Simple Network Management Protocol

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

 Foreword
⚫ Management framework solutions for TCP/IP networks were introduced as
hardware and software increased, in order to support rapid network
growth. SNMP was originally adapted from a simpler SGMP protocol for
use as the basis for common network management throughout the system.
SNMP has since experienced version revisions, however remains the
standard protocol for network management. The SNMP framework, as well
as the supporting Management Information Base act as the foundation for
network management, and are introduced in support of a well-rounded
understanding of the network management framework for TCP/IP.

Page 1 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.
 Objectives
⚫ Upon completion of this section, you will be able to:
 Describe the SNMP architecture and messaging behavior.

 Describe the function of the Management Information Base (MIB).

 Configure general SNMP parameters and traps.

Page 2 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.
 SNMP Application
Network Management Station

SNMP

⚫ SNMP is used to communicate management information between network

management stations and network elements.
Page 3 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ The Simple Network Management Protocol (SNMP) is a network management

protocol widely used in the TCP/IP network. SNMP is a method of managing
network elements using a network console workstation which runs network
management software.

⚫ SNMP may be used to achieve a number of communicative operations. The

Network Management Station (NMS) relies on SNMP to define sources for
network information and obtain network resource information. SNMP is also used
to relay reports in the form of trap messages to the NMS so that the station can
obtain network status in near real time, to allow the network administrator to
quickly take action in the event of system discrepancies and failures.

⚫ SNMP is largely used to manage application programs, user accounts, and

write/read permissions (licenses) etc., as well as to manage the hardware that
makes up the network, including workstations, servers, network cards, routing
devices, and switches. Commonly, these devices are located far from the central
office where the network administrator is based. When faults occur on the devices,
it is expected that the network administrator can be notified automatically of the
faults. SNMP effectively operates as a communications medium between the
network elements and the network administrator/NMS.
 SNMP Architecture

Network Element

Execute
SNMP
MIB
Agent Notify Object

NMS

⚫ Agents exist within network elements through which NMS interact to

retrieve or alter parameter variables in the MIB.

Page 4 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ Network elements such as hosts, gateways, terminal servers etc., contain two
important components that support the network management functions
requested by the network management stations. The management agent resides
on the network element in order to retrieve (get) or alter (set) variables.

⚫ Network Management Stations (NMS) associate with management agents that are
responsible for performing the network management functions requested by the
NMS. The MIB stores a number of variables associated with the network element,
with each of these variables being considered an MIB object. The exchange of
SNMP messages within IP requires only the support of UDP as an unreliable
datagram service for which each message is independently represented by a single
transport datagram.
 MIB Objects
root

ccitt(1) ISO(1) Joint-iso-ccitt(1)

Standard(0) registration authority(1) Member body(2) Identified organization(3)

dod(6)

internet(1)

directory(1) mgmt(2) experimental(3) private(4) ……

mib-2(1) enterprise(1)

system(1) interface(2) at(3) ip(4) icmp(5) ……

…… …… …… …… ……

⚫ The MIB acts as a virtual store for the management of objects.

Page 5 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ A Management Information Base (MIB) specifies the variables maintained by

network elements. These variables are the information that can be queried and set
by the management process. A MIB presents a data structure, collecting all
possible managed objects over the network. The SNMP MIB adopts a tree
structure similar to that found in a Domain Name System (DNS).

⚫ The object naming tree has three top objects: ISO, ITU-T (originally CCITT), and the
joint organizations branch. Under the ISO, there are four objects among which
number 3 is the identified organization. A sub-tree of the US Department of
Defense dod (6) is defined under the identified organization (3) under which the
Internet (1) sub tree is located. The object under the Internet is mgmt (2). What
follows mgmt (2) is MIB-II, originally MIB until 1991 when the new edition MIB-II
was defined. The tree path itself can be defined as an object identifier (OID) value
{1.3.6.1.2.1}.
 SNMP Operation

SNMP Management Process SNMP Agent Process

get-request
UDP 161
NMS get-response

get-next request
UDP 161
get-response

set-request
UDP 161
get-response

trap
UDP 162

⚫ Requests are received by an SNMP agent on UDP port 161.

Page 6 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ SNMP defines five types of Protocol Data Units (PDUs), namely, SNMP packets, to
be exchanged between the management process and the agent process. The get-
request operation indicates that the management process reads one or more
parameter values from the MIB of the agent process. The get-next-request
indicates that the management process reads the next parameter value in the
lexicographic order from the MIB of the agent process. The set-request indicates
that the management process sets one or more parameter values in the MIB of the
agent process. The get-response returns one or more parameter values. This
operation is performed by the agent process. It is the response to the preceding
three operations. Lastly is the trap function which is actively sent by the agent
process to inform the management process of important or critical events.
 SNMPv2c

mib-2(1)

system(1) interface(2) at(3) ip(4) icmp(5)

ifOutOctets OBJECT-TYPE
sysUpTime OBJECT-TYPE ifSpeed OBJECT-TYPE
SYNTAX Counter
SYNTAX TimeTicks SYNTAX Gauge
ACCESS read-only
ACCESS read-only ACCESS read-only
STATUS mandatory
STATUS mandatory STATUS mandatory
DESCRIPTION "The total
th
DESCRIPTION "The time (in 1/100 of DESCRIPTION "An estimate of
number of octets
a second) since the network the interface's current
transmitted out of the
management portion of the system bandwidth in bits per
interface, including
was last re-initialized.“ second."
framing characters."
::= { system 3 } ::= { ifEntry 5 }
::= { ifEntry 16 }

⚫ New Get-bulk request PDU and inform request included.

⚫ 64 bit counters introduced to prevent counter wrap.

Page 7 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ SNMPv1 is the original application protocol by which the variables of an agent's

MIB may be inspected or altered. The evolution of SNMP involved not only
changes to the protocol but also the MIB that was used. New objects were defined
in the MIB resulting in MIB-II (or MIB-2) being defined, including for example
sysContact. sysName, sysLocation, sysServices to provide contact, administrative,
location, and service information regarding the managed node in the system
group, and ipRouteMask, ipRouteMetric5, and ipRouteInfo objects included as part
of the IP route table object.
⚫ The transition to SNMP version 2 involved a number of revisions that resulted in
SNMPv2c being developed including the introduction of a new PDU type in the
form of GetBulkRequest-PDU to allow information from multiple objects to be
retrieved in a single request and the Inform Request, a manager to manager
communication PDU, used where one manager sends information from an MIB
view to another manager. Specific objects also use counters as a syntax which in
SNMP version 1 represented a 32 bit value. This meant that in given objects such
as the byte count of interfaces it was easy for the counter to complete a full cycle
of the values and wrap, similar to the odometer that measures mileage in vehicles.
⚫ Using the 32 bit counter, octets on an Ethernet interface transmitting at 10Mbps
would wrap in 57 minutes, at 100Mbps the counter would wrap in 5.7 minutes, and
at 1Gbps it would take only 34 seconds before the counter fully cycled. Objects are
commonly polled (inspected) every 1 or 5 minutes, and problems arise when
counters wrap more than once between object polling as a true measurement
cannot be determined.
⚫ To resolve this, new counters were defined in SNMP version 2c in the form of 64
bit counters for any situations where 32 bit counters wrap too fast, which
translated to any interface that counts faster than 650 million bits per second. In
comparison, using a 64 bit counter for counting octets on a 1Tbps (1,000 Gbps)
will wrap in just under 5 years, and it would take an 81,000,000 Tbps link to cause a
64-bit counter to wrap in 30 minutes.
 SNMPv3

Get

Get Response

⚫ SNMPv3 security mechanisms support data integrity, data origin

authentication, confidentiality and timely message delivery.
Page 8 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ One of the key improvements to SNMPv3 is with regards to security of the

transmission of MIB object information. Various threats can be identified. These
include modification of object information from an unauthorized entity during
transit, the performing of unauthorized management operations by users
masquerading as another authorized user; eavesdropping on message exchanges
and the modification of the message stream through means such as message
replay.

⚫ SNMP enhances security through applying four principle measures. Data integrity
is applied to ensure that data has not been altered or destroyed in an
unauthorized manner, nor have data sequences been altered to an extent greater
than can occur non-maliciously.

⚫ Data origin authentication is supported to ensure that the claimed identity of the
user on whose behalf received data was originated is corroborated using MD5 and
SHA-1. Data confidentiality is applied to ensure information is not made available
or disclosed to unauthorized individuals, entities, or processes. Additionally,
solutions for limited replay protection provide a means of ensuring that a message,
whose generation time is outside of a specified time window, is not accepted.
 SNMP Configuration

G0/0/1
10.1.1.1/24 20.1.1.1/24

NMS RTA

[RTA]snmp-agent
[RTA]snmp-agent sys-info version v2c
[RTA]snmp-agent trap enable
Info: All switches of SNMP trap/notification will be open. Continue?
[Y/N]:Y
[RTA]snmp-agent trap source GigabitEthernet 0/0/1

Page 9 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ The SNMP agent is an agent process on a device on the network. The SNMP agent
maintains managed network devices by responding to NMS requests and
reporting management data to the NMS. To configure SNMP on a device, the
SNMP agent must be enabled, for which the snmp-agent command is applied.

⚫ The snmp-agent sys-info command sets the SNMP system information and is also
used to specify the version(s) of SNMP that are supported, where snmp-agent sys-
info version [ [ v1 | v2c | v3 ] * | all ] is used to achieve this, and should be noted
that all versions of SNMP are supported by default. The snmp-agent trap enable
command, activates the function of sending traps to the NMS, following which the
device will proceed to report any configured events to the NMS.

⚫ In addition it is necessary to specify the interface via which trap notifications will
be sent. This should be the interface pointing towards the location of the NMS, as
in the example where the NMS is reached via interface Gigabit Ethernet 0/0/1.
 Configuration Validation

[RTA]display snmp-agent sys-info

The contact person for this managed node:
R&D Shenzhen, Huawei Technologies Co., Ltd.

The physical location of this node:

Shenzhen China

SNMP version running in the system:

SNMPv2c

Page 10 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ Using the display snmp-agent sys-info command displays contact information of

personnel responsible for the system maintenance, the physical location of the
device, and currently supported SNMP version(s). The given information in the
example represents the typical default system information found within Huawei
AR2200 series routers, however this can be altered through the use of the snmp-
agent sys-info [contact | location | version ] parameters to reflect contact and
location details relevant to each individual device.
 Summary
 Which version(s) of SNMP is/are enabled by default?

 What is the destination port number that is used by an agent to forward traps
to a Network Management Station?

Page 11 Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

⚫ In the Huawei AR2200 series router, all versions of SNMP (SNMPv1, SNMPv2c and
SNMPv3) are enabled by default.

⚫ The agent forwards trap messages to the Network Management Station (NMS)
using UDP destination port 162.
Thank You
www.huawei.com