SNMP

PreviousData Sources NextNetFlow

Last updated 1 year ago

SNMP

Used for acquiring the status and usage of nodes, links, and services over time.

Requires periodic pulling to obtain information over time.

Used for obtaining:

Network elements and interconnections:
The network deployed services.

Used for estimating, characterizing, and predicting:

Data flow performance.
- Packet losses and (by indirect inference) delay/jitter at nodes.
- Allows to obtain information about current and future service performance.
Nodes performance.
- Memory/CPU usage, number of processes, etc...
- Allows to detect points of failure, service degradation nodes, and unstable nodes.
Network link usage.
- Ingress/egress bytes and packet counts.
- Allows to perform optimizations in terms of routing (load balancing), link upgrade, and introduction of redundancy.
Data/flow routing.
- At Layer 2, Layer 3, and MPLS levels.
- Allows to understand how data flows and how may react to disruptive events.

Basic Components

An SNMP-managed network consists of three key components:

Managed devices

A network node that contains an SNMP agent.
Collect and store management information and make this information available using SNMP.
Can be routers and access servers, switches and bridges, hubs, computer hosts, or printers.

Agents

A network-management software module that resides in a managed device.

Network-management systems (NMSs)

Executes applications that monitor and control managed devices.
Provide the bulk of the processing and memory resources required for network management.
One or more NMSs must exist on any managed network.

Versions

Operations

In SNMPv3 get operations are performed using authentication and encryption.

SNMP provides the following five basic operations:

Get operation

Request sent by the NMS to the agent to retrieve one or more values from the agent.

GetNext operation

Request sent by the NMS to retrieve the value of the next OID in the tree.

Set operation

Request sent by the NMS to the agent to set one or more values of the agent.

Response operation

Response sent by the agent to the NMS.

Trap operation

Unsolicited response sent by the agent to notify the NMS of the events that occurred.

MIB Modules and Object Identifiers

An SNMP MIB module is a specification of management information on a device.

The SMI represents the MIB database structure in a tree form with conceptual tables, where each managed resource is represented by an object.

Object Identifiers (OIDs) uniquely identify or name MIB variables in the tree.

An ordered sequence of non-negative integers written left to right, containing at least two elements.
For easier human interaction, string-valued names also identify the OIDs.
- MIB-II (object ID 1.3.6.1.2.1).
- Cisco private MIB (object ID 1.3.6.1.4.1.9).

The MIB tree is extensible with new standard MIB modules or by experimental and private branches.

Vendors can define their own private branches to include instances of their own products.

Names (numbers/OID)

To nominate all possible objects (protocols, data, etc.) it is used an ISO Object Identifier (OID) tree:

Hierarchic nomenclature of objects.
Each leaf of the tree has a name and number.

MIBs

Management Information Base (MIB): set of managed objects, used to define information from equipment, and created by the manufacturer.

Example: UDP module.

Relevant MIBs

Interface characteristics, configurations, status, and stats:

IF-MIB and IP-MIB.
Cisco extra information: CISCO-QUEUE-MIB, CISCO-IF-EXTENSION-MIB.

Nodes management information (description, general information, CPU/memory status, etc...):

SNMPv2-SMI and ENTITY-MIB.
Vendor specific: CISCO-SMI, JUNIPER-SMI, etc...
Cisco extra: CISCO-PROCESS-MIB, CISCO-FLASH-MIB, CISCO-ENVMON-MIB, CISCO-IMAGE-MIB, etc...

Node routing and traffic engineering: