Simple Network Management Protocol

What is SNMP?

Designed to be Simple-very few commands.

It concerns with Network Management.

It’s a Protocol-defined by IETF.

The Simple Network Management Protocol (SNMP) is an application layer protocol used to manage network resources.

What does SNMP manage?

…all SNMP compatible devices.

servers

workstations

routers

switches

printers

…many more.

SNMP Functionality?

Fault Management.

Configuration Management.

Accounting Management.

Performance Monitoring and Management.

Security Management.

Local and/or Remote

SNMP Components

SNMP Manager.

SNMP Agent.

MIB- Management Information Base.

SNMP Agent

Process

Trap

Request

MIB MIB

Response

SNMP Manager Process

N e t w o r k

SNMP Manager

Capable of querying any managed device - via polling.

Capable enforcing management decision in Network.

Normally runs on very few system compared to SNMP agents.

Software that runs on some administrative computer and manages the whole network.

SNMP Agent

Collects information from network device, on which it resides and stores in MIB.

Replies to manager with proper information when asked for.

Can initiate communication with SNMP manager using traps.

Small piece of code that runs on every SNMP managed device and gathers and sends data about that managed resource in response to

a request from the manager.

SNMP Proxy

A Proxy Agent is an SNMP agent that maintains information of one or more non-SNMP devices.

Proxy Agent does the conversion of control messages.

SNMP Manager

SNMP Agent Proxy Agent

Non-SNMP Community

SNMP Community

..may run some other NMS.

SNMP Internals

How Management Information will be stored?

SMI: Structure of Management Information

What Management Information data will be stored?

MIBs: Management Information Base

How information would be exchanged on network?

SNMP: Simple Network Management Protocol

SMI-Structure of Management Information

Defines the data types allowed in MIB.

Defines naming structure for each managed objects (MO).

Typically each MIB objects has six attributes- Object Name

Object Identifier

Syntax Field

Access field

Status Field

Text Descriptor

RFC-1155

Management Information Base

MIB is collection of network information.Contains the real values of managed objects in the agent in the form of

variables, tables of variables.

Access - through network management protocol.

MO in MIB - represent characteristics of a managed device.

Changes is done in agent MIB.

MIB definition is available in manager.RFC-1156

MIB Object Naming Tree

• Object Identifier – Uniquely identify an object in Management Information Base.

1.3.6.1.4.1.9

MIB Syntax

sysContact OBJECT-TYPE -- OBJECT-TYPE is a macro

SYNTAX DisplayString (SIZE (0..255))

ACCESS read-write -- or read-write, write-only, not-accessible

STATUS mandatory -- or optional, deprecated, obsolete

DESCRIPTION

“Chris Francois

cfrancois@acm.org

(360)650-0000”

::= { system 4 }

8-14

MIB example: UDP moduleObject ID…....Name……………………Type…………………Comments……………………………………….

1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered at this time

1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams no app at

portl

1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams all other

reasons

1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent

1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port in use by

app, gives port #and IP address

SNMP Version1

Introduced in 1988, maintained by IETF.

SNMP protocol facilitates communication between managed device and SNMP manager.

Five messages was introduced in SNMP v1.GetRequestSetRequestGetNextRequestTrapResponse

Manager to Agent

Agent to Manager

SNMP Messages

Get-RequestSent by manager requesting specific data from agent.

Get-Next-RequestSent by manager requesting data on the next MO to the one specified.

Set-RequestInitializes or changes the value of network element.

Get-ResponseAgent responds with data for get and set requests from the manager.

TrapAlarm generated by an agent.

SNMP v1

Communication is via SNMP Protocol Data Units (PDUs) that are typically encapsulated in UDP packets.

UDP ports, 161 and 162, are the default ports reserved for SNMP.

The agent listens for requests and replies to them over port 161.

…reports asynchronous traps on port 162, unless it is instructed to use different ports.

SNMP Protocol Data Unit(PDU)

Request ID Error Status Error IndexObject 1Value 1

Object 2Value 2

PDU TYPE

PDU TYPE Enterprise Agent Addr Gen Trap Spec TrapTime

StampObject 1Value 1

Object 2Value 2

Trap PDU Structure

General PDU Structure

SNMP Request to Response association

Indicates one of a number of errors and error types.

Set by ‘Response’ operation.

Others set it to ‘0’

Associates error with object instance.

Set by ‘Response’ operation.

Others set it to ‘0’

4: Trap

Management Enterprise under whose registration authority trap was defined.

