PONDICHERRY UNIVERSITY

School of Engineering & Technology

SI MPLE NETWORK MANAGEMENT PROTOCOL
(SNMP)
9/20/2014 1 Department of Computer Science
COMPUTER NETWORK PROTOCOLS
Assignment I Dated : 18-08-2014
M. Tech [CSE] I year / I Semester
SNMP - Contents
Introduction.
OSI Layers.
Components.
Functionality - Principle of Communication.
Functional area of Network Management.
Traps, Port and UDP.
Message Format.
Management Information Base(MIB) & MIB Objects.
Message Types.
Languages of SNMP.
SNMP Commands.
SNMP Versions RFCs.
Advantages.
References.


9/20/2014 Department of Computer Science 2
SNMP - Introduction
A Internet Standard protocol for managing devices on IP
network.
SNMP is a component of the Internet Protocol Suite as defined
by the I nternet Engineering Task Force (I ETF).
SNMP is used mostly in network management systems to
monitor network-attached devices.
It consists of a set of standards for network management,
including an application layer protocol, a database schema,
and a set of data objects.
SNMP is not NMS. SNMP is protocol that facilitates network
management functionality. It is not, in itself, a network
management system (NMS).
SNMP is a tool (protocol) that allows for remote and local
management of items on the network including servers,
workstations, routers, switches and other managed devices.

9/20/2014 Department of Computer Science 3
SNMP - HISTORY
Apr. 1989 - SNMP promoted to recommended status as the
de facto TCP/IP network management framework (RFC
1098).
J une 1989 Internet Architecture Board(IAB) committee
which oversees IETF decides to let SNMP develop
separately.
May 1990 - IAB promotes SNMP to a standard protocol
with a recommended status (RFC 1157)
Mar. 1991 - format of MIBs and traps defined (RFCs 1212,
1215)
TCP/IP MIB definition revised to create SNMPv1 (RFC
1213)

9/20/2014 Department of Computer Science 4
SNMP & OSI Layers
7 APPLICATION LAYER Management and Agent APIs,
SNMP
6 PRESENTATION LAYER ASN.1 and BER
5 SESSION LAYER RPC and NetBIOS
4 TRANSPORT LAYER TCP and UDP
3 NETWORK LAYER IP
2 DATA LINK LAYER ETHERNET, TOKEN RING
and FDDI
1 PHYSICAL LAYER
9/20/2014 Department of Computer Science 5
SNMP - Components
An SNMP managed network consists of three
key components
Managed Device
A network node that implements an SNMP interface.
Can be any type of network device.
Network Management System
provide the bulk of the processing and memory
resources required for network management.
Agent
Software that runs on managed device.
9/20/2014 Department of Computer Science 6
PRINCIPLE OF COMMUNICATION
9/20/2014 Department of Computer Science 7
SNMP manager - An SNMP manager, also known as an SNMP management system or
a management console, is any computer that sends queries for IP-related information to
a managed computer, known as an SNMP agent.
SNMP agent - An SNMP agent is any computer or other network device that monitors
and responds to queries from SNMP managers. The agent can also send a trap message
to the manager when specified events, such as a system reboot or unauthenticated access
failure.

9/20/2014 Department of Computer Science 8
SNMP NETWORK
MANAGEMENT
HAS THREE PARTS
9/20/2014 Department of Computer Science 9
SNMP PROTOCOL
Defines format of messages
exchanged by management
systems and agents.
Specifies the Get, GetNext,
Set, and Trap operations
STRUCTURE OF MANAGEMENT
INFORMATION
Rules specifying the format
used to define objects
managed on the network
that the SNMP protocol
accesses
MANAGEMENT INFORMATION
BASE
A map of the hierarchical
order of all managed objects
and how they are accessed
FUNCTIONAL AREAS OF NMS



9/20/2014 Department of Computer Science 10
Configuration Management inventory and configuration.
Fault Management reactive and proactive fault
Performance Management No. of packets dropped, timeouts,
collisions, CRC errors
Accounting Management Cost Management
Asset Management statistics of equipment, facility, and
administration personnel

