Snmpd Listen to Specific IP Address ( BIND To Selected Interfaces )

How do I force SNMP (Simple Network Management Protocol) network management software to listen on public interfaces under RHEL / RedHat / Fedora / CentOS Linux server?

net-snmp comes with snmpd server which is an SNMP agent which binds to a port and awaits requests from SNMP management software. By default it binds to localhost ( only.

snmpd can be configured to listens for incoming SNMP requests on UDP port 161 on all IPv4 interfaces or selected interface using the -x option. A listening address takes the form:


Few Examples           listen on UDP port 161, but only on the loopback interface.  This prevents snmpd being queried  remotely.   The
                               port specification ":161" is not strictly necessary since that is the default SNMP port.

       TCP:1161                listen on TCP port 1161 on all IPv4 interfaces.

       ipx:/40000              listen on IPX port 40000 on all IPX interfaces.

       unix:/tmp/local-agent   listen on the Unix domain socket /tmp/local-agent.

       /tmp/local-agent        is  identical  to  the  previous  specification, since the Unix domain is assumed if the first character of the
                                is '/'.

       PVC:161                 listen on the AAL5 permanent virtual circuit with VPI=0 and VCI=161 (decimal) on the first ATM adapter  in  the

       udp6:10161              listen on port 10161 on all IPv6 interfaces.

CentOS / RHEL / Fedora Linux Specific Configuration

Edit /etc/sysconfig/snmpd.options, enter:
# vi /etc/sysconfig/snmpd.options
Uncomment OPTIONS line. Add -x option as follows to listen on default port 161 and IP and

OPTIONS="-Lsd -Lf /dev/null -p /var/run/ -a -x"

Save and close the file. Reload the changes:
# service snmpd reload
Update /etc/sysconfig/iptables firewall configuration to allow communication at udp port 161:
# vi /etc/sysconfig/iptables
Only accept connection only from to UDP port 161, enter:

-A RH-Firewall-1-INPUT -p udp s -m udp --dport 161 -j ACCEPT

-A RH-Firewall-1-INPUT -p udp s -m udp –dport 161 -j ACCEPT

Finally, restart iptables service:
# service iptables restart
You may also need to update your /etc/snmp/snmpd.conf to setup correct public community and other ACL settings. Refer snmpd.conf man page for more details.

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

How to Make Website WCAG Compliant?

Next Post

Link download Kali Linux 2020.1 (ISO + Torrent)

Related Posts