The document discusses the Simple Network Management Protocol (SNMP). SNMP is an application layer protocol used to manage network devices. It allows network administrators to monitor network-attached devices, retrieve performance metrics and configure device parameters. The key components of SNMP include SNMP managers, agents and MIBs (Management Information Bases). SNMP agents run on network devices and collect data from the device. SNMP managers communicate with agents to read/write data in MIBs to configure and monitor devices. The document describes the evolution of SNMP from versions 1 to 3, with newer versions focusing on improved security and management functionality.

1. Simple Network Management
Protocol

2. What is SNMP?
The Simple Network Management Protocol (SNMP) is an
application layer protocol used to manage network resources.
Designed to be Simple-very few commands.
It concerns with Network Management.
It’s a Protocol-defined by IETF.

3. What does SNMP manage?
…all SNMP compatible devices.
servers
workstations
routers
switches
printers
…many more.

4. SNMP Functionality?
 Fault Management.
 Configuration Management.
 Accounting Management.
 Performance Monitoring and Management.
 Security Management.
Local and/or Remote

5. SNMP Components
SNMP Manager.
SNMP Agent.
MIB- Management Information Base.
Network
SNMP
Manager
Process
MIB
Request
Response
Trap
SNMP
Agent
Process
MIB

6. SNMP Manager
Software that runs on some administrative computer and manages
the whole network.
Capable of querying any managed device - via polling.
Capable enforcing management decision in Network.
Normally runs on very few system compared to SNMP agents.

7. SNMP Agent
Small piece of code that runs on every SNMP managed device and
gathers and sends data about that managed resource in response to
a request from the manager.
Collects information from network device, on which it resides and
stores in MIB.
Replies to manager with proper information when asked for.
Can initiate communication with SNMP manager using traps.

8. SNMP Proxy
A Proxy Agent is an SNMP agent
that maintains information of one
or more non-SNMP devices.
Proxy Agent does the conversion
of control messages.
..may run some other NMS.
SNMP Manager
SNMP Agent
SNMP
Community
Proxy Agent
Non-SNMP
Community

9. SNMP Internals
How Management Information will be stored?
SMI: Structure of Management Information
What Management Information data will be stored?
MIBs: Management Information Base
How information would be exchanged on network?
SNMP: Simple Network Management Protocol

10. SMI-Structure of Management Information
Defines the data types allowed in MIB.
Defines naming structure for each managed objects (MO).
Typically each MIB objects has six attributes-
Object Name
Object Identifier
Syntax Field
Access field
RFC-1155
Status Field
Text Descriptor

11. Management Information Base
 MIB is collection of network information.
Contains the real values of managed objects in the agent in the form of
variables, tables of variables.
 Access - through network management protocol.
 MO in MIB - represent characteristics of a managed device.
 Changes is done in agent MIB.
 MIB definition is available in manager.
RFC-1156

12. MIB Object Naming Tree
• Object Identifier – Uniquely identify
an
object
in
Management
Information Base.
1.3.6.1.4.1.9

13. MIB Syntax
sysContact OBJECT-TYPE
-- OBJECT-TYPE is a macro
SYNTAX DisplayString (SIZE (0..255))
ACCESS
read-write
-- or read-write, write-only, not-accessible
STATUS
mandatory -- or optional, deprecated, obsolete
DESCRIPTION
“Chris Francois
cfrancois@acm.org
(360)650-0000”
::= { system 4 }

14. MIB example: UDP module
Object ID…....Name……………………Type…………………Comments……………………………………….
1.3.6.1.2.1.7.1
UDPInDatagrams Counter32
total # datagrams delivered at this time
1.3.6.1.2.1.7.2
UDPNoPorts
Counter32
# underliverable datagrams no app at portl
1.3.6.1.2.1.7.3
UDInErrors
Counter32
# undeliverable datagrams all other reasons
1.3.6.1.2.1.7.4
UDPOutDatagrams Counter32
1.3.6.1.2.1.7.5
udpTable
SEQUENCE
# datagrams sent
one entry for each port in use by app, gives
port #and IP address
8-14

15. SNMP Version1
Introduced in 1988, maintained by IETF.
SNMP protocol facilitates communication between managed
device and SNMP manager.
Five messages was introduced in SNMP v1.
GetRequest
SetRequest
GetNextRequest
Trap
Response
Manager to Agent
Agent to Manager

16. SNMP Messages
 Get-Request
Sent by manager requesting specific data from agent.
 Get-Next-Request
Sent by manager requesting data on the next MO to the one specified.
 Set-Request
Initializes or changes the value of network element.
 Get-Response
Agent responds with data for get and set requests from the manager.
 Trap
Alarm generated by an agent.

17. SNMP v1
Communication is via SNMP Protocol Data Units (PDUs) that are
typically encapsulated in UDP packets.
UDP ports, 161 and 162, are the default ports reserved for SNMP.
The agent listens for requests and replies to them over port 161.
…reports asynchronous traps on port 162, unless it is instructed to
use different ports.

