What is SNMP

SNMP means Simple Network Management Protocol, this is the best (and shortest) explanation for SNMP.

I know it’s not funny when you are looking for explanation and someone is telling you that the name is exactly describing what it is. According to this I will try to make it more clearly and easier to understand. At the end of this document you will see that the first sentence was exactly describing SNMP.

SNMP – Simple Network Management Protocol is a protocol used for remote management of devices, with help of “SNMP agent” and “SNMP Manager” application.

It is possible to describe SNMP as:
- SNMP is protocol. It is used as communication protocol between applications.
- SNMP runs on any devices with the possibility to be connected to network and to run an application that can manage SNMP protocol (SNMP agent, SNMP demon, SNMP trap receiver …).
- SNMP is common used protocol at many platforms.
- SNMP is possible to use for Monitoring (status checks).
- SNMP is possible to use for Reporting (data collection).
- SNMP is possible to use for Configuration (To set values on remote device using).
…
It is possible to say that SNMP is standard protocol for integration of different, autonomy systems independent of brand or model.

Currently are available 3 versions of SNMP:
- SNMPv1
- SNMPv2
- SNMPv3

At the time when networking has started each vendor has used his own way how to manage his devices. According to this it was really hard time for administrators to provide any kind of centralized integration. According to this SNMP protocol was invented. The main idea was to provide unified protocol for device management.

SNMP protocol was developed mainly as network device management protocol. During the time it has become really popular for his simple concept. According to this it was implemented in to many other platforms as well. Today it is possible to find implementation of SNMP protocol at most platforms.

SNMP standards are published in “RFC” (Request for Comments) documents at “IETF” (Internet Engineering Task Force) organization. According to this SNMP protocol is open for all vendors and all users.

SNMPv1 was the first implementation of SNMP protocol, it is still used at many platforms.

This protocol has implemented:

SNMP Manager → SNMP Agent:
- SNMP GET - Requesting of data from SNMP Agent with help of SNMP protocol. In this case OID is used for identification of requested data.
- SNMP GETNEXT - In this case SNMP Manager is doing enumeration of OID’s that are sent in SNMP request until SNMP Agent will sent “end-of-MIB“ error.
- SNMP SET - Pushing configuration from SNMP Manager to SNMP Agent.

SNMP Agent → SNMP Manager:
- SNMP GETRESPONSE - Answer of SNMP Agent to SNMP GET and GETNEXT request from SNMP Manager.
- SNMP TRAP - Unsolicited message that SNMP Agent is able to sent to SNMP Manager (as notification sent out of SNMP Agent)

Security of SNMPv1 protocol is based on community string. It is sent with each message in plaintext form. Community string is used for Authentication and Authorization of SNMP Manager and SNMP Agent. It is possible to use different community strings for read-only, read-write and trap messages.

SNMPv2 as well-known as SNMPv2c. It is probably mostly used SNMP implementation today. This implementation of SNMP protocol is extending SNMPv1 implementation with bulk requests. According to this the communication is more efficient.

SNMP Manager → SNMP Agent (extension to SNMPv1):
- SNMP GETBULK - Optimization of SNMP GET and SNMP GETNEXT requests. In this way it is possible to send one SNMP request, including multiple SNMP values.
- SNMP INFORM - SNMP Manager will send this message as acknowledge for received SNMP TRAP from SNMP Agent.
- SNMP REPORT - This messages have been implemented at SNMPv2 but it is mostly used at SNMPv3 for reporting of communication errors and synchronization between SNMPv3 entities.

SNMP Agent → SNMP Manager (extension to SNMPv1):
- SNMP GETBULKRESPONSE - Response for SNMP GETBULK request.
- SNMP INFORM - It is similar message to SNMP TRAP. SNMP Manager is sends acknowledge message in form of SNMP INFORM message.
- SNMP REPORT - This messages have been implemented at SNMPv2 but it is used at SNMPv3 for reporting of communication errors or synchronization between SNMPv3 entities.
- SNMP V2TRAP - This message has same function as SNMP TRAP in SNMPv1 protocol. The only difference is that the message is encoded differently.

Security (same as at SNMPv1) is based on community string. It is sent with each message in plaintext form. Community string is used for Authentication and Authorization of SNMP Manager and SNMP Agent. It is possible to use different community strings for read-only, read-write and trap messages.

