What Is Simple Network Management Protocol?

Simple Network Management Protocol (SNMP) is a standard protocol specifically designed to manage network nodes (servers, workstations, routers, switches, HUBS, etc.) in an IP network. It is an application layer protocol.

Chinese name: Simple Network Management Protocol
Foreign name: SNMP

Function: IP network management network node
Network level: Application layer

Introduction to Simple Network Management Protocol

SNMP is a standard protocol specifically designed to manage network nodes (servers, workstations, routers, switches, HUBS, etc.) in an IP network. It is an application layer protocol. SNMP enables network administrators to manage network performance, identify and resolve network problems, and plan for network growth. Receiving random messages (and event reports) via SNMP The network management system is aware of network problems.

The predecessor of SNMP is Simple Gateway Monitoring Protocol (SGMP), which is used to manage communication lines. Later, people made a lot of changes to SGMP, especially adding SMI and MIB that conform to the definition of the Internet. The improved protocol is the famous SNMP. The TCP / IP-based SNMP network management framework is the current industry standard and consists of three main parts, namely the Management Information Structure (SMI), the Management Information Base (MIB), and the Management Protocol (SNMP).

SMI defines the organization and identification of the information used by the SNMP framework, and provides templates for defining management objects and using management objects for MIBs.
The MIB defines a collection of management objects that can be accessed through SNMP.
The SNMP protocol is an application layer protocol that defines how a network manager can read and write MIB objects of an agent process.

The MIB in SNMP is a tree-like database. The objects managed by the MIB are end nodes of the tree. Each node has a unique location and unique name. The naming rule is that the name of the parent node is used as the prefix of the name of the child node. ^[1]

Simple network management protocol components

An SNMP-managed network consists of the following three key components:

Network-management systems (NMS)
Managed device
Agent

The network management system runs an application program that monitors and controls the managed devices. Also called managing entity, the network administrator interacts with network devices here. The network management system provides a large amount of computing and memory resources required for network management. A managed network may have more than one network management system.

A managed device is a network node that contains an SNMP agent that exists on the managed network. The managed device collects and stores management information through the management information base (MIB), and enables the network management system to obtain this information through the SNMP agent.

An agent is a network management software module that exists in a managed device. The agent controls the management information of the local machine and transmits this information in a format compatible with SNMP.

Technical advantages of simple network management protocol

SNMP is a communication protocol between the management process (NMS) and the agent process (Agent). It specifies a standardized management framework for monitoring and managing devices in a network environment, a common language for communication, and appropriate security and access control mechanisms. Network administrators can use the SNMP function to query device information, modify device parameter values, monitor device status, automatically discover network faults, and generate reports.

SNMP has the following technical advantages:

Based on the TCP / IP Internet standard protocol, the transport layer protocol generally uses UDP.
Automate network management. Network administrators can use the SNMP platform to retrieve information, modify information, find faults, complete fault diagnosis, perform capacity planning, and generate reports on nodes on the network.
Shield the physical differences of different equipment and realize the automatic management of products from different manufacturers. SNMP only provides the most basic function set, making the management tasks relatively independent of the physical characteristics of the managed devices and the actual network type, thereby enabling management of devices from different vendors.
The simple request-response method is combined with the active notification method, and has a timeout and retransmission mechanism.
There are few types of messages, the message format is simple, it is easy to parse, and it is easy to implement.
The SNMPv3 version provides authentication and encryption security mechanisms, and user and view-based access control functions to enhance security.

Simple Network Management Protocol Architecture

Simple Network Management Protocol Master Agent

A master agent is software that operates on a network component that can run SNMP, and can respond to SNMP requests from management stations. Its role is similar to a server in Client / Server terminology. Master agents rely on subagents to provide management information about specific functions.

If the system currently has multiple manageable subsystems, the master agent passes the requests it receives from one or more subagents. These subagents model objects of interest within a subsystem and the interface that monitors and manages that subsystem. The roles of the master agent and the subagent can be combined, in this case we can simply call the agent.

Simple Network Management Protocol Subagent

A subagent is software that operates on a network component that can run SNMP, and runs information and management functions defined in a specific management information base (MIB, Management Information Base) of a specific subsystem. Some of the capabilities of subagents are:

Collect master agent information

Configure the parameters of the master agent

Respond to managers' requests

Generate a warning or trap

The good separation of protocol and management information structure makes it very simple to use SNMP to monitor and manage hundreds of different subsystems within the same network. The MIB model runs and manages all layers of the OSI reference model and can be extended to applications such as databases, email, and J2EE reference models.

