SNMP Message Types

SNMPvl was initially defined by RFC 1157. Since then, SNMP has evolved with a second and third version, each adding new message types. The CCDA should understand each message type and the version associated with each.

SNMPvl

SNMPv1 is defined by RFC 1157. It is a simple request-and-response protocol. The NMS manager issues a request, and managed devices return responses. The date types are limited to

32-bit values. SNMPvl uses four protocol operations, with five message types to carry out the communication:

■ GetNext Request

Figure 16-3 shows the SNMPvl message types.

Figure 16-3 SNMPvl Message Types

Figure 16-3 shows the SNMPvl message types.

The NMS manager uses the Get operation to retrieve the value-specific MIB variable from an agent. The GetNext operation is used to retrieve the next object instance in a table or list within an agent. The Get Response contains the value of the requested variable.

The NMS manager uses the Set operation to set values of the object instance within an agent. For example, the Set operation can be used to set an IP address on an interface or to bring an interface up or down. Agents use the Trap operation to inform the NMS manager of a significant alarm event. For example, a trap is generated when a WAN circuit goes down.

SNMPv2

SNMPv2 is an evolution of the initial SNMPv1 and is defined in RFCs 1901 and 1902. SNMPv2 offers improvements to SNMPv1, including additional protocol operations. The Get, GetNext, and Set operations used in SNMPv1 are exactly the same as those used in SNMPv1. The SNMP Trap operation serves the same function as in SNMPv1, but it uses a different message format.

SNMPv2 defines two new protocol operations:

The NMS manager uses the GetBulk operation to retrieve large blocks of data, such as multiple rows in a table. This is more efficient than repeating GetNext commands. If the agent responding to the GetBulk operation cannot provide values for all the variables in a list, it provides partial results. The Inform operation allows one NMS manager to send trap information to other NMS managers and to receive information. Another improvement is that data type values can be 64 bits

SNMPv3

SNMPv3 was developed to correct several deficiencies in the earlier versions of SNMP, security being a primary reason. SNMPv3 is defined in RFCs 3410 through 3415. SNMPv3 provides authentication and privacy by using usernames and access control by using key management. Security levels are implemented to determine which devices a user can read, write, or create. SNMPv3 also verifies each message to ensure that it has not been modified during transmission.

SNMPv3 introduces three levels of security:

■ noAuthNoPriv

■ authNoPriv

The noAuthNoPriv level provides no authentication and no privacy (encryption). At the authNoPriv level, authentication is provided but not encryption. The authPriv level provides authentication and encryption.

Authentication for SNMPv3 is based on HMAC-MD5 or HMAC-SHA algorithms. The Cipher Block Chaining-Data Encryption Standard (CBC-DES) standard is used for encryption.

Was this article helpful?

0 0

Post a comment