SNMP – What Is Simple Network Management Protocol

Complete guide to the Simple Network Management Protocol. Learn about components, how does it work, and SNMP monitoring tools:

The simple network management protocol is a widely used management protocol for communication with network devices like routers, switches, hubs, IP phones, servers, etc. over an IP network.

It provisions the exchange of the network and performance information between the network elements using the UDP ports 161 and 162. The SNMP-driven network consists of a management system called NMS, an agent, and the managed devices.

Simple Network Management Protocol (SNMP)

In this tutorial, we will explore the basic building blocks of this protocol with the commands used on port 161 and port 162 for communication. Also, we will see the concept of SNMP Traps and Informs in short with the help of diagrams.

In addition to this, this tutorial also explains some popular SNMP monitoring tools with their features and images. For better clarity of the topic, read some FAQs relevant to this.

Simple Network Management Protocol

SNMP is used at the application layer of the TCP/IP architecture and, as the name implies, it is used to manage and monitor network and network faults. Sometimes it is also used to modify the configuration of the remote end devices of the network.

The devices compatible with Simple Network Management Protocol are modems, routers, switches, printers, and servers, etc.

SNMP Components

There are three components of SNMP through which it performs its basic tasks. These are as follows:

#1) SNMP Manager

It is a centralized GUI based node system which is used to monitor the network and is also called a Network Management System (NMS). It interfaces the bi-directional flow of information between the NMS node and the network elements.

Here the network elements are switches, routers, servers, modems, computer host, IP-based phone and video cameras, etc.

#2) SNMP Agent

The agent is the module of network management software that is installed on a network device like host PC, server and router, etc. The agent upholds the database on the managed network elements, When the NMS requests for any information, it reverts with the data which was stored in the database to the NMS.

If any trap or error is encountered by the agent on a managed device, then it sends the SNMP trap message to the SNMP manager indicating the live status.

#3) Management Information Database (MIB)

Each of the SNMP agents maintains the information database for the managed devices, which explains the parameters of the devices.

The SNMP manager utilizes this database to ask the agent for information about the particular device for NMS. Thus this shared information among the agent and the manager is known as a Management Information Database (MIB).

Structure of MIB:

  • It is a group of information that comprises the variables that reside the values relevant to the parameters of the network element in its stores. These variables are known as managed objects and identified by an Object Identifier (OID).
  • MIB is a collection of object identifiers in a hierarchical format, and each can identify a variable that can be set or read by the SNMP.
  • The OIDs are of two kinds, scalar and tabular. The scalar one report only a single event instance means that the result is only one. Example: text or number.
  • The Tabular object is a table which is a pool of all related OIDs and thus gives multiple results for one object value. For example: For the dual processor of the CPU, it will result in two values.

SNMP components flow diagram

How Simple Network Management Protocol Works

  • Since it operates on the application layer of the TCP/IP protocol suite, thus all the SNMP messages will be transported through UDP protocol (User Datagram Protocol).
  • The UDP port 161 is used by the SNMP agent to receive the request from the manager. However, the manager can also send the request to any other available port which is available other than this.
  • The manager receives the response, which is in the form of notifications like ‘Trap’ and ‘Inform’ messages on Port 162 of UDP.
  • The NMS will perform all the monitoring and management operations for the network devices/elements and provide the bulk data which is used for the network management.
  • The SNMP agent, which is associated with each of the networks managed elements, translates the local MIB data like performance data, error information, the occurrence of any event into a readable form for the NMS.
  • For this purpose, the agent uses Get-Requests that deliver the data to the NMS software.
  • The network elements like routers, switches, computers, modem, etc. collect and store the MIB data and through the SNMP agent, it will make it available for the management systems compatible with them.

This can be understood with the help of the below figure: SNMP architecture Diagram

SNMP architecture diagram

  • Network Manager is an open-source software like Solar winds and Cisco IOS. To run the SNMP, the network manager must have this software installed on the server.
  • As we can see from the above figure, the main task of the Simple Network Management Protocol manager is to request and receive the data from the agent to manage and monitor the network elements. Also, to edit the configuration when needed as per the requirement of the network.
  • Another important task is to receive the notifications of Trap and Inform regarding the faults and event occurrence in the network.

SNMP Commands

By deploying the SNMP, the network elements are managed by using three commands: Read, Write, and Trap.

  • Read command is deployed by the NMS to monitor the managed network elements like routers, switches, etc. This action is completed by NMS by examining the various variables that are upheld by the network elements.
  • Write command is deployed by the NMS to control the network elements. Through this command, the NMS can alter the values of the variables which are stored in the managed network elements.
  • Trap command is utilized by the managed network elements to report the incidences and errors to the NMS.

The SNMP request messages which are PDUs include the operations like ‘Get’, GetNext’, and ‘GetBulk’.

