SNMP Fundamentals PDF

Summary

This document provides an overview of Simple Network Management Protocol (SNMP). It covers topics like SNMP components, versions, and protocol commands. The document also delves into MIBs, managed devices, and configuration examples. It is targeted towards IT professionals.

Full Transcript

1 v1.2
SNMP Fundamentals

2 v1.2
Table of Content
What is SNMP (Simple Network Management Protocol)?
SNMP Components
SNMP Protocol Commands
SNMP Version
SNMP Communities
SNMP – Packet Capture
SNMP Configuration Examples

3 v1.2
What is SNMP
Simple Network Management Protocol
Application layer protocol used to manage and monitor network
devices and their functions
What SNMP Does
– Detect issues and fault early
– Monitor device throughput
– Remote configuration and control

SNMP uses the User Datagram Protocol (UDP) as the transport
protocol rfc1157

4 v1.2
SNMP Components
SNMP Manager
SNMP Agent
Management Information Base (MIB)
Managed Devices

5 v1.2
SNMP Components – SNMP Manager
SNMP Manager
– Polls devices to obtain information and alerts
– Typically a central software application
– Option for email/SMS alerts to administrators
– Poling happens over UDP port 161 (default)

6 v1.2
SNMP Components – SNMP Agent
SNMP Agent
– Process running on a monitored device
– Information sent as a response to poling
– Unsolicited message (traps) can also be sent
– Information sent over UDP port 162 (default)

Trap sent to NMS

NMS Query sent to agent Agent Router

Response to query sent from the agent to the NMS

Relationship between an NMS and an agent

7 v1.2
SNMP Components – MIB
Management Information Base (MIB)
– Collection of definitions which define the properties of the managed object
– Each managed device keeps a database of values for each of the definitions
written in the MIB
– The MIB is a hierarchical structure that forms a tree and the MIB contains object
identifiers or OIDs
– An OID is an object identifier value, typically an address used to identify a
particular device and its status

8 v1.2
SNMP Components – OID in MIB
SNMP-enabled network
devices maintains database of
system status, availability and
performance information as
objects, identified by OIDs
For example, OID for system
description (sysDescr) is.1.3.6.1.2.1.1.1.0.
or.iso.org.dod.internet.mgmt.
mib-2.system.sysDescr.0
9 v1.2
SNMP Components – MIB
An agent may implement many MIBs, but all agents implement a
particular MIB called MIB-II
The main goal of MIB-II (RFC 1213) is to provide general TCP/IP
management information
– interface speeds, MTU, octets sent, octets received, system location, system
contact, etc
There are many other draft and proposed standards
– Interface Type MIB (RFC 2115)
– BGP Version 4 MIB (RFC 1657)
– DNS Server MIB (RFC 1611)
rfc1213
Vendor also defines its own MIB (proprietary MIB)

10 v1.2
SNMP Components – Standard MIB
Standard MIBs

https://bestmonitoringtools.com/mibdb/mibdb_search.php?mib=BGP4-MIB

https://bestmonitoringtools.com/mibdb/mibdb_search.php?mib=IF-MIB

11 v1.2
SNMP Components – Proprietary MIB
Cisco Feature Navigator
– https://cfnng.cisco.com/mibs

Juniper SNMP MIB Explorer
– https://apps.juniper.net/mib-explorer

12 v1.2
SNMP Components – Managed Devices
Managed Devices
– Controlled by an agent
– SNMP information source

13 v1.2
SNMP Protocol Commands
Messaging Description
Get A Get message is sent by a manager to an agent to request the value of a
specific OID
GetNext A GetNext message allows a manager to request the next sequential object
in the MIB
Set A Set message is sent by a manager to an agent in order to change the
value held by a variable on the agent
GetBulk This manager to agent request functions as if multiple GetNext requests
were made
Response This message, sent by an agent, is used to send any requested information
back to the manager
Trap Traps are asynchronous notifications in that they are unsolicited by the
manager receiving them
Inform Manager sends an Inform message back to the agent as acknowledgement

14 v1.2
SNMP Message Exchange Mechanism

15 v1.2
SNMP Version
Three significant versions of SNMP
– SNMPv1
Defined in RFC 1157
No inform-request option
Uses community string for security
Community string is passed in clear text
– SNMPv2
Referred to as SNMP v2c
Addition of the inform-request option
Community string used for authentication
64-bits counters
– SNMPv3
Most current version
Addition of unique EngineIDs for SNMP devise
Adds authentication based on MD5 or SHA
Adds encryption through DES, 3DES or AES

16 v1.2
SNMP Communities – SNMP v1 and v2
SNMPv1 and SNMPv2 use communities to establish trust
between managers and agents
An agent is configured with three community names:
– read-only
– read-write and
– trap

The community names are essentially passwords
Typically public for the read-only community and private for the
read-write community

