SNMP framework and its implementation on Cisco Routers

This article describes in detail how to configure the snmp framework for the cisoc router. I believe I have read this article to understand the SNMP management framework and SNMP notification.

Measure the test taker's understanding about the SNMP management framework.
Simple Network Management Protocol (SNMP) is an application layer Protocol that provides message communication between SNMP Managers and SNMP agents in the message format. It specifies a standardized management framework for device Monitoring and Management in the network environment, a public language for communication, and a corresponding security control mechanism.

The SNMP management framework consists of four components:

* SNMP manager

* SNMP proxy

* A management protocol used to transmit management information between SNMP entities

* MIB (Management Information Base)

The SNMP manager is a system that uses the SNMP protocol to control and monitor network nodes. The most common SNMP manager in the Network environment is called the Network Management System (NMS ). A network management system can be a server dedicated for network management or an application that executes management functions on a network device. Currently, many software and hardware vendors provide network management systems that support SNMP protocols, such as Cisco's CiscoWorks network management software products.

The SNMP agent is a software module in the managed device. It is used to maintain the management information data of the managed device and reports the management data to an SNMP Management System as needed. The SNMP agent and related MIB inventory are in the network equipment (such as Cisco routers, switches, access servers, and so on ).

The MIB library is a virtual data storage space that stores network management information. It consists of multiple groups of managed objects. In the device MIB library, multiple groups of associated objects are defined by multiple MIB modules. Each MIB module is written in the standard snmp mib Module Language. The standard is defined in IETF (Internet Engineering Task Force, an International Organization for Standardization) STD58, RFC2579 and RFC2580 documents (see section "MIB and RFC" to learn about the interpretation of STD and RFC documents ). It should be noted that each separate MIB module is sometimes referred to as a MIB, for example, a device interface group MIB (IF-MIB) is a MIB module in the device MIB library.

The SNMP Agent stores the MIB object variable. The variable value can be read and modified by the SNMP manager through the Get or Set operation. An SNMP manager can read the value of a variable from the SNMP proxy or store a value in a variable of the SNMP proxy. The SNMP Agent collects data from the MIB database that represents device parameters and network operation data, and can respond to the Get and Set operations of the SNMP manager.

Describes the communication relationship between the SNMP manager and the SNMP agent. An SNMP manager can send a request to the SNMP agent to read (Get) or Set one or more MIB variable values. The SNMP proxy can respond to these requests. In addition to this interactive communication method, the SNMP agent can also send a notification (Trap or Inform Request) to the SNMP manager to notify the manager of a device or network status.

Figure 1: Communication Between the SNMP manager and the SNMP Agent

SNMP notification

An important feature of the SNMP protocol is that the SNMP agent can generate notifications. The notification will be sent automatically without the SNMP manager's Request. The message is sent in asynchronous mode. The form can be Trap or Inform Request (Inform. Trap is a warning message sent to the SNMP manager notifying the network condition, and Inform is the Trap that the SNMP manager needs to confirm. SNMP notifications can be used to indicate incorrect user authorization, restart, connection disconnection, device communication interruption, or other abnormal events in the network.

Compared with Inform, the Trap notification method is unreliable because the recipient does not need to reply any confirmation information after receiving a Trap notification, and the sender cannot know whether the Trap notification has been correctly received. Correspondingly, when the SNMP manager receives an Inform notification, it needs to reply a confirmation message to the sender, using the SNMP response packet (PDU ). If the SNMP manager does not receive the Inform notification, it will not send any response, so when the sender cannot receive the expected response, it will send an Inform notification again to the SNMP manager. This method ensures that the Inform notification method can send the notification to the desired destination.

However, in most cases, the Trap notification method is usually used because the Inform method consumes more network and device resources. Unlike the Trap notification method, the managed device cannot discard an Inform notification immediately after sending it, it needs to save the notification information in the system memory until it receives the corresponding confirmation response or the specified timer times out. It can be seen that a Trap notification is sent only once, and the Inform notification may be repeatedly sent multiple times. This type of repeated sending will increase network traffic, resulting in an increase in additional network overhead.

When selecting the Trap or Inform notification form, the Administrator must make overall considerations based on the reliability requirements and system resource conditions: If the SNMP administrator needs to ensure that each notification is received, the Inform notification method should be used; if you are more concerned with reducing the consumption of network traffic and network device resources and do not need to receive every notification, you should use the Trap notification method.