The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Поиск:  Каталог документации | Сети, протоколы, TCP/IP

comp.protocols.snmp SNMP FAQ Part 1 of 2

Introduction to SNMP & comp.protocols.snmp newsgroup
Archive-name: snmp-faq/part1
Posting-Frequency: every few months or so
Last-Modified: 9 Jan 2003
Version: 2.56

 
                 comp.protocols.snmp

                    PART 1 of 2

         FAQ - Frequently Asked Questions - FAQ

          Simple Network Management Protocol
          ----------------------------------

This 2-part document is provided as a service by and for the readers
and droogs of Internet USENET news group comp.protocols.snmp and may be
used for research and educational purposes only. Any commercial
use of the text may be in violation of copyright laws under 
the terms of the Berne Convention. My lawyer can whup your lawyer.

Anthology Edition Copyright 2002,2003 Thomas R. Cikoski, All Rights Reserved
 
------------------------------------------------------------
 Please feel free to EMail corrections, enhancements, and/or
 additions to the Reply-To address, above.  Your input will
 receive full credit in this FAQ unless you request otherwise.
                 mailto:splinter@panix.com

As a result of the abuses of EMail now taking place on the
Internet, we have a policy of NOT providing the EMail address
of individual contributors in these postings. We will continue
to provide EMail addresses of commercial contributors
unless requested not to.
-------------------------------------------------------------
      A NOTE ON WEB SITES AND URLS: THEY MAY BE OBSOLETE!

Neither the contributors nor the editor of this FAQ are responsible
for the stability or accuracy of any URL, Web site address, or
EMail address listed herein. We take reasonable care to ensure that
these data are transcribed correctly and are always open to
correction. If, however, a particular URL disappears from the Web
there is not much we can do about it.
-------------------------------------------------------------

Please also visit our cousin newsgroup
        news://comp.dcom.net-management.
 
New this month: 
--------------
> More of the usual stuff
 
Note on host names and addresses: please email me with any changes
to URLs, host names or IP addresses. The MIT host rtfm has an autoresponder
which always replies to postings with an incorrect IP.  It would be
nice if every host had that, but they don't, so I need your assistance.  
 
 

SUBJECT:              TABLE OF CONTENTS
 
1.00.00 FAQ PART 1 of 2:            IN THIS DOCUMENT

1.01.00 --General
1.01.01 What is the purpose of this FAQ?
1.01.02 Where can I Obtain This FAQ?
1.01.03 Parlez-vous francais?
1.01.04 Why is SNMP like golf?
1.01.05 What is a droog anyway?
1.01.50 HELP ME! MY SNMP PRODUCT IS DUE NEXT WEEK!
1.01.99 This FAQ Stinks!

1.10.00 --General Questions about SNMP and SNMPv1
1.10.01 What is SNMP?
1.10.02 How do I develop and use SNMP technology?
1.10.04 How does the Manager know that its SET arrived?
1.10.10 How does an Agent know where to send a Trap?
1.10.12 Which community string does the agent return?
1.10.15 How can I remotely manage community strings?
1.10.17 What is the largest SNMP message?
1.10.30 Are there security problems with SNMP?

1.11.00 --RFC
1.11.01 What is an RFC?
1.11.02 Where can I get RFC text?

1.12.00 --SNMP Reference
1.12.01 What books are there which cover SNMP?
1.12.02 What periodicals are heavily oriented to SNMP?
1.12.03 What classes are available on the topic of SNMP?
1.12.04 What email discussion groups are available for SNMP?
1.12.05 What trade shows cater to SNMP?
1.12.06 What SNMP product User Groups are available?
1.12.07 Where can I find SNMP-related material on WWW?
1.12.08 What related mailing lists exist?
1.12.20 What related newsgroups exist?
1.12.21 Are there introductory materials?

1.13.00 --Miscellaneous
1.13.01 SNMP and Autodiscovery
1.13.02 SNMP Traps and NOTIFICATION-TYPE
1.13.03 SNMP and/versus The Web
1.13.04 SNMP and Java
1.13.05 SNMP and CORBA
1.13.06 SNMP and Visual Basic
1.13.07 SNMP and IPv6
1.13.10 SNMP and C#

1.20.00 --General Questions about SNMPv2
1.20.01 What is SNMPv2?
1.20.02 What is SNMPv2*/SNMPv1+/SNMPv1.5?
1.20.03 What is SNMPv2c?
1.20.04 What the heck other SNMPv's are there?

1.22.00 --General Questions about SNMPv3
1.22.01 What is SNMP V3?

1.30.00 --RMON
1.30.01 What is RMON?
1.30.02 RMON Standardization Status
1.30.03 RMON Working Group.
1.30.04 Joining the RMON Working Group Mailing List 
1.30.05 Historical RMON Records
1.30.06 RMON Documents
1.30.07 RMON2

1.40.00 --ISODE
1.40.01 What is ISODE?
1.40.02 Where can I get ISODE?
1.40.03 Is there an ISODE/SNMP mailing list?

