Simple Network Management Protocol (SNMP) was created in the late eighties as a short-term solution to manage the growing number of network nodes on the Internet. The network community quickly took to SNMP, and it is now the standard network management protocol used by just about every network device.
SNMP is now a popular protocol for managing networks of all sizes. It is used to collect information from devices, such as throughput and utilization, but it’s also used to configure devices by setting options. SNMP is available on all types of devices from servers, switches, routers, firewalls, printers, to laptops and tablets.
By using SNMP to monitor network performance and collect statistics and performance data, network management systems can present the information in graphical form for human network managers to review.
The SNMP Model
The SNMP architecture is based on a manager/agent model consisting of a manager element, an agent element and a central database of device management information. The SNMP manager (SERVER) interfaces with the SNMP agent, which resides on the remote device alongside a local management information base (MIB).
As they are on the same device, the agent interfaces directly with the local MIB, which is a collection of information regarding the device, such as vendor, model & revision, configuration, performance, capabilities, throughput, status, and much more, all collected in a hierarchal structure. The agent interrogates the MIB and retrieves information or set configuration parameters. There are two types of MIBs: scaler and tabular. Scalar MIBs represent a single object instance whereas tabular MIBs define multiple related object instances grouped together in MIB tables.
Object identifiers, OIDs, uniquely identify managed objects within a MIB hierarchy. The MIB hierarchy is organized like a tree with top-level MIB objects IDs (OIDs) belong to different standard organizations with lower level branches assigned to vendors. The vendors define their own private branches for their own managed objects. MIBs are normally preconfigured on the device along with SNMP applications, but they are also available through the vendor’s websites for developers to study.
SNMP works on the bases that the manager element sends out a request and the remote managed device, through the SNMP agent, interrogates the MIB and returns a response. This simple protocol is managed using four simple statements: GET, GET-NEXT, SET and TRAP.
Consider a simple scenario:
- A human network manager wishes to know the throughput and utilization percentage on the Internet WAN interface on the gateway router
- He requests the SNMP network manager element to supply that information via a NMS (Network Management System) or through the CLI.
- The SNMP network manager sends a request to the SNMP agent that resides on the gateway router to GET that information from the local MIB
- The SNMP agent obliges and retrieves the required information regarding the OIDs for the Internet interface, namely throughput and utilization, and sends the data back to the NMS
- The NMS updates its central database and displays the results.
Community Strings
SNMP community strings are the technique used by SNMP to granularly allow or restrict access to the SNMP agents and the local MIB on the remote devices. The agents must not reply to just anyone. Usually, information will be public and unrestricted. Therefore, some devices are configured with public strings that are read-only on some OIDs. There are other community strings set by access lists that allow read/write functions and some which are private.
SNMP Commands
- GET – is the command to retrieve an OID from the MIB
- GET-Next – is the command to walk through the MIB tree going from one OID to the next, this is the command SNMP-walk is based on.
- SET – write a value in a parameter
- TRAP – send an error message or alert due to a configurable threshold being passed or a trigger activated
SNMP is typically used as the source for a Network Management System as the NMS can mine the wealth of vendor specific SNMP status and configuration information regarding each device to provide a holistic view of the network.
SNMP WALK
The tool snmpwalk is not a part of the SNMP protocol, but it does use SNMP as its method of interrogating a network device. If the network device is configured with a public string then snmpwalk can communicate with it. By using the SNMP agent request, Get-Next, snmpwalk can specify an OID as a starting point in the tree that it wishes information to get information from.
The snmpwalk command essential makes a connection to the device using the public community string. Within the command, snmpwalk issues will be an OID reference point from which, by using Get-next commands, it can walk its way through the MIB’s OID branches of the hierarchal tree collecting all the information made available on the public null password.
Installing snmpwalk
The package snmpwalk is on most Linux repositories, so installing the package should not be a problem.
On RedHat/Fedora/Centos: yum install net-snmp-utils
Ubuntu: apt-get install snmp
Once loaded the snmpwalk command reference is shown below,
USAGE: snmpwalk [OPTIONS] AGENT [OID]
Version: 5.4.2.1
Web: http://www.net-snmp.org/
Email: net-snmp-coders@lists.sourceforge.net
OPTIONS:
-h, –help display this help message
-H display configuration file directives understood
-v 1|2c|3 specifies SNMP version to use
-V, –version display package version number
SNMP Version 1 or 2c specific
-c COMMUNITY set the community string
SNMP Version 3 specific
-a PROTOCOL set authentication protocol (MD5|SHA)
-A PASSPHRASE set authentication protocol pass phrase
-e ENGINE-ID set security engine ID (e.g. 800000020109840301)
-E ENGINE-ID set context engine ID (e.g. 800000020109840301)
-l LEVEL set security level (noAuthNoPriv|authNoPriv|authPriv)
-n CONTEXT set context name (e.g. bridge1)
-u USER-NAME set security name (e.g. bert)
-x PROTOCOL set privacy protocol (DES|AES)
-X PASSPHRASE set privacy protocol pass phrase
-Z BOOTS,TIME set destination engine boots/time
General communication options
-r RETRIES set the number of retries
An snmpwalk example command
Example output of snmpwalk will retrieve all of the variables under system:
# % snmpwalk -v 1 localhost public system
# system.sysDescr.0 = “SunOS name sun4c”
# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
# system.sysContact.0 = “sys_admin@stc.org>”
# system.sysName.0 = “Riyadh_08_WS”
# system.sysLocation.0 = “Riyadh, KSA”
# system.sysServices.0 = 72
No comments:
Post a Comment