SNMP Management Systems and Agents
SNMP locates the network management component on one or more computers and locates the managed component on multiple managed devices:
- SNMP manager. An SNMP manager, also known as an SNMP management system or a management console, is any computer that sends queries for IP-related information to a managed computer, known as an SNMP agent. In some cases, the SNMP manager can send a request to an SNMP agent to change a configuration value.
- SNMP agent. An SNMP agent is any computer or other network device that monitors and responds to queries from SNMP managers. The agent can also send a trap message to the manager when specified events, such as a system reboot or illegal access, occur.
A computer on which you install SNMP management software is an SNMP manager, and a computer on which you install agent software, such as the Microsoft SNMP agent included with Windows Server 2003, is an SNMP agent. The SNMP manager displays the information it receives in a user-friendly graphical user interface. You configure SNMP options, including traps, on the SNMP agent, but the SNMP agent does not display the managed information that it sends to an SNMP manager. For more information about SNMP requests and trap messages, see “SNMP Messages” later in this section.
To enable SNMP communications between an SNMP manager and SNMP agents, you configure the SNMP manager and the SNMP agents that it manages as members of an SNMP community. The community name functions like a password to authenticate communications between the SNMP manager and agent. The SNMP community is an SNMP-defined group, not a group defined in the Active Directory directory service. For more information about SNMP communities, see “SNMP Communities” later in this section.
An SNMP manager can request the following types of information from the SNMP agents that it monitors:
- Network protocol identification and statistics
- Dynamic identification (discovery) of devices attached to the network
- Hardware and software configuration data
- Device performance and usage statistics
- Device error and event messages
- Program and application usage statistics
If you assign the SNMP manager write permission for the SNMP agent, the SNMP manager can also send a configuration request to the agent (using a Set message) to change a local parameter. However, Set requests are limited to a small set of client parameters that have read-write access defined. Most client parameters allow only read-only access.
Understanding the Management Information Base (MIB)
When an SNMP manager requests information from an SNMP agent, the SNMP agent retrieves the current value of the requested information from the Management Information Base (MIB). The MIB defines the managed objects that an SNMP manager monitors (or sometimes configures) on an SNMP agent.
Each system in a network (workstation, server, router, bridge, and so forth) maintains a MIB that reflects the status of the managed resources on that system, such as the version of the software running on the device, the IP address assigned to a port or interface, the amount of free hard drive space, or the number of open files. The MIB does not contain static data, but is instead an object-oriented, dynamic database that provides a logical collection of managed object definitions. The MIB defines the data type of each managed object and describes the object.
The MIB Tree
The SNMP-related branches of the MIB tree are located in the internet branch, which contains two main types of branches:
- Public branches (mgmt=2), which are defined by the Internet Engineering Task Force (IETF) RFCs, are the same for all SNMP-managed devices.
- Private branches (private=4), which are assigned by the Internet Assigned Numbers Authority (IANA), are defined by the companies and organizations to which these branches are assigned.
The following figure shows the structure of the SNMP MIB tree. There are no limits on the width and depth of the MIB tree.
Immediately beneath the root of the MIB tree, International Organization for Standardization (iso), is the Organization (org) branch, followed by Department of Defense (dod), and then Internet (internet). Management (mgmt), the main public branch, defines network management parameters common to devices from all vendors. Underneath the Management branch is MIB-II (mib-2), and beneath this are branches for common management functions such as system management, printers, host resources, and interfaces.
The private branch of the MIB tree contains branches for large organizations, organized under the enterprises branch. Each organization has a root branch node under this object. Each organization creates its own subset of MIB branches and objects, which must comply with a common definition of SNMP information known as Structure of Management Information (SMI). SMI defines the allowed data types for MIB objects.
MIB Objects
At the programmatic level, the definition of each MIB object that an SNMP agent manages includes the following elements:
- The object name and object identifier (also known as an OID).
- A text description of the object.
- The object’s data-type definition (such as counter, string, gauge, or address).
- The index for objects that are assigned complex data types. The index specifies the key field for the table — that is, the field that can be used to identify a row.
The only complex SNMP data type that is allowed is a table, and tables cannot be nested. Examples include the list of a system’s network interfaces, a routing table, or the Address Resolution Protocol (ARP) table. - The level of access to the object (such as read or read/write) that is allowed.
- Size restrictions.
- Range information.
SNMP references each MIB variable by using its unique object identifier, which identifies the location of a given managed object within the MIB namespace. The object identifier reflects the object’s position within the hierarchy of the MIB tree, containing a sequence of subidentifiers that begin at the root of the MIB tree and end at the object (leaf node). Subidentifiers are separated with a period.
To reference a MIB object, you can use either numeric or text subidentifiers. For example, the following text-based object identifier is interchangeable with its numeric counterpart, shown beneath it. The value of this object identifier, in either format, identifies the current operational state of a network adapter.
Interacting with MIB Objects
To understand how SNMP interacts with MIB objects, you must first understand that the SNMP agent consists of a master agent and one or more subagents, also known as extension agents, which are the dynamic link libraries (DLLs) that SNMP uses to process a request received from an SNMP manager.
When the SNMP service starts, it loads each SNMP extension agent that is listed in the registry. When the master agent receives a request from the SNMP manager, it passes the request to an extension agent, which accesses the appropriate MIB and returns the current value of the relevant MIB object to the SNMP master agent. The SNMP agent then returns the information to the SNMP manager. An SNMP agent can also send unsolicited MIB information to the SNMP manager in response to an event that has been defined as an SNMP trap (unexpected event). In some cases, the SNMP agent changes (or sets) the value of the MIB object.
For example, in order to assess the network load at a particular point in your network, you can use SNMP to retrieve the value of a counter that tracks the number of packets sent over a link to the SNMP agent. Or you might use SNMP to retrieve the value that represents the amount of disk space available for storage. Although SNMP is used less commonly to set the value of a MIB object, to ensure that a link is not used, you might use SNMP to set the link state value of a MIB object to a disabled state.
Compiling a New or Updated MIB File by Using Mibcc.exe
As explained earlier, the SNMP-related branches of the MIB tree are located in the internet branch of the tree. The internet branch contains public branches that are defined by the IETF and private branches that are defined by large organizations. When an organization creates its own subset of MIB branches and objects, or updates an existing MIB file, the new or updated MIB file must be created in compliance with SMI-prescribed data types.
If your organization adds or updates a new MIB file, use the Mibcc.exe tool to compile the MIB file so that the SNMP Management API (Mgmtapi.dll) can use the MIB objects in the new or updated MIB file. After you compile the MIB file, you can reference objects by their text object identifiers instead of their numeric object identifiers. The ASN.1 language is used to define the formats of the protocol data units (PDUs) that are exchanged by SNMP entities and to define the objects that are managed through SNMP. Mibcc.exe converts the ASN.1 MIB description into the binary Mib.bin file, which the Management API then uses to map text-based object names to numeric object identifiers.
You can find Mibcc.exe in the C:\Program Files\Resource Kit folder when you install the Windows Server 2003 Resource Kit companion CD. The Mib.bin file is located in systemroot on Windows Server 2003
