SNMP Overview

Simple Network Management Protocol (SNMP) is a network protocol designed for network monitoring and management. It is widely supported by network devices such as modems, routers, switches, and various operating systems like Windows, Linux, macOS and FreeBSD.

SNMP is based on a set of open standards including the following auxiliary extensions:

  • RFC1156: Management Information Base for Network Management of TCP/IP-based internets (MIB version 1)
  • RFC1157: Simple Network Management Protocol (SNMP protocol version 1)
  • RFC1213: Management Information Base for Network Management of TCP/IP-based internets: MIB-II (MIB version 2)
  • RFC3416: Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP) (SNMP protocol version 2)
  • RFC3418: Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) (MIB version 3)

SNMP relies on a client-server model in which the network devices to be monitored or managed run the SNMP agent, and the network device responsible for monitoring and managing other network devices runs the SNMP Network Management Station (SNMP NMS). Typically, SNMP operations use UDP ports 161 and 162.

The protocol is structured in a hierarchical way where a sequence of numbers and dots, such as 1.1.63.2.345, represents addresses to the metrics. Those addresses represent one unique metric in a database called Management Information Base (MIB). Each device hierarchy is a composition of object identifiers (OIDs) that can operate in three different modes:

  • read: SNMP NMS can read metrics from the SNMP agent
  • write: SNMP NMS can update metric values from the SNMP agent
  • trap: SNMP agent alarms the SNMP NMS, usually when an issue occurs

The monitoring of metrics, typically involving a read operation from an SNMP agent, occurs in cycles (polling). The frequency of these cycles can be adjusted based on the specific environment and the number of network devices being monitored. Traps are usually triggered when a certain threshold is reached (typically a lower bound or an upper bound).

The SNMP protocol provides various operations, with the following being the most common:

Operation

Description

GET

A request made by the NMS to retrieve one or more metrics.

GETNEXT

A request made by the NMS to retrieve one or more metrics from the next OID.

SET

A request made by the NMS to update the value of a metric.

TRAP

A request made by an agent to alarm the NMS.

INFORM

A request made by an agent to alarm the NMS with a confirmation response from the NMS.

RESPONSE

A request that brings the response to one of the requests above.

What's Next?

SNMP Version Comparison