Tuesday, March 29, 2011

SNMP - Simple Network Management Protocol

SNMP (Simple Network Management Protocol) is the protocol , that can be used for monitoring and managing hosts in network. Network may be LAN or WAN whatever. Hosts may be routers, switches, servers, workstations, printers, modem and more. Every hosts under network will be monitoring and managing by SNMP. SNMP have 3 main parts. Those are
  • Managed device
  • Agent - Software which runs on managed devices
  • Network management system (NMS) — Software which runs on the manager
Managed Device :
   The managed device is normally a host in network(or network elements). As above it may be router,switch, client computer, server etc. It implements an SNMP interface that allows unidirectional (read-only) or bidirectional (read and write) access to node-specific information. Managed devices exchange node-specific information with the NMSs.

   Agent is a software running in Managed device. This software act as an agent. That means, software will get the information about managed device and send it to NMS. The information is related with software, hardware installed in managed device, network traffic and related information. We can tell that information as log. Depend upon the agent, our work maybe monitoring or managing. If we have read access to the managed device via agent, we can do the monitoring alone. If we have write access to the managed device we can do the managing operation.

NMS (Network Management System) is combination of manager system ( mostly server) and software of managing. ( It's not like agent). It executes applications that monitor and control managed devices. NMSs require bulk amount of the processing and memory resources. One or more NMSs may exist on any managed network.

Management Information base (MIB)
MIB is a virtual database used for managing the entities in a communications network. Most often associated with the Simple Network Management Protocol (SNMP), the term is also used more generically in contexts such as in OSI/ISO Network management model. While intended to refer to the complete collection of management information available on an entity, it is often used to refer to a particular subset, more correctly referred to as MIB-module. MIBs use the notation defined by ASN.1

Note: Abstract Syntax Notation One (ASN.1) is a standard and flexible notation that describes data structures for representing, encoding, transmitting, and decoding data. It provides a set of formal rules for describing the structure of objects that are independent of machine-specific encoding techniques and is a precise, formal notation that removes ambiguities.

Protocol details
SNMP operates in the Application Layer of the Internet Protocol Suite (Layer 7 of the OSI model). The SNMP agent receives requests on UDP port 161. The manager may send requests from any available source port to port 161 in the agent. The agent response will be sent back to the source port on the manager. The manager receives notifications (Traps and InformRequests) on port 162. The agent may generate notifications from any available port.

SNMPv1 specifies five core protocol data units (PDUs). Two other PDUs, GetBulkRequest and InformRequest were added in SNMPv2 and carried over to SNMPv3.All SNMP PDUs are constructed as follows:
IP headerUDP headerversioncommunityPDU-typerequest-iderror-statuserror-indexvariable bindings

The seven SNMP protocol data units (PDUs) are as follows:

A manager-to-agent request to retrieve the value of a variable or list of variables. Desired variables are specified in variable bindings (values are not used). Retrieval of the specified variable values is to be done as an atomic operation by the agent. A Response with current values is returned.

A manager-to-agent request to change the value of a variable or list of variables. Variable bindings are specified in the body of the request. Changes to all specified variables are to be made as an atomic operation by the agent. A Response with (current) new values for the variables is returned.

A manager-to-agent request to discover available variables and their values. Returns a Response with variable binding for the lexicographically next variable in the MIB. The entire MIB of an agent can be walked by iterative application of GetNextRequest starting at OID 0. Rows of a table can be read by specifying column OIDs in the variable bindings of the request.

Optimized version of GetNextRequest. A manager-to-agent request for multiple iterations of GetNextRequest. Returns a Response with multiple variable bindings walked from the variable binding or bindings in the request. PDU specific non-repeaters and max-repetitions fields are used to control response behavior. GetBulkRequest was introduced in SNMPv2.

Returns variable bindings and acknowledgement from agent to manager for GetRequest, SetRequest, GetNextRequest, GetBulkRequest and InformRequest. Error reporting is provided by error-status and error-index fields. Although it was used as a response to both gets and sets, this PDU was called GetResponse in SNMPv1.

Asynchronous notification from agent to manager. Includes current sysUpTime value, an OID identifying the type of trap and optional variable bindings. Destination addressing for traps is determined in an application-specific manner typically through trap configuration variables in the MIB. The format of the trap message was changed in SNMPv2 and the PDU was renamed SNMPv2-Trap.

Acknowledged asynchronous notification from manager to manager. This PDU uses the same format as the SNMPv2 version of Trap. Manager-to-manager notifications were already possible in SNMPv1 (using a Trap), but as SNMP commonly runs over UDP where delivery is not assured and dropped packets are not reported, delivery of a Trap was not guaranteed. InformRequest fixes this by sending back an acknowledgement on receipt. Receiver replies with Response parroting all information in the InformRequest. This PDU was introduced in SNMPv2.

Reference : http://en.wikipedia.org/wiki/Management_information_base