  • Get: By using this message, the NMS request to retrieve more than one variable from the SNMP agent.
  • GetNext: This operation permits the NMS to retrieve one or greater than one consequent variable from the SNMP agent.
  • GetBulk: This operation is correspondent to the consecutive GetNext operation. With this set of request messages, we can retrieve the database from the agent in bulk.
  • Response: It returns the variable data unit from the agent to the NMS in response to the Get and Set request PDUs.
  • Trap: This command is initiated by the SNMP agents. When an event occurs the agent sends a signal to the SNMP manager to acknowledge the occurrence in the form of this PDU.
  • InformRequest: Its function is the same as that of the Trap command. It includes the acknowledgment of receiving the packet from the SNMP manager.

InformRequest 1

SNMP Traps

UDP ports and commands used by NMS and managed devices:

SNMP trap

  • When an event occurs in the network then the SNMP Traps will report it to the SNMP Manager. For example, the transition of a port from the DOWN state to UP state in a router. The SNMP Informs are also SNMP traps that are the acknowledgment receipt from the manager.
  • The above figure shows the communication between the SNMP managed network elements and the Manager for sending Traps and Informs. The functionality of Trap and Inform is different.
  • The SNMP trap message is sent only once and also discarded once they are sent. They are not kept in memory for getting a response from the Manager. While the Inform is sent again and again until it gets a response from the NMS or the request times out.
  • If the host device doesn’t receive the response from the NMS then it will send the Inform request several times until it gets any result, thus the Informs consumes more resources and memory in the network and the network devices.

Simple Network Management Protocol Versions

Versions are enlisted below:

  • SNMPv1 (version 1): It is the initial version of the protocol. It provides the least number of network management functions. Its authentication is based on community names, thus it also returns fewer error control codes that offer a very low-security level.
  • SNMPv2 (version 2): It is the revised version of the SNMPv1 which is having improvisation in the area of security, network management, and performance management. This set up a new PDP message, ‘GetBulkRequest’ which is used to extract large data from the agent in a single request. The SNMPv2c which is called a community based simple network management version 2, is compatible with the security model of other versions.
  • SNMPv3 (version 3): This version provides the additional feature of cryptographic security, which makes it more efficient than the prior versions. It also has the facility of remote network management and configuration for the network elements and is based on the User-based Security Module (USM) as well as on the View-based Access Control Model (VACM).

Simple Network Management Protocol Port Numbers

The SNMP data packets use UDP for communication and are having two default port numbers, i.e. port 161 and port 162.

Port 161Port 162
This port is used when the NMS sends the PDU packets of Get, GetNext, GetBulk, and Set Request to the agent. and the agent sends the response on these requests.This is used by the SNMP agent for sending the Trap and inform the PDU packet to the SNMP manager.
The SNMP manager receives the response from the agent on this port.The agent generates the notification to report any fault or error from this port to the SNMP manager.
This is used for communication between the SNMP manager and SNMP agent for configuration and monitoring.This is used to report the event occurrences to the SNMP manager by the SNMP agent.
The message is sent again and again on this port till the request time out if it doesn’t get the response.Once the message is sent on this port then they are discarded without any acknowledgment.

Uses Of Simple Network Management Protocol

The uses are as follows:

  • It is used to monitor and configure the networks including WAN, LAN networks, and network devices like routers, switches, multiplexers, PDH and SDH links, servers and hubs, etc.
  • The SNMP describes the management data in the mode of variables on the managed network devices, which elaborate the network and system performance, configuration, and status parameters.
  • Also, these variables can be queried by the management system (NMS) by setting and managing the monitoring tool and applications.

Thus the parameters we can figure out from here are:

  1. Monitor the overall network performance
  2. Audit the usage of the resources
  3. Detect the network fault and alarms
  4. Configuration of remote links and devices
  5. Configuration of WAN links
  6. Diagnose the unauthorized access and interference in the network

SNMP Monitoring Tools

The SNMP tool provides the network to monitor and manage the network elements, permitting the modification and collection of data related to the network and device behavior. It provides accuracy, QoS, and efficiency for maintaining a healthy and smooth network and operation maintenance.

The good monitoring tools can help the users to manage the network more efficiently by regularly getting the values of the monitoring key factors like a fault, configuration, and performance parameters.

Some SNMP monitoring tools are:

#1) Solarwinds Network Performance Monitor

Solarwinds is different from others as it automatically discovers the network devices present in the network and provision an interactive dashboard platform for a network health checkup and performance report.

Solarwinds network performnce monitor..

Features:

  • The in-built device discovery tool, Simple Network Management Protocol scanner can locate, map, and configure network devices automatically once the software is installed on the network system.
  • It is designed in such a way that the fault diagnosis, detection, and solution of the network faults will be restored before outages occur. This has been simplified by using the large display of network parameters in form of customized dashboards and charts.
  • This network performance monitor tool is capable of delivering 99.99% of the network availability of your network and helpful to meet the on-demand business needs for good network health.
  • It is very easy to install in the network and simple to understand. Also compatible with all versions of the protocol.

