Simple Network Management Protocol (SNMP) is an application layer protocol defined by the Internet Architecture Board (IAB) in RFC1157 for exchanging management information between network devices. It is part of the Transmission Control Protocol⁄Internet Protocol (TCP⁄IP) protocol suite.
SNMP is one of the widely accepted network protocols that manages and monitors network elements. Most professional-grade network elements come with an SNMP agent included. These agents must be enabled and configured to communicate with network monitoring tools or the network management system (NMS).
SNMP Tutorial
This tutorial is an effort to briefly explain about
What are the basic SNMP components and their functionalities? Basic SNMP commands
- How does typical SNMP communication occur?
- v1, v2, and v3
- and functionalities
SNMP versions (SNMP
) SNMP building blocks
SNMP Manager Managed devices SNMP agent Management Information Database Also called Management Information Base (MIB) SNMP Manager
:
An administrator or management system is an independent entity that is responsible for communicating with network devices deployed by the SNMP agent. This is typically a computer that is used to run one or more network management systems.
- Query
- Get responses
- Set variables on
- Recognizes asynchronous events from agents
agents
from agents
agents
Managed devices
:
A managed device or network element is a part of the network that requires some form of monitoring and management, for example, routers, switches, servers, workstations, printers, UPS, etc.
SNMP agent:
The agent is a program packaged within the network element. Enabling the agent allows you to collect the database of device management information locally and makes it available to the SNMP administrator, when queried. These agents can be standard (for example, Net-SNMP) or vendor-specific (for example, HP Information Agent)
Collects management information
- about your on-premises environment
- Stores and retrieves management information as defined in the MIB
- Flags an event to the administrator
- Acts as a proxy for some SNMP unmanaged network node.
.
.
Management Information Database or Management Information Database
(MIB)
Each SNMP agent maintains a database of information that describes the parameters of the managed device. The SNMP administrator uses this database to request specific information from the agent and translates the information as needed by the Network Management System (NMS). This database commonly shared between the agent and the administrator is called the Management Information Base (MIB).
Typically, these MIBs contain a standard set of statistical and control values defined for the hardware nodes in a network. SNMP also allows the extension of these standard values with values specific to a particular agent by using private MIBs.
In short, MIB files are the set of questions that an SNMP manager can ask the agent. The agent collects this data locally and stores it, as defined in the MIB. Therefore, the SNMP administrator must be aware of these standard and private questions for each type of agent.
SNMP MIB
Browser and SNMP Walk Tool
ManageEngine’s Suite of Free Tools includes an SNMP MIB Browser that helps load/download MIBs and obtain MIB data from SNMP agents (v1, v2c, v3). SNMP MIB Browser is a complete tool for monitoring SNMP-enabled devices and servers. You can load, view multiple MIBs, and perform GET, GETNEXT, and SET SNMP operations. This easy-to-use SNMP monitoring software allows you to view, configure, and analyze SNMP traps. You can also perform SNMP operations from Windows and Linux devices.
The MIB structure and management information base (MIB) of the object identifier
(object ID or OID)
are a collection of information for managing network elements. MIBs are composed of managed objects identified as Object Identifiers (Object IDs or OIDs).
Each identifier is unique and denotes specific characteristics of a managed device. When queryed, the return value of each identifier may be different, for example, text, number, counter, and so on.
There are two types of managed object or object identifier: scalar and tabular. They could be more understandable with an example
Scalar: Device vendor name, the result may be only one. (As the definition says: “The scalar object defines a single object instance”)
Tabular: CPU utilization of a
quad processor, this would give me a result for each CPU separately, it means there will be 4 results for that particular object ID. (As the definition says: “The tabular object defines multiple instances of related objects that are grouped into MIB tables”) Each object ID
is organized hierarchically in MIBs. The MIB hierarchy can be represented in a tree structure with individual variable identifier.
A typical object ID will be a dotted list of integers. For example, the OID in RFC1213 for “sysDescr” is .1.3.6.1.2.1.1.1
Basic SNMP
commands
The simplicity in information exchange has made SNMP a widely accepted protocol. The main reason is a concise set of commands, here they are listed below
: GET
- : The GET operation is a request sent by the administrator to the managed device. Performed to retrieve one or more values from the managed device.
- NEXT: This operation is similar to GET. The significant difference is that the GET NEXT operation retrieves the value of the next OID in the MIB tree.
- GET BULK: The GETBULK operation is used to retrieve bulky data from a large MIB table.
- SET: This operation is used by administrators to modify or assign the value of the managed device.
- : Unlike previous commands that are initiated from SNMP Manager, TRAPS are initiated by agents. It is a signal to the SNMP Manager by the Agent about the occurrence of an event.
- TRAP initiated by the Agent, additionally INFORM includes confirmation
- ANSWER: It is the command used to retrieve the values or signals of the actions directed by the SNMP Manager.
GET
TRAPS
INFORM: This command is similar to the
of the SNMP manager upon receiving the message.
Catches
SNMP:
Typical
SNMP Communication
As part of the TCP⁄ IP protocol suite, SNMP messages are packaged as User Datagram Protocol (UDP) and wrapped internally and transmitted over the Internet Protocol. The following diagram will illustrate the four-layer model developed by the Department of Defense (DoD).
GET⁄ GET NEXT⁄ GET BULK⁄ SET
TRAP
INFORM
SNMP
Versions
Since the beginning, SNMP has gone through significant updates. However, the SNMP v1 and v2c protocol are the most widely deployed versions of SNMP. Support for the SNMP v3 protocol has recently started to catch up, as it is more secure compared to its previous versions, but it has not yet reached a considerable market share.
SNMPv1
: This is
the first version of the SNMP protocol, which is defined in RFC 1155 and 1157
SNMPv2c
:
This is the revised protocol, which includes SNMPv1 enhancements in the areas of protocol packet types, transport mappings, MIB structure elements but using the existing SNMPv1 management structure (“community-based” and therefore SNMPv2c). It is defined in RFC 1901, RFC 1905, RFC 1906, RFC 2578.
SNMPv3:
SNMPv3 defines the secure version of SNMP. The SNMPv3 protocol also makes it easy to configure remote network monitoring of SNMP entities. It is defined by
RFC 1905, RFC 1906, RFC 3411, RFC 3412, RFC 3414, RFC 3415.
Although each release had matured into rich functionality, additional emphasis was given to the security aspect in each update. Here’s a little clip about the security aspect of each edition.
SNMP v1 Community-based security SNMP v2c Community-based security SNMP v2u User-based security SNMP v2 SNMP v3 part-based security User-based
security Other useful links
How to install and configure Windows device for SNMP? How to install and configure Linux appliance for SNMP? How
- to install and configure the
- Solaris appliance for
- agents
- How to process
- SNMP
SNMP? How to configure SNMP
?
traps?
