Overview of SNMP and Network Management

The Simple Network Management Protocol (SNMP) is an Internet standard. SNMP provides a common way to query, monitor, and manage devices connected to IP networks. The protocol is defined in RFC 2571. For more information, see http://www.ietf.org/rfc/rfc2571.txt. Many details of SNMP are further defined in other RFCs.

SNMP is widely used in enterprise networks to effectively manage systems, network devices, and networks. One of the benefits of SNMP is how quickly solutions can be created to support the increasing numbers of networking components and applications. Within SNMP networks, systems, components, and applications are described as entities. The number of entities that need to be managed is growing rapidly.

SNMP uses a manager and agent architecture. The SNMP manager is a program, also known as a network management station (NMS), that runs on a host on the network. The manager sends requests to one or more SNMP agents running on devices connected to the network. An agent, or daemon, is a program that listens for SNMP requests from the manager.

Agent hierarchy consists of a master agent and subagents. The master agent receives the SNMP-based management requests from the managers. The master agent sends responses to these management requests. Responses are sent after retrieving the appropriate values from respective subagents.

Subagents provide management of different components. Management is based on a Management Information Base (MIB) specifically designed for components or applications. A MIB is a specification containing definitions of management information. Through the use of a MIB: networks and networked systems can be remotely monitored, remotely configured, and remotely controlled.

An agent receives a request and looks up information in the MIB and returns information to the manager. Each object in the MIB represents a piece of data about the managed device, and each object is assigned a unique identifier in the MIB. The manager and agent must have access to the same MIB to be able to communicate about the managed device. The manager uses the MIB to specify identifiers for the information that the agent is to act upon. The agent uses the MIB to look up the identifiers that were passed in the SNMP request from the manager. The agent gets or sets values for the requested data. The MIBs supported by the System Management Agent are listed in Supported MIBs.

SNMP Versions

The System Management Agent supports three SNMP protocols. Along with their associated RFCs, these protocols are:

SNMP v1

SNMP v1 is defined in RFC 1155 and 1157 at http://www.ietf.org/rfc/rfc1155.txt and http://www.ietf.org/rfc/rfc1157.txt

SNMP v2c

SNMP v2c is defined in RFC 1901 at http://www.ietf.org/rfc/rfc1901.txt

SNMP v3

SNMP v3 is defined in RFC 2570 at http://www.ietf.org/rfc/rfc2570.txt

These versions of SNMP supported by the System Management Agent can co-exist following the guidelines laid down in RFC 3584 at http://www.ietf.org/rfc/rfc3584.txt.

Some security models and other instances described in this manual do not support all versions of SNMP. Restrictions regarding which version of SNMP you can use are indicated in this book and in the relevant man pages. Restrictions are due in part to the enhanced packet structure of SNMPv3. The SNMPv3 packet structure is shown in Figure 1–1.

Figure 1–1 SNMPv3 Packet Structure

The packets outlined in Figure 1–1 are:

msgVersion

The SNMP version of the packet. Possible values are 1, 2, or, in the case of SNMPv3, 3.

msgID

Used to coordinate request and response messages between the manager and the agent. The msgID in a response must be the same as the msgID in a request.

msgMaxSize

Conveys the maximum size of a message that the sender can accept from another SNMP engine.

msgFlags

A single octet to indicate how the message is to be processed. For more information, see Where VACM Security Information Is Contained.

msgSecurityModel

Specifies the security model used to generate the message. For more information, see Where VACM Security Information Is Contained.

msgSecurityParameters

An octet string containing data about the security model. For more information, see Where VACM Security Information Is Contained.

scopedPDU

Contains the normal Protocol Data Unit (PDU) and information for identifying the administratively unique context for processing the PDU. For more information, see Where VACM Security Information Is Contained.