Introduction to Data Communications
Previous	60. SNMP	Next

60. SNMP

SNMP stands for Simple Network Management Protocol. It is not actually a protocol but a client server application that runs on the UDP (User Datagram Protocol) service of the TCP/IP protocol suite. It was developed to be an efficient means of sending network management information over UDP using Ports 161(SNMP) and 162 (SNMPTRAP).

SNMP consists of three parts: Messages, Agents and Managers.

SNMP Messages (such as Get and GetResponse) communicate the management information.
SNMP Managers asks the questions (polls) and manages the Agents approximately every 15 minutes to see if anything has changed.
SNMP Agents are resources to be managed such as hosts, servers, routers, hubs...

There are only 5 PDUs (Protocol Data Units) associated with SNMP:

GetRequest allows the SNMP Manager to access info stored in the Agent.
GetNextRequest allows the SNMP Manager to obtain multiple values.
GetResponse is a response from the SNMP Agent to GetRequest, GetNextRequest and SetRequest.
SetRequest is used by the SNMP Manager when configuring Agents
Trap reports that an event has occurred by the SNMP Agent. (Error or status has changed)

This is where the simple comes from - only 5 commands!

Efficiency suffers because UDP restricts the amount of information that will fit into a single UDP packet. For example, at least 1 GetNextRequest is required for each row in a routing table. There may be hundreds of rows in 1 routing table - hundreds of packets generated.

UDP is a connectionless protocol. Agents have no method of confirming that the events that they have reported using Trap have been received. This is considered to be a "safety" issue.

Security is also a problem. The only mechanism for determining if an authorized network manager is requesting management action is a clear text community name in the packet header. There is no method of providing privacy of management information. Due to these security faults, most SNMP implementation is used for monitoring and no "strong" management functions are defined.

60a. SNMPv2 to the Rescue

SNMPv2 combined the RMON (Remote Network Monitoring) MIB definition (see following section) and Secure SNMP. Secure SNMP provides strong authentication and privacy mechanisms suitable for network management in a generally open environment. These two independent evolutions of SNMP were brought together in a new version of SNMP called SNMPv2.

In addition, SNMPv2 was extended to address the concerns over protocol efficiency and safety (acknowledgements of Trap). Two new protocol functions (PDUs) were added (GetBulk and Inform Request) to allow efficient reading of tables and provide reliable communications.

NOTE: SNMPv1 and SNMPv2 do not interoperate. The two versions must be translated to communicate with each other.

60b. MIB - Management Information Base

SNMP also consists of an extensible Management Information Base (MIB) that runs on each agent's workstation. Each MIB contains the configuration data for that device. The MIB structure is defined by the Structure of Management Information (SMI) language.

Basically the MIB details what information is stored for any specific type of agent, how it is stored and how storage is to be structured.

60c. RMON - Remote Network Monitoring

RMON is a MIB definition that provides for remote network monitoring and manager to manager communications. This standard defines the information that a device must collect to provide an accurate picture of a network's health. The information that the RMON MIB provides is divided into the following 9 groups:

1. Segment Statistics: Statistics on the attached segment: packets, octets, collisions...
2. History: Data collected by the statistics group for future retrieval and analysis
3. Alarms: Thresholds can be set for certain alarm condition. (Collisions/sec)
4. Events: Thresholds can be set for certain event conditions to trigger certain activities.
5. Host: Statistics can be gathered on individual nodes or hosts on the LAN.
6. Host Top N: Statistics can be gathered on individual nodes over a user-specified time.
7. Traffic Matrix: Shows the amount of traffic and number of errors between any host pair.
8. Packet Capture: Allows capturing of entire packets or individual slices indicating protocols used.
9. Filters: The filter group specifies the criteria that the packet is going to be captured by.

SNMP allows you to monitor and control a TCP/IP Network using SNMP Managers. All nodes (Agents) on a network, regardless of whether they are SNMP compliant, should show up on the Network map. The SNMP non-compliant nodes typically show up as being present but not accessible.

SNMP Compliant nodes allow information to be displayed that indicates how the node is configured. Machine Type, Ethernet Address, DOS Ver, IP Address, Name, etc...

Introduction to Data Communications
Previous	Table of Contents	Next