Simple Network Management Protocol
¤ SNMP is "Internet-standard protocol for managing devices on IP
¤ Devices that support SNMP include routers, switches, Servers,
workstations, printers, modem racks, and more.
¤ SNMP is used to monitor network-attached devices.
¤ SNMP is a component of the Internet Protocol Suite as defined by
the Internet Engineering Task Force (IETF).
SNMP & Network Management History
1983 - TCP/IP replaces ARPANET at U.S. Dept. Of Defense,
effective Birth of internet.
First model for net management – HEMS – High Level Entity
Management system ( RFCs 1021,1022,1024,1076)
1987 – CMIP - Common Management information protocol , and
CMOT ( CMIP over TCP) for the actual network protocol for use on
Nov 1987- SGMP – Simple Gateway Monitoring protocol ( RFC 1028)
Aug 1989 – Internet Standard Network Management Frame work (
RFCs 1065, 1066, 1067)
SNMP & Network Management History
Apr 1989 – SNMP promoted to recommended status as the de fecto
TCP/IP network management frame work ( RFC 1098 )
June 1989 – IAB committee decides to let SNMP and CMOT develop
May 1990 – IAB promotes SNMP to a standard protocol with a
recommended status ( RFC 1157 )
Mar 1991 – Format of MIBs and traps defined ( RFCs 1212, 1215)
TCP/IP MIB definition revised to create SNMP V1 ( RFC 1213 )
Components of network management on the Internet
Protocol: “Manager-Agent” interaction
BER: Basic Encoding Rules
MIB: Management Information Base
(Database on managed devices)
SMI: Structure of Management Information
(Rules of describing management information
SMI : Structure of Management
SMI defines the general rules for naming objects, defining object
types and showing how to encode objects and values.
SMI does not define the number of objects an entity should manage
or name the objects to be managed
define the association between the objects and their values.
SMI Data Types (Examples)
INTEGER -- signed 32-bit integer
OBJECT IDENTIFIER (OID)
NULL -- not actually data type, but data value
IpAddress -- OCTET STRING of size 4, in network byte order (B.E.)
Counter -- unsigned 32-bit integer (rolls over)
Gauge -- unsigned 32-bit integer (will top out and stay there)
TimeTicks -- unsigned 32-bit integer (rolls over after 497 days)
Opaque -- used to create new data types not in SNMPv1
• DateAndTime, DisplayString, MacAddress, PhysAddress, TimeInterval, TimeStamp, TruthValue,
VariablePointer -- textual conventions used as types
MIB : Management Information Base
MIB creates a collection of named objects, their types, and their
relationships to each other in an entity to be managed.
MIB is the definition of “objects” that should be provided on each
managed node by the SNMP “agent”.
An “object” is a quantity or a field that describes one functional
aspect of a device.
MIB objects are arranged in “groups”
Some groups relate to “layer” of the protocol stack.
Other groups relate to the system as a “whole”
BER – Basic Encoding Rules
The relationship between ASN.1 and BER
parallels that of source code and machine code.
CCITT X.209 specifies the Basic Encoding Rules
All SNMP messages are converted / serialized from ASN.1 notation
into smaller, binary data (BER)
Features of SNMP
¤ Its design is simple , making it easier to implement on network of
¤ Its simple design makes it easy for a user to program variables
they would like to have monitored.
¤ It is popular and extensible.
A device manufacturer can easily add new registers for
Key Components of SNMP
¤ An SNMP-managed network consists of three key
Agent — software which runs on managed devices
Network management system (NMS) — software which
runs on the manager
¤ A managed device is a network node that implements an
¤ It allows unidirectional (read-only) or bidirectional access
to node-specific information.
¤ Managed devices exchange node-specific information
with the NMSs.
¤ The managed devices can be routers, servers, switches,
bridges, hubs, IP telephones, IP video cameras ,printers
¤ An agent is a network-management software module that resides on
a managed device.
¤ An agent has local knowledge of management information.
Network Management System
A network management system (NMS) executes applications that
monitor and control managed devices.
NMSs provide the bulk of the processing And memory resources
required for network management.
One or more NMSs may exist on any managed network
NETWORK MANAGEMENT SYSTEM
We can say that the functions performed by a network
management system can be divided into five broad
Basic Task of NMS
Keeping track of device settings and how they function
Dealing with problems and emergencies in networks
( Router stops routing , Server loses power etc)
How smoothly is the network running?
