Simple Network Management Protocol (SNMP)
SNMP is used in Network Management Systems to monitor & manage devices on the network. It is a component of IP suite (was originally defined in OSI model) and uses UDP as transport protocol. It consists of standards including an application layer protocol (which for instance, has commands such as GET, SET, TRAP, INFORM, etc.), a database schema/layout and data objects.
SNMP exposes variables describing various aspects of a managed system/device, stored on that device as a sort of database. This database can then be queried by a managing application (NMS?) for status information, or sometimes even new/updated values could be ’set’ on that device. The variables are stored in form of certain hierarchy. That hierarchy and associated meta-data (type and description of variables) is defined by MIBs (Management Info. Bases).
Let’s look at a few related terminologies:
Agent: is a daemon/service (a server in case of a Linux node, snmpd) that runs on the device/system to be monitored. It talks over SNMP to NMSes when they need information, or when the agent itself has to send traps(this error/warning reporting through traps is quite heavily employed in Cisco devices) to certain (preconfigured) hosts.
NMS: is Network Management System, runs the apps that interact with the agents over SNMP, and provide easy-to-use interface and help in graphs and report generation e.g. IBM Tivoli, OpenNMS.
SNMP has three versions. Version 1 is the most simple one in terms of its features. It’s also the most heavily used one, in usual practice. One has to install net-snmp package on Linux to get this thing going. One can find a set of mib files in “/usr/share/snmp/mibs/” on most Linux systems. The hierarchical database we talked about isn’t a database in strict terms, rather it’s a virtual database. H/W manufacturers do make their mib files public so that different utilities/NMSes could use them e.g. one could import mibs for a Cisco router into xml data queries for use in cacti.
Configuring an snmp agent is quite simple, one just has to add a string such as “rocommunity pass_string” to snmpd.conf and make sure that the server starts on each bootup. “rocommunity” gives read-only access to the clients, and only those clients/agents that specify “pass_string” as their password (well sort of, as snmp doesn’t call it a password). This much of setting is enough for simple info gathering, though more options could be specified and that too with a very handy perl script that comes with the snmp package. It could be invoked with “snmpconf -g basic_setup”.
