SNMP

(Simple Network Management

Protocol)

By Xian

Mihr Gandhi - 005358135

Neehar Athalye - 005314674
Venkatesh Lanke - 005174131
Madhusudhan Sreedhara - 005241900
Supriya Shenai - 005240483
Mohinish Basha Shaikh- 005354300
 AGENDA

Introduction.
SNMP Managed Network Technology.
SNMP Basic Commands.
SNMP Management Information Base (MIB).
SNMP VERSION 1 (SNMPv1).
SNMPv1 Message Formats.
SNMP VERSION 2 (SNMPv2).
SNMPv2 Proxy Agents.
SNMP Security.
Conclusion.
 INTRODUCTION
Defined in RFC 1157. UDP port 161/162
Application layer protocol that is designed to exchange
the network management information between network
devices.
Helps system administrators to monitor network attached
devices, solve network problems and plan for future
growth on network.
3 versions: SNMPv1, SNMPv2, SNMPv3(Standardization
Pending).
Consists of standards for network management, including
Application layer protocol, a database schema and a set of
data objects.
Uses managed systems that exposes management data in
the form of variables.
Managing application can also query these variables.
 SNMP MANAGED NETWORK TECHNOLOGY

Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1022816
SNMP MANAGED NETWORK TECHNOLOGY

Consists of 3 key components Network Management

System (NMS), Agents, Managed Devices.
Managed Devices: A node in a network that contains
SNMP agent. Stores and collects management
information and provide it to NMS. Also called as
network elements. Can be router, switch, server.
Agents: Agent is software module. It resides in
managed device. Contains knowledge about
management information. Translates that knowledge
into SNMP compatible format. Consists of Master agents
and Sub agents.
NMS: Contains applications that monitors and controls
managed devices. Provides memory and processing
resources required for managing network. Their can be
more than 1 NMS in the managed network.
 SNMP BASIC COMMANDS

Four basic commands: read, write, trap,

traversal operations.
Read: Shows variables that are maintained by
managed devices on NMS. (GET, GET-NEXT)
Write: Controls managed devices. Used by NMS
to modify the values of variables stored in
managed devices. (SET)
Trap: Executed by managed devices to
asynchronously report any event to NMS. (TRAP)
Traversal Operation: Used by NMS. Collects
information about variable tables such as
routing tables.
 MIB Tree with hierarchy assigned by different organization

SNMP Management Information Base (MIB)

Reference:
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp10205
70
SNMP Management Information Base
(MIB)

MIB: Hierarchically organizes information. Accessed

using SNMP protocol. Consists of managed objects.
Identified by object identifiers.
Managed Objects: Also called as MIB object. One of the
characteristics of managed device. Comprised of one or
more object instances. One of the variable. Consists of 2
managed objects scalar and tabular. Scalar object
defines the instance of single object. Tabular objects
defines the instances of multiple related objects.
Object Identifier (Object ID): Provides unique
identification of managed object in MIB hierarchy.
MIB hierarchy has a tree with nameless root. Levels are
assigned by different organizations.
The managed object at the input can either be identified
by object name or by equivalent object descriptor.
 SNMP VERSION 1
Operates over UDP, IP, CLNS, DDP and IPX.
Widely used in industry.
SMNPv1 and Structure of Management Information (SMI): Defines rules
describing managements information using ASN.1. Consists of 3 specific
data type : a) ASN.1 data types
b) SMI-specific data types
c) SNMP MIB tables.
ASN.1 data types: Consists of name, syntax and encoding. Name used
as Object Id. Syntax defines data types of object. SMI uses subset of
ASN.1 syntax definations. Encoding describes how the information
associated with managed object is formatted as series of data items.
SMI-specific data types: Consists of 2 data types: Simple Data Types,
Application-wide Data Types.
Simple Data Types: Signed integer ranging from . Sequences from 0 to
65,535 octets.
Application-wide Data Types: Consists of network addresses, counters,
gauges, time ticks, opaques, integers and unsigned integers.
SNMP MIB Tables: Defines highly structured tables that are groups
instances of tabular objects. SNMP can retrieve or alter entire row in the
table.
Protocol Operation: NMS issues a request and managed devices return
responses. Get operation is issued by NMS to retrieve the value of one or
more object instances. GetNext retrieves the value of next object
instance. Set is used to modify the value of object instance.

