Ok, I have an idea what it is, in that it is some sort of remote management protocol. I just don't understand what good it is, and how do you use it. Is there a single SNMP application that you can install and use to manage all these devices or does each device have to use it's own proprietary management app?
What is SNMP and how does it work?
- Thread starter Brazen
- Start date
Yeah, I've read articles, but that one even doesn't really tell me how to use it. The article mentions that MRTG can use SNMP to map out our network and get performance data from switches and routers, but is that it? How come computer NICs have SNMP support, what am I going to get from that? And what program do I use to get all this SNMP information from computers? Like how would SNMP be beneficial on a Windows server, or a Linux server such as a webserver or DNS server?
ive only started looking into snmp recently myself.
weak answers to your questions:
"The article mentions that MRTG can use SNMP to map out our network and get performance data from switches and routers, but is that it?"
i think thats what its most commonly used for...
"And what program do I use to get all this SNMP information from computers?"
well, on linux, there is snmptrapd, a service which listens for snmp messages and is programmable to act upon different types of snmps...
"Like how would SNMP be beneficial on a Windows server, or a Linux server such as a webserver or DNS server? "
i have ibm servers here that are all snmp capable... so i can configure things like RAID failure alerts to be sent via snmp to a preexisting snmp monitoring device. i can config it to send these types of alerts other ways (and i do) but id imagine if someone already had an existing snmp collection system in place, it would be easy to use that.
weak answers to your questions:
"The article mentions that MRTG can use SNMP to map out our network and get performance data from switches and routers, but is that it?"
i think thats what its most commonly used for...
"And what program do I use to get all this SNMP information from computers?"
well, on linux, there is snmptrapd, a service which listens for snmp messages and is programmable to act upon different types of snmps...
"Like how would SNMP be beneficial on a Windows server, or a Linux server such as a webserver or DNS server? "
i have ibm servers here that are all snmp capable... so i can configure things like RAID failure alerts to be sent via snmp to a preexisting snmp monitoring device. i can config it to send these types of alerts other ways (and i do) but id imagine if someone already had an existing snmp collection system in place, it would be easy to use that.
We use snmp for several things, such as an internal web based app to manage vlans on a cisco switch....enable disable ports on remote switches in datacenters (we only turn them on as required), pull data from servers for MRTG graphing....
snmp is very easy to integrate into web apps for some managment stuff of network devices, much eaiser then scripting telnet stuff (and a bit more secure)
snmp is very easy to integrate into web apps for some managment stuff of network devices, much eaiser then scripting telnet stuff (and a bit more secure)
So is there any sort of opensource app that can act as a client for all these SNMP features? Or do you pretty much have to program something yourself?
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
SNMP is probably the most complicated simple protocol out there. At the most basic level it really is simple, you set/get values identified by an OID on a device. You can have two 'community' strings which are sort of like passwords, one allows read-only access (default is public) and one allows write access (default is private) but they're sent in plain text so you shouldn't make them the same as anything else. But in reality getting it to work right sucks because not many people use it. For instance, we installed snmpd on some unix boxes where I work and we ran into all kinds of odd problems like snmpd on Tru64 crashing 1/2 way through an snmpwalk and certain values only being 32-bit so they would wrap around on a 64-bit system.
NICs don't support SNMP, the host OS does. SNMP is on the same level as SMTP, SSH, etc you need a server daemon on the system to handle it.
On most unix systems he Net-SNMP package comes with cli tools to interact with SNMP. You can use snmpwalk, snmpget, snmpset to play with SNMP enabled devices. Most commercial tools to handle SNMP (i.e. HP OpenView) are extremely expensive and a big PITA to work with. Probably 90% of the usage of SNMP these days is just to use something like MRTG to monitor bandwidth on network devices.
Technically SNMP can monitor anything. If you have a MIB for a certain aspect of your server you can have another server poll the SNMP daemon and alert you when something bad happens like disk space is low, network traffic gets too high, DNS server crashes, etc. But again, it's a PITA to setup and is terribly insecure.
NICs don't support SNMP, the host OS does. SNMP is on the same level as SMTP, SSH, etc you need a server daemon on the system to handle it.
On most unix systems he Net-SNMP package comes with cli tools to interact with SNMP. You can use snmpwalk, snmpget, snmpset to play with SNMP enabled devices. Most commercial tools to handle SNMP (i.e. HP OpenView) are extremely expensive and a big PITA to work with. Probably 90% of the usage of SNMP these days is just to use something like MRTG to monitor bandwidth on network devices.
Technically SNMP can monitor anything. If you have a MIB for a certain aspect of your server you can have another server poll the SNMP daemon and alert you when something bad happens like disk space is low, network traffic gets too high, DNS server crashes, etc. But again, it's a PITA to setup and is terribly insecure.
