SNMP a Good Article ...

1. What is network management.

Network management is divided into two categories. The first category is the management of network applications, user accounts (such as the use of files), and access rights (licenses). They are all software-related network management issues. There is no discussion here.

The second type of network management consists of the hardware that makes up the network. This category includes workstations, servers, network adapters, routers, bridges, hubs, and so on. Usually these devices are far from where you are. It is for this reason that if the network administrator can be notified automatically when a problem occurs in the device, then everything will be all right. But your router will not be able to call you when an application problem occurs, as your users do, and it cannot notify you when the router is crowded.

To solve this problem, vendors have set up network management capabilities in a number of devices so that you can ask them about their status remotely, and also enable them to warn you when a particular type of event occurs. These devices are often referred to as "smart" devices.

Network management is usually divided into four categories:
The managed node (or device) is the device you want to monitor
Special software or firmware used by the agent to track the state of the managed device (firmware)
The network management workstation communicates with the agents in the different managed nodes and displays the central devices for the status of these agents.
Network management protocols are protocols used by network management stations and Dali to exchange information.

When designing and structuring the infrastructure of network management, you need to keep in mind the following two principles of network management:

The amount of traffic that is generated by managing information should not significantly increase network traffic.
The protocol agent on the managed device should not significantly increase the overhead of system processing, so that the main function of the device is weakened.


--------------------------------------------------------------------------------



2. What is SNMP.




Simple Network Management Protocol (SNMP) is first proposed by the Internet Engineering Task Organization (Internet Engineering task Force) (IETF) research team to address router management issues on the Internet. Many people think that SNMP is running on IP because the Internet is running the TCP/IP protocol, but that is not the case.

SNMP is designed to be protocol-independent, so it can be used on Ip,ipx,appletalk,osi and other transport protocols used.

SNMP is a series of protocol groups and specifications (see the following table) that provide a way to collect network management information from devices on a network. SNMP also provides a way for the device to report problems and errors to the network management workstation.

Name Description
MIB Management Information Base
The structure and identification of SMI management information
SNMP Simple Network Management Protocol

There are two ways to collect data from a managed device: One is polling only (polling-only), and the other is a method based on interrupts (interrupt-based).

If you use only polling methods, the network management workstation is always under control. The disadvantage of this method is the real-time nature of information, especially the real-time nature of the error. How often do you poll, and in what order of equipment in the polling? If the polling interval is too small, too much unnecessary traffic is generated. If the polling interval is too large and the order is incorrect during polling, the notification of some large catastrophic events is eels. This is contrary to the proactive network management purposes.

When an exception event occurs, an interrupt based method can immediately notify the network management workstation (where the device is assumed to have not crashed, and there is still an available communication route between the managed device and the management station). However, this method is not without his flaws, first of all, to produce errors or the self trapping requires system resources. If the self trap must forward a large amount of information, the managed device may have to consume more time and system resources to generate a trap, which affects its ability to perform the main functions (violating principle 2 of network management).

Furthermore, if several of the same types of self trapped events occur in succession, a large amount of network bandwidth may be consumed by the same information (contrary to principle 1 of network management). Especially if it's about congestion, things can get really bad. One way to overcome this flaw is to set thresholds (threshold) about when to report problems for managed devices. Unfortunately, this approach may again violate the principle of network Management 2, because the device must consume more time and system resources to determine whether a self trapping should be generated.

As a result, the combination of the above two methods: the trap-directed-oriented polling method (polling) may be the most effective way to perform network management. Typically, a network management workstation polls the agents in the managed device to collect data and displays the data in a digital or graphical representation on the console. This allows network administrators to analyze and manage device and network traffic.

The agents in the managed device can report error conditions to the network management workstation at any time, such as the extent of the preset thresholds and bounds. The agent does not need to wait until the management station polls him for these error conditions before reporting. These error conditions are known as SNMP self trapping (trap).

In this combination of methods, when a device produces a self trap, you can use a network management workstation to query the device (assuming it is still reachable) for more information.


--------------------------------------------------------------------------------




3. What is managed device.




You've probably heard a lot about "SNMP manageable devices," "SNMP-compatible devices," or "SNMP-managed devices." But what exactly are they. How do they differ from "smart devices"?

To put it simply, all of the above statements mean "a network device that contains a network management agent implementation." These words also mean that the agent supports the SNMP protocol for information exchange. As mentioned earlier, a smart device may not need to use or support SNMP protocols. So what is an agent?

Agent
A management agent (agent) is a special software (or firmware) that contains information about a particular device and/or the environment in which the device is in place. When an agent is installed on a device, the above device is listed as "managed." In other words, an agent is a database.

The data contained in the database varies depending on the device being installed. For example, on a router, the agent will contain information about the routing table, the total number of receive and send packages, and so on. For a network bridge, the database may contain information about the number of forwarding packets and the filtering table.

An agent is a software or firmware that communicates with the network management console. On the link in this console, you can perform the following tasks:

The network management workstation can obtain information about the device from the agent.
The network management workstation can modify, add, or delete table entries in the agent, such as the routing table entries in the database maintained by the agent.
The network management workstation can set thresholds for a specific self trap.
The agent can send a self trap to the network management workstation.
Keep in mind that the agents in the managed device do not provide information voluntarily, unless a threshold is exceeded when an event occurs.

In some cases, it is not possible to implement an SNMP agent on a particular device because of a lack of system resources or because the device does not support the transport protocol required by the SNMP agent. Does that mean you can't monitor the device? This is not the answer, and in this case it is not entirely without a solution. You can use the Proxy agent (proxy agent), which is equivalent to an external device (foreign device).

The trustee agent is not running on a managed external device, but is running on another device. The network management workstation is first contacted by the trustee and indicates (by some means) the consistency of the entrusted agent with the external device. The trustee then translates the protocol commands it receives into an administrative protocol that is supported by any external device. In this case, the trustee agent is called the Application Gateway (application Gateway).

If the external device does not support any management protocols, then the trustee must use some passive methods to monitor the device. For example, a token Ring bridge's trustee can monitor its performance, and if it detects any congestion errors reported by the Network Bridge, it will generate a self trap. Fortunately, most Internet device types today support SNMP manageable devices, so you can easily use an SNMP manageable device, such as hubs, bridges, and routers. Some vendors even provide SNMP agents on their network adapters.

Mib
We usually rarely refer to a database in a managed device as a database. In SNMP terminology It is often referred to as the Management Information Base (MIB).

A MIB describes the objects or table entries that are contained in the database. Each object or table entry has the following four properties:

Object type
Syntax (Syntax)
Access (Access)
State (status)
These attributes are defined in the management information structure and identity (SMI;RFC 1155/1065) specification of one of the SNMP specifications. SMI is the equivalent of a schema to a database for a MIB. SMI defines what each object "looks like".

Object type
This property defines the name of a particular object, such as Sysuptime. It's just a sign. When the data is represented, SMI uses ASN.1 (Abstract Syntax notation one). The object must be "identified". For Internet management MIB, the identifiers represented by the ASN.1 notation begin as follows:

Internet OBJECT IDENTIFIER:: = {ISO org (3) DoD (6) 1}

Or in a simple format:

1.3.6.1

This is extracted from the ASN.1 document. It defines a tree-shaped format for identifiers. The tree is composed of a root and a number of labeled nodes connected to it. Each node is identified by a nonnegative integer value and a text description as concise as possible. Each node may also have a child node that is equally marked.

When describing an object indentifier, you can use several formats, the simplest of which is to list the integer values found by the root beginning to the object being discussed traversing the tree. Starting at the root level, here are three nodes (figure):

CCITT (0)
ISO (1)
Joint-iso-ccitt (2)
Each of these "branches" is managed by the management organization shown in the tag.

Grammar
This property specifies the data type, such as integers, 8-bit string numbers (strings, ranges from 0 to 255), object identifiers (predefined data type aliases), or null. Null is the empty space left for later use.

Access
Access indicates the level of access for this particular object. Valid values are: Read-only, read-write, write-only, and inaccessible.

State
The      state defines the implementation needs of this object: a prerequisite (the managed node must implement the object), optional (the managed object may implement the object), or obsolete (the managed device does not need to implement the object again).