Overview of SNMP

Definition

Simple Network Management Protocol (SNMP) is a network management standard widely used on TCP/IP networks. With SNMP, a core device, such as a network management station (workstation), running network management software manage network elements (NEs), such as routers.

SNMP provides the following functions:

  • A workstation uses GET, Get-Next, and Get-Bulk operations to obtain network resource information.

  • A workstation uses a SET operation to set management Information Base (MIB) objects.

  • A management agent proactively reports traps and informs to notify the workstation of network status (allowing network administrators to take real-time measures as needed.)

Purpose

SNMP is primarily used to manage networks.

There are two types of network management methods:

  • Network management issues related to software, including application management, simultaneous file access by users, and read/write access permissions. This guide does not describe software management in detail.

  • Management of NEs that make up a network, such as workstations, servers, network interface cards (NICs), routers, bridges, and hubs. Many of these devices are located far from the central network site where the network administrator is located. Ideally, a network administrator should be automatically notified of faults anywhere on the network. Unlike users, however, routers cannot pick up the phone and call the network administrator when there is a fault.

To address this problem, some manufacturers produce devices with integrated network management functions. The workstation can remotely query the device status, and the devices can use alarms to inform the workstation of events.

Network management involves the following items:

  • Managed objects: devices, also called NEs, to be monitored

  • Agent: special software or firmware used to trace the status of managed objects

  • Workstation: a core device used to communicate with agents about managed objects and to display the status of these agents

  • Network management protocol: a protocol run on the workstation and agents to exchange information

Supported SNMP Features

TheNetEngine 8000 F supports SNMPv1, SNMPv2c, and SNMPv3. Table 1 lists SNMP features supported by the NetEngine 8000 F.

Table 1 Supported SNMP features

Feature

Description

Access control

This function restricts a user's device administration rights. It gives a user the rights to manage specific objects on devices and therefore provides refined management.

Authentication and encryption

This function authenticates and encrypts packets transmitted between an NMS and a managed device. This function prevents data packets from being modified, improving data transmission security.

Error code

Error codes help a network administrator identify and resolve device faults. A wide range of error codes makes it easier for a network administrator to manage devices.

Trap

Traps are sent from a managed device to an NMS. Traps notify a network administrator of device faults.

A managed device does not require an acknowledgement from the NMS after it sends a trap.

Inform

Informs are sent from a managed device to an NMS. Informs notify a network administrator of device faults.

A managed device requires an acknowledgement from the NMS after it sends an inform. If a managed device does not receive an acknowledgement after it sends an inform, the managed device performs the following operations:
  • Resends the inform to the NMS.
  • Stores the inform in the inform buffer, which consumes a lot of system resources.
  • Generates a log.
NOTE:

After an NMS restarts, it learns of the informs sent during the restart process.

GetBulk

This function allows a network administrator to perform GetNext operations in batches. It reduces the workload of network administrators for large networks and improves management efficiency.

Table 2 shows the features supported by each SNMP version.

Table 2 Features supported by each SNMP version

Feature

SNMPv1

SNMPv2c

SNMPv3

Access control

Community-name-based access control

Community-name-based access control

User- or user-group-based access control

Authentication and encryption

Not supported

Not supported
Authentication modes:

  • Message digest algorithm 5 (MD5)

  • Secure hash algorithm (SHA)

NOTE:

To ensure high security, do not use the MD5 algorithm as the SNMPv3 authentication algorithm.

Encryption mode:
  • Data Encryption Standard-56 (DES-56)
  • 3DES168
  • Advanced Encryption Standard-128 (AES128)
  • AES192
  • AES256
NOTE:

To ensure high security, do not use the DES-56 or 3DES168 algorithm as the SNMPv3 encryption algorithm.

For a USM user, the non-authentication and non-encryption, authentication and non-encryption, or authentication and encryption mode can be configured. For a local user, only the authentication and encryption mode can be configured.

Error code

6 error codes

16 error codes

16 error codes

Trap

Supported

Supported
  • USM user: Supported
  • Local user: Not supported

Inform

Not supported

Supported
  • USM user: Supported
  • Local user: Not supported

GetBulk

Not supported

Supported

Supported
Parent Topic: SNMP Description
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >