SNMPSimple Network Management ProtocolPhilippines Network Operators Group, March 2018Jonathan BrewerTelco2 LimitedNew Zealand

ObjectivesParticipants will understand the basics of:

• SNMP Architecture• SNMP Versions• SMI and MIBs• SNMP Operations• SNMPv3 Terminology• Common SNMP Tools

What is SNMP?The Simple Network Management Protocol is a protocol used to communicate management information between the network management stations and the agents in the network elements.1

Even though SNMP is a protocol, we use the term SNMP to describe the complete architecutre of the management system.

1 Mauro & Schmidt, Essential SNMP

Basics: Network Management StationsAlso known as Managers, Network Management Stations execute management applications which monitor and control network elements.1

1 Mauro & Schmidt, Essential SNMP

Basics: Network ElementsElements are devices such as hosts, gateways, terminal servers, and the like, which have management agents responsible for performing the network management functions requested by the network management stations.1

1 Mauro & Schmidt, Essential SNMP

Basics: AgentsThe agent is a piece of software that runs on the network devices you are managing. It can be a separate program, or it can be incorporated into the operating system.1 Agents listen and respond on UDP port 161.

1 Mauro & Schmidt, Essential SNMP

Basics: SNMP PollA poll, in the context of network management, is the act of querying an agent for some piece of information.1 SNMP Managers use UDP to poll agents.

1 Mauro & Schmidt, Essential SNMP

Basics: SNMP TrapA trap is a way for the agent to tell the NMS that something has hap- pened. Traps are sent asynchronously, not in response to queries from the NMS.1 SNMP traps are sent using UDP port 162

1 Mauro & Schmidt, Essential SNMP

Basics: MIBThe Management Information Base (MIB) is like a database of managed objects that the agent tracks. Any sort of status or statistical information accessed by the NMS is defined in a MIB.

Managed Objects can include Interface Counters, Fan Speeds, System Temperatures, etc.

Basics: OIDObject Identifier, or the name of a management object. OIDs are globally unique.

Basics: Community StringIn SNMP versions 2c and 3, Community Strings are essentially passwords that control how and what Network Management Stations can access from an Agent.

Basics: Protocol Data UnitThe PDU is the message format used by Managers and Agents to send and receive information. There are PDUs for all common SNMP operations.

SNMPv1 / RFC 1157 (1998)• Historic standard but still implemented by many

devices• Communities are password-like strings that control

activities• Interactions can be read only, read-write, or trap• Traps are event-based messages from an Agent

to a Manager• 32 bit counters

SNMPv2c / RFCs 3416, 3417, & 3418• Adds acknowledged inform messages• 64 bit counters available• Most commonly used SNMP

SNMPv3 / RFCs 2576 & 3410-3418, 3826• Adds authentication and encryption

• noAuthNoPriv, authNoPriv, authPriv modes• Available since 2002, AES since 2004• Not yet widely implemented• Please for all new networks!

The Structure of Management Information (SMI)• Specified by RFCs 1155 & 2578• How objects and their behaviours are defined• All information has three attributes

• Name or Object Identifier (OID)• Type & Syntax (defined by Abstract Syntax Notation One)• Encoding

SMI Heirarchy

The Naming of OIDs.1.3.6.1.4.2.1.1.6.0 .iso.org.dod.internet.mgmt.mib-2.system.syslocation

STRING: Manila, Philippines

The "Standard" MIB• MIB-II* (RFC 1213)• .1.3.6.1.4.2.1.1.• All agents implement MIB-II• Defines basic objects incuding

• basic interface statistics• location & contact details

SNMP OperationSNMP v1 can perform several operations, including:• get• getnext• set• getresponse• trap

SNMPv2 & SNMPv3 further support:• getbulk• notification• inform• report

SNMP Get• Get is an operation performed by the Manager• It's a single query to an Agent for one piece of

information• The Agent can respond to or drop the request (if it's

busy)

SNMP GetNext• GetNext is an operation performed by the Manager• It's a sequence of commands to an Agent for

multiple pieces of information• GetNext traverses a MIB subtree in order• GetNext ends when the Agent responds with an

error (end of MIB)• SNMPWalk is a tool that implements GetNext

SNMP Set• Set is an operation performend by the Manager• It's used to change the value of a managed object• Set can update both read and read-write values• Use Set to define a host's name or contact details

SNMP Traps• SNMP Traps are messages initiated by an Agent• Traps are unacknowledged UDP messages• Several Generic Traps are defined

• ColdStart (0), WarmStart (1), linkDown (2), linkUp (3), authenticationFailure (4), egpNeighbourLoss (5), enterpriseSpecific (6)

• Vendors & Users must define any enterpriseSpecific traps

SNMP Notification• An updated version of SNMP traps• Defined in SNMPv2• Harmonises PDU format of traps to that of get / set

SNMP Inform• An acknowledged Notification• Agent is alerted when a Manager has received its

message

SNMPv3• Protocol remains unchanged• Authentication & Encryption are added• Terminology & Architecture changes significantly

SNMPv3 Terminology• Command Generator

• New Term for Manager• Command Responder• New Term for Agent• Notification Originator• An Agent that sends a Trap• Notification Receiver• A Manager Configured to Receive a Trap • Proxy Forwarder• Passes Messages Between Entities

SNMPv3 Basics: UsernameUsername is a text string representing the account responsible for the SNMP entity to be managed

SNMPv3 Basics: Security Level• noAuthNoPriv: No Authentication and No Privacy

(like SNMPv1)• AuthNoPriv: Authentication Without Privacy• AuthPriv: Authentication With Privacy

SNMPv3 Basics: Authentication ProtocolThe protocol used for authentication. SHA1 and MD5 are specified by the RFCs.

Authentication PassphraseA password, with a minimum of eight charachters.

Privacy ProtocolThe protocol used for encryption of SNMP packets. AES and DES are specified by the RFCs.

Privacy PassphraseThe passphrase used with the privacy protocol.

SNMP Applications• Cricket• LibreNMS• MRTG• PRTG

Beyond SNMP2

• SNMP is a heavy-weight protocol with low information density• SNMP was not designed for streaming high resolution data• It's seen as too slow, incomplete, network-specific, & hard to

operationalize

New protocols are being developed to stream telemetry data in real-time.

• Yang data models• XML, JSON, and GBP encoding• Data pushed from Agents, not requested from Managers• UDP, TCP, or gRPC transport available

2 Rada Stanic, Model Driven Telemetry - Foundation for Big Data Analytics

SNMPSimple Network Management ProtocolPhilippines Network Operators Group, March 2018Jonathan BrewerTelco2 LimitedNew Zealand