17 v1.2
SNMPv3 Security Levels
Ensure confidentiality, authentication and access control
Authentication Encryption Username Password
NoAuthNoPriv No No Yes No
AuthNoPriv Yes No Yes Yes
AuthPriv Yes Yes Yes Yes

18 v1.2
SNMP – Packet Capture

snmpwalk -v 2c -c {community} 192.168.99.252
19 v1.2
Configuration Example – SNMPv1 and v2
Create a community with write access
router(config)# access-list 66 permit 192.168.11.5
router(config)# snmp-server community example1rw rw 66
Create a community with read-only access
router(config)# access-list 67 permit 192.168.16.1
router(config)# snmp-server community example2ro ro 67

20 v1.2
Configuration Example – SNMPv3
Create a community with write access
router(config)# snmp-server view viewAPNIC iso included
router(config)# snmp-server group grpAPNIC v3 priv read
viewAPNIC
router(config)# snmp-server user apnic grpAPNIC v3 auth
sha AUTHPASS priv aes 128 PRIVPASS

21 v1.2
SNMP Fundamentals

Module 2: LibreNMS

22 v1.2
LibreNMS
A Fully Featured Network Monitoring Tool for Linux
LibreNMS is an open source, powerful and feature-rich auto-
discovering PHP based network monitoring system which uses the
SNMP protocol
It supports a broad range of operating systems including Linux,
FreeBSD, as well as network devices including Cisco, Juniper,
Brocade, Foundry, HP and many more

23 v1.2
LibreNMS - Features
Some major features of LibreNMS
– It auto-discovers a whole network using these protocols: CDP, FDP, LLDP, OSPF,
BGP, SNMP and ARP
– Supports a Unix agent
– Supports horizontal scaling to expand with your network
– Supports a highly flexible and customizable alerting system; sends notifications
through email, irc, slack and more
– Supports an API for managing, graphing and retrieving data from your system
– Offers a traffic billing system
– Supports integration with NfSen, collectd, SmokePing, RANCID and Oxidized
– Supports multiple authentication methods such as MySQL, HTTP, LDAP, Radius
and Active Directory

24 v1.2
LibreNMS vs Observium
LibreNMS is a fork of Observium
How LibreNMS will be different from Observium:
– Inclusive community, where it's OK to ask stupid questions, and OK to ask for
things that aren't on the roadmap.
– Development decisions will be community-driven. Want to make software that
fulfils its users' needs
– There are no plans for a paid version
– There are no current plans for paid support, but this may be added later if there
is sufficient demand

25 v1.2
LibreNMS - Architecture
LibreNMS has following components:
– Web/API Layer: This is typically Apache but we have setup guides for both
Nginx and Lighttpd
– RRD (Time Series Data store): Central storage should be provided so all RRD
files can be read from and written to in one location
– Database: MySQL / MariaDB
– Poller/Discovery: To gather information and discover network. Cron based
polling is the common setup

All these components may only be installed on one server
For scaling LibreNMS; distributed polling has been used.

26 v1.2
LibreNMS - Metrics
LibreNMS supports wide range of metrics which includes:
– Memory, Processor and Storage
– Temperature, Voltage and Fan speed
– Interface traffic and statistics
– OS/Distribution detection
– Routing information (BGP and OSPF)
– Wide range of application monitoring (Apache, Asterisk, BIND, FreeRADIUS,
MySQL, NTP, NGINX, Postfix, Squid, Unbound etc.)
https://docs.librenms.org/Extensions/Applications/
– IPv4, IPv6, TCP and UDP statistics

27 v1.2
LibreNMS - Metric Storage
By default we ship all metrics to RRD files, either directly or via
RRDCached
On top of this we can ship metrics to
– Graphite
– InfluxDB
– OpenTSDB
– Prometheus

At present these backends can’t be used to display graphs within
LibreNMS and need to use something like Grafana

28 v1.2
LibreNMS - Auto Discovery
LibreNMS is based on SNMP
Support following methods for auto discovery:
– ARP
– XDP (FDP, CDP, LLDP)
– OSPF
– BGP
– SNMP Scan

29 v1.2
LibreNMS - 3 rd Party Integration
LibreNMS integration
– Graylog -> https://docs.librenms.org/Extensions/Graylog/
– Nagios -> https://docs.librenms.org/Extensions/Services/
– NFSen -> https://docs.librenms.org/Extensions/NFSen/
– Oxdizied -> https://docs.librenms.org/Extensions/Oxidized/
– Smokeping -> https://docs.librenms.org/Extensions/Smokeping/

30 v1.2
LibreNMS - Demo
Demo URL: https://demo.librenms.org/
– Username: demo
– Password: demouser

31 v1.2
SNMP Fundamentals

Module 3: LAB

32 v1.2
Labs
Please follow the lab modules for
– Lab 1: Net-SNMP
– Lab 2: LibreNMS

33 v1.2
Thank You!

34 v1.2