Cisco CCNA: Get Up to Speed with Simple Networks and SNMP
Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices.
It provides a standardized framework for communication between SNMP managers and SNMP manageable devices.
Cisco networking devices are SNMP aware devices. They can be configured to use SNMP to inform an SNMP aware manager station about the existence of errors or inconsistencies.
Moreover, Cisco devices can be monitored and controlled by the SNMP manager which is able to gather real time operational information and instruct immediate action corrections to the device.
So today, I’ll give you all the details of the operation of SNMP and the SNMP framework. I’ll also give you the step-by-step instructions on how to configure SNMP on your own Cisco network device.
The SNMP Manager/Agent Model
The SNMP framework is based on the Manager/Agent model. The SNMP manager is obviously the system (either a dedicated network device or a collection of management applications) that manages SNMP devices.
It provides the interface between the human network management engineer and the management system. On the other hand, the SNMP agent is the software that resides inside the managed device (such as Cisco router-switch) which controls and monitors all device parameters and network data which is being visualized as distinctive managed objects.
Therefore, it can be said that the SNMP agent provides the interface between the manager station and the actual physical devices being managed. The following diagram shows the concept of the SNMP Manager/Agent Model:
The bond that joins SNMP managers and agents together is the common set of management information. Both managers and agents speak the same language.
Think about it for a second, if there was not a common language between those two then how would they communicate?
Obviously both need to exchange messages that consist of not only the same structure and layout, but also a common set of parameters and attributes.
For this precise reason, all manageable SNMP objects are defined into what is called Management Information Base (MIB). This information base consists of all the structured information representing network elements and their attributes.
Each managed object in the MIB is described using an Object Identifier (OID) defined according to the Structure of Management Information (SMI) rules using abstract syntax notation (ASN.1)
The following diagram displays only a small sample of this abstract MIB notation:
The Structure of MIBs
The SNMP MIB is organized in a tree structure with individual objects, being represented as leaves on the branches. A long numeric tag or object identifier (OID) is used to distinguish each SNMP object and its variables uniquely in the MIB and in SNMP messages.
SNMP object IDs consist of numbers separated by decimal points which build up a tree as shown below. The MIB looks like a dictionary where you follow specific number sequences in order to assemble and interpreter specific SNMP messages.
From the tree structure presented below you can see that in order to reach Cisco’s specific OIDs you should target towards 126.96.36.199.4.1.9 branch.
SNMP Message Types
SNMP version 1 specifies 5 types of SNMP messages (SNMPv2 introduces some additional message types) that can be exchanged between a SNMP manager and a SNMP agent.
These messages are: GET, GETNEXT, SET, GET-RESPONSE and TRAP. The use for each one of these messages is presented below:
- GET: It’s a message from the manager towards the agent requesting to get the current value of a MIB object.
- GETNEXT: It’s a SNMP request from the manager towards the agent for obtaining the current value of the next MIB object. (Followed the GET request).
- SET: The SNMP manager uses the set request for updating the current value of the SNMP agents MIB object.
- GET-RESPONSE: The agent uses a GET-RESPONSE message when answering to a GET, GETNEXT or SET request in order to provide specific requested information or provide feedback about the process- results of the SET REQUEST.
- TRAP: The TRAP message is the only SNMP message initiated by the agent and it is used to inform about errors abnormal events regarding the objects that it manages.
Keep in mind that the agent uses UDP port 161 for listening to the GET, GETNEXT and SET requests and the manager side uses UDP port 162 for listening to SNMP TRAPs from the agent.
The simple flow diagram below shows the direction of the different SNMP message types and the specific destination UDP port used for each message.
Configuring SNMP using CISCO IOS
• Configuring SNMP Access in CISCO Routers
The first thing you need to do is to activate SNMP access on your router. To do so, you need to specify community strings (something like passwords) so that managers sharing the same community string could exchange messages.
Furthermore, access lists can be defined to further restrict the access privilege. Here is what you need to configure:
snmp-server community train view public RO 99
snmp-server community specialist RW 66
snmp-server view public internet included
snmp-server view public internet.6 excluded
access-list 99 permit 10.10.10.10
access-list 66 permit 10.20.20.20
The first line specifies that those managers who satisfy the criteria of the access list 99 and use the community string train are restricted to read only privileges on the view called public.
Access list 99 (5th line) states that only host 10.10.10.10 is allowed to issue requests and the public view (lines 3 and 4) specify that only information in the internet branch of the MIB tree can be presented (iso(1).org(3).dod(6).internet(1)) the SNMPv2 branch (internet.6).
The second line specifies that those managers that fulfill the criteria of access list 66 (line 6) and use the community string specialist have full read-write access on the agent.
&bull Configuring SNMP TRAPS in CISCO Routers
For enabling the standard SNMP traps you need to provide the following command:
snmp-server enable traps
For enabling specific traps, you should specify them at the end of the above command. For example:
snmp-server enable traps linkdown linkup
snmp-server enable traps config
The first line enables the transmission of traps when a link status change occurs. The second line initiates the transmission of traps when a user performs a change in the configuration of the router.
Finally, you need to specify where your router should send the trap SNMP messages. The following commands specify two SNMP servers (management stations) that the router is configured to transmit SNMP traps using the community string train:
snmp-server host 10.20.40.60 train
snmp-server host 10.40.60.80 train
Be Careful Not to Fall Into Traps!
SNMP protocol has been an important tool for Network Administrators due to its beneficial contribution to error provisioning.
Although you can greatly benefit from the capabilities of this protocol, always keep in mind that the more monitoring tasks you have the more you impact the devices being monitored, because a greater amount of bandwidth is consumed.
Therefore, identify the crucial parts of your network and determine the type of data required as to restrict the SNMP information requests to the minimum permissible volume. The lower the processing burden, the healthier your devices will be.