Chapter 5

SNMPv1:
Communication and Functional Models
 SNMP Architecture
SNMP Manager SNMP Agent
SNMP Manager SNMP Agent
Application Application
GetNext-Request

GetNext-Request
Get-Response
Get-Request

Set-Request

Get-Response
Get-Request

Set-Request
Trap

Trap
SNMP SNMP
UDP UDP
IP IP
網路介面 網路介面

Network
 SNMP Messages

• Get-Request
• Get-Next-Request
• Set-Request
• Get-Response
• Trap
• Generic trap
• Specific trap
 Administrative Model

• Based on community profile and policy

• SNMP Entities:
• SNMP application entities
- Reside in management stations and network
elements
- Manager and agent
• SNMP protocol entities
- Communication processes (PDU handlers)
- Peer processes that support application
entities
 SNMP Community
• Security in SNMPv1 is community-based
• Authentication scheme in manager and agent
• Community: Pairing of two application entities
• Community name: String of octets
• Two applications in the same community
communicate with each other
• Application could have multiple community
names
• Communication is not secured in SNMPv1 - no
encryption
 SNMP Community
 Community
 Relationship between an Agent and Managers.

 Community Name
 Used to validate the SNMP messages.

 SNMP Password.

 Default ‘Get’ community name: “public”.

 Authentication Failure
 Agent sends “Authentication Failure Trap” to

Manager.
SNMP Community
 Community Profile
• MIB view
• An agent is programmed to view only a subset
of managed objects of a network element
• Access mode
• Each community name is assigned an access
mode:: read-only and read-write
• Community profile = MIB view + access mode
• Operations on an object determined by community

profile and the access mode of the object

• Total of four access privileges
• Some objects, such as table and table entry are
non-accessible
Community Profile

community
 Access Policy

• Administration model is SNMP access

policy
• SNMP community paired with SNMP
community profile is SNMP access policy
Access Policy

Manager

Community

Community Profile 1
Agent 1
Community Profile 2 Agent 2
Generalized
Administration
Model
Proxy Access Policy
Protocol Entities
 Default UDP Ports for SNMP
Management Network Elements (NEs)
Station

Manager Agent
SNMP SNMP
162 Any 161 Any
UDP UDP
IP IP
網路介面 網路介面
 Protocol Entities
•Protocol entities support application entities
• Communication between remote peer processes
• Message consists of
• Version identifier
• Community name
• Protocol Data Unit
• Message encapsulated and transmitted
 SNMP Message
 SNMP Message Message ::=
SEQUENCE {
 Version Identifier version
community
INTEGER {version-1(0)},
OCTET STRING,
 Community Name }
data ANY

 Protocol Data Unit

 The length of SNMP messages should not
exceed 484 octets.

Version Community SNMP PDU

SNMP PDUs
 SNMP PDU
PDU ::= SEQUENCE {
Five SNMP PDUs: request-id INTEGER,
error-status INTEGER {
[0] PDU noError(0),
GetRquest ::= tooBig(1),
GetNextRequest ::= [1] PDU noSuchName(2),
GetResponse ::= [2] PDU badValue(3),
[3] PDU readOnly(4),
SetRequest ::= genErr(5)},
Trap ::= [4] Trap-PDU error-index INTEGER,
variable-bindings
SEQUENCE OF {
name ObjectName,
value ObjectSyntax
}
}

PDU: Protocol Data Unit

 error-status
 noError(0)
 tooBig(1)
 The size of the GetResponse-PDU to be generated exceeds a
local limitation.
 noSuchName(2)
 Any object name in the variable-bindings does not match the
name of some object available in the MIB view.
 badValue(3)
 The value of any object named in the variable-bindings field
does not manifest a type, length, and value that is consistent
with that required for the variable.
 readOnly(4)
 To set the value of an object with read-only access mode.
 genErr(5)
 Any object named in the variable-bindings field cannot be
accessed for reasons not covered by any of the foregoing rules.
 error-index
 The index of the first variable, in the
variable-bindings, with an error as
indicated in the error-status field.
 If there are more than one error in the
variable-bindings?
 Only the first error is indicated.
 For those variables without any error?
 Atomic vs. Best-effort
 SNMP is atomic!
 SNMP PDU (cont.)
GetRequest, GetNextRequest, SetRequest
PDU type request-id 0 0 variable-bindings

GetResponse
PDU type request-id error-status error-index variable-bindings

variable-bindings
name value name value ... name value
 Trap-PDU
Enterprise:
Enterprise Trap-PDU ::= [4]
IMPLICIT SEQUENCE {
Type of Object generating trap.
enterprise OBJECT IDENTIFIER,
Agent Address:
Address agent-addr NetworkAddress,
Address of object generating trap. generic-trap INTEGER {
Generic Trap:
Trap coldStart(0),
Generic trap type. warmStart(1),
linkDown(2),
Specific Trap:
Trap linkUp(3),
Enterprise specific trap. authenticationFailure(4),
Time Stamp:
Stamp egpNeighborLoss(5),
Time elapsed between the last enterpriseSpecific(6)},
initialization of the network entity and specific-trap INTEGER,
the generation of the trap. time-stamp TimeTicks,
Variable Bindings variable-bindings VarBindList
“Interesting” information }