I have been experimenting a bit with SNMP.
My aim is to find out how much data my ADSL modem is uploading/ downloading over the course of a month.
I want to find out that, because I suspect that I am being cheated out of some of my monthly data allowance by my ISP, thus I want to find out EXACTLY how much data I am downloading (instead of relying on the ISP's "useage meter" figures.)
I have multiple computers on my little home network, so it isn't much use using one of those programs that monitor bandwidth on a single machine.
I am experimenting with an SNMP aware program called PRTG Traffic Grapher (freeware version) to interface with my router (it is an SNMP device) to query the router on certain parameters like the amount of bytes that have been received by my router from the WAN/ internet.
The nice thing about SNMP is you can communicate with the router itself (through which all traffic passes) and therefore get an exact figure on the amount of data passing through the router's interface with the internet. If you just monitored data on one computer on the network, it would not account for data downloaded on other computers.
My router gives the number of bytes that has passed thru a given interface (I am looking at the interface between the router and the internet, altho you can also examine other interfaces, like the interface between the router and say one of its ethernet ports). So I have to look at the delta (change) in downloaded or uploaded bytes every X seconds to get an idea of bandwidth.
As far as I understand, there are certain parameters that are present on every SNMP device - things such as the device name, a contact person for the device, the number of interfaces the device has, the up-time for the device... Then there are certain parameters that might be specific to the particular snmp device (the snmp device could be anything such as a modem, a router, a switch, a Windows server, a printer, etc.) Different types of machines or devices will have difference types of data available via snmp. For example, a server can give you CPU or hard drive utilization, whereas with a router or switch you are going to be more interested in bandwidth.
The different kinds of parameters or data are all stored in the snmp device in what is called an "MIB table". To access parameters in the MIB table in the snmp device, you need an address referred to as an "OID".
For example, the OID for the counter that keeps track of the amount of bytes uploaded from my router to the WAN is:
1.3.6.1.2.1.2.2.1.16.102
The OID for the amount of bytes downloaded from the WAN to my router is:
1.3.6.1.2.1.2.2.1.10.102
I assume that the OIDs for the router:WAN interface might be different for a different brand of router. It's a bit difficult finding out the OID values for various devices, as manufacturers don't seem to publicize them. You can work them out yourself, tho, using a program called "Getif" (You go to the MIB browser tabbed page, press start, and examine the table for parameters of interest. I describe how to set up Getif below).
Getif
To communicate with an snmp device, you need to set a few values on the device first. There is a weak security system on snmp devices, where basically you need to supply passwords (a password is called a "community") before the device will acknowledge you and give you the information you want or let you change values. You need to set those passwords. There are two passwords or "communites" to set. One password allows you to query data. The other password allows you to both query data and also write (or change) data on the device. The default value for the Read Only community (i.e., password) is "public". The default value for the Read Write community (i.e., password) = "private". Most devices will actually have these passwords set as default. So it is a very weak security. (My router only accepts snmp requests from the LAN, not the WAN, so it seems pretty safe). With some devices, like my router, there is no need to change values, so you only need to set the "read" passowrd.
The method of actually setting the passwords is dependent on the device. With my Speedtouch 510v4 modem/ router (most recent firmware) you log into the router via telnet, and issue a series of commands to turn on the snmp server in the router (it is off by default on the Speedtouch) and then define the passwords or "communities". Other devices would have other methods of setting these passwords or turning snmp on/ off, so you would have to consult the device documentation offered by the manufacturer.
Once you have enabled snmp on your device and set up the passwords/ communities, it's just a matter of providing the community names to your snmp monitoring software. You also need to let your software know the IP address of your snmp device on your local network, and the port to speak to it on. The default port for speaking to an snmp device is 161. Here are a few programs you can try out:
PRTG Traffic Grapher (there is a freeware version that allows you to monitor up to 3 parameters)
Getif (great freeware program for fiddling around with snmp, experimenting and getting things to work, also useful for working out your device's OID values)
STG (tiny freeware program for monitoring bandwidth on an smnp device. Can also write the data to a log file, which you can import into e.g., excel.)
With my router, its IP address on the home network is 192.168.1.254, and I have set the read and write passwords to my name. I also set the system name, contact and location parameters (altho this isn't usually necessary):
Host name=192.168.1.254
read community(password)="aidan"
write community (password)="aidan"
SysName="Speedtouch"
SysContact="Aidan" (this could be an email address of the system administrator if you are on a large network)
SysLocation="Dryburgh" (this could be a street address or building location)
Here is a screen copy of these parameters entered into "Getif":
Screen 1
Hit the "start" button, and Getif speaks to the snmp device (my router). If the communities (passwords) are OK, Getif reports that your sys info variables are OK. Getif also gives you the device uptime (you can see in the screen copy that my router has been up for 23 days).
