Simple Network Management Protocol

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 06:48, 15 September 2007 by Admin (Talk | contribs)

Jump to: navigation, search

Used for monitoring network devices and encompassing a set of standard protocols. SNMP data contains information describing the network device configuration, and variables describing the state of the device. SNMP can be used to both read and write to the network device, such as reading the configuration and then modifying the configuration. SNMP is most commonly used for monitoring.

SNMP works by sending messages, called protocol data units (PDUs), to different parts of a network. SNMP-compliant devices, called agents, store data about themselves in Management Information Bases (MIBs) and return this data to the SNMP requesters. SNMP uses five basic messages (GET, GET-NEXT, GET-RESPONSE, SET, and TRAP) to communicate between the SNMP manager and the SNMP agent. There are variations to account for additional message types (see the six listed below) based on the version of SNMP being used. Many network elements support only SNMPv1 and SNMPv2c. Support for SNMPv3 is minimal.

Information from network devices may be retrieved via

  • GET
  • GETNEXT
  • GETBULK

Data may be streamed using

  • TRAP
  • INFORM

Data may be written using

  • SET

description

  • The read command is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices.
  • The write command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices.
  • The trap command is used by managed devices to asynchronously report events to the NMS. When certain types of events occur, a managed device sends a trap to the NMS.

SNMP uses the default UDP port 161 for general SNMP messages and UDP port 162 for SNMP trap messages. SNMP uses an unsupervised or connectionless communication link.

The GET and GET-NEXT messages allow the manager to request information for a specific variable. The agent, upon receiving a GET or GET-NEXT message, will issue a GET-RESPONSE message to the SNMP manager with either the information requested or an error indication as to why the request cannot be processed. A SET message allows the SNMP manager to request a change be made to the value of a specific variable in the case of an alarm remote that will operate a relay. The SNMP agent will then respond with a GET-RESPONSE message indicating the change has been made or an error indication as to why the change cannot be made. The SNMP TRAP message allows the agent to spontaneously inform the SNMP manager of an "important" event.

(GET, GET-NEXT, and SET) are only issued by the SNMP manager. The TRAP message is the only message capable of being initiated by an SNMP agent, it is the message used by DPS Remote Telemetry Units (RTUs) to report alarms. This notifies the SNMP manager as soon as an alarm condition occurs, instead of waiting for the SNMP manager to ask.

Snmpipnetwork.png

Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (eg. routers), computer equipment and even devices like UPSs. Two versions of SNMP exist: SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). Both versions have a number of features in common, but SNMPv2 offers enhancements, such as additional protocol operations. Standardization of yet another version of SNMP—SNMP Version 3 (SNMPv3)—is pending.

Variables accessed by SNMP are organized in hierarchies. These hierarchies, and other metadata, are described by Management Information Bases (MIBs). An SNMP-managed network consists of three key components: managed devices, agents, and network-management systems (NMSs).

SNMP must account for and adjust to incompatibilities between managed devices. Different computers use different data representation techniques, which can compromise the capability of SNMP to exchange information between managed devices. SNMP uses a subset of Abstract Syntax Notation One to accommodate communication between diverse systems.

versions

SNMPv1     SNMPv1,    which implements community-based security
SNMPv2c    SNMPv2     with community-based security
SNMPv2u    SNMPv2     with user-based security
SNMPv2     SNMPv2     with party-based security
SNMPv3     SNMPv3,    which implements user-based security

SNMP Messages

SNMP messages may be initiated by either the network management system (NMS) or by the network element.

An SNMP TRAP is a message which is initiated by a network element and sent to the network management system. For example, a router could send a message if one of it's redundant power supplies fails or a printer could send an SNMP trap when it is out of paper.

An SNMP GET is a message which is initiated by the network management system when it wants to retrieve some data from a network element. For example, the network management system might query a router for the utilization on a WAN link every 5 minutes. It could then create charts and graphs from that data, or it could warn the operator when the link was overutilized.

An SNMP SET is a message which is initiated by the NMS when it wants to change data on a network element. For example, the NMS may wish to alter a static route on a router.

The SNMP MIB

The SNMP MIB, or Management Information Base, is a collection of variables which is shared between the NMS and the network element (NE).

The MIB is extensible, which means that hardware and software manufacturers can add new variables to the MIB. These new MIB definitions must be added both to the network element and to the network management system.

SNMP Community Strings

The most basic form of SNMP security is the Community String.

SNMP Community Strings are like passwords for network elements.

Most often, there is one community string which is used for read-only access to a network element. The default value for this community string is often "public". Using this community string like a password, the NMS can retrieve data from network elements.

Less often, there is also a read-write community string. The default value for this is often "private". Using this community string, the NMS can actually change MIB variables on a network element.

Communication Architecture

To get information from an SNMP device, a "manager" (SNMP terminology for a client) will send a "GetRequest" or "GetNextRequest" to an "agent" (the SNMP term for a server) and the requested information or an error message will be sent back in a "Response." If a manager wants to modify information on an agent, a "SetRequest" will be sent with a corresponding response to confirm or report an error.

The unsolicited message form is called a "trap." This kind of message is usually sent by agents on start-up, on status change and in response to error conditions. Traps are not only unsolicited but they are also unreliable. Like syslog messages they are sent via User Datagram Protocol and whether they are received depends on whether they make it to the destination (remember, UDP is an unreliable, best-effort service) and whether the manager is listening.

The information on the agent is stored in what is called a Management Information Base (MIB). This is a hierarchical data structure (not, as it is often mistakenly called, a database) that describes all the "objects" that a device can report the status of and, in some cases, set the value of.

Direct Router and Server monitoring with SNMP

SNMP provides a method of managing network hosts such as workstation or server computers, routers, bridges, and hubs from a centrally-located computer running network management software. SNMP performs management services by using a distributed architecture of management systems and agents

Snmpipnetwork2.png

The monitored device(s) must be equipped with SNMP, SNMP must be enabled on the device and the machine PRTG must be allowed access to the SNMP interface.