Monday, 5 March 2012

SNMP

Simple Network Management Protocol (SNMP) is an application–layer protocol. It is a part of Transmission Control Protocol⁄Internet Protocol (TCP⁄IP) protocol suite. Being the part of TCP⁄ IP protocol suite, the SNMP messages are wrapped as User Datagram Protocol (UDP) and intern wrapped and transmitted in the Internet Protocol. 

 SNMP is one of the widely accepted protocols to manage and monitor network elements.

SNMP basic components and their functionalities

1. SNMP Manager
2. Managed devices
3. SNMP agent
4. Management Information Database Otherwise called as
    Management Information Base (MIB)

1. SNMP Manager

A manager or management system is a separate entity that is responsible to communicate with the SNMP agent implemented network devices. This is typically a computer that is used to run one or more network management systems.

SNMP Manager’s key functions
 Queries agents
 Gets responses from agents
 Sets variables in agents
 Acknowledges asynchronous events from agents

2.Managed Devices

A managed device or the network element is a part of the network that requires some form of monitoring and management e.g. routers, switches, servers, workstations, printers, UPSs, etc...

3.SNMP Agent

The agent is a program that is packaged within the network element. Enabling the agent allows it to collect the management information database from the device locally and makes it available to the SNMP manager, when it is queried for. 

SNMP agent’s key functions
 Collects management information about its local environment.
 Stores and retrieves management information as defined in the MIB.
 Signals an event to the manager.

4.Management Information Base MIB

 Management Information Database or Management Information Base, Every SNMP agent maintains an information database describing the managed device parameters. The SNMP manager uses this database to request the agent for specific information and further translates the information as needed for the Network Management System (NMS). This commonly shared database between the Agent and the Manager is called Management Information Base (MIB).

 Basic commands of SNMP

The simplicity in information exchange has made the SNMP as widely accepted protocol. The main reason being concise set of commands, here are they listed below:

  *  GET: The GET operation is a request sent by the manager to the managed device. It is performed to retrieve one or more values from the managed device.

  *  GET NEXT: This operation is similar to the GET. The significant difference is that the GET NEXT operation retrieves the value of the next OID in the MIB tree.

  *  GET BULK: The GETBULK operation is used to retrieve voluminous data from large MIB table.

  *  SET: This operation is used by the managers to modify or assign the value of the Managed device.

  *  TRAPS: Unlike the above commands which are initiated from the SNMP Manager, TRAPS  are initiated by the Agents. It is a signal to the SNMP Manager by the Agent on the occurrence of an event.

  *  INFORM: This command is similar to the TRAP initiated by the Agent, additionally INFORM includes confirmation from the SNMP manager on receiving the message.

  *  RESPONSE: It is the command used to carry back the value(s) or signal of actions directed by the SNMP Manager.

SNMP versions

SNMP v1     Community–based security
SNMP v2c     Community–based security
SNMP v2u     User–based security
SNMP v2     Party–based security
SNMP v3     User–based security


SNMP Trap

An SNMP Trap is a change-of-state (COS) message — it could mean an alarm, a clear or simply a status message. You often have to parse variable bindings to decode a Trap. To make sure the meaning of a Trap is understood, all DPS Telecom SNMP equipment transmits a unique Trap ID for both alarm and clear for each alarm point. Unlike a classic telemetry master, basic SNMP managers don’t keep a standing alarm list, so it’s difficult to tell what’s happening in your network by looking at a list of Traps. 

SNMPWalk
 
snmpwalk is an SNMP application that uses SNMP GETNEXT requests to query a network entity for a tree of information.

# snmpwalk [APPLICATION OPTIONS] [COMMON OPTIONS] [OID] 
# snmpwalk -v 2c -c demopublic test.net-snmp.org system

An object identifier (OID) may be given on the command line. This OID specifies which portion of the object identifier space will be searched using GETNEXT requests.

If no OID argument is present, snmpwalk will search the subtree rooted at 
  SNMPv2-SMI::mib-2.

-----> it's also possible to start the walk at a higher level, retrieving more than one group of information.

 % snmpwalk -v 2c -c demopublic test.net-snmp.org .iso

-----> If the agent does not implement any MIB objects underneath the specified OID, then the snmpwalk command may return without displaying anything at all, or it may display a vaguely informative message, depending on the SNMP version being used:

 % snmpwalk -v 1 -c demopublic test.net-snmp.org ifXTable
 (nothing displayed)

The snmpwalk is designed to retrieve multiple OIDs and values from the remote agent. But unlike most of the other command-line tools, it can only work with a single starting OID. It is not possible to supply multiple OIDs as part of the same command.

# snmpwalk -v2c -c public localhost:1161 pcsMIB ----- Things to note: snmpd uses port 1161 instead of 161 by default

-v 1|2c|3   ------ Specifies SNMP version to use
-c --------------- (set the community string) specifies the read-only community string 
                   which is public by default but may have been changed.
-m MIB[:...] ----- load given list of MIBs (ALL loads everything)
-M DIR[:...] ----- look in given list of directories for MIBs

Net-SNMP Command Line Applications

snmptranslate: learning about the MIB tree.
snmpget: retrieving data from a host.
snmpgetnext: retrieving unknown indexed data.
snmpwalk: retrieving lots of data at once!
snmptable: displaying a table.
snmpset: peforming write operations.
snmpbulkget: communicates with a network entity using SNMP GETBULK request
snmpbulkwalk: retrieve a sub-tree of management values using SNMP GETBULK requests.
snmptrap: Sending and receiving traps, and acting upon them.

The SNMPWALK command is used to retrieve a MIB subtree and print the results to the console. In reality, there is no "WALK" operation defined in the SNMP protocol. The SNMPWALK actually tool uses a series of GETNEXT requests in a loop.

# snmpwalk -v 1 -c public123 localhost .1.3.6.1


No comments:

Post a Comment