What is Simple Network Management Protocol (SNMP)?
An Internet-standard application layer (layer 7) protocol for exchanging device management information between network devices on a TCP/IP network. Simple Network Management Protocol (SNMP) is most often used for collecting statistical and configuration information about network devices such as computers, hubs, switches, routers, and even network printers. The statistical information includes the number of packets or frames sent or received per second, the number of errors per second, and so on.
The configuration information includes the IP address of an interface on the device, the version of the operating system running on the device, and so on. Management systems are used to monitor network health, trap errors, perform diagnostics, and generate reports. SNMP is the most popular network management protocol in use.
How SNMP Works
A network configured to use SNMP version 1 essentially consists of two components that work together:
- SNMP agents, which are programs that run on the network devices to be managed (called managed devices) and that collect TCP/IP-related configuration information and statistics about the operation of the device. Agents do not require heavy CPU usage to run. The types of information that an agent can collect are defined in a local database called a Management Information Base (MIB). MIB databases are hierarchical and contain managed objects that have uniquely assigned identifiers issued by the International Organization for Standardization (ISO). SNMP variables are specific instances of managed objects in MIBs. Agents running on managed devices monitor specific sets of SNMP variables and temporarily store this information until the agent is polled by a management system, whereupon the agent reports the values of the stored information to the management system. Most network devices have built-in SNMP agent software and associated MIBs.
- SNMP Management Systems software (also called Network Management System, or NMS, software), which runs on an administrator workstation and can display data gathered from managed devices in a user-friendly form through a graphical user interface (GUI). SNMP Management Systems software can notify the administrator when certain conditions (such as errors) occur. Most SNMP management systems can also automatically determine the topology and components of a network with SNMP-enabled computers, routers, hubs, and switches and can display network topology, traffic, and conditions in graphical format. SNMP management systems regularly poll managed devices using SNMP messages for statistical and configuration information and then store this information in a central database, which can be used to present the information in a friendly way to users.
SNMP messages contain a header and a payload called the Protocol Data Unit (PDU). The header contains information about the community being referenced. A community is a subset of agents that will be monitored using a specific management system and institutes a primitive level of security. A community name is used for purposes of authentication, and SNMP communication is performed using User Datagram Protocol (UDP) port number 161.
SNMP messages come in four types, three of which are issued by management stations and one of which is executed by agents:
Get message: Issued by the management system to an agent on a managed device to read the value of a specific variable on the device.
Getnext message: Issued by the management system to determine which SNMP variables are supported by an agent running on a managed device and to traverse a series of variables to read their values sequentially.
Set message: Issued by the management system to an agent on a managed device to write a value for a specific variable on the device.
Trap message: Issued by an agent running on a managed device when an error or alert condition occurs. The trap message is sent to the management system to alert administrators of the situation.
The management station regularly sends get, getnext, and set messages to the SNMP agent on the managed device, in effect periodically polling the agent for the status of the device. The agent verifies the community name in the message, verifies the IP address or host name of the SNMP management system, processes the request, and sends the results to the management system.
Graphic S-13.. Simple Network Management Protocol (SNMP).
SNMP version 2 adds additional security features, can be applied to network architectures other than TCP/IP, and supports additional data types. It is only partially backward compatible with SNMP 1. SNMP 2 also defines two additional types of messages:
Getbulk message: Similar to getnext but allows the retrieval of greater amounts of information in one data block
Inform message: Allows management systems to send information to other management systems using a trap-like message
Microsoft’s implementation of TCP/IP on Microsoft Windows NT and Windows 2000 includes agents and MIBs for collecting information on TCP/IP conditions and statistics.