PDU type enterprise agent-addr generic-trapspecific-traptime-stamp variable-bindings

Trap Type
Generic Trap Example

Enterprise: .1.3.6.1.4.1.311.1.1.3.1.1
Agent-Address: 10.10.13.137
Generic-Trap: 4
Specific-Trap: 0
Timestamp: 29756264
#VarBinds: 0
 Enterprise-Specific Traps

 Traps defined by enterprises

 Identification of Enterprise-Specific Traps
 Enterprise  Enterprise OID
 Generic-Trap  6
 Specific-Trap  an Integer
 Enterprise Trap Example
Enterprise: .1.3.6.1.4.1.522
Agent-Address: 10.10.13.24
Generic-Trap: 6
Specific-Trap: 4
Timestamp: 143739963
VariableBindings: (4)
.1.3.6.1.4.1.522.3.14.23.1.2.11687128: 02:18:25
.1.3.6.1.4.1.522.3.14.23.1.3.11687128: 14
.1.3.6.1.4.1.522.3.14.23.1.4.11687128:
(Info): Station 00092d142581 Associated
.1.3.6.1.4.1.522.3.14.23.1.5.11687128: AssociationOK
Manager

Agent
Get-Next Request

A
B
T
E
1.1
1.2
2.1
2.2
3.1
3.2
Z
Lexicographic Order
 Get-Next Request
MIB Tree :
＊ In SNMP,
Only leaf objects have
values.

4 5 6
:Non-Leaf Object

1 2 3 :Leaf Object
Get-Next Requests with Indices
 SNMP Get-Request Example
>>snmpget -d 10.144.18.118 .1.3.6.1.2.1.1.1.0
Transmitted 41 bytes to camry (10.144.18.118) port 161:
Initial Timeout: 0.80 seconds
0: 30 27 02 01 00 04 06 70 75 62 6c 69 63 a0 1a 02 0'.....public...
16: 02 18 bc 02 01 00 02 01 00 30 0e 30 0c 06 08 2b .........0.0...+
32: 06 01 02 01 01 01 00 05 00 -- -- -- -- -- -- -- ................
0: SNMP MESSAGE (0x30): 39 bytes
2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1)
5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public"
13: GET-REQUEST-PDU (0xa0): 26 bytes
15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332
19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0)
22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0
25: SEQUENCE VARBIND-LIST (0x30): 14 bytes
27: SEQUENCE VARBIND (0x30): 12 bytes
29: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0
39: NULL (0x5) 0 bytes
 SNMP Get-Response Example
Received 69 bytes from 10.144.18.118 port 161:
0: 30 43 02 01 00 04 06 70 75 62 6c 69 63 a2 36 02 0C.....public.6.
16: 02 18 bc 02 01 00 02 01 00 30 2a 30 28 06 08 2b .........0*0(..+
32: 06 01 02 01 01 01 00 04 1c 53 75 6e 20 53 4e 4d .........Sun SNM
48: 50 20 41 67 65 6e 74 2c 20 53 55 4e 57 2c 55 6c P Agent, SUNW,Ul
64: 74 72 61 2d 31 -- -- -- -- -- -- -- -- -- -- -- tra-1...........
0: SNMP MESSAGE (0x30): 67 bytes
2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1)
5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public"
13: RESPONSE-PDU (0xa2): 54 bytes
15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332
19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0)
22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0
25: SEQUENCE VARBIND-LIST (0x30): 42 bytes
27: SEQUENCE VARBIND (0x30): 40 bytes
29: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0
39: OCTET-STR (0x4) 28 bytes: "Sun SNMP Agent, SUNW,Ultra-1"
system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1
 SNMP-Walk
- Use of SNMP Get-Next Request

