What is SNMP protocol?

SNMP stands for Simple Network Management Protocol. It's a widely used networking protocol for monitoring and managing network devices such as routers, switches, servers, and printers. SNMP enables network administrators to collect information about web devices and monitor their performance, configuration, and health.

The protocol operates in a client-server model, where network devices (called agents) expose management information, and a central management system (called a manager) collects and analyzes this information. SNMP uses a standardized data model and a set of commands to facilitate communication between agents and managers.

SNMP operates over UDP (User Datagram Protocol) on port 161 for general SNMP messages and port 162 for SNMP trap messages. It consists of several components, including Management Information Base (MIB), which defines the data structure managed using SNMP, and various communication protocol operations such as GET, SET, and TRAP for retrieving and manipulating management information.

Overall, SNMP is a crucial tool for network administrators to monitor and manage their network infrastructure efficiently.

How does SNMP work?

SNMP works by:

  1. SNMP Manager: a system or application responsible for monitoring and managing network devices. It initiates communication with SNMP agents to retrieve information, configure devices, or receive notifications.

  2. SNMP Agent: software module running on network devices (routers, switches, servers, printers, etc.). Its primary function is to collect and store management information about the device. The agent responds to requests from SNMP managers, providing access to the device's management data.

  3. Management Information Base (MIB): a hierarchical database that organizes the managed objects on a network device. Each object in the MIB represents a specific attribute or parameter of the device, such as CPU utilization, memory usage, interface status, etc. MIBs are defined using a standardized schema Structure of Management Information (SMI).

SNMP communication standard process

  1. SNMP Manager Requests Data: The manager sends a request (typically a GET request) to an SNMP agent on a network device, specifying the managed object it wants information about. The request includes the Object Identifier (OID) of the desired object, part of the MIB structure.

  2. SNMP Agent Retrieves Data: Upon receiving the request, the SNMP agent locates the requested object within its MIB and retrieves the corresponding data. This data could be system parameters, device configuration settings, performance metrics, etc.

  3. SNMP Agent Sends Response: The SNMP agent sends a response (typically a GET response) back to the SNMP manager, containing the requested data. If the request was successful, the response includes the value of the requested object.

  4. SNMP Trap Notification (optional): In addition to responding to requests, SNMP agents can proactively send SNMP managers notifications (called traps). Traps inform managers about specific events or conditions on the network device, such as interface status changes, system reboots, link failures, etc.

SNMP Example

Example of how SNMP works using a hypothetical scenario involving a network router and an SNMP manager:

  1. Scenario Setup:

    • We have a network router installed in an office environment.

    • The router is equipped with SNMP agent software.

    • An SNMP manager is installed on a computer in the network administrator's office.

    • The SNMP manager is configured to monitor the router's status and performance.

  2. SNMP Manager Request:

    • Administrator, using the SNMP manager software, wants to check the router's CPU utilization.

    • The SNMP manager sends an SNMP GET request to the router's IP address, specifying the OID (Object Identifier) for CPU utilization in the request. The OID for CPU utilization is 1.3.6.1.4.1.2021.11.50 (this is just a hypothetical OID).

  3. SNMP Agent Response:

    • Upon receiving the GET request, the SNMP agent running on the router interprets the request.

    • The agent retrieves the CPU utilization data from its Management Information Base (MIB), which stores information about various aspects of the router's configuration and performance.

    • The SNMP agent sends back an SNMP GET response to the SNMP manager. The response includes the current CPU utilization value, such as 30%.

  4. SNMP Manager Processing:

    • The SNMP manager receives the response containing the CPU utilization data.

    • It processes and displays it to the network administrator through the SNMP management software's user interface.

    • The administrator can now see that the router's CPU is at 30% utilization.

  5. Optional: SNMP Trap Notification:

    • Let's say there's a sudden spike in network traffic, causing the router's interface to become congested.

    • The SNMP agent detects this event and generates an SNMP trap notification.

    • The trap contains information about the interface status change and is sent to the SNMP manager.

    • The SNMP manager receives the trap notification and alerts the network administrator about the congestion issue, allowing them to take appropriate action.

In this example, SNMP facilitates communication between the SNMP manager and the SNMP agent on the router, enabling the administrator to monitor the router's CPU utilization and respond to network events in real-time.