A Quick Guide to Understanding How SNMP Works
6 min readHow Does SNMP Work
A common question asked by those seeking to understand the functioning of network management systems is, “How does SNMP work?”
As we may already know, the Simple Network Management Protocol (SNMP) plays a vital role as a computer network and system management tool.
It acts as a common language, facilitating the exchange of critical information between IP network devices and a central management system.
Regardless of the device type or manufacturer, SNMP ensures consistent communication across the network.
To understand how SNMP works, imagine SNMP as a conversation. The central system initiates the dialogue by issuing commands or requests for information (known as “requests”).
Network devices then respond with the requested data or confirmation of changes made (known as “responses”).
This two-way communication empowers a system administrator or network engineer to remotely monitor, adjust, and manage devices.
This capability translates to efficient network or system administration and contributes significantly to the smooth operation of the entire network infrastructure.
How Does SNMP Work?
SNMP relies on two key components for its operation: SNMP agents and SNMP managers, also known as Network Management Stations (NMS).
In simple terms, the NMS asks the questions, while the SNMP agent provides the answers.
SNMP Agent
The SNMP agent is a software process on a network device. It acts like a data custodian, continuously collecting relevant information, such as network performance metrics.
When the SNMP manager sends a query, the agent retrieves the requested data and sends back a response.
In some cases, the agent may also proactively send information without a query, particularly if it detects errors or performance issues.
Many networking devices, like routers, switches, firewalls, and even some systems without full operating systems, have built-in SNMP support.
The agent performs the following tasks:
- Receiving Queries: The agent listens for incoming queries from the SNMP manager.
- Retrieving Data: When a query arrives, the agent gathers the requested information, such as network performance metrics.
- Sending Responses: Once retrieved, the agent sends the data back to the SNMP manager in a standardized format.
SNMP Manager
The SNMP manager, often implemented as a network management station (NMS), is the central nervous system where most of the processing takes place.
Networks can utilize multiple NMS software solutions.
The manager can be configured to send periodic queries for status updates and performance feedback or to trigger queries based on predefined rules in response to specific events.
Interestingly, a system can function as both an SNMP agent and an NMS, depending on its installed components and roles within the network.
The manager performs the following tasks:
- Sending Queries: The manager can be configured to periodically send queries to agents, requesting status updates or performance data.
- Event-Driven Queries: The manager can also be set up with predefined rules to trigger queries based on specific events within the network.
- Data Processing and Display: The NMS processes the information received from agents and typically displays it in a user-friendly format, allowing network administrators to monitor their network’s health.
The Working Process of SNMP
The Simple Network Management Protocol (SNMP) operates through the exchange of messages between the network device and the system where the SNMP agent is running.
A device that has SNMP capability is referred to as an agent.
An agent possesses various objects that can be interacted with, encompassing both industry-standard objects and vendor-specific objects specific to the device.
For instance, a router may have objects such as name, uptime, interfaces, and routing table, among others.
Each object is assigned a unique identifier known as an Object Identifier (OID).
The OID is a sequence of numbers that resembles an IP address and is used to uniquely identify the object.
These OIDs are stored in a file called a Management Information Base (MIB), which follows a hierarchical tree structure.
The MIB tree structure consists of different levels, each represented by a number.
This number corresponds to the OID and provides the agent with the exact location of the object within the MIB.
However, to interact with these objects, SNMP used something called a Network Management System, or NMS.
The NMS is a software application that facilitates communication with the SNMP agent.
SNMP Manager (NMS) Communication Methods
There are several methods through which the NMS can communicate with the agent.
The first method involves using get requests, which include “Get”, “GetNext”, and “GetBulk” messages.
These requests actively seek information from the agent. For instance, the NMS may send a get request asking, “What is your name?”
The agent receives this request for the “Name” object and responds with “My name is Router1,” sending a get response back to the NMS.
The second method of communication is through set requests. Set requests are utilized to modify the value of an object on the agent.
For example, the NMS might send a set request saying, “Change your name to Router5.” The agent then updates its name to Router5 and sends a response back.
SNMP Agent Communication Methods
The final communication method in SNMP worth mentioning is traps and informs, which are particularly valuable for monitoring critical occurrences.
While traps and informs are separate types of messages, they share the same purpose.
However, their reliability differs. Informs are deemed reliable as they await acknowledgment from the NMS.
Despite this reliability, both traps and informs utilize the User Datagram Protocol (UDP) for communication.
SNMP Traps: Proactive Event Notification
SNMP traps offer a mechanism for asynchronous notification, where an SNMP agent proactively sends information to an SNMP manager.
Unlike other SNMP communication methods where the manager requests information, traps are unsolicited PDUs (Protocol Data Units) transmitted by the agent.
This allows agents to keep the management station informed about critical events through SNMP messages without waiting for a specific request.
A trap PDU contains the following key elements:
- Current sysUpTime value:This indicates the amount of time the agent has been operational since its last reboot.
- Object Identifier (OID): This unique identifier specifies the type of trap being sent, allowing the manager to interpret the event.
- Optional variable bindings:These provide additional context about the trap event, such as specific device metrics or error codes.
The destination address for traps is typically configured through application-specific settings within the Management Information Base (MIB).
It’s important to note that with SNMPv2, the trap message format changed, and the PDU was renamed SNMPv2-Trap.
SNMP Inform: Ensuring Reliable Delivery
Introduced in SNMPv2, the InformRequest PDU functions as an acknowledged asynchronous notification.
Initially intended for manager-to-manager communication, it has been expanded to also support agent-to-manager communication.
While SNMPv1 allowed manager-to-manager notifications using traps, the underlying User Datagram Protocol (UDP) lacked delivery guarantees.
Essentially, the trap is sent and not tracked for acknowledgment. This meant traps could be dropped without notification.
InformRequest addresses this limitation by utilizing a mechanism that sends an acknowledgment upon receipt, ensuring the reliable delivery of critical event notifications.
If an informRequest is sent and no acknowledgment is received, the inform message is resent.
This enhances the reliability of event reporting within the SNMP framework.
How Does SNMP Work: Final Note
Now you have an idea of how SNMP works. It operates primarily through communication, ensuring data collection, processing, and reporting.
Within SNMP, communication occurs primarily between two entities: the SNMP manager and the SNMP agent.
The manager is responsible for monitoring and controlling network devices, while the agent resides on these devices and collects data about their operational status.
The communication between them involves the exchange of messages known as Protocol Data Units (PDUs).
These PDUs include requests from the manager for information or actions to be performed by the agent, as well as responses from the agent providing the requested data or acknowledging the manager’s commands.
Additionally, SNMP agents can also send notifications called traps or informs to the manager to alert it about significant events or changes in the network.
Overall, these communication mechanisms facilitate the effective management and monitoring of network devices using SNMP.
We trust that you found the information on “How Does SNMP Work” educative and informative. Please do not hesitate to share it with anyone who might also benefit from this article.