You may wonder that how to monitor the Huge servers, storage's, network devices and other critical IT infrastructure!!
There come SNMP to our rescue. Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions. SNMP provides a common language for network devices to relay management information within single- and multivendor environments in a local area network (LAN) or wide area network (WAN).
If count on fingures we can monitor routers, switches and wireless access points to endpoints like printers, scanners and internet of things (IoT) devices etc to DNS, Network managers etc. How does SNMP works??
Simply we need three things:
1. Agent on Device/End Point/Apllication
2. SNMP Server (NMS) to collect information/Traps
3. Management Information Base (MIB)- This database is a text file (.mib) that itemizes and describes all objects used by a particular device that can be queried or controlled using SNMP. This database must be loaded into the NMS so that it can identify and monitor the status of these properties. Each MIB item is assigned an object identifier (OID).
# We are mapping the Object (like Ping Response, UpTime etc) in the server and establishing connections between the agent installed on the end device.
SNMP agents send UDP/TCP packet to NMS wrt to the OID mapped.Following messages are sent :
- GET: Generated by the SNMP manager and sent to an agent to obtain the value of a variable, identified by its OID, in an MIB .
- RESPONSE: Sent by the agent to the SNMP manager, issued in reply to a GET request. Contains the values of the requested variables.
- GETNEXT: Sent by the SNMP manager to agent to retrieve the values of the next OID in the MIB's hierarchy.
- GETBULK: Sent by the SNMP manager to the agent to obtain large tables of data by performing multiple GETNEXT commands.
- SET: Sent by the SNMP manager to the agent to issue configurations or commands.
- TRAP: An asynchronous alert sent by the agent to the SNMP manager to indicate a significant event, such as an error or failure, has occurred.
The SNMPv1 SMI defines highly structured MIB tables that are used to group objects that contain
multiple variables. Tables contain zero or more rows, which are indexed, so SNMP can retrieve or alter
an entire row with a supported command.
SNMPv2c functions within the specifications of SMI. MIB modules contain
definitions of interrelated managed objects. The operations that are used in SNMPv1 are
similar to those that are used in SNMPv2. The SNMPv2 trap operation, for example, serves the same
function as that used in SNMPv1, but it uses a different message format and replaces the SNMPv1 trap.
The most recent iteration of SNMP, version 3, includes security enhancements that authenticate and encrypt SNMP messages as well as protect packets during transit.
References:
- https://searchnetworking.techtarget.com/definition/SNMP
- https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/managed_services/8_6_1/cucm/managed_services/snmp.pdf
