SNMP (Simple Network Management Protocol)
With the use of this protocol administrators can manage network performance, isolate and resolve technical problems, and develop data driven models for future network growth. SNMP operates by sending information to Network Management Servers (NMS).The NMS learns about problems in the network by receiving traps or inform messages generated by the individual device running SNMP or what is more commonly called the managed device.
One of the three critical components that are a part of an SNMP controlled network, If the first component is the managed device itself, which for the purposes of this discussion would be a router or a switch, then the two remaining elements would be the agent and the NMS.
SNMP can do a variety of things. Here are some ways it has helped:
NMS (Network Management System)
NMS is an external server anywhere in the network where you would like to save logging information. The NMS maintains information
for all devices in the managed network, where the actual agents themselves maintain all local management information. Example of NMS: HP open view, NMS 3, Orchestra
SNMP Agents
SNMP agents run on network devices that we want to monitor. NMS queries a SNMP agent to collect information from the network device. SNMP has matured significantly since its initial inception. We now have three primary versions of the protocol; SNMPv1, SNMPv2 and SNMPv3. the most popular among these are: SNMP v2c and SNMP v3
SNMP version 3 offers security through authentication and encryption which SNMP version 2c lacking.
SNMPv3 brought the SNMP protocol much needed security and powerful remote configuration capabilities. The modifications made to the operational mechanism of the protocol were extensive and added several layers of complexity, and as such can be best described as the SNMPv2 design model plus security and administrative mechanisms.
How to configure SNMP
1. Configure community string.
It is like a password that the SNMP agent and NMS have to agree upon. Below configuration is performed on every SNMP client.
R1(config)#snmp-server community TEST read-only
R1(config)#snmp-server location India
R1(config)#snmp-server contact info@manojbisht.com
R1(config)#snmp-server chassis-id Cisco2610-Router
or
R1(config)#snmp-server community hideit ro view noRouteTable
location and contact info is not necessary but it will help NMS to identify where the client device is located whenever you
receive information through SNMP.
2. Apart from this, there are some messages that the SNMP agent sends to NMS (SNMP server) are called "SNMP traps". Like below:
R1(config)#snmp-server host 192.168.10.5 version 2c TEST
here we will have to specify the version number and community string.
3. At last we will have to enable the SNMP traps with below commands.
R1(config)#snmp-server enable traps
This command will enable all the traps on the router if you do not mention them specifically.
Below is the command to check SNMP traps configured on the router:
R1(config)#show run | in traps
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps ds1
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps casa
snmp-server enable traps xgcp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
In a production network it is always better to take a look at the different traps and only enable the ones you feel are necessary, rather than wasting network bandwidth on them. As we explain, one of the trap in above output if anything happens (good or bad) with eigrp, a snmp trap will be send towards the NMS.
R1(config)# snmp-server enable traps snmp linkdown linkup coldstart warmstart
it must be pointed out that SNMP utilizes a connectionless communication path through the network.
This means that there is no predetermined communication path established ahead of any data transmissions. From this information we can logically assume that there is no guarantee of reliable packet transport, but in most scenarios packets will successfully make it to their destination even during periods of congestion. In the event however that packet loss occurs there is the ability for retransmission. SNMP for the purposes of our discussions will rely on IP and User Datagram Protocol (UDP) to operate.
One intriguing variety of traps you can enable is the config traps. This records on your management station that someone has configured the router. If you have way too many hands with enable password access, this can be a valuable trouble-shooting tool ("what changed, and who did it")
You can also control linkUp/linkDown traps on the interface level. To avoid hearing about every call your ISDN backup interface makes, configure:
interface bri 0/0
no snmp trap link-status
With the use of this protocol administrators can manage network performance, isolate and resolve technical problems, and develop data driven models for future network growth. SNMP operates by sending information to Network Management Servers (NMS).The NMS learns about problems in the network by receiving traps or inform messages generated by the individual device running SNMP or what is more commonly called the managed device.
One of the three critical components that are a part of an SNMP controlled network, If the first component is the managed device itself, which for the purposes of this discussion would be a router or a switch, then the two remaining elements would be the agent and the NMS.
SNMP can do a variety of things. Here are some ways it has helped:
- It can graph Cisco router/switch bandwidth utilization over time, per interface, per direction, etc.
- It can graph errors on network devices (e.g., CRC errors).
- It can send alerts when an interface goes up or down
- Agents listen to UDP port 161 for messages sent by the NMS
- Responses are sent back to the originating NMS port from a dynamic port.
- Traps are received on port 162 of a NMS
- UDP is more suitable than TCP when there are problems in the network
NMS (Network Management System)
NMS is an external server anywhere in the network where you would like to save logging information. The NMS maintains information
for all devices in the managed network, where the actual agents themselves maintain all local management information. Example of NMS: HP open view, NMS 3, Orchestra
SNMP Agents
SNMP agents run on network devices that we want to monitor. NMS queries a SNMP agent to collect information from the network device. SNMP has matured significantly since its initial inception. We now have three primary versions of the protocol; SNMPv1, SNMPv2 and SNMPv3. the most popular among these are: SNMP v2c and SNMP v3
SNMP version 3 offers security through authentication and encryption which SNMP version 2c lacking.
SNMPv3 brought the SNMP protocol much needed security and powerful remote configuration capabilities. The modifications made to the operational mechanism of the protocol were extensive and added several layers of complexity, and as such can be best described as the SNMPv2 design model plus security and administrative mechanisms.
How to configure SNMP
1. Configure community string.
It is like a password that the SNMP agent and NMS have to agree upon. Below configuration is performed on every SNMP client.
R1(config)#snmp-server community TEST read-only
R1(config)#snmp-server location India
R1(config)#snmp-server contact info@manojbisht.com
R1(config)#snmp-server chassis-id Cisco2610-Router
or
R1(config)#snmp-server community hideit ro view noRouteTable
location and contact info is not necessary but it will help NMS to identify where the client device is located whenever you
receive information through SNMP.
2. Apart from this, there are some messages that the SNMP agent sends to NMS (SNMP server) are called "SNMP traps". Like below:
R1(config)#snmp-server host 192.168.10.5 version 2c TEST
here we will have to specify the version number and community string.
3. At last we will have to enable the SNMP traps with below commands.
R1(config)#snmp-server enable traps
This command will enable all the traps on the router if you do not mention them specifically.
Below is the command to check SNMP traps configured on the router:
R1(config)#show run | in traps
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps ds1
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps casa
snmp-server enable traps xgcp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
In a production network it is always better to take a look at the different traps and only enable the ones you feel are necessary, rather than wasting network bandwidth on them. As we explain, one of the trap in above output if anything happens (good or bad) with eigrp, a snmp trap will be send towards the NMS.
R1(config)# snmp-server enable traps snmp linkdown linkup coldstart warmstart
it must be pointed out that SNMP utilizes a connectionless communication path through the network.
This means that there is no predetermined communication path established ahead of any data transmissions. From this information we can logically assume that there is no guarantee of reliable packet transport, but in most scenarios packets will successfully make it to their destination even during periods of congestion. In the event however that packet loss occurs there is the ability for retransmission. SNMP for the purposes of our discussions will rely on IP and User Datagram Protocol (UDP) to operate.
One intriguing variety of traps you can enable is the config traps. This records on your management station that someone has configured the router. If you have way too many hands with enable password access, this can be a valuable trouble-shooting tool ("what changed, and who did it")
You can also control linkUp/linkDown traps on the interface level. To avoid hearing about every call your ISDN backup interface makes, configure:
interface bri 0/0
no snmp trap link-status
