Simple Network Management Protocol (SNMP)

The Simple Network Management Protocol (SNMP) is a protocol that enables management systems to manage heterogenous network routers, switches, servers and even applications. The protocol uses TCP & UDP for communicating between the network manager and the devices being managed. It is a relatively simple protocol, but powerful enough to manage even the most complex of networks.

There are three versions of SNMP:

SNMP v1: First version of SNMP, uses UDP for communicating and a simple text password for authentication. Described in RFC-1157
SNMP v2c: Adds enhanced security, support for TCP in addition to UDP, bulk retrieval of data
SNMP v3: Adds strong key based authentication, encryption of data and access control features

SNMP Environment

An SNMP network consists of the following:

Network Management System (NMS): Issues queries to the devices being monitored
Managed Device: These are devices such as routers, servers, etc. that provide internal information to the NMS
Agents: This is the software residing on the Managed Device which allows the NMS to communicate with the device.

SNMP Commands

SNMP is a simple request/response protocol. The network-management system issues a request, and managed devices return responses. There are 4 basic commands defined in SNMP:

GET: to read data from the device being monitored
SET: to set a variable in the device being managed
WALK: to sequentially traverse the values of a MIB tree
TRAP: used by the managed device to send any special event asynchronously to the NMS

SNMP v2 added a number of additional commands such as BULKGET and INFORM in the protocol.

SNMP MIB

The SNMP Management Information Base (MIB) is a database that describes the properties of the managed resources that the agent supports. This database is defined using the SMI framework, which uses the ASN syntax notation.

There are a large number of "standard" device MIBs which are published by the IETF (for metrics that are available from servers and routers). Additionally, device vendors publish vendor specific MIBs for their custom management metrics.

The data in a MIB is organized like a tree, with each data item making up the leaves of the tree. There are three main branches- ISO (1), ISO/CCITT (2) and CCITT (3). Most of the MIBS are organized under the iso.org.dod.internet hierarchy (1.3.6.1 prefix). The current standard MIB-II has the prefix 1.3.6.1.2.1.

Structure of Management Information (SMI)

SMI defines the rules for describing management information using Abstract Syntax Notation (ASN.1). This is described in RFC-1155 for SNMP v1.

SMI specifies:

ASN.1 data types: name (OID), syntax (integer or string) and encoding of data for transmission
SMI specific data types: integers, octets, OIDs, IP address, counters, gauges, time ticks, opaques
MIB tables : a tree type table of data

The SMI for SNMPv2 includes two documents: RFCs 1443 and 1444. RFC 1443 (Textual Conventions) defines the data types used within the MIB modules, while RFC 1444 (Conformance Statements) provides an implementation baseline. The SNMPv2 SMI also defines a new branch of the Internet MIB tree for SNMPv2 (1.3.6.1.6)

SNMP v3

SNMP v3 added strong security features such as authentication and encryption.

The authentication consists of a username and password, where the password is encrypted using MD5 or SHA. Optionally, the data can be encrypted using a privacy password phrase. This requires setting up a shared "secret" between the NMS and the agents for decrypting the data.