It turns out my problems with IPv6-only Net-SNMP wasn’t a problem with snmpd, it was a problem with selinux. After starting with -Dread_config -c /etc/snmp/snmpd.conf it became apparent:
snmpd[9026]: registered debug token read_config, 1 snmpd[9028]: /etc/snmp/snmpd.conf: Permission denied snmpd[9028]: /etc/snmp/snmpd.conf: Permission denied snmpd[9028]: Warning: no access control information configured. It's unlikely this agent can serve any useful purpose in this state. Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for this agent. snmpd[9028]: NET-SNMP version 5.3.2.2
Sure enough, selinux was on without me realizing it:
[root@nicky root]# /usr/sbin/getenforce Enforcing
Copying over my own snmpd.conf had fouled up the security context:
[root@nicky snmp]# ls -lZ -rw-r--r-- root root user_u:object_r:user_home_t snmpd.conf -rw-r--r-- root root system_u:object_r:etc_t snmpd.conf.orig [root@nicky snmp]# chcon -u system_u -t etc_t snmpd.conf [root@nicky snmp]# ls -lZ -rw-r--r-- root root system_u:object_r:etc_t snmpd.conf -rw-r--r-- root root system_u:object_r:etc_t snmpd.conf.orig [root@nicky snmp]#
Now everything is all happy:
[bwann@raptor ~]$ snmpget -v 2c -c community udp6:nicky sysName.0 SNMPv2-MIB::sysName.0 = STRING: nicky.wann.net
Protip: you can also make Cacti use IPv6/UDP requests. Preface your system hostname with udp6: in the device configuration section.
