You are on page 1of 24

What is SNMP?

SNMP (Simple Network Management

Protocol) is a widely available protocol that
facilitates monitoring of networked devices
from a central location.
SNMP Architecture

3 major elements:
Managers - responsible for communicating with network
devices that implement SNMP Agents
Agents - reside in devices such as workstations,
switches, routers, and provide information to Managers.
MIBs (Management Information Base) - describe data
objects to be managed by an Agent within a device.
MIBs are actually just text files, and values of MIB data
objects are the topic of conversation between Managers
and Agents
Object Identifiers (OIDs)

Each MIB object definition has a unique

OID, which is a dotted list of integers. e.g. ]
for data object "hrDiskStorageCapacity" the
OID is ".".
When Managers and Agents communicate
they refer to MIB data objects using OIDs.
An OID sent with a corresponding value
{OID,Value} is referred to as a "binding".
Manager & Agent Communications...

Managers can be viewed as Clients and

Agents as Servers. The operations between
Managers and Agents are quite simple:
get commands are sent by a Manager to an
Agent to request data valuesdefined by a
The agent will send a response with the
requested values.
...Manager & Agent Communications

Closely related requests are getnext and getbulk.

A Manager can also send set commands to an
Agent. If the MIB defines a data object as read-
write, then the Agent will accept the data value
sent with the set command and process it (store it
or execute appropriate actions).
Agents will send unsolicited traps (alarms) to
Managers to alert them to important events.
Typical Uses

Monitoring device performance

Detecting device faults (or recovery from
Collecting long term performance data
(trend reports)
Remote device configuration
Remote device control
SNMP Standards and Versions

SNMP Standards are described in RFC

documents published by the IETF. Standards
Topics can generally be categorized into:
Messaging Protocols between Managers
and Agents (which encompasses security
MIB Syntax Standards
"Standard MIB" Definitions
Messaging Protocols – v1

SNMPv1 was the first protocol introduced, and is still

widely used. It implements get, getnext, getresponse,
and trap operations.
Security for SNMPv1 is based on a "community string"
that is sent with each message, and functions as a
password. If the Manager includes the correct
password in a request to an Agent, the agent will send
a response. The community string is sent in the clear
(not encrypted) and thus the security it provides is
quite weak.
Messaging Protocols - v2c

SNMPv2c introduced the ability to transmit SMIv2

MIB-objects of type "Counter64".
Provides for expanded messaging operations:
getbulk, inform, report, and a new v2trap operation
(same functionality as the SNMPv1 trap).
Enhanced agent error responses added
SNMPv2c uses the same community string
security as SNMPv1.
Messaging Protocols - v3

Security enhancements include:

User Authentication -- verification of the identity of
the SNMP Entity (Manager or Agent) sending the
message. Authentication is based on definitions of
users, and on shared secret keys used to produce
a message hashed authentication code sent with
each message.
Encryption -- the message payload can be
optionally encrypted based on a second shared
Messaging Protocols - v3

Security enhancements include:

VACM (View Access Control Model) -- Agents can
be configured to control who can access which MIB
objects under agent management. For example,
user “bert” can access critical read-write control
data, while user “ernie” can access only read-only
Message Timeless Checks ensure that messages
are not delayed or replayed.
MIB Syntax Standards

MIBs are written in either of two syntax

SMIv1 is the earliest version, and was
introduced along with SNMPv1. SMIv1 MIBs
are very functional and quite common.
Data objects defined by SMIv1 MIBs can be
transmitted between Managers and Agents
using any of the 3 messaging protocols
(SNMPv1, SNMPv2c, SNMPv3).
MIB Syntax Standards

SMIv2 was introduced along with

SNMPv2c. Major enhancements include:
Introduction of new data base types, including
the "Counter64".
Although derived data types could be defined
using SMIv1, SMIv2 formalizes this syntax, and
also defines some "Standard Textual
Conventions" such as "Display String".
MIB Syntax Standards

Improvements that enhance the documentation of MIB

files and objects, such as:
Module Identity Statement
Conformance Statements
Improved NOTIFICATION-TYPE syntax replaces
TRAP-TYPE syntax
MIB Syntax Standards

An SMIv2 MIB can usually be translated into an SMIv1 MIB.

The primary exceptions are:
A Counter64 object has no SMIv1 counterpart,
An improperly coded NOTIFICATION-TYPE object
cannot be translated to an SMIv1 TRAP-TYPE object
with the same OID.
Data defined by SMIv2 MIB Objects can be transmitted
between Managers and Agents by any of the 3 messaging
protocols. The only exception to this is that Counter64 data
cannot be transported in SNMPv1 messages.
"Standard MIB" Definitions...

Depending on the origin (author) of a MIB,

we can categorize MIBs into either:
Standard MIBs are authored by persons
associated with the IETF. For example, a
Standard Printer MIB exists, and printer
manufacturers commonly implement Agent
support for this MIB (in addition to their own
Enterprise MIBs).
..."Standard MIB" Definitions

Enterprise MIBs are authored by non-

standards-committee organizations (e.g.,
Cisco, HP, Juniper). All such organizations
must apply for a unique "Enterprise ID"
issued by IANA (Internet Assigned Number
Authority). Enterprise MIB objects are then
organized under these unique assigned

Widespread popularity
Many standard MIBs available
Agents have low impact on monitored
system resources
Well suited to monitoring
Many products available

Not as comprehensive as some other

Not bandwidth efficient
Complicated message encoding rules
Security has been on on-going concern.
SNMPv3 was developed in response to this

UDP protocol creates issues regarding

verification of operations:
Trap-Send verification (did it really reach the
Verification (success) of any “set” operation
to an Agent.
However, well designed MIBs and Manager
logic can overcome these problems

Understanding SNMP MIBs by David Perkins &

Evan McGinnis. Prentice Hall, 1997
SNMP, SNMPv2, SNMPv3, and RMON 1 and 2 by
William Stallings. Addison-Wesley, 1996
Essential SNMP by Mauro & Schmidt. O’Reilly,
A Practical Guide to SNMPv3 and Network
Management by David Zeltserman. Prentice-Hall
PTR, 1999
anagement_Protocol Good overview of
SNMP. Some good
tutorials. Lots of good
information that is kept current. Includes
tutorial information, references, and tools.
Websites Internet Engineering Task
Force is the repository of all SNMP standards Internet Assigned
Numbers Authority is responsible for
the registration of enterprise OIDs