Contact and difference of SNMP V1 V2 V3

The connection and difference between SNMP V1 and V3. SNMP is a protocol used to manage nodes on the network (including workstations, routers, switches, hubs, and other peripheral devices ). SNMP is an application protocol that uses UDP encapsulation for transmission. UDP is a connectionless transport layer protocol. It provides simple and reliable transmission services for the layer-4 protocol in the OSI model. SNMP enables network administrators to manage network performance, discover and solve network problems, and plan network growth. Currently, three versions of network management protocols are defined: SNMP v1, SNMP v2, and SNMP v3. SNMP v1 and v2 have many common features. SNMP v3 adds security and remote configuration capabilities based on previous versions. To solve compatibility issues of different versions, RFC3584 defines a coexistence policy. SNMP v1 is the initial implementation of the SNMP protocol. SNMPv1 runs on UDP, IP, OSI, CLNS, DDP, and IPX (Novell Internet Packet Exchange. SNMPv1 is widely used as the actual Network Management Protocol on the Internet. SNMP is a simple request/response protocol. The network management system sends a request and the managed device returns the response. These actions are composed of four protocol operations: Get, GetNext, Set, and Trap. The Get operation uses NMS to obtain one or more object instances of the agent. If the get operation returned by the agent does not provide the values of all object instances in the list, no value is provided. The GetNext operation is used by NMS to obtain the next object instance in the table from the agent table. The Set operation NMS is used to Set the value of the agent object instance. The trap operation is used by the agent to notify NMS of meaningful events. SNMP v2 was designed in 1993 and is an evolution version of v1. Get, GetNext, and Set operations are the same as SNMPv1. However, SNMPv2 has added and enhanced some protocol operations. In SNMPv2, if multiple request values are required in get-request again, if one does not exist, the request will still be executed normally. In SNMPv1, an error message is returned. In v1, the Trap message is different from the PDU of several other operation messages. The v2 version simplifies the trap message, so that the trap and other get and set messages are in the same format. SNMPv2 also defines two new protocol operations: GetBulk and Inform. The GetBulk operation is used for NMS to efficiently obtain a large amount of block data, such as multiple rows in a table (one UDP packet responds ). GetBulk returns as many response messages as possible. The Inform operation allows one NMS to send trap messages to other NMS and then receive responses. In SNMPv2, if the agent cannot provide the values of all the variables in the list in response to the GetBulk operation, partial results are provided. There are multiple variants in SNMP v2 security policy evolution, and there are actually multiple message formats of SNMP v2. Different SNMPv2 variants are implemented in security mode. Therefore, the PDU of each SNMP v2 variant have the same format, and the overall message format is different. Now, SNMP v3 has added security and remote configuration capabilities in earlier versions. The SNMPv3 structure is message security and VACM (View-based Access Control Model) USM (User-based Security Model) is introduced ). This structure supports the use of different security mechanisms, access control, and message processing models at the same time. SNMP v3 also introduces the use of the snmp set command to dynamically configure the SNMP agent without losing the MIB object representing the agent configuration. These dynamic configurations support addition, deletion, modification, and configuration of remote or local entities. The common SNMPv3 Message format follows the same message Encapsulation Format and contains a header and an encapsulated PDU. The header area is divided into two parts, one for processing security and the other for security-independent parts. All the SNMPv3 parts are the same, and the security-related parts are designed into various SNMPv3 security models and processed by the security model in SNMP. SNMPv1 only uses one security policy, group name. The group name and password are similar. The Agent can be set to answer queries of managers whose group names can be accepted. It is easy to obtain the group name or password. SNMPv2 adds a lot of extra security. First, all the packet information except the destination address is encrypted. The encrypted data includes the group name and source IP address. The Agent can unbind the encryption package and use the received group name and source IP address to make the request valid. SNMPv3 provides a triple security mechanism. The highest level is authentication and privacy. The middle layer provides authentication without privacy and the bottom layer does not have any authentication mechanism and private SNMPV1. V2 adopts plaintext transmission, and SNMPV3 adopts encrypted transmission, that is, corresponding to SNMPV1, v2 uses the packet capture tool to directly view the group name in the data packet. The following group is named snmpv2. Obviously, you can capture packets.