You can then go to the other tabbed pages in Getif, and check out other paramters from your device (pressing "Start" on each tabbed page). To explore the entire MIB table, and work out OID values, go to the MIB Browser page (MBrowser) and hit start. Then you can expand iso.org.dod.internet..mgmt.mib-2 to check out the entire list of parameters on your device and their values:
Screen 2
Getif also allows you to graph parameters like bandwidth over time, altho PRTG Traffic grapher (or MRTG, a similar program that works on linux/ unix) is much better for this purpose. The nice thing about PRTG Traffic Grapher is that it can install itself as a service, and constantly monitor your chosen paramters unobtrusively in the background, 24-7. It also has a web interface, so you can check on your parameters without having to fire up the main application. You can set up various types of reports or graphs, depending on the paramter you are monitoring and the kind of data representation you require. Here's a screen shot of the web interface, with PRTG monitoring my Speedtouch 510v4 router (bandwidth up/ down:
Screen 3
Hopefully someone will find this post useful. Basically this is what I would have liked to read 3 days ago, i.e., a description for a complete snmp beginner
Note: SNMP seems like a huge subject. With more sophisitcated snmp devices, you can set them up to send you alerts when certain conditinos are reached. Programs like PRTG let you monitor hundreds of snmp devices on large networks. There are three versions of snmp. Many devices still use version 1. Version 3 is supposed to be the most "secure" (whatever that means).
My aim is to find out how much data my ADSL modem is uploading/ downloading over the course of a month.
I want to find out that, because I suspect that I am being cheated out of some of my monthly data allowance by my ISP, thus I want to find out EXACTLY how much data I am downloading (instead of relying on the ISP's "useage meter" figures.)
I have multiple computers on my little home network, so it isn't much use using one of those programs that monitor bandwidth on a single machine.
I am experimenting with an SNMP aware program called PRTG Traffic Grapher (freeware version) to interface with my router (it is an SNMP device) to query the router on certain parameters like the amount of bytes that have been received by my router from the WAN/ internet.
The nice thing about SNMP is you can communicate with the router itself (through which all traffic passes) and therefore get an exact figure on the amount of data passing through the router's interface with the internet. If you just monitored data on one computer on the network, it would not account for data downloaded on other computers.
My router gives the number of bytes that has passed thru a given interface (I am looking at the interface between the router and the internet, altho you can also examine other interfaces, like the interface between the router and say one of its ethernet ports). So I have to look at the delta (change) in downloaded or uploaded bytes every X seconds to get an idea of bandwidth.
As far as I understand, there are certain parameters that are present on every SNMP device - things such as the device name, a contact person for the device, the number of interfaces the device has, the up-time for the device... Then there are certain parameters that might be specific to the particular snmp device (the snmp device could be anything such as a modem, a router, a switch, a Windows server, a printer, etc.) Different types of machines or devices will have difference types of data available via snmp. For example, a server can give you CPU or hard drive utilization, whereas with a router or switch you are going to be more interested in bandwidth.
The different kinds of parameters or data are all stored in the snmp device in what is called an "MIB table". To access parameters in the MIB table in the snmp device, you need an address referred to as an "OID".
For example, the OID for the counter that keeps track of the amount of bytes uploaded from my router to the WAN is:
1.3.6.1.2.1.2.2.1.16.102
The OID for the amount of bytes downloaded from the WAN to my router is:
1.3.6.1.2.1.2.2.1.10.102
I assume that the OIDs for the router:WAN interface might be different for a different brand of router. It's a bit difficult finding out the OID values for various devices, as manufacturers don't seem to publicize them. You can work them out yourself, tho, using a program called "Getif" (You go to the MIB browser tabbed page, press start, and examine the table for parameters of interest. I describe how to set up Getif below).
Getif
To communicate with an snmp device, you need to set a few values on the device first. There is a weak security system on snmp devices, where basically you need to supply passwords (a password is called a "community") before the device will acknowledge you and give you the information you want or let you change values. You need to set those passwords. There are two passwords or "communites" to set. One password allows you to query data. The other password allows you to both query data and also write (or change) data on the device. The default value for the Read Only community (i.e., password) is "public". The default value for the Read Write community (i.e., password) = "private". Most devices will actually have these passwords set as default. So it is a very weak security. (My router only accepts snmp requests from the LAN, not the WAN, so it seems pretty safe). With some devices, like my router, there is no need to change values, so you only need to set the "read" passowrd.