18. SNMP Protocol Data Unit(PDU)

19. 0: GetRequest
1: GetNextRequest
2: SetRequest
3: GetResponse
SNMP Request to
Response association
Indicates one of a
number of errors and
error types.
Set by ‘Response’
operation.
Others set it to ‘0’
Associates error
with object instance.
Set by ‘Response’
operation.
Others set it to ‘0’
General PDU Structure
PDU TYPE
4: Trap
Request ID
Error Status
Error Index
Generic Trap Type:
7 values are defined:
coldStart(0)
warmStart(1)
linkDown(2)
linkUp(3)
authenticationFailure(4)
egpNeighborLoss(5)
enterpriseSpecific(6)
Management Enterprise
under whose registration Agent’s IP Address
(for further
authority trap was
identification)
defined.
Trap PDU Structure
PDU TYPE
Enterprise
Agent Addr
Gen Trap
Spec Trap
Object 1
Value 1
Data Field of SNMPv1
PDU.
 Associates Object
instance with current
Object 2
value.
Value 2
Ignore for Get and
GetNext
Specific Trap Type:
Identifies non-generic
trap when Generic
Trap Type set to
‘enterpriseSpecific(6)’
Time elapsed between
last network
reinitialization and
trap generation
Time
Stamp
Object 1
Value 1
Object 2
Value 2

20. Issues with SNMP v1
Security- Very low standards.
× Passwords transmitted as plain text.
No provision for authenticating message source.
MIBs were not secured with ACL’s.
Limited number of error handling.

21. SNMP v2
Improvement over SNMP v1.
Improved security feature.
…added manager to manager communication.
Four version of SNMP v2SNMP v2p, SNMP v2c, SNMP v2u, SNMPv2*.
SNMP v2 is not backward compatible with SNMP v1.

22. SNMP v2 additional operations
Bulk Data Transfer
GetBulkRequest message was added.
Manager can request multiple values from agent via this message.
…faster retrieval of multiple records.
Manager to Manager communication
InformRequest -information sharing between two SNMP manager.
Improved error handling
SNMPv2 includes expanded error code that distinguishes kind of error
condition.

23. Interfacing SNMP v1
Bilingual Manager
Implements both SNMP v1 and v2
interpreter in manager.
Interpreter module do all MIB and
protocol conversion to and from
SNMP agent.
SNMP PDU contains version number
to identify the frame.
Bilingual Manager
SNMPv1
Interpreter
SNMP v1
Agent
SNMPv2
Interpreter
SNMP v2
Agent
Agent
Profile

24. Interfacing SNMP v1
Proxy Server
Requests to and response from
SNMPv2 agents are processed by the
SNMPv2 manager directly.
A proxy server is implemented as a
front end module to the SNMPv2
manager to allow communication
with SNMPv1 agents.
SNMPv2 Manager
Proxy
Server
SNMPv1
Agent
SNMPv2
Agent

25. SNMP v2 PDU
0: GetRequest
1: GetNextRequest
2: Response
3: Set Request
4. Obsolete
5. GetBulkRequest
6. InformRequest
7. SNMPv2 Trap
PDU TYPE
SNMP Request to
Response association
Request ID
Indicates one of a
number of errors and
error types.
Set by ‘Response’
operation.
Others set it to ‘0’
Error Status
Error Index
SNMPv2 PDU (except bulk)
Associates error
with object instance.
Set by ‘Response’
operation.
Others set it to ‘0’
Object 1
Value 1
Object 2
Value 2
Data Field of SNMPv1
PDU.
 Associates Object
instance with current
value.
Ignore for Get and
GetNext

26. SNMP v2 PDU
PDU TYPE
Request ID
Non-Repeaters
Max
Repetitions
Object 1
Value 1
SNMPv2 GetBulkRequest PDU
Object 2
Value 2
……………
…………...
Object n
Value n

27. Issues with SNMP v2
 Multiple versions of SNMP v2- no consensus.
 Security-not much improvement.
 Incompatibility with earlier version (v1).
Overhead implementing Bilingual Manager or Proxy Server.

28. SNMP v3
 A general framework for all three SNMP versions.
Implements SNMP v1 and v2 specifications along with proposed new
features.
 Improved security feature.
 Secure remote configuration.
Protection against modification of information.

29. SNMP v3 Security
Major security improvement of v3 from earlier versions areMessage Integrity -ensures that data has not been modified or tampered
while in transit.
Authentication-checks if the message is from a authorized source.
Encryption-encrypt the data to prevent others from seeing the content.
Data can be collected securely from SNMP devices without fear of
the data being tampered with or corrupted.

30. SNMP v3 Architecture

31. SNMP v3 Engine
SNMP engine provides services for sending, receiving messages, authenticating
and encrypting messages, and controlling access to managed objects.
Dispatcher- support concurrent multiple SNMP message.
Send and receive SNMP message to and from the network.
Determine SNMP version forward to corresponding message processing
subsystem.
Interface between network and SNMP applications.

32. SNMP v3 Engine
 Message processing Subsystem
Prepares message for sending in network.
Extract information from received message.
 Security Subsystem
Provides security services-authentication, encryption etc.
Contains multiple subsystem.
 Access Control System
Provides authorization services.

33. SNMP v3 Architecture

34. SNMP v3 Applications
Command Generator
 used to generate get-request, get-next-request, get-bulk and set-request messages.
 …also processes response received from the sent commands.
Command Responder
 Processes the get and set request destined for it.
Notification Receiver
 Receives asynchronous messages and processes that.
Notification Originator
 Initiates asynchronous messages or traps.
Proxy Forwarder
 Forwards requests and notification to other SNMP engines, according to context
 No matter what MO information contained in it.

35. Thank you!