Planning Management analysis of trends to help justify a
network upgrade or bandwidth
increase
TRAPS
Traps are unrequested event reports that are sent to a
management system by an SNMP agent process.
When a trappable event occurs, a trap message is generated
by the agent and is sent to a trap destination (a specific,
configured network address).
Many events can be configured to signal a trap, like a
network cable fault, failing NI C or Hard Drive, a
General Protection Fault, or a power supply failure.
Traps can also be throttled -- You can limit the number of
traps sent per second from the agent.
Traps have a priority associated with them -- Critical,
Major, Minor, Warning, Marginal, I nformational,
Normal, Unknown

9/20/2014 Department of Computer Science 11
SNMP Trap Types
9/20/2014 Department of Computer Science 12
Trap
Type
Trap Name Description
0 ColdStart The SNMP agent initialized its configuration tables.
1 WarmStart The SNMP agent re-initialized its configuration tables.
2 LinkDown The state of a network adapter on the SNMP agent changed
from up to down
3 LinkUp The state of a network adapter on the SNMP agent changed
from down to up.
4 authenticationFailure The SNMP agent received a message from an SNMP manager,
but the message contained an invalid community name.
5 egpNeighborLoss The SNMP agent could not communicate with its Exterior
Gateway Protocol(EGP) peer.
6 enterpriseSpecific Reserved for vendor-defined error conditions and error codes
SNMP USES UDP
9/20/2014 Department of Computer Science 13
UDP Port 161 - SNMP Messages
UDP Port 162 - SNMP Trap Messages

MESSAGE FORMAT
9/20/2014 Department of Computer Science 14
Message Length
Message Version
Community String
PDU Header
PDU Body
Message Preamble
SNMP Protocol
Data Unit
9/20/2014 Department of Computer Science 15


Message Length
Message Version
Community String
PDU Type
PDU Length
Request ID
Error Status
Error Index
Length of Variable Bindings
Length of First Binding
Additional Variable Bindings
OID of First Binding
Type of First Binding
Value of First Binding
Length of Second Binding
OID of Second Binding
Type of Second Binding
Value of Second Binding
Message Length
Message Version
Community String
PDU Type
PDU Length
Enterprises MIB OID
Agent IP Address
Standard Trap Type
Length of Variable Bindings
Length of First Binding
Additional Variable Bindings
OID of First Binding
Type of First Binding
Value of First Binding
Length of Second Binding
OID of Second Binding
Type of Second Binding
Value of Second Binding
Specific Trap Type
Time Stamp
PDU
Body
SNMP
Message
Preamble
PDU
Header
SNMP Message Formats
What is Management Information Base?
When an SNMP manager requests information from an SNMP
agent, the SNMP agent retrieves the current value of the requested
information from the Management Information Base (MIB).
Each system in a network (workstation, server, router, bridge, and
so forth) maintains a MIB.
MIB has status of the managed resources on that system, such as the
version of the software running on the device,
the I P address assigned to a port or interface,
the amount of free hard drive space, or
the number of open files.
The MIB defines the managed objects that an SNMP manager
monitors (or sometimes configures) on an SNMP agent.
SNMP relies on the three basic operations: get (object), set (object,
value) and get-next (object).
9/20/2014 Department of Computer Science 16
Structure of MIB
9/20/2014 Department of Computer Science 17
MIB Objects

The definition of each MIB object that an SNMP agent manages includes the
following elements:
The object name and object identifier (also known as an OID).
A text description of the object.
The objects data-type definition (such as counter, string, gauge, or address).
The index for objects that are assigned complex data types. The index
specifies the key field for the table that is, the field that can be used to
identify a row.
The only complex SNMP data type that is allowed is a table, and tables
cannot be nested. Examples include the list of a systems network interfaces,
a routing table, or the Address Resolution Protocol (ARP) table.
The level of access to the object (such as read or read/write) that is allowed.
Size restrictions.
Range information.

9/20/2014 Department of Computer Science 18
9/20/2014 Department of Computer Science 19
SNMP MESSAGE TYPES
SNMP Manager/Agent Communication
9/20/2014 Department of Computer Science 20
The SNMP manager, Host A, forms an SNMP message that contains an information request (Get) for
the number of active sessions, the name of the community to which the SNMP manager belongs, and
the destination of the message the IP address (131.107.3.24) of the SNMP agent, Host B.

