MASIGNASUKAv102
6510051498749449419

SNMP

SNMP
Add Comments
jeudi 7 juillet 2016

SNMP, MIBs and OIDs—an Overview

SNMP is one of the most commonly used technologies when it comes to network monitoring. Unified Monitoring programs—like PRTG Network Monitor—use it. But how does SNMP work? What are MIBs and OIDs? Read this short introduction and make the first step into the world of SNMP!


SNMP Basics

SNMP stands for Simple Network Management Protocol and consists of three key components: managed devices, agents, and network-management systems (NMSs). A managed device is a node that has an SNMP agent and resides on a managed network. These devices can be routers and access servers, switches and bridges, hubs, computer hosts, or printers. An agent is a software module residing within a device. This agent translates information into a compatible format with SNMP. An NMS runs monitoring applications. They provide the bulk of processing and memory resources required for network management.
SNMP version 1 was the initial development of the SNMP protocol. A description can be found in Request for Comments (RFC) 1157 and it works within the specification of the Structure of Management Information (SMI). It operates over User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless Network Services (CLNS), AppleTalk Datagram Delivery Prtocol (DDP), and Novell Internet Packet Exchange (IPX). SNMP v1 is considered the de facto network management protocol in the Internet community.

SNMP—A Closer Look at MIBs and OIDs

MIB stands for Management Information Base and is a collection of information which is organized hierarchically. The various pieces of information are accessed by a protocol such as SNMP. There are two types of MIBs: scalar ones and tabular ones. Scalar objects define a single object instance whereas tabular objects define multiple related object instances grouped in MIB tables.
OIDs or Object Identifiers uniquely identify managed objects in an MIB hierarchy. It can be depicted as a tree whose nodes are assigned by different organizations. Generally, an OID is a long sequence of numbers, coding the nodes, separated by dots. Top level MIB object IDs (OIDs) belong to different standard organizations. Vendors define private branches including managed objects for their own products.
SNMP basically works with the principle that network management systems send out a request and the managed devices return a response. This is implemented using one of the following four operations: Get, GetNext, Set, and Trap. SNMP messages consist of a header and a PDU (Protocol Data Unit). The headers consist of the SNMP version number and the community name. The community name is used as a sort of password to increase security in SNMP. The PDU depends on the type of message that is sent. The Get, GetNext, and Set, as well as the response PDU, consist of PDU type, Request ID, Error status, Error index and Object/Variable fields. The Trap consists of Enterprise, Agent, Agent address, Generic trap type, Specific trap code, Timestamp and Object/Value fields.

MIBs, OIDs and Examples

MIBs are collections of definitions which define the properties of the managed object within the device to be managed. For example, the typical objects to monitor on a printer are the different cartridge states and maybe the number of printed files, and on a switch the typical objects of interest are the incoming and outgoing traffic as well as the rate of package loss or the number of packets addressed to a broadcast address. Every managed device keeps a database of values for each of the definitions written in the MIB. So, the available data is actually not dependent on the database, but on the implementation. Each vendor of SNMP equipment has their own section of the MIB tree structure at their disposition.
To organize all of these properly, all the manageable features of all products (from each vendor) are arranged in this MIB tree structure. Each 'branch' of this tree has a number and a name, and the complete path from the top of the tree down to the point of interest forms the name of that point. This complete path is the OID, the "identifier of an object" respectively. Nodes near the top of the tree are of an extremely general nature. For example, to get to the Internet, you need to reach the fourth node of the OID you can see below. When you move further down the tree, or further to the right respectively, the names get more and more specific, until you get to the bottom, where each node represents a particular feature on a specific device (or agent).

Samples

Here is a sample structure of an OID:
Iso(1).org(3).dod(6).internet(1).private(4).transition(868).products(2).chassis(4).card(1).slotCps(2)­.-cpsSlotSummary(1).cpsModuleTable(1).cpsModuleEntry(1).cpsModuleModel(3).3562.3
or
1.3.6.1.4.868.2.4.1.2.1.1.1.3.3562.3 
These numbers are the ones used in PRTG when setting up custom sensors, in order to access the appropriate elements of the device that you want to monitor. OIDs are generally provided by the hardware manufacturers or can be found in so-called OID repositories, where collections of MIB trees and the corresponding OIDs can be accessed. PRTG reads these OIDs and appoints them the device they belong to. That means that it monitors a selected device and its specific OID.