Can it handle the work load it currently has?
¤ Proxy Agents extend the capabilities of SNMP by allowing it:
Manage a device that cannot support an SNMP agent
Manage a device that supports a non-SNMP management agent
Allow a non-SNMP management system to access an SNMP agent
Provide firewall-type security to other SNMP agents
Translate between different formats of SNMP messages
Consolidate multiple managed nodes into a single network address
Sent by manager requesting specific data from agent
Sent by manager requesting data on the next MO to the one specified
Initializes or changes the value of network element
Agent responds with data for get and set requests from the manager
Alarm generated by an agent
SNMP operates in the Application Layer of the OSI model.
The SNMP agent receives requests on UDP port 161.
The manager may send requests from any available source port to port
161 in the agent.
The agent response will be sent back to the source port on the manager.
The manager receives Traps and InformRequests on port 162.
The agent may generate notifications from any available port.
When used with Transport Layer Security or Datagram Transport Layer
Security requests are received on port 10161 and traps are sent to port
¤ Two major versions SNMPV1, SNMPV2
¤SNMPV1 is the recommended standard
¤SNMPV2 has become split into:
SNMPV2U – SNMP with user based security
SNMPV2* - SNMP with user based security and additional features
SNMPV2C – SNMPV2 Without security
SNMPv1 specifies five core protocol data units (PDUs). Two other
PDUs, GetBulkRequest and InformRequest were added in SNMPv2 and
carried over to SNMPv3.
All SNMP PDUs are constructed as follows:
Version 1 :
SNMP version 1 is the initial implementation of the SNMP protocol.
SNMPv1 operates over protocols such as User Datagram Protocol (UDP), Internet
SNMPv1 is widely used and is the de facto network-management protocol in the Internet
The first RFCs for SNMP, now known as SNMPv1, appeared in 1988:
Version 1 has been criticized for its poor security.
Authentication of clients is performed only by a "community string", in effect a type of
password, which is transmitted in clear text.
'80s design of SNMP V1 was done by a group of collaborators who viewed the officially
sponsored OSI/IETF/NSF (National Science Foundation) effort (HEMS/CMIS/CMIP) as
both implementable in the computing platforms of the time as well as potentially
SNMPv2 (RFC 1441–RFC 1452), revises version 1
Improvements in the areas of performance, security, confidentiality,
and manager-to-manager communications.
It introduced Get Bulk Request, an alternative of Get Nex Requests for
retrieving large amounts of management data in a single request.
The new party-based security system in SNMPv2, viewed by many as
overly complex, was not widely accepted.
Version 3 :
Although SNMPv3 makes no changes to the protocol aside from the addition of cryptographic
it looks much different due to new textual conventions, concepts, and terminology.
SNMPv3 primarily added security and remote configuration enhancements to SNMP.
Security has been the biggest weakness of SNMP since the beginning.
Authentication in SNMP Versions 1 and 2 amounts to nothing more than a password (community
string) sent in clear text between a manager and agent.
Each SNMPv3 message contains security parameters which are encoded as an octet string.
The meaning of these security parameters depends on the security model being used.
In practice, SNMP implementations often support multiple versions: typically SNMPv1, SNMPv2c,
Disadvantages of SNMP
Reducing network bandwidth
some large security gaps
largest security problems
privacy of data
so simple that the information it deals with is neither detailed nor
well-organized enough to deal with the expanding networks
SNMP Architecture and model
SNMP & The OSI Model
7 Application Layer Management and Agent APIs
6 Presentation Layer
ASN.1 and BER
RPC and NetBIOS
4 Transport Layer
TCP and UDP
IP and IPX
2 Data Link Layer
Ethernet, Token Ring, FDDI
Ports & UDP
¤ SNMP uses User Datagram protocol (UDP) as the transport
mechanism for SNMP message
¤ Like FTP, SNMP uses two well-known ports to operate
UDP Port 161 – SNMP Message
UDP Port 162– SNMP Trap Message
Languages of SNMP
¤ Structure of Management Information ( SMI)
Specifies the format used for defining managed objects that are accessed via the SNMP
¤ Abstract Syntax Notation ( ASN .1)
Used to define the format of SNMP message and managed objects( MIB modules
¤ Basic Encoding Rules ( BER )
Used to encode the SNMP message into format suitable for transmission across a network