111
EES4710BD 10 Slots L2/L3/L4 Chassis Switch
SNMP protocol provide a relatively direct way of exchanging management information
between two points in the network. SNMP employs a polling mechanism of message query
transmitted through UDP (a connectionless transport layer protocol), and is therefore well supported
by the existing computer networks.
SNMP protocol works in NMS(Network Management Station)-Agent mode, thus consists of
two parts: NMS and Agent. NMS is the workstation to run a SNMP enabled network administration
client program and is the core in SNMP network administration. Agent is the server software
running on the device to be managed and handles the managed objects directly. NMS handles all the
managed objects through Agents.
The NMS and Agent of SNMP communicate in Client/Server mode with standard messages,
the NMS sends requests and the Agent responds. There are 5 SNMP message types:
z Get-Request
z Get-Response
z Get-Next-Request
z Set-Request
z Trap
NMS sends queries and management variable setting requests to the Agent with Get-Request,
Get-Next-Request and Set-Request messages. Then, upon receiving the requests, the Agent replies
with a Get-Response message. In some special situations, when network device ports Up/Down
status or network topology changes, Agents will send Trap messages to NMS to inform the NMS of
exceptions. NMS can also be set to alert some exceptions by enabling RMON. When preset alert
events are triggered, Agents will send Trap messages or log the event according to these settings.
The security mechanism of SNMP protocol is not so comprehensive, the main security method
is the use of community strings. A Community string is a kind of access password set in the Agent.
Read/write access permission is set for each community string in the Agent. NMS must include the
community string in the packets sent to Agent, otherwise it won’t be granted corresponding
read/write permission to access the Agent.
5.4.2 Introduction to MIB The network administrative information that NMS can access is well defined and organized in a
Management Information Base (MIB). MIB is a accurate definition to the information that can be
accessed by network administrative protocols. It takes a layered and structured form, so defined
management information can be obtained from monitored network devices. ISO ASN.1 defines a
tree structure for MIB, each MIB organizes all the available information with this tree structure,
each node contains an OID (Object Identifier) and a brief text description about the node. OID is a
set of integers divided by periods, it identifies the node and can be used to locate the node in a MIB
tree structure, as show in the figure below: