Info-Finder Encyclopedia Search Center Multimedia Portal Online Support

What Is Simple Network Management Protocol (SNMP)?

SNMP is a standard network management protocol that is widely used on TCP/IP networks. It can be used in a network management system to monitor any exception on devices connected to the network. SNMP uses a polling mechanism and provides a basic function set, making it applicable to small-scale networks that are sensitive to speed and cost. Moreover, SNMP messages are carried in User Datagram Protocol (UDP) packets, which are supported by most network devices. In addition, SNMP allows management information exchange between any two devices on a network, allowing network administrators to query information and locate faults on any network nodes.

Why Do We Need SNMP?

As networks rapidly grow in scale and applications become more diversified, network administrators face the following problems:
  • The rapid growth in the number of network devices increases the workload for network administrators. In addition, networks' coverage areas are constantly being expanded, making real-time monitoring and fault location of network devices difficult.
  • Networks have many types of devices, and the management interfaces on devices of different vendors conform to different standards. This makes network management more complex.

SNMP is developed to address these problems. It is a standard network management protocol that is widely used on TCP/IP networks. It can be used in a network management system to monitor whether any exception occurs on devices connected to the network. SNMP brings the following benefits:

  • Improved work efficiency: A network administrator can use SNMP to query information, modify information, and locate faults on any device.
  • Reduced management costs: SNMP provides a basic function set to manage devices that have different management tasks, physical features, and network types.
  • Minimized impact of feature configuration operations on devices: SNMP is simple in terms of hardware/software installation, packet type, and packet format.

Key Components of SNMP

An SNMP system consists of four key components: network management station (NMS), agent, managed object, and Management Information Base (MIB). The following figure shows the SNMP management model, which plays an important role in the SNMP architecture.

SNMP management model
SNMP management model

NMS

The NMS is a network manager that uses SNMP to monitor and control network devices. The NMS software runs on NMS servers to implement the following functions:
  • Send requests to agents on managed devices to query or modify variables.
  • Receive traps from agents on managed devices to learn the device status.

Agent

The agent is a process running on a managed device. The agent maintains data on the managed device, responds to requests from the NMS, and reports management data to the NMS.
  • Upon receiving a request from the NMS, the agent performs the required operation on the MIB and sends the operation result to the NMS.
  • If a fault or an event occurs on the managed device, the agent sends a notification containing the current device status to the NMS.

Managed Object

A managed object is an object to be managed on a network device. A managed device may contain multiple managed objects, for example, a hardware component and parameters configured for the hardware or software (such as a routing protocol).

MIB

A MIB contains the variables that the managed device maintains and can be queried or set by the agent. The MIB defines the attributes of the managed device, including the name, status, access rights, and data type. An agent can use the MIB to:
  • Learn the current device status.
  • Set the device status.

An SNMP MIB uses a tree structure with an unnamed root at the top. The following figure shows a part of the MIB, called an object naming tree. Each object identifier (OID) identifies a managed object. Each node in the tree is represented by integers separated by periods, corresponding to the path from the root through the series of ancestor nodes to the node. For example, a system OID is 1.3.6.1.2.1.1 and an interface OID is 1.3.6.1.2.1.2.

OID tree
OID tree

SNMP Version

SNMP comes in three versions: SNMPv1, SNMPv2c, and SNMPv3.

  • SNMPv1: SNMPv1 is the initial version of SNMP, which provides a method for monitoring and managing computer networks. It provides authentication based on community names, has a low security level, and can return only a few error codes. SNMPv1 is defined in RFC 1155 and RFC 1157.
  • SNMPv2c: Compared with SNMPv1, SNMPv2c has enhancements to standard error codes, data types, and operations including GetBulk and Inform. It is defined in RFC 1901, RFC 1905, and RFC 1906.
  • SNMPv3: Seeing that SNMPv2c was still poor in security, IETF released SNMPv3 that provides User Security Module (USM) authentication and encryption, and View-based Access Control Model (VACM). SNMPv3 is the most secure version so far. It is defined in RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.

SNMP Ports

SNMP ports are SNMP communication endpoints, and SNMP messages are transmitted through UDP. Generally, UDP ports 161 and 162 are used. In some scenarios, Transport Layer Security (TLS) or Datagram Transport Layer Security (DTLS) is used. The following table shows the port usage.

Table 1-1 Introduction to SNMP ports

Process

Protocol

Port

Request receipt by the agent

UDP

161

Manager's communication with the agent

UDP

161

Notification receipt by the manager

UDP

162

Agent's notification generation

-

Any available port

Request receipt

TLS/DTLS

10161

Notification receipt

TLS/DTLS

10162

How Does SNMP Work?

Once SNMP is enabled on the network, the NMS functions as the network management center to manage devices on a network. Each managed device contains an agent process, MIB, and multiple managed objects. The NMS interacts with the agent on a managed device. When receiving a command from the NMS, the agent performs operations on the MIB on the managed device. SNMP sends protocol data units (also called SNMP GET requests) to network devices that respond to SNMP. Users can trace all the communication data using network monitoring tools and obtain data through SNMP.

SNMP defines several types of operations for exchanging information between components.

Table 1-2 SNMP operations

Operation

Description

Remarks

Get

Retrieves one or several variables from the MIB of the agent process.

-

GetNext

Retrieves the next variables in alphabetic order from the MIB of the agent process.

-

Set

Sets one or several variables in the MIB of the agent process.

-

Response

Returns one or several variables. The agent performs this operation in response to the GetRequest, GetNextRequest, SetRequest, and GetBulkRequest operations. Upon receiving a Get or Set request from the NMS, the agent queries or modifies the variables in the MIB, and returns variables to the NMS.

-

Trap

Notifies the NMS of a fault or event occurring on a managed device. This operation is performed by the agent.

-

GetBulk

Batch queries variables on managed devices. This operation is performed by the NMS.

SNMPv1 does not support the GetBulk operation.

Inform

Notifies the NMS of a fault or event occurring on a managed device. After a managed device sends an inform request, the NMS must send an InformResponse packet as a response to the managed device.

SNMPv1 does not support the Inform operation.

SNMP Traps

SNMP traps are notification messages sent by an SNMP agent to inform the NMS of alarms or events generated on a device. In this way, the network administrator can learn the running status of the device in a timely manner.

There are two types of SNMP traps: trap and inform. The difference between trap and inform is that, after an SNMP agent sends an alarm or event to the NMS through an InformRequest message, the NMS needs to reply with an InformResponse message.

Implementation of the Trap Operation

Trap is a spontaneous activity of a managed device and is not a basic operation that the NMS performs on the managed device. If a trap triggering condition is met on a managed device, the SNMP agent sends a trap to notify the NMS of the exception. In this way, the network administrator can process the exception in a timely manner. For example, when a managed device completes a warm start, the SNMP agent sends a warmStart trap to the NMS.

The agent sends a trap to the NMS only when a module on the managed device meets the trap triggering condition. This reduces management information exchanged between the NMS and managed devices.

Implementation of the Inform Operation

Inform is also a spontaneous activity of a managed device. In contrast to the trap operation, the inform operation requires an acknowledgement. After a managed device sends an InformRequest message to the NMS, the NMS returns an InformResponse message. If the managed device does not receive an acknowledgement, it performs the following operations:

  1. Saves the alarm or event in the inform buffer.
  2. Repeatedly sends the InformRequest message until the NMS returns an acknowledgement or the maximum number of transmission times is reached.
  3. Records a corresponding alarm or event log on the managed device.

Application Scenarios for SNMP

The NMS can manage devices through SNMP. In the following figure, the network administrator needs to configure and manage all devices. However, these devices are sparsely-located around the site, making it impossible for the network administrator to configure and manage them all. To make matters worse, these devices are from different vendors and provide different management interfaces, making network management complex. To reduce operation costs and improve work efficiency, the network administrator can use SNMP to remotely configure and manage network devices, and monitor them in real time.
Diagram for device management through SNMP

To configure SNMP on the network, configure the SNMP NMS on the management device and the SNMP agent on each managed device.

SNMP allows:

  • The NMS to obtain device information from the SNMP agent on a managed device at any time, so as to remotely manage and monitor the device.
  • Each agent to report the device status to the NMS in real time.

Diagram for device management through SNMP
About This Topic
  • Author: Li Jiaojiao
  • Updated on: 2021-09-02
  • Views: 130
  • Average rating: