6257

Get a Live Demo

You need to see DPS gear in action. Get a live demo with our engineers.

Get the SNMP Fast Track GuideBook

Download our free SNMP White Paper. Featuring SNMP Expert Marshall DenHartog.

This guidebook has been created to give you the information you need to successfully implement SNMP-based alarm monitoring in your network.

DPS is here to help.

1-800-693-0351

Have a specific question? Ask our team of expert engineers and get a specific answer!

Learn the Easy Way

Sign up for the next DPS Factory Training!

DPS Factory Training

Whether you're new to our equipment or you've used it for years, DPS factory training is the best way to get more from your monitoring.

Reserve Your Seat Today

SNMP Tutorial Part 3: Understanding Packet Types and Structure

This article in our series on the Simple Network Management Protocol (SNMP) examines the communication between managers and agents.

Simple Network Management Protocol (SNMP) is one of the most commonly used protocols to monitor network devices. SNMP is a request/response protocol that communicates over UDP port 161. Basic serial telemetry protocols, like TBOS, are byte-oriented with a single byte exchanged to communicate. Expanded serial telemetry protocols, like TABS, are packet-oriented with packets of bytes exchanged to communicate. The packets contain a header, data, and checksum bytes.

This all can be complicated if you are just getting started, that's why we are here to help you understand SNMP packet types and structure. So, let's get started.

SNMP topology

SNMP is a packet-oriented protocol

SNMP has gone through a number of revisions since its inception. The most commonly used versions of the protocol being SNMPv1, SNMPv2c, and SNMPv3. There have been significant changes introduced with each version of SNMP, such as the user-based security model and packet encryption.

However, the communication process between SNMP managers and agents have largely remained the same. In every SNMP version a manager and agent exchange information by sending and responding to a collection of operations contained in packets. The following are some of the more common packets (Protocol Data Units or PDUs) that SNMP entities use to communicate:

Get

The Get operations (Get, GetNext, and GetBulk) are used by a manager to request information from an agent. The manager will issue a Get command with the OID or variable binding it would like to read. Upon receipt of a Get command, an SNMP agent will send a response to the manager containing the requested information.

GetNext

Get and GetNext operations are similar but differ in a couple of key ways. The Get command requires a full OID in order for a manager to retrieve a value from an agent while the GetNext command does not. The response to a GetNext request will always be the next OID in a Management Information Base (MIB) tree. This is useful for traversing a MIB tree or gathering table information from an agent.

GetBulk (SNMPv2 and SNMPv3)

The GetBulk operation is almost identical to the Get operation.

Both Get and GetBulk operations allow a manager to retrieve multiple values from an agent in a single request. The difference between the two is how an agent will handle a request that it is unable to fulfill. If a manager issues a Get request that is too large for an agent the agent will respond with an error response. However, if the manager asked for the same information with a GetBulk request the agent would respond with as much information as it could handle.

Set

The Set command is used by managers to modify the value of a managed object on an SNMP agent. A manager will send a Set operation to an agent containing one or more OIDs and a new value for each. After receiving a Set command an agent will determine whether the change is valid. If the SNMP agent determines that the requested change is valid the agent will update its value.

The agent will then issue a response letting the manager know that the requested change has been made. However if an error occurs during reassignment or the value is determined to be invalid, the value will not be changed. The agent will also send an SNMP error message notifying the manager that an error occurred.

Do you need help with your SNMP solution?Talk to us!

Trap

Unlike the Get, GetNext, GetBulk, and Set operations, a Trap operation is generated by an agent and sent to a manager. Traps are used by agents to notify a manager when a noteworthy event occurs. There are two types of traps that convey meaning to a manager in different ways. The first type of trap, the granular trap, contains a single and unique OID for each trap. A manager can determine the meaning of a granular trap by looking up the OID in a MIB file. Variable binding traps on the other hand, usually have the same OID for each trap.

In order to distinguish one trap from another, variable binding traps contain additional information in a number of key/value pairs called variable bindings. This means that variable binding traps are typically larger than granular traps.

Inform (SNMPv2 and SNMPv3)

The SNMP Inform operation provides some assurance that SNMP messages are received by a manager. SNMP Traps, unlike Get/Set operations, do not require a manager to respond with a confirmation that it received the Trap.

The Inform operation was introduced to provide assurances to the sending agent or manager that its message was received. When an agent sends an Inform operation the manager will respond back acknowledging receipt of the message. This operation is helpful for SNMP communication because SNMP communication is most often over UDP which does not guarantee delivery of a message.

TCP vs UDP

SNMP communication can use TCP as its transport protocol but typically it uses UDP. TCP is slower than UDP because TCP provides reliability guarantees and sequencing of datagrams. SNMP typically uses UDP because both of these features are not useful for SNMP communication. The "reliability" guarantee of TCP is not useful for SNMP communication due to the request/response nature of the protocol. After the addition of the Inform operation, all SNMP operations can require that a receiving entity acknowledge a request. If no acknowledgment is received the requesting entity can simply resend the request. TCP sequencing is also not useful for SNMP communication because each SNMP response/request is sent in a single datagram.

The image below shows the structure of an SNMP packet. Each variable binding contains a unique object identifier, a type, and a value (if a Set or response). The agent checks each identifier against its MIB to determine whether the object is managed and changeable (if processing a Set). The manager uses its MIB to display the readable name of the variable and sometimes interpret its value.

SNMP Packet Formats
SNMP Packet Formats

This article is just one part of the first volume of the DPS Telecom white paper series on SNMP. After you're done reading, call one of our experts to discuss what you want to do with SNMP. Tell us what you're trying to accomplish, and we won't let you fail.

SNMP Tutorial Part 1: Manager, Agents, and The MIB

SNMP Tutorial Part 2A: Understanding the MIB

SNMP Tutorial Part 2B: Selecting a System

More SNMP Tutorial Guides to Learn More:

Next Page: SNMP Management System for Your Remote Network