Simple Network Management Protocol
The standard protocol used by network devices, it is used to monitor network elements. Almost ubiquitous due to its simplicity, SNMP streamlines network management. These consoles use it to collect data from devices in a standardized way, making SNMP an important part of interoperability between both monitored and monitoring systems.
As an application layer protocol defined by the Internet Architecture Board (IAB) in RFC1157, SNMP is used to exchange management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite.
Management Information Bases
A management information base (MIB) forms an integral part of network management models.
Every SNMP agent maintains an information database describing the parameters of the device it manages. An SNMP manager is a software system that uses SNMP to collect data for fault management, performance management, and capacity planning. SNMP managers store collected data in a MIB as a commonly shared database between the agent and the manager. MIBs are saved as a text file in a specific format that MIB editors, SNMP agent builders, network management tools, and network simulation tools can understand, facilitating network building, testing, deployment, and operations. The managed objects in an MIB are called object identifiers (object IDs or OIDs).
Object Identifiers (OIDs)
OIDs are identifiable by strings of numbers separated by dots. There are two types of managed objects:
- Scalar: Objects defined by a single object instance (i.e. there can only be one result.)
- Tabular: Objects defined by multiple related object instances that are grouped in MIB tables.
MIBs organize OIDs hierarchically, which can be represented in a tree structure that has individual variable identifiers for each OID. This tree structure contains all the manageable features of all products arranged in it. Each branch of this tree has a number and a name, and each point is named after the complete path—from the top of the tree down—that leads to that point.
To provide an example from the diagram above, the OID of sysDescr is ".22.214.171.124.126.96.36.199", which can be found by following the path of green points from ROOT to sysDescr:
- ISO is .1
- ORGANIZATION is .3
There are three versions of SNMP: SNMPv1, SNMPv2c, and SNMPv3.
- SNMPv1: The initial version of the protocol. It is easy to set up and is defined in RFC 1155 and 1157.
- SNMPv2c: The revised version with enhanced protocol packet types, transport mappings, and MIB structure elements, but also uses the existing SNMPv1 administration structure ("community-based" and hence SNMPv2c). It is defined in RFC 1901, RFC 1905, and RFC 1906.
- SNMPv3: Facilitates remote configuration of SNMP entities. It also adds both encryption and authentication, which can be used together or separately, making this the most secure version yet. SNMPv3 is defined by RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.
Basic SNMP Commands
- GET: A request sent by the SNMP manager to the managed device. Performing the GET command retrieves one or more values from the managed device.
- GET NEXT: Similar to the GET command, GET NEXT retrieves the value of the next OID in the MIB tree.
- GET BULK: Used to retrieve bulk data from a large MIB table.
- SET: Used by managers to modify or assign the value of the managed device.
- TRAPS: Unlike the above commands, which are initiated from the manager, the TRAPS command is initiated by agents. TRAPS is a signal sent to the manager by the agent when events occur.
- INFORM: Similar to TRAP in that it is initiated by the agent, but unlike TRAP, INFORM includes a confirmation from the manager once it receives the message.
- RESPONSE: Used to carry back the values or signal of actions directed by the manager.
GET/GET NEXT/GET BULK/SET
Typical SNMP Communication
SNMP messages, since they are part of the TCP⁄ IP suite, are bundled and transmitted by the User Datagram Protocol (UDP). The following image is an example of such communication.