SNMP notes

From Helpful
Jump to navigation Jump to search
This article/section is a stub — some half-sorted notes, not necessarily checked, not necessarily correct. Feel free to ignore, or tell me about it.

SNMP, Simple Network Management Protocol, was designed to be able to manage simpler network nodes. Its most common use is probably monitoring (that is, read-only uses).

It is often used over UDP (port 161), though TCP is also possible.


There are three major revisions:

  • SNMPv1
  • SNMPv2
    • SNMPv2C refers to community-based setups
    • v2 is different enough from v1 that devices often choose to support just one(verify)
  • SNMPv3
    • adds security to v2 (and little else?)


SNMP concepts

  • Network management system (NMS) - the master of a SNMP hierarchy
  • Managed device - e.g. routers, access servers, switches, bridges, hubs, IP telephones, IP video cameras, computer hosts, printers, and so on.
  • Agent - the software on a managed device that talks SNMP (and knows the device)
  • MIB, Management Information Base - describes the properties that a specific device exposes
  • OID, Object Identifier - reference to something that contains property data


How to talk to SNMP

Find a device that supports SNMP and make sure it's enabled (say, your broadband modem may support it but it may not be enabled by default)


Look around its MIB. GUI tools may be more convenient for this than command line ones.

In theory this reports everything you can do, but devices may support custom things without advertizing them.


On OIDs

In OIDs, the 1.3.6.1.2.1 part is pretty constant. The parts: 

1       - ISO assigned OIDs 
1.3     - ISO Identified Organization
1.3.6   - US Department of Defense
1.3.6.1 - Internet   (appropriated for that use in RFC 1065. While not formal, it's unlikely to change)

...and in practice, most of the interesting data is in: 

1.3.6.1.2   - IETF Management
1.3.6.1.2.1 - MIB-2

For example, information about network interfaces: 

1.3.6.1.2.1.2 - Interfaces
1.3.6.1.2.1.2.1 - number of interfaces
1.3.6.1.2.1.2.2 - ifTable
1.3.6.1.2.1.2.2.1 - ifEntry
1.3.6.1.2.1.2.2.1.10 - first interface's ifInOctets
1.3.6.1.2.1.2.2.1.16 - first interface's ifOutOctets

See also:

Details to SNMP config

Linux tools

To see whether SNMP is working on a device (assuming the community 'public'): 

snmpwalk -v 1 -c public 192.168.1.1 system


If you know a device supports SNMP and is the the community 'public', then you can try to fetch something from it, e.g.: 

snmpget -v 1 -c public 192.168.1.1 .1.3.6.1.2.1.2.2.1.10.1

If you have munin installed you could try 

munin-node-configure --snmp 192.168.1.245 --suggest --shell | less

...which should give you a decent summary of the things you can collect.


Note that devices don't always report interesting things. For example, a WAP54G uses SNMP only to report the most basic and configuration, but not traffic.


See also:

Lower level notes

Packets are BER-encoded ASN.1

Retrieved from "https://helpful.knobs-dials.com/index.php?title=SNMP_notes&oldid=65610"