Simple Network Management Protocol

Software Technology Roadmap

What's New

Background & Overview

Technology Descriptions

	Defining Software Technology
	Technology Categories
	Template for Technology Descriptions

Taxonomies

Glossary & Indexes

Feedback & Participation

Software Engineering Information Repository (SEIR)

Simple Network Management Protocol

Note

We recommend Network Management -- An Overview as prerequisite reading for this technology description.

Simple Network Management Protocol (SNMP) is a network management specification developed by the Internet Engineering Task Force (IETF),¹ a subsidiary group of the Internet Activities Board (IAB),² in the mid 1980s to provide standard, simplified, and extensible management of LAN-based internetworking products such as bridges, routers, and wiring concentrators [IETF 96, Henderson 95]. SNMP was designed to reduce the complexity of network management and minimize the amount of resources required to support it. SNMP provides for centralized, robust, interoperable network management, along with the flexibility to allow for the management of vendor-specific information.

Technical Detail

SNMP is a communication specification that defines how management information is exchanged between network management applications and management agents. There are several versions of SNMP, two of the most common are SNMPv1 [SNMPv1 Specs] and SNMPv2 [SNMPv2 Specs]. SNMPv2 and some of the less common versions will be discussed later in this text.

The architecture of SNMPv1 is shown in Figure 33, which is a more detailed version of the managed device and network management application shown in Figure 27 of Network Management-An Overview. SNMPv1 is a simple message based request/response application-layer protocol which typically uses the User Datagram Protocol (UDP) [RFC 96] for data delivery. The SNMPv1 network management architecture contains:

Network Management Station (NMS) - Workstation that hosts the network management application.
SNMPv1 network management application - Polls management agents for information and provides control information to agents.
Management Information Base (MIB) - Defines the information that can be collected and controlled by the management application.
SNMPv1 management agent(s) - Provides information contained in the MIB to management applications and may accept control information.

A MIB is basically a database of managed objects ³ that resides on the agent. Managed objects are a characteristic of a managed device that can be monitored, modified or controlled, such as a threshold, network address or counter. The management application or user can define the relationship between the SNMPv1 manager and the management agent.

Attributes of managed objects may be monitored or set by the network management application using the following operations:

GET_NEXT_REQUEST - Requests the next object instance from a table or list from an agent
GET_RESPONSE - Returned answer to get_next_request, get_request, or set_request
GET_REQUEST - Requests the value of an object instance from the agent
SET_REQUEST - Set the value of an object instance within an agent
TRAP - Send trap (event) asynchronously to network management application. Agents can send a trap when a condition has occurred, such as change in state of a device, device failure or agent initialization/restart.

Figure 33: The SNMPv1 Architecture [Lake 96]

By specifying the protocol to be used between the network management application and management agent, SNMP allows products (software and managed devices) from different vendors (and their associated management agents) to be managed by the same SNMP network management application. A "proxy function" is also specified by SNMP to enable communication with non-SNMP devices to accommodate legacy equipment.

The main attributes of SNMP are as follows [Moorhead 95]:

It is simple to implement, making it easy for a vendor to accommodate it into its device.
It does not require large computational or memory resources from the devices that do accommodate it.

Network management, as defined by SNMP, is based on polling and asynchronous events. The SNMP manager polls for information gathered by each of the agents. Each agent has the responsibility of collecting information (e.g., performance statistics) pertaining to the device it resides within and storing that information in the agent's own management information base (MIB). This information is sent to the SNMP manager in response to the manager's polling.

SNMP events (alerts) are driven by trap messages generated as a result of certain device parameters. These parameters can be either generic or vendor device specific. Enterprise-specific trap messages are vendor proprietary and generally provide more device-specific detail.

The SNMPv2 [SNMPv2 Specs] (SNMP Version 2) specification included the following new capabilities:

manager to manager communication to support the coexistence of multiple/distributed managers and mid-level managers, increasing the flexibility and scalability of the network being managed
enhanced security (known as "Secure SNMP") by specifying three layers of security
- encryption: Used to keep content of messages private. Encryption is based on the Data Encryption Standard (DES) [DES 93] defined by the National Institute of Standards and Technology (NIST) and the American National Standards Institute (ANSI)⁴.
- authentication: Proof of the identity of the sender of a message.
- authorization: Provides access restrictions thru access control lists.
improved efficiency and performance through the addition of bulk transfers of data. This means that in some cases, using SNMPv2 instead of SNMPv1, network management can be provided over low-bandwidth, wide-area links.
support for additional network protocols besides UDP/IP, for example, OSI, NetWare IPX/SPX and Appletalk [Broadhead 95]

Usage Considerations

Problem isolation. Neither version of SNMP does an effective job at helping network managers isolate problem devices in large, complex networks. It sometimes becomes difficult for an SNMP manager to determine which network events/alarms are significant-- all are treated equally.

