“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

Wayne M. Pecena, CPBE, CBNETexas A&M University

Educational Broadcast Services – KAMU FM-TV

September 2019

“Fundamentals of SNMP”Advertised Presentation Scope

2

Tutorial Overview

The Simple Network Management Protocol (SNMP) was created as a means to monitor and control devices in an Internet Protocol (IP) network. SNMP is widely used in Information Technology (IT) environments and is becoming popular in broadcast equipment. Wayne Pecena, CPBE, 8-VSB, AMD, DRB, CBNE presents this webinar that will provide a familiarity with SNMP fundamentals beginning with consideration to a Network Management System (NMS) architecture and system components. Part 2 will look at implementation of SNMP in the broadcast environment to provide a robust monitoring and notification alerting environment from IT equipment to the transmitter.

“Fundamentals of SNMP – Part 1”AGENDA

• Introduction:– The SNMP Protocol– Why SNMP?– The SNMP Language

• SNMP System Components:– Agent– Devices– Management Information Base– Manager

• SNMP Command Overview• Securing SNMP• Takeaway Review, Resources, & Questions

4

“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

Introduction

SNMP – The ProtocolSimple Network Management Protocol

• A core protocol of the Internet Protocol (IP) family:– Managed device monitoring– Configuring managed networked devices

• Implemented at the Applications Layer (OSI)– UDP utilized for message transport– UDP ports 161 / 162

• IETF defined standard (SNMPv3):– RFC 3411 - 3418

5

Simple Gateway Monitoring

Protocol&

High-level Entity Management

Systems

SNMP Versions

• Version 1 – SNMPv1– Introduced in the late 80’s– Deprecated for practical purposes

• Version 2 – SNMPv2– Incompatible with SNMPv1– Performance improvements / command enhancements– 64-bit counters implemented

• Version 3 – SNMPv3– Maintains compatibility with SNMPv2– Added cryptographic security– Added administrative enhancements

6

ConsideredObsolete

Why SNMP?Simple Network Management Protocol

• Well, its simple!• Simple – just a few commands:

– v1 just 5 commands– v2 & v3 added 4 commands (9 total)– Interfacing – IP connection

• Maybe its not so simple at times:– Understanding the terminology– Configuration of the NMS

• A mature & “open” protocol• It’s flexible & powerful!

7

SNMP Entrenched in IT Infrastructure World

• What can SNMP do?– Monitor server health– Monitor network utilization– Gather error reports (syslog)– Generate fault alerts – Create notifications (email, SMS)– Control devices– Configure devices

8

SNMP Adopted & Becoming Commonplace in the Broadcast Environment

• Transmitter control & monitoring

• Broadcast Infrastructure Devices

9

Common Management & Alerting Platform for the Broadcast Technical Plant

10

Traditional Transmitter Remote Control

11

ON/Raise Command

OFF/Lower Command

Analog Telemetry

Logic Status

X16 channels

Transmitter Remote Controlwith SNMP

12

13

Diversity of DevicesIT Centric & Broadcast Centric Converged

14

Understanding the Language of SNMP

15

• Agent

• Managed Devices

• Managed Object

• MIB

• Object ID

• System Manager

• Traps

• Community Strings

https://www.dpstele.com/snmp/tutorial/glossary.php

Managed Object

• Define the capabilities of an SNMP agent – what can be seen?

• Hierarchical organized group of objects• IETF MIB-2 defined

16

Object ID“OID”

• The Object Identifier • Globally unique ISO identifier or locator• An address to identify a specific device parameter function or status• Hierarchical organized structure – similar to computer file structure

17

NAUTEL OID example:

1.3.6.1.4.1.28142.1.300.256.329.0

The International Standards Organization (ISO) OID is NOT unique to SNMP. The OID is also used in:- Security applications (security certificates)- Database applications- LDAP schemas- DICOM – Digital Imaging & Communications

Deciphering an OID:1.3.6.1.4.1.28142.1.300.256.329.0

18

Universal OID prefix:1 - iso

.3 – org

.6 – dod

.1 – internet

.4 – private

.1 - enterprise

MFG Code

28142=Nautel

Identifies a specific device command / monitor point

Source: Jeff Welton NAUTEL-NUG2018

MIB for the device

root leaf

For practical purposes – every OID will begin with: 1.3.6.1.4.1

Graphical OID DisplayOID / MIB browser

19

Nautel OID Display Example

20

Traps

• Process where a managed device agent communicates an alert to the SNMP management system – “exception” report

• Traps can be:

– Polled – periodic update requested by the SNMP management system – “request/response”

– Autonomous – “alert” sent by the managed device based upon a defined conditional (significant) event

21

Generic SNMP Traps

• coldStart(0)

• warmStart(1)

• linkDown(2)

• linkup(3)

• authenicationFailure(4)

• egpNeighborLoss(5)

• enterpriseSpecific(6)

22

Vendor specific

IT centric

Community Strings• The “password” of SNMP• Community string types:

