home network and systems. Initially, I tried Cacti on Raspberry Pi but not working really well together with Pi-Hole. So I moved Cacti into a docker container on Synology NAS. But Cacti eats up lot of NAS resources and itself is not that user-friendly. So many issues with poller, and the performance is not good.

Then finally, I found LibreNMS which surprised me with easy deployment and very nice look and feel. So go straight to the deployment guide of LibreNMS to monitor home network via SNMP.

I decided to deploy LibreNMS on Synology Docker. LibreNMS needs database support. So need to create a database docker container.

SSH to Synology NAS then create MariaDB folder

mkdir /volume1/docker/mariadb

Install MariaDB container

docker run --name mariadb \
 -v /volume1/docker/mariadb:/var/lib/mysql \
 -e MYSQL_ROOT_PASSWORD=your-mariadb-root-password \
 -e MYSQL_DATABASE=librenms \
 -e MYSQL_USER=librenms \
 -e MYSQL_PASSWORD=your-mariadb-librenmsuser-password \
 -e TZ=Australia/Sydney -d mariadb:latest --sql-mode='' --innodb_file_per_table=1 \
--lower_case_table_names=0

Now Database is ready to connect.

Then install LibreNMS container, create folders first

mkdir /volume1/docker/librenms
mkdir /volume1/docker/librenms/logs
mkdir /volume1/docker/librenms/rrd

Generate API Key

docker run --rm jarischaefer/docker-librenms generate_key

Output Example

base64:Q0+ZV56/5Uwz79vsvS4ZfwQFOty3e9DJEouEy+IXvz8=

The key (including base64:) must be passed via the APP_KEY environment variable in the docker run command.

Run librenms container

docker run \
 -d \
 -p 8080:80 \
 -e APP_KEY=the_secret_key_you_have_generated \
 -e DB_HOST=database \
 -e DB_NAME=librenms \
 -e DB_USER=librenms \
 -e DB_PASS=your-mariadb-librenmsuser-password \
 -e BASE_URL=http://localhost \
 -e TZ=Australia/Sydney \
 --link mariadb:database \
 -v /volume1/docker/librenms/logs:/opt/librenms/logs \
 -v /volume1/docker/librenms/rrd:/opt/librenms/rrd \
 --name librenms \
 jarischaefer/docker-librenms:latest

Create DB Table

docker exec librenms setup_database

Creating an initial admin user

docker exec librenms create_admin

It’s almost done. Before login into the LibreNMS web portal. We need to enable HTTPS for the site.

The easiest way is to use Synology Application portal reverse proxy setting.

Create a rule under reverse proxy setting.

Source: https://your-librenms-url

Destination: http://localhost:8080

So Synology web service will proxy the https traffic to local http traffic. The traffic between client to Synology NAS is encrypted even using a self-issued certificate, but the traffic within Synology web server to LibreNMS docker container is not encrypted. That does not matter too much as internal traffic on NAS. You can also use Letsencrypted public trusted certificate for LibreNMS web portal.

Before you login LibreNMS, just make sure there’s a DNS record for your-librenms-url to Synology NAS IP address. If you use Pi-Hole as your internal DNS server, just add an entry to its dnsmasq config file.

So open a browser and access https://your-librenms-url

The next step is to enable SNMP for all your home devices that want to be monitored. Recommend to use SNMP v3 for security reasons. But if you think home network risk exposure is low, then SNMP v2 is also a good choice for best compatibility and easy configuration.

Add device on LibreNMS by matching the SNMP setting and credentials on devices. Wait for 5 minutes, you will see the graphs of collecting data.

Back to the Terminal, we can set up custom settings to LibreNMS to exclude some unwanted features like Billing and Services etc

vi /volume1/docker/librenms/config.custom.php

Paste in the following example (1 is enable, 0 is disable)

<?php 

$config['show_locations'] = 1; # Enable Locations on menu
$config['show_locations_dropdown'] = 1; # Enable Locations dropdown on menu
$config['show_services'] = 1; # Enable Services on menu
$config['int_customers'] = 0; # Enable Customer Port Parsing
$config['summary_errors'] = 1; # Show Errored ports in summary boxes on the dashboard
$config['int_transit'] = 0; # Enable Transit Types
$config['int_peering'] = 0; # Enable Peering Types
$config['int_core'] = 0; # Enable Core Port Types
$config['int_l2tp'] = 0; # Enable L2TP Port Types
$config['force_ip_to_sysname'] = true;
$config['enable_bgp'] = 0; # Enable BGP session collection and display
$config['enable_syslog'] = 0; # Enable Syslog
$config['enable_inventory'] = 0; # Enable Inventory
$config['enable_pseudowires'] = 0; # Enable Pseudowires
$config['enable_vrfs'] = 0; # Enable VRFs
$config['enable_sla'] = 0; # Enable Cisco SLA collection and display
$config['bad_if_regexp'][] = '/^lo.*/'; // ignore loopback interface
$config['bad_if_regexp'][] = '/^docker[\w]+$/'; // ignore docker interfaces
$config['ignore_mount_regexp'][] = "/^\/volume1\/@docker\/.*/"; // Syno-NAS ignore docker mounts
$config['ignore_mount'][] = "/dev/shm"; // Syno-NAS
$config['ignore_mount_regexp'][] = "/\/run.*/"; // Syno-NAS
$config['ignore_mount'][] = "/sys/fs/cgroup"; // Syno-NAS
$config['ignore_mount'][] = "/tmp"; // Syno-NAS

After you have edited the config.custom.php to your liking, remember to perform a restart on your docker container to reflect the new settings

docker restart librenms

You can also config extended SNMP of Pi-Hole application by using its API. Then LibreNMS will automatically discovered Pi-Hole application and grab the blocking / query data from Pi-Hole directly.

——————————
July 23 2020 Updated

Written by Felix. Licensed under CC BY-NC-SA 3.0 Unported.

Leave a Reply

textsms
account_circle
email

xFelix

Use SNMP to monitor your home network by LibreNMS
Recently I spent some time tried different solution to monitor home network and systems. Initially, I tried Cacti on Raspberry Pi but not working really well together with Pi…
Scan QR code to continue reading
2018-07-12