6.1 SNMP Overview

Previous page
Table of content
Next page

You may already know that before the Internet became the public, global entity that it is today, it was known as ARPANET. Of course, it was much smaller then, but did you know that they used ping to manage the network? Essentially, network operators found system problems if a ping failed or if the phone rang!

This method, while functional at the time, did not scale well as the ARPANET evolved into the Internet. Thus, another solution was needed. SGMP was the first solution after ping, and it quickly evolved into SNMP. The goal was, and still is, to have a protocol that allows you to monitor and manage a network dynamically. SNMP is a network management tool that enables you to do this. Interestingly enough, some networks still use ping today as a method to manage the network and conduct performance monitoring.

SNMP is the most commonly used protocol in the arena of network management. Originally developed in 1988, SNMP has evolved into a robust protocol dedicated to managing various network devices and is the de facto standard for network management. As networks grow and evolve and their complexity increases , the ability to determine the operational parameters and functionality of the network devices is crucial. SNMP is extensible and easy to implement (i.e., little code is needed), which allows manufacturers to easily implement SNMP in their products. SNMP also allows manufacturers to have an architecture dedicated to network management and, thus, separate from the device's ability to perform the desired network function.

SNMP is an OSI application-layer protocol that provides for the exchange of information between SNMP-enabled network devices. By using, measuring, and evaluating the data, network administrators are able to use SNMP to achieve the following goals:

  • Manage network performance

  • Identify and resolve network problems

  • Plan for network growth

  • Locate network trouble points

  • Determine the configuration of network devices

Thus, through the use of SNMP, you can determine the utilization of a router or circuit, be alerted when network traffic thresholds are reached, or even get paged when a network device becomes unreachable. We will look at some of the ways to accomplish this and the necessary tools.

6.1.1 Evolution of SNMP

SNMP evolved from RFC 1028 SGMP; version 1 is currently documented in RFC 1157. As acceptance of SNMP grew, the Internet Engineering Task Force (IETF) began work on a new version of SNMP. Owing, however, to strong opinions and a failure to compromise, SNMPv2 was never ratified. Two opposing groups emerged, and to date, nothing has ever been formally completed. Recently ”in IETF time ”a new working group was formed to develop SNMPv3. We can only hope they have learned from the past and that the SNMPv3 standards will be ratified. In spite of the formal failure to adopt v2, it is still widely used for a variety of purposes. It is currently implemented in both the Cisco Internetworking Operating System (IOS) and JUNOS, owing to support for larger counters. SNMPv3 is considered superior , in large part due to its enhanced security support.

Table 6-1 lists network-management -based RFCs and shows how SNMP has evolved to meet the needs of today's complex internetworks.

Table 6-1. SNMP RFC Evolution
SNMP Functional Area RFC Status Applicable RFCs
SGMP Historic 1028
SNMPv1 Standard 1067 -> 1098 -> 1157
SNMPv2, SNMPv2p Historic 1441, 1445 -> 1449, 1452 -> 1901, 1905-1906, 1908
SNMPv2u Experimental 1909, 1910
SNMPv2 Proposed draft ( expired ) Not assigned a number
SNMPv2c Experimental 1901
SNMPv3 Draft standard 2261, 2265, 2271, 2275, 2571 -> 2575
MIB-I Standard 1066 -> 1156
MIB-II Proposed standard 2011, 1158 -> 1213, 2012, 2013
Interfaces group Proposed standard 1229 -> 1573 -> 2233
SMIv1 Standard 1065 -> 1155, 1212
SMIv2 Standard 1442 -> 1444, 1902 -> 1904, 2578, 2580
Get-bulk Experimental 1187
RMON Draft standard 1271 -> 1757
RMONv2 Proposed standard 2021
SMON Proposed standard 2613
-> Indicates standards that replace or update earlier RFCs

SNMP is part of an Internet network-management architecture based on the interactions of several separate entities: agents , network-management stations , management information bases, and abstract syntax notation (ASN). ASN is the method in which SNMP is written to create an SNMP MIB. These entities are described in the following sections.

6.1.2 Agents

SNMP achieves the goal of managing network devices by sending messages known as protocol data units (PDUs) to SNMP-enabled devices. These devices have compliant code within them that uses SNMP. When a device becomes SNMP-enabled it is referred to as an agent. An SNMP agent will store data about the device, its configuration, and its operation in a specialized database used by SNMP and known as an MIB. Agents can be placed in almost any device. Figure 6-1 shows some of the devices agents can be in. It will not be long before even our refrigerators are SNMP accessible as the technology we deal with is implemented in more aspects of our everyday life. In Figure 6-1 you can see that the network-management station uses SNMP across the network to access the SNMP agent in a network device to retrieve data. This data could be as simple as who manufactured the device or as complex as the amount of data sent through an interface.

Figure 6-1. SNMP Agents in Network Devices

graphics/06fig01.gif

In this figure the SNMP protocol is rather generic in its representation. In reality, SNMP has a variety of actions that it can perform as a protocol. For example, SNMP can get a specific bit of information or get a bulk of information. Perhaps the most common is where the SNMP agent tells the management station an event has occurred (e.g., link down ) via a special SNMP message known as a trap.

6.1.3 Network-Management Systems

Network management is done from network-management systems (NMSs), which are general-purpose computers running special management software. The specialized management software usually employs a version of SNMP so that the management station can communicate with the SNMP agents throughout the network. You may have heard of the more popular NMSs, such as HP OpenView or Tivoli, but there are many others.

The management stations contain one or more processes that communicate with agents over the network, issuing commands and getting responses. In this design, all the intelligence is in the management station's software to keep the agents as simple as possible and minimize their impact on the devices they are running on. This is a good design and has allowed many manufacturers to put SNMP agents into all kinds of devices, from large routers to simple printers. Many management stations have a graphical user interface to allow the network manager to inspect the status of the network and take action when required.