Price: NPM SL 100: $1583


#2) Paessler PRTG Network Monitor

It is a flexible network monitor tool which offers three kinds of monitoring method inclusive of Packet sniffing and Netflow along with the SNMP Network monitor. This tool is better from other available tools in the market because of the various sensors it uses to monitor the different elements of the network.

PRTG SNMP Network monitor

Features:

  • It provides reliability to the network for SNMP monitoring by offering various network sensors that are also compatible with various versions of the SNMP protocol. (SNMPV1, SNMPV2c, and SNMPV3).
  • It offers the monitoring of the network and network devices by using minimal bandwidth. Thus the load on the STM links and WAN links is getting minimized and operations have become smoother.
  • This tool is compatible with the wide range of network devices manufacturers like Cisco, Dell, and HP, etc. which make it easy to use and implement.
  • It is a platform-independent tool. Thus it can be implemented on Windows, Linux, and Mac OS without any issues.

Price: PRTG 500 Network Monitor: $1750

Official URL: Paessler


#3) Manage Engine Op Manager

This software can monitor the SNMP enabled network devices and is compatible with all three versions of the Simple Network Management Protocol. The monitoring is done by managing the SNMP agents through the software application.

Also, one can install the customized MIB database, and through this, the user can receive SNMP traps from the application.

Manage Engine Op Manager

Features:

  • As explained above, the user only needs to install the MIB database in the application, and he/she can select the parameters that need to be monitored. Then the tool will auto-generate the graphical view and dashboard of the reports and performance.
  • It is a user-friendly software tool, thus the user can set the threshold level for alarms and faults to get notifications when an error occurs. This helps you to take the corrective measures on-time and will minimize the outage.
  • It also supports the SNMP trap listener. It can send and process the SNMP Traps and SNMP Informs and make a consolidated report on all events that occurred in the network.
  • It is compatible with Windows and Linux and can report critical parameters like latency, packet loss, speed, CPU load, memory load, etc.

Price: Standard edition (10 devices): $245

Official URL: Manage Engine


Simple Network Management Protocol Configuration

There are various kinds of commands and configuration types available for SNMP network management. The basic configuration parameters are explained in the below table:

StepsCommandDescription and purpose
Step 1Router# Configure terminalTo start go to the configuration mode
Step 2Router(config)# snmp-server contact textTo configure the SNMP contact information
Step 3Router(config)# snmp-server location textTo configure the location information
Step 4Router(config)# snmp-server chassis-id numberTo configure the chassis ID number on the server
Step 5Router(config)# snmp-server community string [view view-name] [ro |rw] [access-list-number]This command is used to configure the community of SNMP.
The view name will list the number of variables used to access the SNMP agent by using a community string.
The access list number will contain the IP addresses of the number of SNMP manager authorized to access the SNMP agent.
Step 6Router(config)# endTo exit from the router configuration mode
Step 7Router> enableEnter the privilege mode
Step 8Router# configure terminalEnter the configuration mode
Step 9( configuration for Trap and Inform)Router(config)# snmp-server host host [traps |informs] [version{1 | 2c | 3 [ auth| noauth |priv]}] { community-name | username}It is used to configure the location where the SNMP Traps or Informs will be sent.
Step 10Router(config)# snmp enable traps [notification-type]Enabling the SNMP agent for sending the SNMP traps or Informs with the host.
Step 11Router(config)# endExit from the configuration mode

Frequently Asked Questions

Q #1) What is SNMP V3?

Answer: This is related to the big scale implementation of the networks for fault management of WAN networks. It is a secure version of the Simple Network Management Protocol with the facility of remote configuration of remote network elements.

Q #2) What is SNMP Trap?

Answer: It is the vigilant notification or message sent from a network element or device to the network manager reporting the error or alarm that occurred like high temperature.

Q #3) Is SNMP TCP or UDP?

Answer: The Simple Network Management Protocol uses a User Datagram Protocol (UDP) for communication via port 161 and port 162. These are the default ports. It prefers UDP as there is no use of TCP overhead.

Q #4) What is the purpose of SNMP?

Answer: The main purpose is to remotely and centrally managed the networking system or large networks by the network administrators. It is designed in a way that network managers can manage and monitor network devices centrally.

Q #5) Is SNMP secure?

Answer: It is secured or not is depends upon the network architecture and the version of the Simple Network Management Protocol you are using. But the SNMP V3 is more secure than the other two versions as it uses encrypted mode for communication.

Conclusion

With the help of figures and examples, we have explained the Simple Network Management Protocol working and other aspects which is very useful for network monitoring and management purpose.

Network manager, MIB database, and Network elements are three major components through which the overall process of communication and management takes place.

We have also seen the different versions, configuration methods, and tools used for Simple Network Management Protocol. The port used for communication plays a very vital role in completing the communication between the SNMP manager and the SNMP agent.

We have also seen the tabular difference between the two default ports of SNMP i.e. Port 161 and Port 162