SNMPv1 MESSAGE FORMATS
Consists of Message header and PDU.
Message Header: Contains 2 fields
Version Number and Community Name.
Version Number: Specifies SNMP
version.
Community Name: Provides access
environment for group of NMS. NMS in
the community are said to be in the
same administrative domain.
PDU: Contains specific command and
the operand that are involved in the
transactions. PDU fields are variable in
length.
SNMPv1 Get, GetNext, Response and Set PDUs contains same fields
Reference: ttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
SNMPv1 MESSAGE FORMATS
PDU Types: Specifies the type of PDU
transmitted.
Request ID: Associates SNMP request and
responses.
Error Status: Indicates number of errors
and error types. Set by response operation.
Error Index: Associates error with a
particular object instances. Set by
response operation.
Variable Bindings: Acts as a data field for
SNMPv2 PDU. Associates object instance
with its current value.
 SNMPv1 MESSAGE
FORMATS
TRAP PDU FORMAT

Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
 SNMPv1 MESSAGE
FORMATS
TRAP PDU FORMAT
Enterprise: Identifies the type of object
generating trap.
Agent Address: Provides the address of
managed object generating trap.
Generic Trap Types: Indicates one of a number
of generic trap types.
Specific trap codes: Indicates one of number of
specific trap codes.
Time Stamp: Provides a amount of time that
has elapsed between the last network
reinitialization and generation of the trap.
Variable Bindings: Acts as a data field in
SNMPv2PDU. Each variable binding associates a
particular object instance with its current value.
 SNMP VESION 2
Evolution of version 1.
Provides additional protocol operation over SNMPv1.
SNMPv2 and Structure Management information: Bit
strings are defined only in SNMPv2 and comprise of
zero or more named bits that specify a value.
Supports all types of address as compared to SMNPv1
which offers support only for 32-bit IP address.SNMPv2
supports 32 bit and 64 bit counters as well.
SMI Information Modules: Specifies a group of related
definitions. 3 types SMI information modules like MIB
modules, compliance statements and capability
statements. MIB modules contains definitions of
interrelated managed objects. Compliance statements
provide a systematic way to describe a group of
managed objects that must be implemented for
conformance to a standard. Capability statements are
used to indicate the precise level of support that an
agent claims with respect to a MIB group.
 SNMP VESION 2
SNMPv2 protocol Operation: SNMPv2 offers 2
new protocol operations like GetBulk and Inform.
Also includes protocol operations of SNMPv1.
Inform : Allows one NMS to send the TRAP to
other NMS.
GetBulk PDU Format: Efficiently retrieves large
blocks of data such as multiple rows in the table.
GetBulk PDU format shown below.

Reference:http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.ht
 SNMP VESION 2
GetBulk Format
PDU Type: identifies PDU as a GetBulk operation.
Request ID: Associates SNMP requests and
responses.
Non repeaters: Specifies the number of object
instances in the variable bindings. Used when
some instances are scalar objects.
Max repetitions: maximum number of times that
other variables beyond those specified by the
Non repeaters field should be retrieved.
Variable Bindings: Acts as a data field in
SNMPv2PDUEach variable binding associates a
particular object instance with its current value
 SNMPv2 PROXY AGENTS
SNMPv2 can act as a proxy agent for SNMPv1 managed
devices.
SNMPv2 issues commands that are intended for an
SNMPv1 agent.
NMS then sends messages to the SNMPv2 proxy agents.
Proxy agent then forwards Get, GetNext, and Set
messages to the SNMPv1 agent unchanged.
Proxy agent converts the GetBulk messages to the
GetNext messages and then forward it to SNMPv1
agent.
Proxy agent maps SNMPv1 trap messages to the
SNMPv2 trap messages.
 SNMP SECURITY
Lacks authentication. Vulnerable to the variety of
security threats.
Vulnerable to masquerading, modification of
information, time modifications, message
sequencing and disclosures.
Message sequence and timing modifications
occurs when an entity who is unauthorized
reorders, delays, or copies and later replays a
message generated by an authorized entity.
As SNMP does not implement any authentication
Set operations are not implemented by many
vendors.
 CONCLUSION
SNMP is an attractive solution for
network management because it is
a standard protocol and ubiquitous.
Its simple and well known.
Firewalls can be easily configured
to pass the SNMP traffic through it.
It goes on UDP so it has lightweight
network resource consumption.
 REFERNCES

http://en.wikipedia.org/wiki/SNMP
http://www.cisco.com/warp/public/535/3.html
http://faqs.org/rfcs/rfc1157.html
http://blogs.sun.com/jmxetc/entry/don_t_fell_i
n_the#Conclusion
http://www.dpstele.com/layers/l2/snmp_l2_tut_
part1.php
 Q &A ?

THANK YOU