Focus. SNMPv1 provides information only on individual devices, not on how the devices work as a system.

Incompatibilities. SNMPv1 and SNMPv2 are incompatible with each other and can not interact, however, some SNMP network management applications packages support both specifications.

Performance. The performance impact on the network being managed should be considered when using the polling scheme that SNMP uses for collecting information from distributed agents. A higher frequency of polling, which may be required to manage a network effectively, will increase the overhead on a network, possibly resulting in a need for additional networking or processor resources. The frequency of polling can be controlled by the SNMP manager, but can be dependent on what kind of messages (generic or enterprise-specific) a device vendor supports. Many vendors offer generic trap messages on their devices rather than enterprise-specific messages, because it is easier and takes less time for the vendor to implement. Devices that provide only generic trap information must be polled frequently to obtain the granularity of information to manage the device effectively.

Maturity

SNMPv1 has been incorporated into many products and management platforms. It has been deployed by virtually all internetworking vendors. It has been widely adopted for the enterprise (business organization) networks and may be the manager of choice for the internetworking arena in the future because it is well-suited for managing TCP/IP networks. Limitations are discussed below in Costs and Limitations.

SNMPv2 has many unresolved issues and was supported by few vendors as of January 1998. The members of IETF subcommittee can not agree upon several parts of the SNMPv2 specification (primarily the security and administrative needs of the protocol); as a result only certain parts of SNMPv2 specification have reached draft standard status within the IETF [SNMP FAQ 98]. There has been several attempts to achieve acceptance of SNMPv2 through the release of experimental modified versions commonly known as SNMPv2^*, SNMPv2c, SNMPv2u, SNMPv1+ and SNMP1.5 that do not contain the contentious parts.

SNMPv3 is the latest proposed version for the next generation of SNMP functionality. It is based upon the protocol operations, data types, and proxy support from SNMPv2 with user-based seucurity from SNMPv2u and SNMPv2^*. It may take years before a new version is accepted.

Costs and Limitations

The attractiveness of SNMP is its simplicity and relative ease of implementation. With this comes a price: e.g., the more fine grained information that is need or required, such as the variance in interarrival time (jitter) of packets sent to a particular local address, the less likely it is that it will be available.

SNMPv1 uses the underlying User Datagram Protocol (UDP) for data delivery, which does not ensure reliability of data transfer. The loss of data may be a limitation to a network manager, depending on the criticality of the information being gathered and the frequency at which the polling is being performed.

SNMP is best suited for network monitoring and capacity planning. SNMP does not provide even the basic troubleshooting information that can be obtained from simple network troubleshooting tools [Wellens 96]. SNMP agents do not analyze information, they just collect information and provide it to the network management application.

SNMPv1 has minimal security capability. Because SNMPv1 lacks the control of unauthorized access to critical network devices and systems, it may be necessary to restrict the use of SNMP management to non-critical networks. Lack of authentication in SNMPv1 has led many vendors to not include certain commands, thus reducing extensibility and consistency across managed devices. SNMPv2 addresses these security problems but is difficult and expensive to set up and administer (e.g., each MIB must be locally set up).

Vendors often include SNMP agents with their software and public domain agents are available. Management applications are available from a variety of vendors as well as the public domain, however they can differ greatly in terms of functionality, plots and visual displays.

SNMP out-of-the-box can not be used to track information contained in application/user level protocols (e.g., radar track message, http, mail). However these might be accomplished through the use of a extensible (customized) SNMP agent that has user defined MIB.⁵ It is important to note that a specialized or extensible network manager may be required for use with the customized agents.

There are also concerns about the use of SNMP in the real-time domain where bounded response, deadlines, and priorities are required.

SNMPv2 is intended to be able to coexist with existing SNMPv2, but in order to use SNMPv2 as the SNMP manager or to migrate from SNMPv1 to SNMPv2, all SNMPv1 compliant agents must be entirely replaced with SNMPv2 compliant agents-gateways or bilingual managers and proxy agents were not available to support the gradual migration as of early-1995. Since SNMPv1 and SNMPv2 are incompatible with each other and SNMPv2 is not stable, it is important when procuring a managed device to determine which network management protocol(s) is supported.

Alternatives

Common Management Information Protocol (CMIP) may be a better alternative for large, complex networks or security-critical networks.

CMIP is similar to SNMP and was developed to address SNMP's shortcomings. However, CMIP takes significantly more system resources than SNMP, is difficult to program, and is designed to run on the ISO protocol stack [X.700 96]. (However, the technology standard used today in most systems is TCP/IP.)