– Read-only “RO”– Read-write “RW”– Trap

• SNMPv1 & SNMPv2 use “public” as default read-only “RO”• SNMPv3 requires username/password with encryption key

23

24

“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

SNMP System Components

SNMP System ComponentsThe SNMP Community

• Agent• Devices• Management Information Base• System Manager

25

Agent• Enabler of network management

features• Software within the managed device• Collects information• Communicates with the manager• Sends information to the MIB

– Polled info– Alert info

26

Managed Device

• Simply, a device that is managed by SNMP:

– Resides on managed network

– Executes an SNMP Agent

– Communicates with Network Management Station

27

Management Information Base (MIB)

• Collection of Object Identifiers (OID) arranged in a hierarchized manner – Definitions define properties of the managed object within the managed

device– Top level OID’s belong to standard organizations– Equipment mfg(s) define “branch's” for specific equipment

• MIB’s can be structured as:– Scalar (single object)– Tabular (group of objects)

28

IETF MIB-II (MIB-2) Structure

29

root

leaf

MIB Example

30

Viewing a MIB

31

GUI based MIB viewer:

MIB browserMIB viewer

MIB importer

System ManagerNMS – Network Management Station

• Heart of the SNMP System• Polls managed devices for information

– Status– Telemetry

• Sends commands to managed devices• Receives ‘traps” from managed devices• Sends email or SMS notifications• Provides a “Graphical User Interface” or “GUI dashboard”

32

SNMP System Structure

33

SNMP SystemManager

SNMP Agent SNMP AgentSNMP Agent

MIB1

MIB2

MIB3

MIB(s)1,2,3

34

“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

SNMP Command Overview

Core CommandsSNMPv3 PDU’s

• GET• GET BULK• GET NEXT• GET RESPONSE• INFORM• NOTIFICATION• REPORT• SET• TRAP

35

command syntax:“get” command example

% snmpget –v1 –c <community> <host name/IP> OID

IPHeader

UDPHeader

VersionCommunity

NameSNMPPDU

Commands in Detail

36

• GET – Request to managed device initiated by the NMS -retrieves single MIB object variable (or variables) identified by OID

• GET BULK – Multiple iterations of the get next request (more efficient)

• GET NEXT – Returns to next variable in the MIB (useful to return table variables)

• GET RESPONSE – Return variables based upon get, get next, get bulk requests

Commands in Detail

37

• INFORM (inform request) – An asynchronous acknowledgment notification (provides ACK over UDP)

• NOTIFICATION – Agent to manager notification – unsolicited message

• REPORT – Indicates that a “core” SNMP stack communications error has occurred

• SET – Changes a managed device managed object value• TRAP – Alert message initiated by a managed device

agent to the NMS

38

“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

Securing SNMP

Securing SNMP

• Implement SNMPv3!• The SNMP community string is essentially a “password”• Change the device default community string• Use “strong” password creation rules to create community strings:

– 20 character minimum– Contains uppercase characters– Contains lowercase characters– Contains numbers– Contains special characters– Not based upon a dictionary word– No similarity between public & private community strings

• Use different community strings for different devices• Use “RO” community strings whenever possible• USE “ACL” to limit access

39

SNMP & Firewalls

• Remember SNMP uses UDP for transport• Firewalls (default) often block all UDP ports <50,000• Some may block all UDP by default• Firewall must pass UDP ports 161 & 162

40

SNMP NMS

SNMP Managed Device

UDP 161

UDP 162

41

“Fundamentals of SNMP”Simple Network Management Protocol

Part 1

Takeaway Review, Resources, & Questions

Takeaway Review

• Look to SNMP for monitoring the converged broadcast technical infrastructure:– Mature & open-protocol technology– One management platform to support – one “dashboard”– System monitoring & fault/threshold alerting

• Seek SNMP capable products:– Not likely a problem with IT centric devices– Gaining popularity in broadcast centric devices

• SNMP can be a entrance gateway to your infrastructure - Don’t overlook SNMP cybersecurity precautions:– Use SNMPv3 – Change default community strings– Use unique community strings for devices– Use RO community strings never possible

42

43

SNMPAGENTSNMP Trap

Receiver

SNMP Community Architecture

SNMPManager

MIB MIB

GET / SET Request

GET / SET Response

Trap

ManagementInformationBase

Reference Texts (IT centric)For Further Study:

44

Don’t Miss“Fundamentals of SNMP – Part 2”Wednesday, November 13, 2019

• Brief Part 1 Review• SNMP Manager Options:

– Commercial Offerings– Open-Source Options

• Obtaining MIB’s• Agent Configuration• Takeaway Review, Resources, & Questions

Distinguished Lecturer

Vice President, National Board of Directors

Executive Committee Member

Chair, Education Committee

Wayne M. Pecena

Texas A&M University

w-pecena@tamu.edu

wpecena@sbe.org

979.845.5662