Simple Network Management Protocol (SNMP)
SNMP is a protocol to monitor and control network attached devices.
SNMP agents that run on the devices can provide status information about the
device upon request, or even send TRAP messages to specific
hosts, when an event
SNMP can also be used to manage devices over the network by setting the given
parameter on the device.
SNMP is a client/server protocol.
A SNMP server (or agent) is a piece of software that runs on hosts and keeps one or
atabases of almost live information about the host. These databases are
called Management Information Bases (MIBs).
SNMP client queries SNMP servers for information. This information can be used in
a Network Management System (NMS) to monitor the status of
the device, or can be
used to draw statistics graphs.
known SNMP implementations on FreeBSD are:
bsnmpd: A lightweight SNMP agent available in FreeBSD base system.
SNMP: Available in the ports collection. A popular open source SNMP
anagement Information Base (MIB)
SNMP itself does not define which information (which variables) a managed system
Rather, SNMP uses an extensible design, where the available information is defined
by management information bases (MIBs).
describe the structure of the management data of a device subsystem; they use
a hierarchical namespace containing object identifiers (OID).
Each OID identifies a variable that can be read or set via SNMP. MIBs use the
notation defined by ASN.1.
The MIB hi
erarchy can be depicted as a tree. The top
level MIB OIDs belong to
different standards organizations, while lower
level object IDs are allocated by
This model permits management across all layers of the OSI reference model,
ding into applications.
The figure below shows the top of MIB tree:
Figure 14.1: The top of MIB Tree
The top of the tree consists of standards organizations: iso(
Under the iso(1) node, there is a node called
Under this node is dod(6), for the Departm
ent of Defense.
Under that node is internet(1), a subtree for the Internet community.
So the OID for the Internet tree is 126.96.36.199
Under the Interne
we're interested in using SNMP for de
we will w
ant to take the mgmt(2) branch.
The first node under mgmt(2) is the MIB itself. Since there is only one MIB, the only
node under mgmt(2) is mib
of the MIB be
gins at this level in the tree.
nd the first set of
branches, called object groups, that hold the variables we'll want to query:
system(1), interfaces(2), at(3), ip(4), icmp(5), tcp(6), udp(7), egp(8), cmot(9),
Let’s say now we want to find the OID for System
he OID for the Internet tree is
188.8.131.52, the OID for the system object
184.108.40.206.2.1.1, and the OID for the sysDescr object is
This can be represented in the figure below:
Figure 14.2: Finding the OID
of our desired object.
When we want to actually use this OID in practice, we'll need to tack on another
number to get the value of this variable. We will need to append a .0, representing
the first instance of this object.
As such, when querying for sysDescr from command line using
, the query
will look like:
# snmpget hostname community .220.127.116.11.18.104.22.168.0
Most of the time, we need to find the right MIB document for a specific device. For
example, an Extreme switch wi
ll have a different MIB than a Cisco switch.
For device independent settings that could be found on any generic SNMP device, we
will most probably find it in
The bsnmpd daemon is a very light
weight SNMP daemon that serve only the basic
NMP MIBS. The bsnmpd is available in FreeBSD base system, out of the box.
Setting up a basic SNMP server using bsnmpd is easy. Add the following to
To manually start the daemon for the first time:
# /etc/rc.d/bsnmpd start
Now bsnmpd(1) is running with the default configuration. We need to customize this
The configuration file is located at /etc/snmpd.config. We need to change a few basic
things, such as location and contact fields, and most importantly, the
read and write
to community strings.
In SNMP, the community strings are almost equal to passwords. Anyone who knows
your community string can poll status information from your SNMP server.
There are two types of community string. The first one is read
y and the second
one is read
only community strings are usually used for monitoring.
Whereas the read
write community strings can be used to change configuration.
Example, if we detect anomaly, we may want to disable a network interface via
using a read
write community string.
Following is a sample of snmpd.config file:
system := 1
traphost := localhost
trapport := 162
read := "myreadcommunity"
write := "mywritecommunity"
The sample configuration file also contains a module
s section in which it loads
modules, if necessary.
One module that is loaded by default is SNMP MIB II module that contains basic
information about the host
For more information about the other modules, see documents and MIBs under the
SNMP is a complete suite of open
source SNMP tools, including client and
server components, and supports the SNMP v1, v2c, and v3 protocols.
SNMP is a fully loaded SNMP toolkit that contains many MIBs and supports
protocol extensions, and also includes clients and test tools.
SNMP is available in ports tree under the
After installing the port, you can e
nable the NET
SNMP in the
You can then manually start the daemon by issuing the following command:
# /usr/local/etc/rc.d/snmpd start
SNMP configuration is somehow complicated, as compared to bsnmpd.
The configuration consists of a set of
configuration files that can be found under the
The most important configuration file is snmpd.conf, which contains configuration
information for the SNMP server component.
You do not have to edit the configuration files
utility can be
used to edit the configuration in a step
You need to perform some basic initial setup for your NET
SNMP daemon, before
you can actually use it.
These configuration parameters consist of the basic conta
ct and location
information, as well as community names and network access policies.
This can be done using the following command:
utility then asks you, which component you want to configure and
starts asking you questions abou
our preferred setup parameters.
Once finished, it will automatically install the configuration file in the correct
location, and all you need to do is to start or restart the SNMP daemon.
SNMP is bundled with several
nd test tools.
Using these utilities, you can perform various SNMP operations from the
command line. The client set consists of the following tools:
Queries SNMP server for a specific variable using GET request.
Queries SNMP server for a specific variable using GETNEXT request.
Sends a SET request to SNMP server to update a specific variable.
Retrieves a subtree of variables from SNMP server.
Queries SNMP server for a
set of variables using GETBULK request.
Retrieves a subtree of variable from SNMP server using GETBULK request.
Monitors delta differences in SNMP counter values.
Sends an INFORM
PDU to the trap receiver.
Displays network status and configuration information of a SNMP server.
Communicates with SNMP servers using user specified SNMP requests.
Retrieves a fixed set of management information from SNMP server.
Retrieves an SNMP
table and displays it in tabular format.
Translates OID names from numeric to text and vice versa.
Manages SNMPv3 users on SNMP servers.
Manages SNMPv3 View
based Access Control on SNMP servers.
usage information from SNMP server.
PDU or TRAP2
PDU to trap receiver.
utility is a handy tool to retrieve SNMP variables from an SNMP agent.
c public 10.10.1.3 sysName.0
MIB::sysName.0 = STRING: s
This example shows retrieveing sysName variable from host 10.10.1.3. This query is
initiaited using SNMP version 1 (
) and a read
only community named public is
configured on the SNMP server.
actually retrieves a com
tree from the SNMP server. It can
be used to populate a complete set of data from an SNMP
c public 10.10.1.3 IF
MIB::ifDescr.1 = STRING: sis0
MIB::ifDescr.2 = STRING: xl0
This example shows how to retrieve th
e ifDescr sub
tree from IF
can retrieve the complete SNMP MIB tree from the host, if you do not specify
any SNMP OID in parameters. This will most likely give a huge amount of output, but
it is useful to see what kind of informa
tion you can get from the host.