The method of actually setting the passwords is dependent on the device. With my Speedtouch 510v4 modem/ router (most recent firmware) you log into the router via telnet, and issue a series of commands to turn on the snmp server in the router (it is off by default on the Speedtouch) and then define the passwords or "communities". Other devices would have other methods of setting these passwords or turning snmp on/ off, so you would have to consult the device documentation offered by the manufacturer.
Once you have enabled snmp on your device and set up the passwords/ communities, it's just a matter of providing the community names to your snmp monitoring software. You also need to let your software know the IP address of your snmp device on your local network, and the port to speak to it on. The default port for speaking to an snmp device is 161. Here are a few programs you can try out:
PRTG Traffic Grapher (there is a freeware version that allows you to monitor up to 3 parameters)
Getif (great freeware program for fiddling around with snmp, experimenting and getting things to work, also useful for working out your device's OID values)
STG (tiny freeware program for monitoring bandwidth on an smnp device. Can also write the data to a log file, which you can import into e.g., excel.)
With my router, its IP address on the home network is 192.168.1.254, and I have set the read and write passwords to my name. I also set the system name, contact and location parameters (altho this isn't usually necessary):
Host name=192.168.1.254
read community(password)="aidan"
write community (password)="aidan"
SysName="Speedtouch"
SysContact="Aidan" (this could be an email address of the system administrator if you are on a large network)
SysLocation="Dryburgh" (this could be a street address or building location)
Here is a screen copy of these parameters entered into "Getif":
Screen 1
Hit the "start" button, and Getif speaks to the snmp device (my router). If the communities (passwords) are OK, Getif reports that your sys info variables are OK. Getif also gives you the device uptime (you can see in the screen copy that my router has been up for 23 days).
You can then go to the other tabbed pages in Getif, and check out other paramters from your device (pressing "Start" on each tabbed page). To explore the entire MIB table, and work out OID values, go to the MIB Browser page (MBrowser) and hit start. Then you can expand iso.org.dod.internet..mgmt.mib-2 to check out the entire list of parameters on your device and their values:
Screen 2
Getif also allows you to graph parameters like bandwidth over time, altho PRTG Traffic grapher (or MRTG, a similar program that works on linux/ unix) is much better for this purpose. The nice thing about PRTG Traffic Grapher is that it can install itself as a service, and constantly monitor your chosen paramters unobtrusively in the background, 24-7. It also has a web interface, so you can check on your parameters without having to fire up the main application. You can set up various types of reports or graphs, depending on the paramter you are monitoring and the kind of data representation you require. Here's a screen shot of the web interface, with PRTG monitoring my Speedtouch 510v4 router (bandwidth up/ down:
Screen 3
Hopefully someone will find this post useful. Basically this is what I would have liked to read 3 days ago, i.e., a description for a complete snmp beginner
Note: SNMP seems like a huge subject. With more sophisitcated snmp devices, you can set them up to send you alerts when certain conditinos are reached. Programs like PRTG let you monitor hundreds of snmp devices on large networks. There are three versions of snmp. Many devices still use version 1. Version 3 is supposed to be the most "secure" (whatever that means).
You could query the NIC (or the computer the NIC is on) to see if it is "up", to determine it's uptime, and to determine it's up and down bandwidth and total amount of data that has passed through it, and so on. That probably might not be interesting on a small network, but imagine if you had a network of a 250 computers. With the right snmp monitoring software, you could find out which are up and which are down, you could find the computers which have been downloading the most or least amounts of data, you could find who currently has the highest bandwidth, etc. You could set up your snmp monitoring software to generate reports automatically at the end of the month, telling you who is the biggest bandwidth hog in the building, etc.
I guess I was referring to "managed" NICs, such as certain NICs from 3com and Intel are designated. From what I understand, all the "managed" part means is that is has some sort of SNMP support.
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
That would be bad because the NIC would have to have it's own TCP/IP stack and have a seperate IP from the host OS for the management portion. That's not to say that 3Com and Intel wouldn't do it, but it would be the first thing I would disable if I noticed it.
I'm making a quick update, just to fill in anyone else wanting to know about SNMP. It looks like, indeed as Nothinman said, MRTG is the most popular package. It runs on the recieving end and can display its results to a web interface that admins can view from any workstation. On the server, net-SNMP is the package that enables it (on Fedora\CentOS at least) and you only need a single line in the config file for the community string and that's it. There can be more options, but not necessary. Anyway, I won't repeat what is already written with excellent explanations, so here it the article that got me going: http://www.linuxhomenetworking.com/wiki...:_Ch22_:_Monitoring_Server_Performance
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter