A typical managed network consists of the following components:
An SNMP managed node can be any device that connects to a data network and can execute the SNMP protocol. A managed node can be a:
Host system, such as a workstation, printer, file server, terminal server, or mainframe.
Network router, a bridge, a hub, an analyzer, or a repeater.
The following illustration shows managed nodes as grey and management stations as white.
A managed node executes a program called the SNMP service, which communicates with the management station. The SNMP service responds to messages from the host and sends unsolicited messages if a defined event occurs on the managed node.
The SNMP service is a daemon on UNIX systems and a system service under Windows.
The SNMP service runs one or more agents that are applications that collect information about the managed node and keep it in a MIB. A managed node can have more than one MIB and has one agent for each MIB.
For information about how to activate the SNMP service and load an agent, refer to the Installation summary.
The SNMP architecture is designed to be simple and fast. The processing load is placed on the management station and minimized on the managed node. The set of information contained in the MIB is designed to be simple so information about the network will not congest the network.
A management information base (MIB) defines the information maintained by the associated agent. A MIB is viewed as a database, but is actually a sequential list of managed objects. The managed objects are logically grouped to represent a row in a table, where each object in that group represents a field. The field can be a variable or a structure of variables. Each managed object is assigned a unique object identifier (OID).
A MIB is often shown as a tree, where the nodes of the tree define the database and its tables, rows, and fields. The collection of all MIBs is organized in a tree structure, where each node on the tree represents a single MIB. The SNMP MIB hierarchy is defined by RFC 1155 and RFC 1213. MIBs fall into two categories:
MIB |
Description |
|---|---|
Standard |
A standard MIB is defined by the IETF. An example of a standard MIB is RFC 2495, the Trunk MIB. |
Private |
A non-standard, proprietary MIB is defined by an enterprise. The IETF assigns a unique OID number to a company, under which they can define their own OIDs for their specific products. |
A management station is a system running:
The network management protocol.
One or more network management applications.
The network management station (host) determines the information required from the managed node. The host sends queries to a managed node to determine what information is available and to retrieve that information. The host then uses those responses to display the information in a readable format.
Host applications are larger than agent applications because they are designed to do most of the work in the SNMP architecture and because one host application communicates with many agents. An example of a host management station is HP Openview.
SNMP defines a mechanism to transport network management information. Messages containing queries and replies are sent between the host management system and managed nodes over a connectionless transport service. A commonly used transport service is user datagram protocol (UDP), which is part of the IP suite.
SNMP supports the following message types:
Message |
Description |
|---|---|
Traversal |
Provides a way for the host to read the values in an agent's MIB. |
Trap |
Notifies the host of events received by the agent. |
The following illustration shows the SNMP host and SNMP agent message flow:
The following host commands generate traversal messages:
Command |
Description |
|---|---|
get |
Requests a specific value (for example, the amount of hard disk space available). |
get-next |
Requests the next value in a MIB after using the get command. Useful when getting a block of related objects. |
set |
Changes the value of an object in a MIB. Only objects with read-write access can be set. |
An agent sends trap messages to notify the host about an unusual occurrence. The host can then request the value of related variables to determine more about the managed node's condition. The agent can be set to send a trap when certain conditions arise, such as an error on a line. Care must be taken to ensure that trap information does not congest the network or overwhelm the host.
Connectionless transport does not guarantee delivery. Traps and other network messages are not guaranteed to arrive at the host. Plan your network management policies to consider lost messages.