The biggest feature in CMIP is that an agent can perform tasks or trigger events based upon the value of a variable or a specific condition. For example, when a computer can not reach its network fileserver for a predetermined number of times, an event can be generated to notify the appropriate personnel [Vallillee 96]. With SNMP, this task would have to be performed by a user, because an SNMP agent does not analyze information.

Index Categories

This technology is classified under the following categories. Select a category for a list of related topics.

Name of technology

Simple Network Management Protocol

Application category

Protocols (AP.2.2.3)
Network Management (AP.2.2.2)

Quality measures category

Maintainability (QM.3.1)
Simplicity (QM.3.2.2)
Complexity (QM.3.2.1)
Efficiency/ Resource Utilization (QM.2.2)
Scalability (QM.4.3)
Security (QM.2.1.5)

Computing reviews category

Network Operations (C.2.3)
Distributed Systems (C.2.4)

References and Information Sources

[Broadhead 95]	Broadhead, Steve. "SNMP Too Simple for Security?" Secure Computing (April 1995): 24-29.
[DES 93]	Federal Information Processing Standards Publication 46-2 DATA ENCRYPTION STANDARD, 1993 [online]. Available WWW <URL: http://csrc.ncsl.nist.gov/fips/fips46-2.txt> (1996).
[Feit 94]	Feit, Sidnie. A Guide to Network Management. New York, NY: McGraw Hill, 1994.
[Henderson 95]	Henderson and Erwin. "SNMP Version 2: Not So Simple." Business Communications Review 25, 5 (May 1995): 44-48.
[Herman 94]	Herman, James. "Network Computing Inches Forward." Business Communications Review 24, 5 (May 1994): 45-50.
[IETF 96]	Internet Engineering Task Force home page [online]. Available WWW <URL: http://www.ietf.cnri.reston.va.us/> (1996).
[Kapoor 94]	Kapoor, K. "SNMP Platforms: What's Real, What Isn't." Data Communications International 23, 12 (September 1994): 115-18.
[Lake 96]	Lake, Craig. Simple Network Management Protocol (SNMP) [online]. Available WWW <URL: http://www.sei.cmu.edu/str/docs/SNMP.html> (1996).
[MIB 96]	Development of an MIB for http [online]. Available WWW <URL: http://http-mib.onramp.net/bof/> (1996).
[Moorhead 95]	Moorhead, R.J. & Amirthalingam, K. "SNMP- An Overview of its Merits and Demerits," 180-3. Proceedings of the Twenty-Seventh Southeastern Symposium on System Theory. Starkvill, MS, March 12-14, 1995. Los Alamitos, CA: IEEE Computer Society Press, 1995.
[Phifer 94]	Phifer, L.A. "Tearing Down the Wall: Integrating ISO and Internet Management." Journal of Network and Systems Management 2, 3 (September 1994): pp. 317-22.
[RFC 96]	Postel T. User Datagram Protocol (RFC 768) [online]. Available WWW <URL: http://ds.internic.net/rfc/rfc768.txt> (1996).
[Rose 94]	Rose, Marshall T. The Simple Book: An Introduction to Internet Management. Englewood Cliffs, NJ: Prentice-Hall, 1994.
[SNMP 98]	Simple Network Management Protocol [online]. Available WWW <URL: http://www.snmp.com> and <URL: http://www.snmp.com/snmppages.html> (1998).
[SNMP FAQ 98]	Simple Network Management Protocol FAQ [online]. Available WWW <URL: http://www.snmp.com/FAQs/snmp-faq-part1.txt> and <URL: http://www.snmp.com/FAQs/snmp-faq-part2.txt> (1998).
[SNMPv1 Specs]	The following RFC's identify the major components of SNMPv1 online]. Available WWW <URL: http://www.cis.ohio-state.edu/htbin/rfc/rfcXXXX.html> (1996). Historical RFC 1156 - Management Information Base Network Management of TCP/IP based internets RFC 1161 - SNMP over OSI Informational RFC 1215 - A Convention for Defining Traps for use with the SNMP RFC 1270 - SNMP Communication Services RFC 1303 - A Convention for Describing SNMP-based Agents RFC 1470 - A Network Management Tool Catalog Standard and Draft RFC 1089 - SNMP over Ethernet RFC 1140 - IAB Official Protocol Standards RFC 1155 - Structure and Identification of Management Information for TCP/IP based internets. RFC 1157 - A Simple Network Management Protocol RFC 1158 - Management Information Base Network Management of TCP/IP based internets: MIB-II RFC 1187 - Bulk Table Retrieval with the SNMP RFC 1212 - Concise MIB Definitions RFC 1213 - Management Information Base for Network Management of TCP/IP-based internets: MIB-II RFC 1224 - Techniques for Managing Asynchronously-Generated Alerts RFC 1418 - SNMP over OSI RFC 1419 - SNMP over AppleTalk RFC 1420 - SNMP over IPX
[SNMPv2 Specs]	The following RFC's identify the major components of SNMPv2 online]. Available WWW <URL: http://www.cis.ohio-state.edu/htbin/rfc/rfcXXXX.html> (1996). Historical RFC 1441 - Introduction to SNMP v2 RFC 1442 - SMI For SNMP v2 RFC 1443 - Textual Conventions for SNMP v2 RFC 1444 - Conformance Statements for SNMP v2 RFC 1445 - Administrative Model for SNMP v2 RFC 1446 - Security Protocols for SNMP v2 RFC 1447 - Party MIB for SNMP v2 RFC 1448 - Protocol Operations for SNMP v2 RFC 1449 - Transport Mappings for SNMP v2 RFC 1450 - MIB for SNMP v2 RFC 1451 - Manager to Manager MIB RFC 1452 - Coexistence between SNMP v1 and SNMP v2 Draft RFC 1902 - SMI for SNMPv2 RFC 1903 - Textual Conventions for SNMPv2 RFC 1904 - Conformance Statements for SNMPv2 RFC 1905 - Protocol Operations for SNMPv2 RFC 1906 - Transport Mappings for SNMPv2 RFC 1907 - MIB for SNMPv2 RFC 1908 - Coexistence between SNMPv1 and SNMPv2 Experimental RFC 1901 - Introduction to Community-based SNMPv2 RFC 1909 - An Administrative Infrastructure for SNMPv2 RFC 1910 - User-based Security Model for SNMPv2
[Stallings 93]	Stallings, William. SNMP, SNMPv2, and CMIP: The Practical Guide to Network Management Standards. Reading, MA: Addison-Wesley, 1993.
[Vallillee 96]	Vallillee, Tyler. SNMP & CMIP: An Introduction To Network Management [online]. Available WWW <URL: http://www.inforamp.net/~kjvallil/t/snmp.html> (1996).
[Wellens 96]	Wellens, Chris & Auerbach, Karl. "Towards Useful Management" [online]. The Quarterly Newsletter of SNMP Technology, Comment, and Events(sm) 4, 3 (July 1996). Available WWW <URL: http://www.iwl.com/Press/thefuture.html> (1996).
[X.700 96]	X.700 and Other Network Management Services [online]. Available WWW <URL: http://ganges.cs.tcd.ie/4ba2/x700/index.html> (1996).

Current Author/Maintainer

Dan Plakosh, SEI

External Reviewers

Craig Meyers, SEI
Patrick Place, SEI

Modifications

16 Jan 98: Changes included

Increased the consistency of terminology
Minor change to the SNMPv1 architecture figure
Updated status of SNMPv2 and added information about other SNMP versions
Clarified some areas
Updated references

19 Jun 97: Changes included

Creating an overview technical description on network management, which includes overview material and figures applicable to all network management techniques
Clarifying the discussion of SNMPv1 and SNMPv2
Minor changes to the SNMPv1 architecture figure
Increased the consistency of terminology
added many new references

10 Jan 97 (original); author for this version: Cory Vondrak, TRW, Redondo Beach, CA

Footnotes

¹ The IETF is a large open community of network designers, operators, vendors, and researchers whose purpose is to coordinate the operation, management and evolution of the Internet, and to resolve short- and mid-range protocol and architectural issues. It is a major source of proposed protocol standards which are submitted to the Internet Engineering Steering Group for final approval. The IETF meets three times a year and extensive minutes of the plenary proceedings are issued.

² The IAB is a technical advisory group of the Internet Society. The IAB provides oversight of the architecture for the protocols and procedures used by the Internet, the process used to create Internet Standards and serves as an appeal board for complaints of improper execution of the standards process.

³ Managed objects: a characteristic of a managed device that can be monitored, modified or controlled.

⁴ This organization is responsible for approving U.S. standards in many areas, including computers and communications. Standards approved by this organization are often called ANSI standards (e.g., ANSI C is the version of the C language approved by ANSI).

⁵ There is an MIB being developed for http [MIB 96], and the MIB for mail monitoring is now a proposed standard.

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

Copyright 2007 by Carnegie Mellon University
Terms of Use
URL: http://www.sei.cmu.edu/str/descriptions/snmp_body.html
Last Modified: 11 January 2007

Status