Home | | Network Programming and Management | Simple Network Management Protocol

Chapter: Network Programming and Management : Simple Network Management

Simple Network Management Protocol

The operation that are supported in SNMP are the alteration and inspection of variables. The three general purpose operations may be performed on scalar objects.



The operation that are supported in SNMP are the alteration and inspection of variables. The three general purpose operations may be performed on scalar objects.


        Get : A management station retrieves a scalar object value from a amanged station.


        Set: A management station updates a a scalar object value in a managed station.


         Tap: A managed station sends an unsolicited scalar object value to a management station. Few points to understand in this respect are :


        It is not possible to change the structure of a MIB by adding or deleting object instances – that is addition and deletion of a row of a table is not possible.


        It is not possible to issue commands for an action to be performed.


        Access is provided only to an leaf object in the object identifiertree.


        It is not possible to access an entire table or row of a table with one atomic action. Communities and Community Names:


In SNMP network management, there are a number of managed station that control its won MIB and there are a number of management stations that access some of these agents‘ MIB as per its requirement. Each MIB managed station controls its won local MIB and must be able to control the use of that MIB by a number of management stations. There are three aspects to this control.


        Authentication service : The managed station may wish to limit the access to the MIB to authorized management stations only.

        Access Policy : The managed stations may wish to give different access privileges to different management stations.


        Proxy Service : A managed station may act as a proxy to other managed stations. This may involve implementing the authentication service and / or access policy for the other managed systems on the proxy system.


An SNMP community is a relationship between an SNMP agent and a set of SNMP managers that defines authentication, access control and proxy characteristics. The managed system establishes one community for each desired combination of authentication, access contro9l and proxy characteristics. Each community is given a unique community name and the management station within that community are provided with and must employ the community name in all get and set opetations. The agent may establish a number of communities with overlapping management station membership.


Authentication Service: In the case of SNMP message, the function of an authentication service would be to assure the recipient that the message is from the source from which it claims to be. The scheme of authentication is that the management station includes the community name which functions like a password. This is although very trivial. But for sensitive application like set , this may trigger an authentication procedure which may involve encryption and decryption procedure.


Access Policy : BY defining a community, the agent limits access to its MIB to a selected set of management stations. BY the use of more than one community, the agent can provide different categories of MIB access to different management stations. The two aspects of this control are :


        SNMP MIB view: a subset of objects with an MIB. Different MIB views may be defined for each community.


        SNMP access control: an element of the set {READ-ONLY, READ-WRITE}. An access mode is defined for each community.


The combination of a MIB view and an access mode is referred to as an SNMP community profile. Thus a community profile consists of a defined subset of the MIB at the agent, plus an access mode for those objects.

Proxy Service : Proxy is an SNMP agent that acts on behalf of other devices. Typically other devices do not support SNMP. For each devices that the proxy system represents, it maintains an S?NMP access policy.


Protocol Specification:


With SNMP, information is exchanged between a management station and agent in the form of an SNMP message. Each message includes a version number indicating the version of SNM, a community name to be used for this exchange and one of five types of protocol data units as shown below:


GetRequest, getNextRequest and setRequest PDU ‗s have the same format as the getResponse PDU with error-status and error-index fields set to zero. This convention reduces by one the number of different PDU format with which the SNMP entity must deal.


Details of fields are given below:

Version : SNMP version (RFC 1157 is version 1)


Community : A pairing of an SNMP agent with some arbitrary set of SN?MP application entities


Request-id :       Unique  ID is provided for each request

Error-status:     Indicates occurrence of exception while processing a request.


noError (0), tooBIg(1), noSuchNAme(2), badValues(3), readOnly(4), genErr(5) error-index: When error status is nonzero, may provide additional information by indicating


which variable in a list caused the exception.


Variable bindings: A list of variable names and correcsponding values Enterprise : Type of object generating tap: based on sysObjectID Agent-addr: Address of object generating trap.


Generic trap: generic trap type: values are coldStart(0), warmStart(1), linkDown(2), linkUp(3), authentication-Failure(4), egpNeighborLoss (5), enterprise-Specific(6)


SpecificTrap: Specific trap code;

Time-stamp: Time elapsed between the last initialization of the network entity and the generation of the trap.

Transmission of an SNMP message: Steps involved:

1.   The PDU is constructed, using the ASN.1 structure defined in RFC 1157


2.    This PDU is then passed to an authentication service, together with the source and destination transport address and community name. The authentication performs any required transformations for this exchange, such as encryption or the inclusion of authentication code, and returns the result.


3.     The protocol entity then constructs a message, consisting of a version field, the community name and the result from step 2


4.     The new ASN.1 object is then encoded using the basic encoding rules and passed to the transport service.


Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Network Programming and Management : Simple Network Management : Simple Network Management Protocol |

Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.