*
This HTML page was built by student of the School
of Exact sciences / Tel-Aviv University
as a part of the final
*
project of SNMP simulation in the course "Protocols and Computer
Networks", 1998, by Dr. Debby Koren.
* Oslon
Alexander 306710351 oslon@math.tau.ac.il
*
Introduction
Network management tools have always been a slow start because there is
no hurry unless the network is having problems. However, they are important
once the network becomes operational. During the period of time when
the OSI network management standards were developed, there was no prospect
for translating their drafting documents into software products that
would fit into the management needs of TCP/IP. In the late 1980s, the Internet
Architecture Board (IAB) felt that it should form a group to develop tools,
protocols, and a common database for general network management. As a result
of this, simple network management protocol (SNMP) was born for TCP/IP,
with considerations based on the framework of the OSI model [RFC1157].
The consequences have exceeded everybody's expectations. Nowdays, the SNMP
specification and source code are available on the Internet and are further
incorporated into many products running on either mainframes or communication
processors.
SNMP Protocol Overview
A network manager is a person responsible
for monitoring and controlling the hardware and software systems that
comprise an internet. A
manager works to detect and correct problems that make communication inefficient
or impossible and to eliminate conditions that will produce the problem
again.
How can a network manager find problems and isolate their cause? The answer
lies in network management software
that allows a manager to monitor and control network components. For example,
network management software allows a manager to interrogate devices such
as host computers, routers, switches, and bridges to determine their status
and to obtain statistics about the network to which they attach. The software
also allows a manager to control such devices by changing routes
and configuring network interfaces.
Network components which a network manager must control are called managed
nodes. Managed nodes can be hosts, routers, bridges, printers,
or any other devices capable of communicating status information to the
outside world. To be managed directly by SNMP, a node must be capable of
running an SNMP management process, called an SNMP
agent. All computers meet this requirement, as do increasingly
many bridges, routers, and peripheral devices designed for network use.
Each agent maintains a local database of variables that describe its state
and history and affect its operation.
Older devices or devices not originally intended for use on a network may
not have a capability of running an SNMP agent internally. To handle
them, SNMP defines what is called a proxy agent,
namely
an agent that watches over one or more nonSNMP devices and communicates
with the management station on their behalf, possibly communicating with
the devices themselves using some nonstandard protocol.
Network management is done from management stations,
which
are, in fact, general-purpose computers running special management software.
The management station contains one or more processes that communicate
with the agents over the network, issuing commands and getting responses.
Many management stations have a graphical user interface to allow the network
manager to inspect the status of the network and take action when required.
The process running on the management station is called SNMP
manager.
The management station interacts with the agents using the SNMP
protocol.
SNMP is the standard protocol used to manage an internet.
The SNMP protocol defines exactly how a manager communicates with an agent.
For example, SNMP defines the format of requests that a manager sends to
an agent and the format of replies that an agent returns. In addition,
SNMP defines the exact meaning of each possible request and reply. In particular,
SNMP specifies that an SNMP message is encoded using a standard known as
Abstract
Syntax Notation.1 (ASN.1).
The SNMP protocol allows the management station to query the state of an
agent's local objects, and change them if necessary.
The SNMP protocol does not define a large set of commands. Instead, the
protocol uses a fetch-store paradigm
in which there are two basic operations: fetch, used to obtain a
value from a device (node), and store, used to set a value in a
device (node). Each object that can be fetched or stored is given in a
unique name; a command that specifies a fetch or store operation must specify
the name of the object.
As far as programming is concerned, the SNMP manager-agent interaction
follows the client-server model. The
manager is a client running on the management station and the agent is
a server running on a network element (managed node). Both of them
belong to the application layer. In other words, the agent is a network
application program whose job is to collect data and ineract with manager.
The manager is another network application program whose job is to supervise
and communicate with its agent. An agent may communicate with another agent
on a different host. The manager may be invoked by a human (network) administrator
at the console, and SNMP is the communication protocol used between a manager
and an agent. The manager and agent generally use UDP services on the network
to exchange messages.
Each device (node) maintains one or more variables that describe its state.
In the SNMP literature, this variables are called
objects.
The
collection of all possible objects in a network is given in a data structure
called the MIB (Management Information Base).
MIB
is a set of named items that an SNMP agent understands. To monitor or control
a remote computer, a manager must fetch or store values to MIB variables
(objects).
Sometimes events happen that are not planned. Managed nodes can crash and
reboot, lines can go down and come back up, congestion can occur,
and so on. Each significant event is defined in a MIB module. When an agent
notices that a significant event has occurred, it immediately reports the
event to all management stations in its configuration list. This report
is called an SNMP trap (for historical
reasons). The report usually just states that some event has occurred.
It is up to the management station to then issue queries to find out all
the gory details.
Finally, security and authentication
play a major role in SNMP. A management station has the capability of
learning a great deal about every node under its control and also has the
capability of shutting them all down. Hence it is of great importance that
agents be convinced that queries allegedly coming from the management station,
in fact, come from the management station. For that reason different security
techniques were developed for SNMP.
To
run demonstartion program click here
Additional information about
SNMP
There are a lot of literature about SNMP protocol.
Although SNMP was designed with the idea of its being simple, at least one author has managed to produce a 600-page book on it (Stallings, W.: SNMP, SNMPv2, and CMIP, Reading, MA: Addison-Wesley, 19993a).
For more compact description (450-550 pages), see the books by Rose (Rose, M.T.: The Simple Book, Englewood Cliffs, NJ: Prentice Hall, 1994) and Rose and McCloghrie (Rose, M.T., and McCloghrie, K.: How to Manage Your Network Using SNMP, Englewood Cliffs, NJ: Prentice Hall, 1995), both of whom were among the designers of SNMP.
Other references are (Feit,
S.: SNMP - A guide to Network Management,
New York: McGraw-Hill, 1995) and
(Hein,M., and Griffiths, D.: SNMP,
London: Thompson, 19995).
Of course, you can find a lot of information about SNMP in Internet.
Click here
to access the site containing more detailed information about SNMP and
a lot of additional links.