Simple Network Management Protocol Management Station

The manager or management station provides a third component. It works just like a client under a client / server structure. It sends requests for management operations based on the behavior of an administrator or application and also receives TRAPs obtained from agents.

Simple Network Management Protocol

Currently, there are three types of SNMP: SNMPV1, SNMPV2, and SNMPV3. There is not much difference between version 1 and version 2, but SNMPV2 is an enhanced version that includes other protocol operations. Compared to the first two, SNMPV3 includes more security and remote configuration. In order to solve the incompatibility between different SNMP versions, the three coexistence policies are defined in RFC3584.

SNMP also includes a set of extended protocols defined by RMON, RMON2, MTB, MTB2, OCDS, and OCDS.

Simple network management protocol protocol structure

SNMP is an application protocol that is encapsulated in UDP. The general format of SNMP information for various versions is as follows:

Version Community PDU

Version: SNMP version number. The manager and agent must use the same version of SNMP. Information with different version numbers needs to be deleted without further processing.

Community: The community name used to authenticate the manager before accessing the agent.

PDU (Protocol Data Unit): The types and formats of PDUs in SNMPv1, v2, and v3 will be specifically described in the corresponding files.

Development and use of simple network management protocols

Simple Network Management Protocol First Edition

The first RFC series of SNMP appeared in 1988:

RFC 1065: Structure and Identification of Management Information Based on TCP / IP Networks

RFC 1066: Management Information Based on Network Management of TCP / IP Networks

RFC 1067: A Simple Network Management Protocol

These agreements were repealed via:

RFC 1155: Structure and Identification of Management Information Based on TCP / IP Networks

RFC 1156: Management Information Based on Network Management of TCP / IP Networks

RFC 1157: A Simple Network Management Protocol

The SNMP protocol works at the application layer (layer 7) of the OSI model. It (in the first version) specifies four core protocol data units (PDUs):

GET to get a piece of management information

GETNEXT, serial to get management information repeatedly

SET, used to make a change to a managed subsystem

TRAP to report a warning or other asynchronous event about a managed subsystem

Typically, SNMP uses UDP port 161 for the agent and UDP port 162 for the management station.

The first edition was controversial because of its fragile security. The client's authentication is transmitted in clear text. In the 1980s, when the first version of SNMP was designed, the authentication / security of Internet standards was not valued by the major protocol design groups.

Simple Network Management Protocol Second Edition

The second edition of SNMP (RFC 1441RFC 1452) revised the first edition and included improvements in the areas of performance, security, confidentiality, and communication between managers. It introduces GETBULK to replace the repeated GETNEXT to get a large amount of management data in a single request. However, the new security system of SNMP version 2 is considered too complicated to be widely accepted.

SNMP v2c (community-based SNMP version 2) was defined in RFC 1901RFC 1908, and was also informally called SNMP version 1.5 in the beginning. SNMPv2c includes the second version of SNMP in addition to the controversial new SNMP version 2 security model and replaces it with the simple community-based security solution of SNMP version 1.

SNMP v2u (User-based SNMP version 2) is defined in RFC 1909RFC 1910. This is a compromise between the first version of SNMP and the second version of SNMP. It tries to provide better security than the first version of SNMP without encountering the high complexity of SNMP version 2. This resulted in a commercialized variant called SNMP v2 *, and its mechanism was finally adopted by one of the two security frameworks of SNMP version 3.

Simple Network Management Protocol Third Edition

The Internet Engineering Working Group (IETF) has adopted the third edition of SNMP defined in RFC3411-RFC3418 (STD0062) as the standard version in 2004. The IETF designated the previous version as "Obsolete" or "Historical".

In fact, SNMP implementations usually support multiple versions: typical SNMPv1, SNMPv2c, and SNMPv3. See RFC3584 "Coexistence among the First, Second, and Third Editions of the Internet Standard Network Management Framework".

The third version of SNMP provides three important services: authentication, privacy, and access control.

Simple Network Management Protocol Application

In large-scale network management, the problem for network administrators is how to understand the operating status of network devices that are not around in real time. It is obviously not very realistic to check the running status of network equipment one by one. In actual networks, the method of using the SNMP protocol to automatically help administrators collect network operating conditions is most widely used. In this way, the network administrator only needs to sit in his own position to understand the operation of the company's network equipment. With this simple network management protocol (SNMP), network administrators can easily exchange management information between the SNMP Agent and the NMS. The main role of SNMP is to help enterprise network managers more easily understand network performance, find and solve network problems, and plan the future development of the network. ^[2]