CCIE or Null!

My journey to CCIE!

An overview of SNMP,

leave a comment »

Simple Network Management Protocol (SNMP), it’s a protocol that has been around for a long time and exist across the board on networking devices, servers, firewalls, UPS, and just about any other device you can name that we use in the IT field. It’s a standard management protocol defined by IETF for managing devices.

Their have been a few different versions of SNMP over the years, starting with SNMPv1 however short comings were discovered with this implementation the most notable being its lack of security.  Then came SNMPv2c which is backwards compatible with SNMPv1 however SNMPv2c offers more security than its predecessor however I feel security is still lacking in SNMPv2c. The newest implementation of SNMP, SNMPv3 offers both Authentication and Encryption providing SNMP with the level of security it deserves.

SNMP relies on 3 pieces a

  1. NMS– Network Management Station, this is the device that collects the SNMP information from the networking devices it is managing.
  2. Managed Device– This is the device that is being managed by the NMS.
  3. Agents– An agent is the application that runs the SNMP process and contains all the local management information on the managed device.

Now the NMS gathers its management information by sending request to the manged devices and the managed device responds with the desired information. The follow packet types are used with SNMP:

  • GetRequest -Sent by the NMS to the managed devices asking for the managed device for information.
  • SetRequest -Also sent by the NMS to the managed devices, asking the managed device to change its configuration or a value.
  • GetNextRequest -Again sent by the NMS to the managed devices where the NMS is requesting additional information from a previous request.
  • GetBulkRequest -Introduced in SNMPv2 as a replacement to the GetNextRequest.
  • Response -Sent from the managed device to the NMS in response to a GetRequest, SetRequest, GetNextRequest, GetBulkRequest or InformRequest.
  • Trap -Sent from the managed device to the NMS containing local system information.
  • InformRequest -Sent as an acknowledgement to a Trap.

I like to think of the SNMP agent as an internal database that keeps track of the local managed device. This “SNMP database” is a structure composed of MIBs (Management Information Base), and each MIB contains a value that value is called an OID (Object Identifier). This structure is commonly referred to as a “tree” due to how it is represented, here is an example:

Each of those boxes represents a MIB and within those MIBs are groups of OIDs, each one containing information regarding the status of processes, interfaces, fans, power supplied, batteries, and many parts of the particular device. Something I really recommend (if you have not done it already) is walk the MIB tree of a few devices there are many free applications out there that perform MIB walks, just keep in mind there are some MIBs/OIDs that can be found on every devices but once you get past the standard MIBs every device different and memorizing MIB trees and OID values is near impossible but as long you understand the concept and know how to find what you need, you’ll be ok. Many vendors provide their MIB structure online on their website making finding particular OIDs very easy.

For further information you can see the following RFCs

  1. RFC 1157 – SNMPv1
  2. RFC 1441 – SNMPv2
  3. RFC 5590 – SNMPv3

Written by Stephen J. Occhiogrosso

November 5, 2012 at 9:50 AM

Posted in SNMP

Tagged with , , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: