2. What is SNMP?
The Simple Network Management Protocol (SNMP) is an
application layer protocol used to manage network resources.
Designed to be Simple-very few commands.
It concerns with Network Management.
It’s a Protocol-defined by IETF.
3. What does SNMP manage?
…all SNMP compatible devices.
servers
workstations
routers
switches
printers
…many more.
5. SNMP Components
SNMP Manager.
SNMP Agent.
MIB- Management Information Base.
Network
SNMP
Manager
Process
MIB
Request
Response
Trap
SNMP
Agent
Process
MIB
6. SNMP Manager
Software that runs on some administrative computer and manages
the whole network.
Capable of querying any managed device - via polling.
Capable enforcing management decision in Network.
Normally runs on very few system compared to SNMP agents.
7. SNMP Agent
Small piece of code that runs on every SNMP managed device and
gathers and sends data about that managed resource in response to
a request from the manager.
Collects information from network device, on which it resides and
stores in MIB.
Replies to manager with proper information when asked for.
Can initiate communication with SNMP manager using traps.
8. SNMP Proxy
A Proxy Agent is an SNMP agent
that maintains information of one
or more non-SNMP devices.
Proxy Agent does the conversion
of control messages.
..may run some other NMS.
SNMP Manager
SNMP Agent
SNMP
Community
Proxy Agent
Non-SNMP
Community
9. SNMP Internals
How Management Information will be stored?
SMI: Structure of Management Information
What Management Information data will be stored?
MIBs: Management Information Base
How information would be exchanged on network?
SNMP: Simple Network Management Protocol
10. SMI-Structure of Management Information
Defines the data types allowed in MIB.
Defines naming structure for each managed objects (MO).
Typically each MIB objects has six attributes-
Object Name
Object Identifier
Syntax Field
Access field
RFC-1155
Status Field
Text Descriptor
11. Management Information Base
MIB is collection of network information.
Contains the real values of managed objects in the agent in the form of
variables, tables of variables.
Access - through network management protocol.
MO in MIB - represent characteristics of a managed device.
Changes is done in agent MIB.
MIB definition is available in manager.
RFC-1156
12. MIB Object Naming Tree
• Object Identifier – Uniquely identify
an
object
in
Management
Information Base.
1.3.6.1.4.1.9
13. MIB Syntax
sysContact OBJECT-TYPE
-- OBJECT-TYPE is a macro
SYNTAX DisplayString (SIZE (0..255))
ACCESS
read-write
-- or read-write, write-only, not-accessible
STATUS
mandatory -- or optional, deprecated, obsolete
DESCRIPTION
“Chris Francois
cfrancois@acm.org
(360)650-0000”
::= { system 4 }
14. MIB example: UDP module
Object ID…....Name……………………Type…………………Comments……………………………………….
1.3.6.1.2.1.7.1
UDPInDatagrams Counter32
total # datagrams delivered at this time
1.3.6.1.2.1.7.2
UDPNoPorts
Counter32
# underliverable datagrams no app at portl
1.3.6.1.2.1.7.3
UDInErrors
Counter32
# undeliverable datagrams all other reasons
1.3.6.1.2.1.7.4
UDPOutDatagrams Counter32
1.3.6.1.2.1.7.5
udpTable
SEQUENCE
# datagrams sent
one entry for each port in use by app, gives
port #and IP address
8-14
15. SNMP Version1
Introduced in 1988, maintained by IETF.
SNMP protocol facilitates communication between managed
device and SNMP manager.
Five messages was introduced in SNMP v1.
GetRequest
SetRequest
GetNextRequest
Trap
Response
Manager to Agent
Agent to Manager
16. SNMP Messages
Get-Request
Sent by manager requesting specific data from agent.
Get-Next-Request
Sent by manager requesting data on the next MO to the one specified.
Set-Request
Initializes or changes the value of network element.
Get-Response
Agent responds with data for get and set requests from the manager.
Trap
Alarm generated by an agent.
17. SNMP v1
Communication is via SNMP Protocol Data Units (PDUs) that are
typically encapsulated in UDP packets.
UDP ports, 161 and 162, are the default ports reserved for SNMP.
The agent listens for requests and replies to them over port 161.
…reports asynchronous traps on port 162, unless it is instructed to
use different ports.
19. 0: GetRequest
1: GetNextRequest
2: SetRequest
3: GetResponse
SNMP Request to
Response association
Indicates one of a
number of errors and
error types.
Set by ‘Response’
operation.
Others set it to ‘0’
Associates error
with object instance.
Set by ‘Response’
operation.
Others set it to ‘0’
General PDU Structure
PDU TYPE
4: Trap
Request ID
Error Status
Error Index
Generic Trap Type:
7 values are defined:
coldStart(0)
warmStart(1)
linkDown(2)
linkUp(3)
authenticationFailure(4)
egpNeighborLoss(5)
enterpriseSpecific(6)
Management Enterprise
under whose registration Agent’s IP Address
(for further
authority trap was
identification)
defined.
