SNMP - Simple Network Management Protocol
SNMP stands for Simple Network Management Protocol. It's a protocol used primarily to monitor and manage devices on computer networks. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a networked environment.
Here are some key concepts and features associated with SNMP:
- Agents and Managers:
- Agent: This is a software module that resides in a managed device. An agent has local knowledge of management information and can translate that information to/from the SNMP protocol.
- Manager: It's software that runs on a workstation or server and is used to query agents and sometimes set values on the agents. Managers collect information from agents, request actions from them, and even send them configurations.
- MIB (Management Information Base):
- The MIB is like a database schema for the network device. It's a hierarchical structure that uses a tree format. Every item in the tree can be identified by a unique series of numbers, called an OID (Object Identifier).
- A MIB file is often provided by hardware manufacturers and describes the properties of the device that can be read or sometimes set.
- OID (Object Identifier):
- Each individual piece of information that can be accessed via SNMP is identified using a unique sequence of numbers, known as an OID.
- OIDs are organized hierarchically and can be represented in a dot-decimal format (e.g., 1.3.6.1.2.1.1).
- SNMP Versions:
- SNMPv1: The original version. It's widely supported but has significant security weaknesses.
- SNMPv2c: This version improved some aspects of v1 and introduced the Inform request. It uses a simple text password (called a community string) for authentication.
- SNMPv3: The most secure version, it adds security features like authentication and encryption.
- Community Strings: In SNMPv1 and v2c, a community string acts like a password. There are often two types of community strings:
- Read-Only (RO): Allows you to view the MIB variables but not change them.
- Read-Write (RW): Allows both viewing and setting the MIB variables.
- Operations:
- Basic SNMP operations include
GET,SET,GETNEXT, andGETBULK. GETretrieves the value of a specific OID.SETchanges the value of a specific OID.GETNEXTretrieves the value of the next OID in the MIB tree.GETBULKis used for retrieving voluminous data from large MIB tables.
- Basic SNMP operations include
- Traps and Informs: These are unsolicited messages sent by SNMP agents to managers. A trap might indicate something like a reboot, a configuration change, or a failure.
Informsare similar toTrapsbut they expect a response from the manager, acknowledging receipt. - Security Concerns: SNMP, especially versions 1 and 2c, has been criticized for its security weaknesses. SNMPv3 addressed many of these concerns by introducing features like message integrity, authentication, and encryption.
Links:
https://networklessons.com/cisco/ccie-routing-switching/introduction-to-snmp
Links to this page:
- home
- Automation - Ansible connection plugins
- ICMP - Mitigating Vulnerabilities
- MPP vs ACLs
- Management Plane Policing (MPP)
- Network - Monitoring multiple IPs of a single device with Observium
- SNMP - Engine ID
- SNMP - Index shuffling
- SNMP - Version 3 security levels
- SNMP - snmp-server community and host commands
- SNMP monitoring routing on a Nexus device
- SNMP trap vs inform
- SNMP walk