 snmpwalk 10.144.18.118 .1.3.6.1.2.1.1

system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent,
SUNW,Ultra-1
system.sysObjectID.0 : OBJECT
IDENTIFIER: .iso.org.dod.internet.private.enterprises.42.2.1.1
system.sysUpTime.0 : Timeticks: (198219958) 22 days, 22:36:39.58
system.sysContact.0 : DISPLAY STRING- (ascii): [email protected]
system.sysName.0 : DISPLAY STRING- (ascii): camry
system.sysLocation.0 : DISPLAY STRING- (ascii): Information
Technology Laboratory 3F
system.sysServices.0 : INTEGER: 72 (01001000)B
 SNMP Trap Example
Transmitted 64 bytes to 10.144.18.100 port 162:
0: 30 3e 02 01 00 04 06 70 75 62 6c 69 63 a4 31 06 0>.....public.1.
16: 09 2b 06 01 04 01 84 64 01 01 40 04 0a 90 12 74 [email protected]
32: 02 01 06 02 03 01 86 9f 43 01 00 30 13 30 11 06 ........C..0.0..
48: 04 2b 06 01 01 04 09 54 72 61 70 20 74 65 73 74 .+.....Trap test
0: SNMP MESSAGE (0x30): 62 bytes
2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1)
5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public"
13: V1-TRAP-PDU (0xa4): 49 bytes
15: OBJ-ID ENTERPRISE (0x6) 9 bytes: .1.3.6.1.4.1.612.1.1
26: IPADDRESS AGENT-ADDR (0x40) 4 bytes: 10.144.18.116
32: INTEGER GENERIC-TRAP (0x2) 1 bytes: 6
35: INTEGER SPECIFIC-TRAP (0x2) 3 bytes: 99999
40: TIMETICKS TIME-STAMP (0x43) 1 bytes: 0 (0x0)
43: SEQUENCE VARBIND-LIST (0x30): 19 bytes
45: SEQUENCE VARBIND (0x30): 17 bytes
47: OBJ-ID (0x6) 4 bytes: .1.3.6.1.1
53: OCTET-STR (0x4) 9 bytes: "Trap test"
 net-snmp (Windows)
 Download:
 http://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.5-bi
naries/
 Choose net-snmp-5.5.0-2.x64.exe or net-snmp-5.5.0-1.x86.exe
 Installation:
 if php-snmp or GetIf has been installed before net-snmp,
 the mib directory will be C:\usr\mibs
 Copy "C:\Program Files\net-snmp\usr\share\snmp\mibs" to C:\usr\mibs
 Unzip http://ycchen.im.ncnu.edu.tw/nm/macroRemoved.zip to C:\usr\mibs
 Commands:
 snmpget, snmpgetnext, snmpset, snmpwalk, ...
 See http://www.net-snmp.org/wiki/index.php/Tutorials
 Examples:
 snmpget -v 1 -c public 10.32.10.84 .1.3.6.1.2.1.1.1.0
 snmpget -v 1 -c public 10.32.10.84 ifNumber.0 sysUpTime.0
 snmpget -v 2c -c public 10.32.10.84 SNMPv2-MIB::sysUpTime.0
 snmpwalk -v 1 -c public 10.32.10.84 system
 snmpgetnext -d -v 1 -c public 10.32.10.84 ifInOctets.1
 TYPE:
i INTEGER

snmptrapd, snmptrap u
c
UNSIGNED

COUNTER32
s STRING
 snmptrapd -L o x
STRING
HEX

d DECIMAL
snmptrapd.conf STRING
n NULLOBJ
 "\usr\etc\snmp\snmptrapd.conf" o
t
OBJID
TIMETICKS
authCommunity log comm a IPADDRESS
b BITS
logOption o
或
logOption f C:\logs\snmptraps.log
 snmptrap
snmptrap -v 1 -c comm 10.10.1.15 .1.3.6.1.4.1.19652 10.34.11.78 2 0 "" ifIndex.3 i
3
snmptrap -v 1 -c comm 10.10.1.15 .1.3.6.1.4.1.19652 10.34.11.78 6 99 ""
snmptrap -v 1 -c comm managerIP enterpriseOID agentAddress genericTrap SpecificTrap
timeStamp oid type value oid type value …
 注意事項
 Windows 作業系統本身也有 snmptrap 指令，但
與 net-snmp 之 snmptrap 指令不同。
 在 Command Line 模式下，執行 snmptrap 後，若
snmptrapd 沒收到 trap ，可能是執行 Windows 的
snmptrap 。
 解決之道
 將 net-snmp 之 snmptrap.exe 改名
 snmptrap.exe 位於目錄 "usr\bin\"
 "snmptrap.exe"  "netsnmptrap.exe"

netsnmptrap -v 1 -c comm …
 Get System Information
 Get “System Group” of MIB II
 Use get_request or get_next_request
sysDescr .1.3.6.1.2.1.1.1.0
sysObjectID .1.3.6.1.2.1.1.2.0
sysUptime .1.3.6.1.2.1.1.3.0
sysContact .1.3.6.1.2.1.1.4.0
sysName .1.3.6.1.2.1.1.5.0
sysLocation .1.3.6.1.2.1.1.6.0
 Get Interface Information
 Get “Interface Group” of MIB II
 Repeatedly Use “get_next_request”
 Note: We don’t know the ifIndex values in
ifTable.
 First get the next object of .ifTable.ifEntry.0
 Then repeatedly “get_next”

 Until the whole subtree is visited.

 Traffic Monitoring
 Get “ifInOctets” and “ifOutOctets” of MIB
II Interface Group
 t1: C1t2: C2

(C2 - C1 )  8
Utilization (%) =  100%
(t2 - t1)  Bandwidth
SNMP MIB Group