As part of the configuration of a managed device, you can also identify whether it should be configured for read access, write access, or both. If configured for read access, an NMS like HP OpenView can gather information about the device. If configured for write access, an NMS can also configure the device using SNMP commands. The choice will depend upon whether you want to use the NMS strictly for gathering information or for configuration purposes also.
The “simple” part in the Simple Network Management Protocol relates to the fact that the interactions between managed devices and an NMS aren’t terribly complex. In the original version of SNMP (SNMPv1), only four operations are possible between an NMS and a managed device. There are outlined below:
- Get. The Get operation is used by an NMS to obtain a single piece of information from a managed device. For example, the NMS may be requesting the device’s configured name. “Get” is a read operation.
- GetNext. The GetNext operation is issued by an NMS in order to obtain more than one piece of information from a managed device. For example, the NMS may wish to obtain both the name and system uptime of a particular device. In SNMPv1, when an NMS wants to obtain multiple pieces of information from a managed device, its only option is to issue Get and GetNext commands. “GetNext” is also a read operation.
- Set. The Set command is used by an NMS to configure a managed device with a particular value. For example, maybe the NMS wants to configure or “set” a threshold on a managed device that tells it to alert the NMS if its CPU utilization hits 70% for a defined period of time. “Set” is a write operation.
- Trap. A Trap operation is different that those described above, because it is initiated from a managed device. A trap message is used to alert an NMS to the fact that a threshold defined by the NMS (with the set command) has been reached, or that an error/event of some type has occurred. For example, a router may have been configured to set a trap message to an NMS when its average CPU utilization is over 70% for a period of one minute. Trap messages are said to be asynchronous, in that a managed device sends them without a request from an NMS.
SNMPv2 introduced two additional SNMP commands:
- GetBulk. The GetBulk operation was implemented to allow NMSs to obtain multiple pieces of information from a managed device in a single request. It’s important to note that this command is not supported on devices using SNMPv1. “GetBulk” is a read command.
- Inform. The Inform operation allows an NMS to forward trap information to other NMSs.
As mentioned earlier, SNMP was designed to use UDP as its transport protocol. This is part of what helps make SNMP “lightweight”, since the session establishment overhead associated with TCP is avoided. When an NMS wants to configure a managed device or gather information from it, it will make a request to that device, destined for UDP port 161. As with most exchanges in the world of TCP/IP, the source port will usually be chosen dynamically.
Perhaps the most important feature of SNMP from a monitoring perspective is the ability of a managed device to send trap messages to an NMS asynchronously. In other words, when an error occurs on a device, or when one of the thresholds previously “set” by the NMS is reached, the managed device will automatically send a trap message to its configured NMS. Trap messages from a managed device are sent to UDP port 162 on the NMS.