Simple Network Management Protocol (SNMP)

blueprint May 30, 2011
Versions commonly used;
- SNMPv1 – RFC 1157 - SNMPv2c (an extension to SNMPv2 to allow for communities) – RFC 1901, RFC 1905, and RFC 1906 - SNMPv3 (provides mechnism to encrypt and authenticate) –  RFCs 3413 to 3415
SNMP Framework is made up of
- SNMP manager - SNMP agent - Management Information Base (MIB)
Two ways to collect data;
- Trapping – Managed device reports events to NMS (UDP 162) - Polling – NMS interigates managed device to report on a variable (UDP 161)
Message types
- GetRequest - GetResponce - GetNextRequest - Trap - GetBulk - Inform
Useful SNMP commands
- snmp-server communiity [ro|rw] [ACL] - snmp-server system-shutdown
  • show snmp
  • show snmp community
  • show snmp mib ifmib ifindex
RFC 1213 and definitions of SNMP traps described in RFC 1215
All snmp-server commands use v2c by default
ILMI is a hidden SNMP community string and used by ATM.
Table 1 SNMP Security Models and Levels
[]()
Model
[]()
Level
[]()
Authentication
[]()
Encryption
[]()
What Happens
[]()v1[]()noAuthNoPriv[]()Community String[]()No[]()Uses a community string match for authentication.
[]()v2c[]()noAuthNoPriv[]()Community String[]()No[]()Uses a community string match for authentication.
[]()v3[]()noAuthNoPriv[]()Username[]()No[]()Uses a username match for authentication.
[]()v3[]()authNoPriv[]()Message Digest 5 (MD5) or Secure Hash Algorithm (SHA)[]()No[]()Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms.
[]()v3[]()authPriv[]()MD5 or SHA[]()Data Encryption Standard (DES)[]()Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides DES 56-bit encryption in addition to authentication based on the CBC-DES (DES-56) standard.
Support>configure>products>Cisco IOS 12.4T>Configuration Guides>Network Management>Cisco IOS Network Management Configuration Guide
[http://www.cisco.com/en/US/customer/docs/ios/netmgmt/configuration/guide/12_4/nm_12_4_book.html](http://www.cisco.com/en/US/customer/docs/ios/netmgmt/configuration/guide/12_4/nm_12_4_book.html)

Tags

Rob Edwards

Northern (UK) chap focusing on platforms, automation, cloud and cloud native applications. Recovering network engineer, although it turns out networking is as important, if not more, now than before!

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.