Document directory
- SNMP Overview
- SNMP Working Mechanism
- SNMP Protocol version
- MiB Introduction
Snmpsnmp Overview
SNMP (Simple Network Management Protocol) is the communication rule between the management devices and managed devices in the network. It defines a series of messages, methods, and syntaxes, it is used to manage the access and management of managed devices. SNMP has the following advantages:
L automated network management. Network administrators can use the SNMP platform to retrieve information, modify information, discover faults, complete fault diagnosis, plan capacity, and generate reports on nodes on the network.
L shield physical differences between different devices to achieve automated management of products of different vendors. SNMP only provides the most basic function set, so that management tasks are independent of the physical characteristics of managed devices and the networking technology of the lower layers, so as to manage devices of different vendors, it is especially suitable for small, fast, and low-cost environments.
SNMP Working Mechanism
SNMP network elements can be divided into NMs and agent.
L NMS (Network Management Station) is a workstation running the SNMP client program. It provides a friendly human-computer interaction interface, allowing network administrators to complete most network management tasks.
L The agent is a process resident on the device and is responsible for receiving and processing request packets from NMS. In some emergencies, such as interface status changes, the agent will also proactively notify NMS.
NMS is the manager of the SNMP Network and the agent is the manager of the SNMP Network. NMs and agent use the SNMP protocol to manage information.
SNMP provides four basic operations:
L get operation: NMS uses this operation to query the values of one or more objects on the agent.
L set operation: NMS uses this operation to reset the values of one or more objects in the agent database (MIB, Management Information Base.
L trap operation: the agent uses this operation to send alarm information to NMS.
L inform operation: NMS uses this operation to send alarm information to other NMS.
SNMP Protocol version
Currently, the SNMP agent of the device supports SNMP V3 and is compatible with SNMP V1 and SNMP v2c.
L SNMP V1 adopts Group Name authentication. The group name is used to define the relationship between SNMP NMs and SNMP agent. If the group name carried by the SNMP message is not recognized by the device, the message will be discarded. The group name acts as a password to restrict access to the SNMP agent by snmp nms.
L SNMP v2c also adopts Group Name authentication. It is compatible with SNMP V1 and expands the features of SNMP V1: it provides more operation types (GETBULK and informrequest ); it supports more data types (counter64 and so on); it provides richer error code and more detailed error segmentation.
L SNMP V3 provides a user-based security model (USM, user-based security model) authentication mechanism. Users can set authentication and encryption functions. authentication is used to verify the legality of the message sender to avoid unauthorized user access. encryption is used to encrypt the transmission packets between NMs and the agent to avoid eavesdropping. By combining functions such as authentication and encryption, You can provide higher security for communication between SNMP NMs and SNMP agent.
Matching the SNMP versions of NMs and agent is a prerequisite for successful mutual access between them. The agent can be configured with multiple versions at the same time, and different versions are used for interaction with different NMS versions.
MiB Introduction
Any managed resource is represented as an object called a managed object. The Management Information Base (MIB) is a collection of managed objects. It defines the hierarchy between objects and a series of attributes of objects, such as object names, access permissions, and data types. Each agent has its own MIB. NMS can perform read/write operations on objects in the MIB Based on their permissions. The relationship between NMS, agent, and MIB is shown in 1.
Figure 1 Relationship Between NMS, agent, and MIB
MiB are stored in a tree structure. The node of the tree indicates the managed object, which can be uniquely identified by a path starting from the root (OID ). As shown in 2, managed object B can be uniquely identified by a string of numbers {1.2.1.1}, which are the oId (object identifier, object identifier) of the managed object ).
Figure 2 MIB Tree Structure
Reprinted: http://www.h3c.com.cn/Products___Technology/Technology/System_Management/Other_technology/Technology_recommend/200805/605726_30003_0.htm