You may already know that before the Internet became the public, global entity that it is today, it was known as ARPANET. Of course, it was much smaller then, but did you know that they used ping to manage the network? Essentially, network operators found system problems if a ping failed or if the phone rang! This method, while functional at the time, did not scale well as the ARPANET evolved into the Internet. Thus, another solution was needed. SGMP was the first solution after ping, and it quickly evolved into SNMP. The goal was, and still is, to have a protocol that allows you to monitor and manage a network dynamically. SNMP is a network management tool that enables you to do this. Interestingly enough, some networks still use ping today as a method to manage the network and conduct performance monitoring. SNMP is the most commonly used protocol in the arena of network management. Originally developed in 1988, SNMP has evolved into a robust protocol dedicated to managing various network devices and is the de facto standard for network management. As networks grow and evolve and their complexity increases , the ability to determine the operational parameters and functionality of the network devices is crucial. SNMP is extensible and easy to implement (i.e., little code is needed), which allows manufacturers to easily implement SNMP in their products. SNMP also allows manufacturers to have an architecture dedicated to network management and, thus, separate from the device's ability to perform the desired network function. SNMP is an OSI application-layer protocol that provides for the exchange of information between SNMP-enabled network devices. By using, measuring, and evaluating the data, network administrators are able to use SNMP to achieve the following goals:
Thus, through the use of SNMP, you can determine the utilization of a router or circuit, be alerted when network traffic thresholds are reached, or even get paged when a network device becomes unreachable. We will look at some of the ways to accomplish this and the necessary tools. 6.1.1 Evolution of SNMPSNMP evolved from RFC 1028 SGMP; version 1 is currently documented in RFC 1157. As acceptance of SNMP grew, the Internet Engineering Task Force (IETF) began work on a new version of SNMP. Owing, however, to strong opinions and a failure to compromise, SNMPv2 was never ratified. Two opposing groups emerged, and to date, nothing has ever been formally completed. Recently ”in IETF time ”a new working group was formed to develop SNMPv3. We can only hope they have learned from the past and that the SNMPv3 standards will be ratified. In spite of the formal failure to adopt v2, it is still widely used for a variety of purposes. It is currently implemented in both the Cisco Internetworking Operating System (IOS) and JUNOS, owing to support for larger counters. SNMPv3 is considered superior , in large part due to its enhanced security support. Table 6-1 lists network-management -based RFCs and shows how SNMP has evolved to meet the needs of today's complex internetworks. Table 6-1. SNMP RFC Evolution
SNMP is part of an Internet network-management architecture based on the interactions of several separate entities: agents , network-management stations , management information bases, and abstract syntax notation (ASN). ASN is the method in which SNMP is written to create an SNMP MIB. These entities are described in the following sections. 6.1.2 AgentsSNMP achieves the goal of managing network devices by sending messages known as protocol data units (PDUs) to SNMP-enabled devices. These devices have compliant code within them that uses SNMP. When a device becomes SNMP-enabled it is referred to as an agent. An SNMP agent will store data about the device, its configuration, and its operation in a specialized database used by SNMP and known as an MIB. Agents can be placed in almost any device. Figure 6-1 shows some of the devices agents can be in. It will not be long before even our refrigerators are SNMP accessible as the technology we deal with is implemented in more aspects of our everyday life. In Figure 6-1 you can see that the network-management station uses SNMP across the network to access the SNMP agent in a network device to retrieve data. This data could be as simple as who manufactured the device or as complex as the amount of data sent through an interface. Figure 6-1. SNMP Agents in Network Devices
In this figure the SNMP protocol is rather generic in its representation. In reality, SNMP has a variety of actions that it can perform as a protocol. For example, SNMP can get a specific bit of information or get a bulk of information. Perhaps the most common is where the SNMP agent tells the management station an event has occurred (e.g., link down ) via a special SNMP message known as a trap. 6.1.3 Network-Management SystemsNetwork management is done from network-management systems (NMSs), which are general-purpose computers running special management software. The specialized management software usually employs a version of SNMP so that the management station can communicate with the SNMP agents throughout the network. You may have heard of the more popular NMSs, such as HP OpenView or Tivoli, but there are many others. The management stations contain one or more processes that communicate with agents over the network, issuing commands and getting responses. In this design, all the intelligence is in the management station's software to keep the agents as simple as possible and minimize their impact on the devices they are running on. This is a good design and has allowed many manufacturers to put SNMP agents into all kinds of devices, from large routers to simple printers. Many management stations have a graphical user interface to allow the network manager to inspect the status of the network and take action when required. A managed item is a characteristic in a network device that is being measured. In Figure 6-2 you can see an NMS communicating with the SNMP agent. The managed object has an active SNMP agent, and it can be a switch or a router ”it does not matter. The key thing to note is that the MIB database keeps the information from each of the managed items within the managed items. These managed items could, for example, be interface counters on a router or switch. Figure 6-2. System and Object Management
6.1.4 MIBAs mentioned earlier, the MIB is a database that holds a variety of information about the SNMP-enabled device. The SNMP agent stores this information in a database that resembles a tree. This structure can be seen in Figure 6-3. Notice in this figure the numbers in parentheses; these numbers provide a map to the information stored by the MIB. When these numbers are placed together in a string, they are known as an object identifier (OID); we will look at an OID in more detail shortly. Figure 6-3. MIB Tree
In Figure 6-3 you will notice the arrow that highlights the MIB-2 (represents SNMPv2) groupings. Our discussion of networking with routers will primarily be concerned with the groups at this level. Specifically , each group will contain information as follows :
Note The EGP MIB is deprecated since no one uses EGP anymore. Additional groups can be added as you add more MIBs. OSPF, for example, has its own RFC that details the OSPF MIBs, and if you load them into your SNMP browser, you can access the OSPF data that SNMP stores on a router. You can retrieve OSPF information, like the whole OSPF link state database (LSDB). In this chapter we used an MIB browser program to access the SNMP data on routers. This browser came from MG-SOFT (www.mg-soft.com) and is a very robust tool that you should evaluate. 6.1.4.1 SNMP OID ExampleAn OID is a location within an MIB expressed in a string of numbers. These numbers are the map that navigates through the MIB tree to specific data. Take for example the following OID: .1.3.6.1.2.1.2.2.1.3 . This OID will take your query through the MIB tree and identify all the 802.3 Ethernet interfaces on a network device. You can see this by tracing each number to the corresponding tree entry as shown below. It might be useful to reference Figure 6-3 and follow your way down the tree using the OID numbers below to match with the numbers in parentheses:
The process of retrieving this MIB data is known as walking the MIB in the vernacular of SNMP. This walking is actually using the SNMP get command to get the data from the SNMP device. 6.1.4.2 Juniper Networks “Specific MIBsMany equipment vendors have developed MIBs for use within SNMP that are specific to their equipment. Juniper Networks has done this as well. Figure 6-5 shows the specific MIBs that Juniper Networks has developed. You can see that there are several options for Juniper Networks routers you can retrieve via SNMP, ranging from chassis alarms to MPLS usage and traffic statistics. You can find the Juniper Networks “specific MIBs online at www.juniper.net/techpubs/mibs.html. Figure 6-5. Juniper Networks MIB Tree
There are a variety of excellent resources available should you wish to research SNMP further. We would recommend the following online resource: www.snmp.com. For printed material on SNMP, the following two books are also very good:
|