SNMP

Simple Network Management Protocol

Simple Network Management Protocol

• SNMP
– Application-layer protocol for managing TCP/IP based
networks.
- Runs over UDP, which runs over IP
• Components of SNMP:
NMS (Network Management Station)
- Device that pools SNMP agent for info.
SNMP Agent
- Device (e.g. Router) running software that understands SNMP language
MIB
- Information in the database is described by Management Information
Bases (MIBs)

SMI (Structure of Management Information)

- Standard that defines how to create a MIB.
SNMP protocol is the application layer protocol used by SNMP agents and
managers to send and receive data

SNMP agent
SNMP
manager

SNMP agent
SNMP
protocol
messages
SNMP agent
SNMP Commands

• SNMP has 5 different functions referred to as Protocol Data

Units (PDU’s), which are:

(1) GetRequest, aka Get

(2) GetNextRequest, aka GetNext
(3) GetResponse, aka Response
(4) SetRequest, aka Set
(5) Trap
SNMP Protocol

• Get-request. Requests the values of one or more objects

• Get-next-request. Requests the value of the next object
• Set-request. A request to modify the value of one or more
objects
• Get-response. Sent by SNMP agent in response to a get-
request, get-next-request, or set-request message.
• Trap. An SNMP trap is a notification sent by an SNMP agent
to an SNMP manager, which is triggered by certain events at
the agent.
Traps

• Traps are messages that asynchronously sent by an agent to

a manager
• Traps are triggered by an event
• Defined traps include:
– linkDown: Even that an interface went donw
– coldStart - unexpected restart (i.e., system crash)
– warmStart - soft reboot
– linkUp - the opposite of linkDown
– (SNMP) AuthenticationFailure
–…
SNMP Protocol

• SNMP manager and an SNMP agent communicate using the

SNMP protocol
– Generally: Manager sends queries and agent responds
– Exception: Traps are initiated by agent.

get-request
get-response Port 161

SNMP manager
get-next-request
SNMP agent
get-response Port 161

set-request
get-response Port 161

Port 162 trap

MIB – Management Information Base

Standard MIB Object:

- OBJECT-TYPE sysUpTime OBJECT-TYPE

- String that describes the MIB SYNTAX Time-Ticks
object. ACCESS read-only
- Object IDentifier (OID). STATUS mandatory
- SYNTAX DESCRIPTION
- Defines what kind of info is stored
in the MIB object. “Time since the
- ACCESS network management
- READ-ONLY, READ-WRITE. portion of the system
- STATUS was last re-initialised.
- State of object in regards the ::= {system 3}
SNMP community.
- DESCRIPTION
- Reason why the MIB object exists.
MIB – Management Information Base

• Object IDentifier (OID) iso(1)

1
org(3)

- Example .1.3.6.1.2.1.1 3
dod(6)
6
- iso(1) org(3) dod(6) internet(1) internet(1)
mgmt(2) 1 private(4)
mib-2(1) directory(1) 4
system(1) 1
mgmt(2) experimental(3)
2 3

Note: mib-2(1)
1
- dod: U.S. Department of Defense system(1)
tcp(6)
6
1
interfaces(2) ip(4)
2 4
SNMP Versions
• Three versions are in use today:
– SNMPv1 (1990)
• SNMPv1 uses plain text community strings for authentication as plain text without
encryption
– SNMPv2c (1996)
• SNMPv2 was supposed to fix security problems, but effort de-railed (The “c” in SNMPv2c
stands for “community”).
• SNMPv2 has become split into:

SNMPv2u - SNMPv2 with user-based security

SNMPv2* - SNMPv2 with user-based security and additional features
SNMPv2c - SNMPv2 without security

– SNMPv3 (2002)
– Ensure that a packet has not been tampered with (integrity),
– Ensures that a message is from a valid source (authentication)
– Ensures that a message cannot be read by unauthorized (privacy).

• All versions are still used today

• Many SNMP agents and managers support all three versions of the protocol.
Security levels in SNMPv2

SNMP has three security levels:

• noAuthNoPriv: Authentication with matching a user name.
• authNoPriv: Authentication with MD5 or SHA message
digests.
• authPriv: Authentication with MD5 or SHA message digests,
and encryption with DES encryption
SNMP Tools

• Command Line Interface

– e.g. ‘snmpwalk’

• Graphical User Interface

– e.g. iReasoning’s MIB Browser