Agent’s IP Address(for further

identification)

Generic Trap Type:7 values are defined:coldStart(0)warmStart(1)linkDown(2)linkUp(3)authenticationFailure(4)egpNeighborLoss(5)enterpriseSpecific(6)

Specific Trap Type:Identifies non-generic trap when Generic Trap Type set to ‘enterpriseSpecific(6)’

Time elapsed between last network reinitialization and trap generation

0: GetRequest1: GetNextRequest2: SetRequest3: GetResponse

Data Field of SNMPv1 PDU.

Associates Object instance with current value.

Ignore for Get and GetNext

Issues with SNMP v1

Security- Very low standards.

× Passwords transmitted as plain text.

No provision for authenticating message source.

MIBs were not secured with ACL’s.

Limited number of error handling.

SNMP v2

Improvement over SNMP v1.

Improved security feature.

…added manager to manager communication.

Four version of SNMP v2-

SNMP v2p, SNMP v2c, SNMP v2u, SNMPv2*.

SNMP v2 is not backward compatible with SNMP v1.

SNMP v2 additional operations

Bulk Data TransferGetBulkRequest message was added.Manager can request multiple values from agent via this message.…faster retrieval of multiple records.

Manager to Manager communicationInformRequest -information sharing between two SNMP manager.

Improved error handlingSNMPv2 includes expanded error code that distinguishes kind of error

condition.

Interfacing SNMP v1

Bilingual Manager Implements both SNMP v1 and v2

interpreter in manager.

Interpreter module do all MIB and protocol conversion to and from SNMP agent.

SNMP PDU contains version number to identify the frame.

Bilingual Manager

SNMPv1 Interpreter

SNMPv2 Interpreter

S N M P v 1 A g e n t

S N M P v 2 A g e n t

Agent Profile

S N M P v 2 A g e n t

S N M P v 1 A g e n t

Interfacing SNMP v1

Proxy ServerRequests to and response from

SNMPv2 agents are processed by the SNMPv2 manager directly.

A proxy server is implemented as a front end module to the SNMPv2 manager to allow communication with SNMPv1 agents.

SNMPv2 Manager

Proxy Server

SNMP v2 PDU

Request ID Error Status Error IndexObject 1Value 1

Object 2Value 2

PDU TYPE

SNMPv2 PDU (except bulk)

SNMP Request to Response association

Indicates one of a number of errors and error types.

Set by ‘Response’ operation.

Others set it to ‘0’

Associates error with object instance.

Set by ‘Response’ operation.

Others set it to ‘0’

0: GetRequest1: GetNextRequest2: Response3: Set Request4. Obsolete5. GetBulkRequest6. InformRequest7. SNMPv2 Trap

Data Field of SNMPv1 PDU.

Associates Object instance with current value.

Ignore for Get and GetNext

SNMP v2 PDU

PDU TYPE Request ID Non-RepeatersMax

RepetitionsObject 1Value 1

Object 2Value 2

………………………...

Object nValue n

SNMPv2 GetBulkRequest PDU

Issues with SNMP v2

Multiple versions of SNMP v2- no consensus.

Security-not much improvement.

Incompatibility with earlier version (v1).

Overhead implementing Bilingual Manager or Proxy Server.

SNMP v3

A general framework for all three SNMP versions.

Implements SNMP v1 and v2 specifications along with proposed new

features.

Improved security feature.

Secure remote configuration.

Protection against modification of information.

SNMP v3 Security

Major security improvement of v3 from earlier versions are-

Message Integrity -ensures that data has not been modified or tampered while in transit.

Authentication-checks if the message is from a authorized source.Encryption-encrypt the data to prevent others from seeing the content.

Data can be collected securely from SNMP devices without fear of the data being tampered with or corrupted.

SNMP v3 Architecture

SNMP v3 Engine

Dispatcher- support concurrent multiple SNMP message.Send and receive SNMP message to and from the network.Determine SNMP version forward to corresponding message processing

subsystem.Interface between network and SNMP applications.

SNMP engine provides services for sending, receiving messages, authenticating

and encrypting messages, and controlling access to managed objects.

SNMP v3 Engine

Message processing SubsystemPrepares message for sending in network.Extract information from received message.

Security SubsystemProvides security services-authentication, encryption etc.Contains multiple subsystem.

Access Control SystemProvides authorization services.

SNMP v3 Architecture

SNMP v3 Applications

Command Generatorused to generate get-request, get-next-request, get-bulk and set-request messages.…also processes response received from the sent commands.

Command ResponderProcesses the get and set request destined for it.

Notification ReceiverReceives asynchronous messages and processes that.

Notification OriginatorInitiates asynchronous messages or traps.

Proxy ForwarderForwards requests and notification to other SNMP engines, according to contextNo matter what MO information contained in it.

Thank you!