Trap PDU Structure
PDU TYPE
Enterprise
Agent Addr
Gen Trap
Spec Trap
Object 1
Value 1
Data Field of SNMPv1
PDU.
Associates Object
instance with current
Object 2
value.
Value 2
Ignore for Get and
GetNext
Specific Trap Type:
Identifies non-generic
trap when Generic
Trap Type set to
‘enterpriseSpecific(6)’
Time elapsed between
last network
reinitialization and
trap generation
Time
Stamp
Object 1
Value 1
Object 2
Value 2
20. Issues with SNMP v1
Security- Very low standards.
× Passwords transmitted as plain text.
No provision for authenticating message source.
MIBs were not secured with ACL’s.
Limited number of error handling.
21. SNMP v2
Improvement over SNMP v1.
Improved security feature.
…added manager to manager communication.
Four version of SNMP v2SNMP v2p, SNMP v2c, SNMP v2u, SNMPv2*.
SNMP v2 is not backward compatible with SNMP v1.
22. SNMP v2 additional operations
Bulk Data Transfer
GetBulkRequest message was added.
Manager can request multiple values from agent via this message.
…faster retrieval of multiple records.
Manager to Manager communication
InformRequest -information sharing between two SNMP manager.
Improved error handling
SNMPv2 includes expanded error code that distinguishes kind of error
condition.
23. Interfacing SNMP v1
Bilingual Manager
Implements both SNMP v1 and v2
interpreter in manager.
Interpreter module do all MIB and
protocol conversion to and from
SNMP agent.
SNMP PDU contains version number
to identify the frame.
Bilingual Manager
SNMPv1
Interpreter
SNMP v1
Agent
SNMPv2
Interpreter
SNMP v2
Agent
Agent
Profile
24. Interfacing SNMP v1
Proxy Server
Requests to and response from
SNMPv2 agents are processed by the
SNMPv2 manager directly.
A proxy server is implemented as a
front end module to the SNMPv2
manager to allow communication
with SNMPv1 agents.
SNMPv2 Manager
Proxy
Server
SNMPv1
Agent
SNMPv2
Agent
25. SNMP v2 PDU
0: GetRequest
1: GetNextRequest
2: Response
3: Set Request
4. Obsolete
5. GetBulkRequest
6. InformRequest
7. SNMPv2 Trap
PDU TYPE
SNMP Request to
Response association
Request ID
Indicates one of a
number of errors and
error types.
Set by ‘Response’
operation.
Others set it to ‘0’
Error Status
Error Index
SNMPv2 PDU (except bulk)
Associates error
with object instance.
Set by ‘Response’
operation.
Others set it to ‘0’
Object 1
Value 1
Object 2
Value 2
Data Field of SNMPv1
PDU.
Associates Object
instance with current
value.
Ignore for Get and
GetNext
26. SNMP v2 PDU
PDU TYPE
Request ID
Non-Repeaters
Max
Repetitions
Object 1
Value 1
SNMPv2 GetBulkRequest PDU
Object 2
Value 2
……………
…………...
Object n
Value n
27. Issues with SNMP v2
Multiple versions of SNMP v2- no consensus.
Security-not much improvement.
Incompatibility with earlier version (v1).
Overhead implementing Bilingual Manager or Proxy Server.
28. SNMP v3
A general framework for all three SNMP versions.
Implements SNMP v1 and v2 specifications along with proposed new
features.
Improved security feature.
Secure remote configuration.
Protection against modification of information.
29. SNMP v3 Security
Major security improvement of v3 from earlier versions areMessage Integrity -ensures that data has not been modified or tampered
while in transit.
Authentication-checks if the message is from a authorized source.
Encryption-encrypt the data to prevent others from seeing the content.
Data can be collected securely from SNMP devices without fear of
the data being tampered with or corrupted.
31. SNMP v3 Engine
SNMP engine provides services for sending, receiving messages, authenticating
and encrypting messages, and controlling access to managed objects.
Dispatcher- support concurrent multiple SNMP message.
Send and receive SNMP message to and from the network.
Determine SNMP version forward to corresponding message processing
subsystem.
Interface between network and SNMP applications.
32. SNMP v3 Engine
Message processing Subsystem
Prepares message for sending in network.
Extract information from received message.
Security Subsystem
Provides security services-authentication, encryption etc.
Contains multiple subsystem.
Access Control System
Provides authorization services.
34. SNMP v3 Applications
Command Generator
used to generate get-request, get-next-request, get-bulk and set-request messages.
…also processes response received from the sent commands.
Command Responder
Processes the get and set request destined for it.
Notification Receiver
Receives asynchronous messages and processes that.
Notification Originator
Initiates asynchronous messages or traps.
Proxy Forwarder
Forwards requests and notification to other SNMP engines, according to context
No matter what MO information contained in it.