In the world of computer protocols, size isn't everything. In fact, having only a small number of commands means little in protocol terms. With an acceptance that spans many operating systems over several decades, the Simple Network Management Protocol (SNMP) may not be complex, but it is powerful. Here we'll take a look at this often under-appreciated protocol and what it can do.
The History of SNMP
The founders of what was once the largest North American ISP, PSINet, co-authored the Simple Network Management Protocol (SNMP) in 1989. SNMP may ostensibly seem as simple as the name suggests, but it's a highly useful protocol and it has been embraced widely for that very reason. (Another widely used protocol is DNS. Learn more about it in DNS: One Internet Protocol to Rule Them All.)
SNMP: Five Basic Messages to Rule Them All
Here's how SNMP works: First, a piece of software called an agent communicates frequently with a manager. The manager usually sits on a server of some description and needs the agent to clearly define data from devices such as a switch or router for its varying statistics relating to the services it provides. Don't be dismissive. SNMP not only handles data relating to bandwidth and switch port errors, but it also beautifully collates what might usually be considered more localized content such as file system usage or when RAM capacity has been exceeded and swap space was called in to aide system performance.
In addition to collecting data, the modern versions of SNMP also allow some degree of remote configuration. Primarily, however, this sophisticated protocol finds its strength and high adoption rate through simplicity, boasting just five basic messages to fulfill its operations: GET, GET-NEXT, GET-RESPONSE, SET and TRAP. These commands function as you would expect, except maybe TRAP, which might help expose an error condition from the remote device, such as a reboot, to assist the manager in the accuracy of its data collection.
SNMP and Polling
A number of extremely popular system and network administrator packages use the clever facilities that SNMP can offer. One of the earlier packages is called Multi Router Traffic Grapher (MRTG), which produces invaluable graphs of nearly anything you can collect statistics for. (For more on viewing data, see Data Visualization: Data That Feeds Our Senses.)
Source: http://oss.oetiker.ch/mrtg/
As the number of devices on the internet increased, MRTG began to crack at the seams when polling large numbers of devices on enterprise networks. In response, the main developer of MRTG, Tobias Oetiker, helped to create another highly effective piece of software call RRDtool. The RRDtool is described as an open-source, high performance data logging and graphing system for time series data. RRDtool can be easily integrated in shell scripts, Perl, Python, Ruby, Lua or Tcl applications.
Source: http://oss.oetiker.ch/rrdtool
RRDtool's features and efficiency hardly went unnoticed, and the now widely used Cacti adopted it as its engine. Cacti took the management of large numbers of devices further thanks to a carefully considered template system, which makes light work of its installation with numerous devices. Examples of the impressive, newly found graphing features can be found here at http://docs.cacti.net/usertemplate:data:host_mib:diskio. As a testament to its popularity, a number of web hosting companies even include such SNMP packages in their feature list these days, such as Linode and the Xen VPS host.
Popular and comprehensive monitoring tools called Nagios are firmly in second place in terms of deployments. Zabbix is another excellent tool that you might find in a small network operations center environment. They can combine the historical graphing of services, protocols, resource usage, uptime and other variables using SNMP with more traditional probing to see if services are alive, giving a truly thorough overview of a large installation's operations.
SNMP's Vulnerabilities
Thanks to the ever-changing – and less convivial – nature of the internet, many of the version changes SNMP has gone through have been released to improve security. The latest of these (at time of writing), SNMPv3, boasts improved authentication and the encryption of traffic. Sometimes it's important to use software that's backwardly compatible so that your device can definitely be polled correctly for data. Many software implementations support versions one and two in addition to the latest version, which, of course, older hardware is more likely to find acceptable.
The Future of SNMP
SNMP can monitor almost any service running on a device and keep everything from CPU to temperature under close watch. When it's possible to collect, collate and disseminate data about almost anything your systems or networks are doing, it's easy to see why SNMP has been such a success. And, as it continues to evolve, it's likely to stick around for a long time to come.