Embedded Files
Introduction
Introduction
SNMP is one of the most commonly used technologies when it comes to network monitoring. It consists of three key components: managed devices, agents, and network-management systems (NMSs). A managed device is a node that has an SNMP agent and resides on a managed network. These devices can be routers and access servers, switches and bridges, hubs, computer hosts, or printers. An agent is a software module residing within a device. This agent translates information into a compatible format with SNMP. An NMS runs monitoring applications.
SNMP manager
SNMP manager
An SNMP manager, also known as an SNMP management system or a management console, is any computer that sends queries for IP-related information to a managed computer, known as an SNMP agent. In some cases, the SNMP manager can send a request to an SNMP agent to change a configuration value
SNMP agent
SNMP agent
An SNMP agent is any computer or other network device that monitors and responds to queries from SNMP managers. The agent can also send a trap message to the manager when specified events, such as a system reboot or illegal access, occur.
So, An SNMP agent sends information in two situations:
When it responds to a request from an SNMP manager
When a trap event occurs
MIBs and OIDs
MIBs and OIDs
MIB stands for Management Information Base and is a collection of information which is organized hierarchically. The various pieces of information are accessed by a protocol such as SNMP. There are two types of MIBs: scalar ones and tabular ones. Scalar objects define a single object instance whereas tabular objects define multiple related object instances grouped in MIB tables.
OIDs or Object Identifiers uniquely identify managed objects in an MIB hierarchy. It can be depicted as a tree whose nodes are assigned by different organizations. Generally, an OID is a long sequence of numbers, coding the nodes, separated by dots. Top level MIB object IDs (OIDs) belong to different standard organizations. Vendors define private branches including managed objects for their own products.
SNMP basically works with the principle that network management systems send out a request and the managed devices return a response. This is implemented using one of the following four operations:Get, GetNext, Set, and Trap. SNMP messages consist of a header and a PDU (Protocol Data Unit). The headers consist of the SNMP version number and the community name. The community name is used as a sort of password to increase security in SNMP. The PDU depends on the type of message that is sent. The Get, GetNext, and Set, as well as the response PDU, consist of PDU type, Request ID, Error status, Error index and Object/Variable fields. The Trap consists of Enterprise, Agent, Agent address, Generic trap type, Specific trap code, Timestamp and Object/Value fields.
SNMP Communities
SNMP Communities
A community name acts as a password that is shared, typically, by multiple SNMP agents and one or more SNMP managers. You configure the SNMP manager and the computers or devices that it manages as members of a single SNMP community. An SNMP agent only accepts requests from SNMP managers that are on the agent’s list of acceptable community names.
When an SNMP manager sends a query or set request to the SNMP agent, the SNMP service compares the community name of the requestor with the community name of the agent and its access permissions. If the names match, the SNMP manager is successfully authenticated, and the agent replies to the query or performs the set request. If the community names do not match, the SNMP agent considers the request a failed access attempt and — if configured to do so — can send an SNMP trap message notifying the trap destination that an improper access has been attempted.
snmpwalk Linux tool
snmpwalk Linux tool
In ubuntu, we can install snmpwalk tool which will query snmp server to fetch info.
Installation of snmp walk
Installation of snmp walk
apt-get install snmp
example command for snmp walk
example command for snmp walk
$snmpwalk -v2c -c public 172.17.1.59 1.3.6.1.4.1.5951.4.1.1
In order to display result in human readable format, MIBs should be present which converts above number(for example, 1.3.6.1.4.1.5951.4.1.1) to human readable names. snmpwalk should load these MIBs. By default, it loads things from the following list of directories:
$HOME/.snmp/mibs
/usr/local/share/snmp/mibs
Useful SNMP commands
Useful SNMP commands
snmpget and snmpgetnext
root@ubuntu:~# snmpgetnext -v2c -c public123 172.17.0.2 1.3.6.1.4.1.5951.4.1.1.84.28.0
iso.3.6.1.4.1.5951.4.1.1.84.29.0 = Counter64: 0
root@ubuntu:~# snmpget -v2c -c public123 172.17.0.2 1.3.6.1.4.1.5951.4.1.1.84.28.0
iso.3.6.1.4.1.5951.4.1.1.84.28.0 = Counter64: 0
Reference
Reference
https://technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx
https://kb.paessler.com/en/topic/653-how-do-snmp-mibs-and-oids-work
http://net-snmp.sourceforge.net/tutorial/tutorial-5/commands/mib-options.html
Page updated
Google Sites
Report abuse