For now, the last implementation of SNMP protocol is SNMPv3. This implementation is using the same communication methods like SNMPv2. On another hand SNMPv3 is implementing additional security options:

- USM (User Security Model) - It is including verification of SNMP Manager or SNMP agent, sending the request. Security of communication is based on local configured of secret key for each user. Secret key is used for hash creating that is included in each message so that destination can validate the source of the communication.

- VACM (View-Based Access Control Model) - SNMP Agent is able to define witch user is allowed to access witch part of MIB OID's. According to this it is possible to specify who can access which data.

MIB – Management Information Base (file) is containing syntax which is a hierarchical virtual database describing managed objects. It is providing list of information that enable agents and managers to communicate with using SNMP protocol.

MIB files are:
- Provided at vendor of the monitored SNMP agent (monitored device).
- Loaded/included/compiled (depend on application) in to SNMP Manager Application.
- In most cases it is possible to write own MIB file and include this MIB file in to SNMP Manager Application. This is providing high flexibility of SNMP protocol.
…

In many cases one MIB file has relation to another MIB file. According to this it is required to load all related MIB file to SNMP Manager or SNMP Agent application.

In the case that a company has own “Enterprise Identifier” requested at “IANA” (Internet Assigned Number) all OID's related to product of this company will be using mentioned “Enterprise Identifier” to manage all OID's.

According to this company that has registered “Enterprise Identifier at “IANA” has the possibility to organize all sub - OID's in his “Enterprise Identifier name space” without affecting any competitor. According to this users of this MIB files are able to install multiple MIB files delivered from multiple vendors without conflict.

In this case we are speaking about MIB files that are commonly used at multiple vendors. According to this it is pointless that all vendors will specify the same information in they own “Enterprise Identifier name space”. According to this it is agreed to use “IETF” defined MIB files (most used is mib-2)

SMI – Structure of Management Information is provided at MIB file. Based on this information SNMP Manager Application know the structure and type of data that are shared between SNMP Manager and SNMP Agent application

SMI information are:
- Providing list of known OID – Object Identification Digit’s or Object Identifier’s used in communication between SNMP Manager and SNMP agent
- Providing data structure used at particular OID
…

SMIv1 was introduced during implementation of SNMPv1. According to this as well called SNMPv1 MIB syntax.

SMIv2 was introduced during implementation of SNMPv2. According to this as well called SNMPv2 MIB syntax. Today it is most used syntax for writing SNMP MIB files as it is used for writing MIB files for SNMPv2 protocol that are used as well at SNMPv3 protocol.

OID - Object Identification Digit’s or Object Identifier’s is used for standardization of SNMP communication between SNMP Manager and SNMP Agent.

Each OID is:
- Described in MIB file with help of SMI.
- Has his own data type
- Shall include only one value that can change in time (like performance, informational, static configured data)
…

SNMP protocol is using this components:

- SNMP Manager (listening on 162/UDP) - Software / Application that is communicating with SNMP Agent on remote platform. As example we can say that any application that is:
- - Doing active SNMP polling for monitoring or reporting is SNMP Manager Application
- - Pushing configuration changes on remote platform with help of SNMP protocol is SNMP Manager Application
- - Is receiving SNMP Trap messages from SNMP Agent application is SNMP Manager Application.

- SNMP Agent (listening on 161/UDP) - Software / Application that is communicating with SNMP Manager Application. As example we can say:
- - That SNMP Agent is sending SNMP traps related to local event to SNMP Manager Application
- - That SNMP Agent is responsible for handling SNMP requests from SNMP Manager Application
- - - 1.) SNMP Manager is sending SNMP query / get requests to SNMP Agent
- - - 2.) SNMP Agent is receiving request from point 1.)
- - - 3.) SNMP Agent is checking OID's delivered in SNMP request
- - - 4.) SNMP Agent is starting related action based on OID's from point 3.)
- - - 5.) SNMP Agent will replay to SNMP Manager's request with requested information

- SNMP MIB - This file is implemented on SNMP Manager as source of information about known OID's at SNMP Agent site. Based on this implementation it is possible that any vendor can use his own OID try and share it with users of his platform.

It is really difficult to use standard Client - Server concept of network communication for describing of SNMP protocol.

Any way it is common to say that:
- SNMP Agent - Has role of Server as it is receiving SNMP requests from SNMP Master. On another hand it is as well sending SNMP traps based on local events to SNMP Master.
- SNMP Master - Has role of Client as it is requesting data from SNMP Agent, as well he is receiving SNMP Traps from SNMP Agent.