A managed item is a characteristic in a network device that is being measured. In Figure 6-2 you can see an NMS communicating with the SNMP agent. The managed object has an active SNMP agent, and it can be a switch or a router ”it does not matter. The key thing to note is that the MIB database keeps the information from each of the managed items within the managed items. These managed items could, for example, be interface counters on a router or switch.

Figure 6-2. System and Object Management

graphics/06fig02.gif

6.1.4 MIB

As mentioned earlier, the MIB is a database that holds a variety of information about the SNMP-enabled device. The SNMP agent stores this information in a database that resembles a tree. This structure can be seen in Figure 6-3. Notice in this figure the numbers in parentheses; these numbers provide a map to the information stored by the MIB. When these numbers are placed together in a string, they are known as an object identifier (OID); we will look at an OID in more detail shortly.

Figure 6-3. MIB Tree

graphics/06fig03.gif

In Figure 6-3 you will notice the arrow that highlights the MIB-2 (represents SNMPv2) groupings. Our discussion of networking with routers will primarily be concerned with the groups at this level. Specifically , each group will contain information as follows :

  • The system group provides information regarding the ownership and contacts for the device being queried. These values are only retrievable if they have been configured on the router.

  • The interfaces group will provide SNMP with data on all the interfaces found on a device and how they are operating. Specifically, note that the maximum transmission unit (MTU), speed, discards, description, and more are available for retrieval here.

  • The address table (AT) group provides information about the physical and logical addresses associated with each interface. For example, this is where to look for a MAC address.

  • The IP group deals with IP traffic into and out of the device. Consider for a moment the number of items possible within this group. This group is huge and has data about various transmission counters, packet discards, and IP routing. This is one reason why SNMP needs to be protected and secured. Figure 6-4 shows a screen shot of a portion of the MIB tree, specifically the IP group, which lists all the directly connected routers and what routes they are able to tell you about.

    Figure 6-4. IP Group in the MIB Tree

    graphics/06fig04.gif

  • The ICMP group is about ICMP- related messages and statistics. Basically, it has a counter for each ICMP message and records how many of that type have been seen. For example, it tracks how many times the device was pinged and how many times the device replied to a ping, as well as the number ICMP error messages.

  • The TCP group monitors the current and cumulative number of connections opened, segments sent and received, and various error statistics. You could, for instance, monitor who was telnetted into your device through this group because Telnet is TCP.

  • The UDP group logs the number of UDP datagrams sent and received and how many of the latter were undeliverable due to an unknown port or some other reason.

  • The Exterior Gateway Protocol (EGP) group is used for routers that support EGP. It keeps track of how many packets of what kind went out, came in and were forwarded correctly, or came in and were discarded.

Note

The EGP MIB is deprecated since no one uses EGP anymore.


Additional groups can be added as you add more MIBs. OSPF, for example, has its own RFC that details the OSPF MIBs, and if you load them into your SNMP browser, you can access the OSPF data that SNMP stores on a router. You can retrieve OSPF information, like the whole OSPF link state database (LSDB). In this chapter we used an MIB browser program to access the SNMP data on routers. This browser came from MG-SOFT (www.mg-soft.com) and is a very robust tool that you should evaluate.

6.1.4.1 SNMP OID Example

An OID is a location within an MIB expressed in a string of numbers. These numbers are the map that navigates through the MIB tree to specific data. Take for example the following OID: .1.3.6.1.2.1.2.2.1.3 . This OID will take your query through the MIB tree and identify all the 802.3 Ethernet interfaces on a network device. You can see this by tracing each number to the corresponding tree entry as shown below. It might be useful to reference Figure 6-3 and follow your way down the tree using the OID numbers below to match with the numbers in parentheses:

.1 = ISO

.3 = identified organization

.6 = DOD

.1 = Internet

.2 = mgmt

.1 = MIB-2

.2 = interfaces

.2 = IfTable

.1 = ifEntry

.3 = If Type

The process of retrieving this MIB data is known as walking the MIB in the vernacular of SNMP. This walking is actually using the SNMP get command to get the data from the SNMP device.

6.1.4.2 Juniper Networks “Specific MIBs

Many equipment vendors have developed MIBs for use within SNMP that are specific to their equipment. Juniper Networks has done this as well. Figure 6-5 shows the specific MIBs that Juniper Networks has developed. You can see that there are several options for Juniper Networks routers you can retrieve via SNMP, ranging from chassis alarms to MPLS usage and traffic statistics. You can find the Juniper Networks “specific MIBs online at www.juniper.net/techpubs/mibs.html.

Figure 6-5. Juniper Networks MIB Tree

graphics/06fig05.gif

There are a variety of excellent resources available should you wish to research SNMP further. We would recommend the following online resource: www.snmp.com. For printed material on SNMP, the following two books are also very good:

  • Mauro, Douglas R., and Kevin J. Schmidt. Essential SNMP . O'Reilly & Associates, 2001.

  • Miller, P., and M. Miller. Managing Internetworks with SNMP . 3rd ed. John Wiley & Sons, 1999.


Previous page
Table of content
Next page
Juniper Networks Reference Guide. JUNOS Routing, Configuration, and Architecture
Juniper Networks Reference Guide: JUNOS Routing, Configuration, and Architecture: JUNOS Routing, Configuration, and Architecture
ISBN: 0201775921
EAN: 2147483647
Year: 2002
Pages: 176
Authors: Thomas M. Thomas, Doris Pavlichek, Lawrence H. Dwyer, Rajah Chowbay, Wayne W. Downing, James Sonderegger
BUY ON AMAZON
Java I/O
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
WebLogic: The Definitive Guide
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy