Use SNMP to monitor your home network by LibreNMS

Recently I spent some time tried different solution to monitor home network and systems. Initially, I tried Cacti on Raspberry Pi but not working really well together with Pi-Hole. So I moved Cacti into a docker container on Synology NAS. But Cacti eats up lot of NAS resources and itself is not that user-friendly. So many issues with poller, and the performance is not good.

Then finally, I found LibreNMS which surprised me with easy deployment and very nice look and feel. So go straight to the deployment guide of LibreNMS to monitor home network via SNMP.

I decided to deploy LibreNMS on Synology Docker. LibreNMS needs database support. So need to create a database docker container.

SSH to Synology NAS then create MariaDB folder

mkdir /volume1/docker/mariadb

Install MariaDB container

docker run --name mariadb \
 -v /volume1/docker/mariadb:/var/lib/mysql \
 -e MYSQL_ROOT_PASSWORD=your-mariadb-sql-password \
 -e TZ=Australia/Sydney -d mariadb:latest --sql-mode=''

Then install LibreNMS container, create folders first

mkdir /volume1/docker/librenms
mkdir /volume1/docker/librenms/logs
mkdir /volume1/docker/librenms/rrd
touch /volume1/docker/librenms/config.custom.php
docker run \
 -d \
 -p 8080:80 \
 -e DB_HOST=db \
 -e DB_NAME=librenms \
 -e DB_USER=root \
 -e DB_PASS=your-mariadb-sql-password \
 -e BASE_URL=https://your-librenms-url \
 -e POLLERS=16 \
 -e TZ=Australia/Sydney \
 --link mariadb:db \
 -v /volume1/docker/librenms/logs:/opt/librenms/logs \
 -v /volume1/docker/librenms/rrd:/opt/librenms/rrd \
 -v /volume1/docker/librenms/config.custom.php:/opt/librenms/conf.d/config.custom.php \
 -v /etc/localtime:/etc/localtime:ro \
 --name librenms \
 jarischaefer/docker-librenms:latest

Run first-time installation command to configure LibreNMS and MariaDB

Run the following command:

docker exec librenms sh -c "cd /opt/librenms && php /opt/librenms/build-base.php"

This will tell LibreNMS to start creating entries into our MariaDB database.

Run the following command to add a user to LibreNMS

docker exec librenms php /opt/librenms/adduser.php admin password 10 [email protected]

Replace the default “password” and “[email protected]” with your preferred values

It’s almost done. Before login into the LibreNMS web portal. We need to enable HTTPS for the site.

The easiest way is to use Synology Application portal reverse proxy setting.

Create a rule under reverse proxy setting.

Source: https://your-librenms-url

Destination: http://localhost:8080

So Synology web service will proxy the https traffic to local http traffic. The traffic between client to Synology NAS is encrypted even using a self-issued certificate, but the traffic within Synology web server to LibreNMS docker container is not encrypted. That does not matter too much as internal traffic on NAS. You can also use Letsencrypted public trusted certificate for LibreNMS web portal.

Before you login LibreNMS, just make sure there’s a DNS record for your-librenms-url to Synology NAS IP address. If you use Pi-Hole as your internal DNS server, just add an entry to its dnsmasq config file.

So open a browser and access https://your-librenms-url

The next step is to enable SNMP for all your home devices that want to be monitored. Recommend to use SNMP v3 for security reasons. But if you think home network risk exposure is low, then SNMP v2 is also a good choice for best compatibility and easy configuration.

Add device on LibreNMS by matching the SNMP setting and credentials on devices. Wait for 5 minutes, you will see the graphs of collecting data.

Back to the Terminal, we can set up custom settings to LibreNMS to exclude some unwanted features like Billing and Services etc

vi /volume1/docker/librenms/config.custom.php

Paste in the following example (1 is enable, 0 is disable)

<?php 

$config['show_locations'] = 1; # Enable Locations on menu
$config['show_locations_dropdown'] = 1; # Enable Locations dropdown on menu
$config['show_services'] = 1; # Enable Services on menu
$config['int_customers'] = 0; # Enable Customer Port Parsing
$config['summary_errors'] = 1; # Show Errored ports in summary boxes on the dashboard
$config['int_transit'] = 0; # Enable Transit Types
$config['int_peering'] = 0; # Enable Peering Types
$config['int_core'] = 0; # Enable Core Port Types
$config['int_l2tp'] = 0; # Enable L2TP Port Types
$config['force_ip_to_sysname'] = true;
$config['enable_bgp'] = 0; # Enable BGP session collection and display
$config['enable_syslog'] = 0; # Enable Syslog
$config['enable_inventory'] = 0; # Enable Inventory
$config['enable_pseudowires'] = 0; # Enable Pseudowires
$config['enable_vrfs'] = 0; # Enable VRFs
$config['enable_sla'] = 0; # Enable Cisco SLA collection and display
$config['bad_if_regexp'][] = '/^lo.*/'; // ignore loopback interface
$config['bad_if_regexp'][] = '/^docker[\w]+$/'; // ignore docker interfaces
$config['ignore_mount_regexp'][] = "/^\/volume1\/@docker\/.*/"; // Syno-NAS ignore docker mounts
$config['ignore_mount'][] = "/dev/shm"; // Syno-NAS
$config['ignore_mount_regexp'][] = "/\/run.*/"; // Syno-NAS
$config['ignore_mount'][] = "/sys/fs/cgroup"; // Syno-NAS
$config['ignore_mount'][] = "/tmp"; // Syno-NAS

After you have edited the config.custom.php to your liking, remember to perform a restart on your docker container to reflect the new settings

docker restart librenms

You can also config extended SNMP of Pi-Hole application by using its API. Then LibreNMS will automatically discovered Pi-Hole application and grab the blocking / query data from Pi-Hole directly.