The SNMP manager can use either the Microsoft SNMP Management API library (Mgmtapi.dll) or the
Microsoft WinSNMP API library (Wsnmp32.dll) to perform this step. The SNMP manager sends the
information request to Host B by using the SNMP service libraries.

When Host B receives the message, it verifies that the community name (MonitorInfo) contained in
the packet is on its list of acceptable community names, evaluates the request against the agents list
of access permissions for that community, and verifies the source IP address.

If the community name or access permission is incorrect, and the SNMP service has been configured
to send an authentication trap, the agent sends an authentication failure trap to the specified trap
destination, Host C. Hosts B and C belong to the TrapAlarm community.

The master agent component of the SNMP agent calls the appropriate extension agent to retrieve the
requested session information from the MIB.

Using the session information that it retrieved from the extension agent, the SNMP service forms a
return SNMP message that contains the number of active sessions and the destination the IP
address (131.107.7.29) of the SNMP manager, Host A.

Host B sends the response to Host A.

9/20/2014 Department of Computer Science 21
SNMP Manger/Agent Communication
Network protocol identification and statistics.

Dynamic identification (discovery) of devices attached to
the network.

Hardware and software configuration data.

Device performance and usage statistics.

Device error and event messages.

Program and application usage statistics.

9/20/2014 Department of Computer Science 22
9/20/2014 Department of Computer Science 23
Languages of SNMP


Structure of Management Information (SMI)
Abstract Syntax Notation One (ASN.1)
Basic Encoding Rules (BER)
specifies the format used for defining managed
objects that are accessed via the SNMP protocol
used to define the format of SNMP messages and
managed objects (MIB modules) using an
unambiguous data description format
used to encode the SNMP messages into a format
suitable for transmission across a network
SNMP COMMANDS
9/20/2014 Department of Computer Science 24
SNMP - VERSIONS
The following RFCs relate to SNMP version 1:
RFC 1157, Simple Network Management Protocol (SNMP).
RFC 1155, Structure and Identification of Management Information for TCP/IP-based Internets.
RFC 1213, Management Information Base for Network Management of TCP/IP-based Internets:
MIB-II.
RFC 1573, Evolution of the Interfaces Group of MIB-II.
The following RFCs relate to SNMP version 2:
RFC 1901, Introduction to CommunityBased SNMPv2.
RFC 1902, Structure of Management Information for Version 2 of the Simple Network
Management Protocol (SNMPv2).
RFC 1903, Textual Conventions for SNMPv2.
RFC 1904, Conformance Statements for Version 2 of the Simple Network Management Protocol
(SNMPv2).
RFC 1905, Protocol Operations for Version 2 of the Simple Network Management Protocol
(SNMPv2).
RFC 1906, Transport Mappings for Version 2 of the Simple Network Management Protocol
(SNMPv2).
RFC 1907, Management Information Base for Version 2 of the Simple Network Management
Protocol (SNMPv2).
RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-standard Network
Management Framework.
RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 Within a Bi-Lingual SNMP Agent.
9/20/2014 Department of Computer Science 25
9/20/2014 Department of Computer Science 26
SNMP Advantages
Standardized
universally supported
extendible
portable
allows distributed management access
lightweight protocol
Example MIB Object
9/20/2014 Department of Computer Science 27
sysContact OBJECT-TYPE -- OBJECT-TYPE is a macro
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-write -- or read-write, write-only, not-accessible
STATUS mandatory -- or optional, deprecated, obsolete
DESCRIPTION
Chris Francois
cfrancois@acm.org
(360)650-0000
::= { system 4 }
Example OID in NET-SNMP TOOL
9/20/2014 Department of Computer Science 28
REFERENCES
docs.oracle.com/cd/...01/.../SNMP_commands_reference_appendix.html
technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx
en.wikipedia.org/wiki/Simple_Network_Management_Protocol
www.cisco.com/c/en/us/td/docs/ios/12_2/.../command/.../frf014.html

9/20/2014 Department of Computer Science 29
Queries
9/20/2014 Department of Computer Science 30
9/20/2014 Department of Computer Science 31