SNMP notes
SNMP, Simple Network Management Protocol, was designed to be able to manage simpler network nodes.
Its most common use is probably read-only uses -- monitoring.
It is often used over UDP (port 161), though TCP is also possible.
There are three major revisions:
- SNMPv1
- SNMPv2
- SNMPv2C refers to community-based setups
- v2 is different enough from v1 that devices often choose to support just one(verify)
- SNMPv3
- adds security to v2 (and little else?)
SNMP concepts
- Network management system (NMS) - the master of a SNMP hierarchy
- Managed device - e.g. routers, access servers, switches, bridges, hubs, IP telephones, IP video cameras, computer hosts, printers, and so on.
- Agent - the software on a managed device that talks SNMP (and knows the device)
- MIB, Management Information Base - describes the properties that a specific device exposes
- OID, Object Identifier - reference to something that contains property data
How to talk to SNMP
Find a device that supports SNMP and make sure it's enabled (say, your broadband modem may support it but it may not be enabled by default)
Look around its MIB. GUI tools may be more convenient for this than command line ones.
In theory this reports everything you can do, but devices may support custom things without advertizing them.
On OIDs
In OIDs, the 1.3.6.1.2.1 part is pretty constant. The parts:
1 - ISO assigned OIDs 1.3 - ISO Identified Organization 1.3.6 - US Department of Defense 1.3.6.1 - Internet (appropriated for that use in RFC 1065. While not formal, it's unlikely to change)
...and in practice, most of the interesting data is in:
1.3.6.1.2 - IETF Management 1.3.6.1.2.1 - MIB-2
For example, information about network interfaces:
1.3.6.1.2.1.2 - Interfaces 1.3.6.1.2.1.2.1 - number of interfaces 1.3.6.1.2.1.2.2 - ifTable 1.3.6.1.2.1.2.2.1 - ifEntry 1.3.6.1.2.1.2.2.1.10 - first interface's ifInOctets 1.3.6.1.2.1.2.2.1.16 - first interface's ifOutOctets
See also:
Details to SNMP config
Linux tools
To see whether SNMP is working on a device (assuming the community 'public'):
snmpwalk -v 1 -c public 192.168.1.1 system
If you know a device supports SNMP and is the the community 'public', then you can try to fetch something from it, e.g.:
snmpget -v 1 -c public 192.168.1.1 .1.3.6.1.2.1.2.2.1.10.1
If you have munin installed you could try
munin-node-configure --snmp 192.168.1.245 --suggest --shell | less
...which should give you a decent summary of the things you can collect.
Note that devices don't always report interesting things. For example, a WAP54G uses SNMP only to report the most basic and configuration, but not traffic.
See also:
Lower level notes
Packets are BER-encoded ASN.1