1.50.00 --Using SNMP to Monitor or Manage
1.50.01 How do I calculate utilization using SNMP?
1.50.02 What are Appropriate Operating Thresholds?
1.50.03 Are MIBs available to monitor application traffic?
1.50.04 How can I make sense of the Interfaces Group?
1.50.10 When do I use GETBULK versus GETNEXT?
1.50.12 What free products can be used to monitor?

1.75.00 -- SNMP Engineering and Consulting
1.75.01 SNMP Engineering and Consulting Firms

2.00.00 FAQ PART 2 of 2:            NOT IN THIS DOCUMENT

2.01.00 --CMIP
2.01.01 What is CMIP?
2.01.02 What books should I read about CMIP?
2.01.03 A CMISE/GDMO Mailing List
2.01.04 What is OMNIPoint?

2.02.00 --Other Network Management Protocols
2.02.01 What alternatives exist to SNMP?

2.10.00 --SNMP Software and Related Products
2.10.01 Where can I get Public Domain SNMP software?
2.11.01 Where can I get Proprietary SNMP software?
2.12.01 Where can I get SNMP Shareware?
2.13.01 Miscellaneous FTP and WWW Sources
2.14.01 What CMIP software is available?
2.15.01 SNMP and Windows NT/95/98
2.16.01 More About CMU SNMP Software
2.17.01 Miscellaneous SNMP-related Products
2.18.01 SNMP and OS/2
2.18.02 SNMP and SCO Unix
2.18.03 SNMP and Linux
2.18.04 SNMP and AS/400
2.20.01 SNMP++
2.21.01 What is AgentX?

2.25.00 -- SNMP Engineering and Consulting
2.25.01 SNMP Engineering and Consulting Firms

2.30.00 --The SNMP MIB (Management Information Base)
2.30.01 What is a MIB?
2.30.02 What are MIB-I and MIB-II
2.30.03 How do I convert SNMP V1 to SNMP V2 MIBs?
2.30.04 How do I convert SNMP V2 to SNMP V1 MIBs?
2.30.05 What are enterprise MIBs?
2.30.06 Where can I get enterprise MIBs?
2.30.10 Can I mix SMIv1 and SMIv2 in one MIB?
2.31.01 MIB Compiler Topics
2.32.01 How can I get ______ from the _____ MIB?
2.35.01 How can I register an Enterprise MIB?
2.35.02 Where can I find Enterprise Number Assignments?
2.37.01 How Do I Create a Table Within a Table?
2.37.05 How Do I Reset MIB Counters via SNMP?
2.37.07 How can I change a published MIB?
2.38.01 How unique must MIB variable names be?
2.38.03 Explain MODULE-COMPLIANCE versus AGENT-CAPABILITIES
2.38.04 Which parts of my MIB are mandatory?
2.38.10 Can a CMIP MIB be converted to SNMP?
2.38.11 Can an SNMP MIB be converted to CMIP?
2.38.12 Can a table index value legally be zero?
2.38.14 Where can I find the _____ MIB?
2.38.20 How can I convert a MIB to XML Format?

2.40.00 --SMI
2.40.01 What is the SMI?
2.40.02 What is SMIv2?
2.40.03 Table Indexing and SMI
2.40.04 Floating Point Numbers in SMI?
2.40.05 SMIv1 versus SMIv2?

2.45.00 --ASN.1
2.45.01 What is ASN.1?
2.45.02 Why is ASN.1 not definitive for SNMP?
2.45.05 Where can I find a free ASN.1 compiler?

2.50.00 --BER
2.50.01 How is the Integer value -1 encoded?
2.50.02 What is the Maximum Size of an SNMP Message?
2.50.05 Where can I find BER encoding rules?

2.60.00 -- Agent Behavior
2.60.01 Proper Response to empty VarBind in GetRequest?
2.60.02 Master Agent versus Proxy Agent
2.60.03 Proper Response to GET-NEXT on Last MIB Object?
2.60.10 How can I find the SNMP version of an Agent?
2.60.12 How should an agent respond to a broadcast request?
2.60.14 What does an Agent send in a trap?

2.98.00 Appendix A. Glossary
2.99.00 Appendix B. Acknowledgements & Credits


1.00.00 FAQ PART 1 of 2:

1.01.00 --General
 
1.01.01
SUBJECT: What is the purpose of this FAQ?

  This FAQ is to serve as a guide to the resources known to
  be available for helping you to understand SNMP, SNMPv2,
  and their related technologies.  OSI/CMIP is touched on
  briefly as well because we're fair-minded folk.
 
  There is NO INTENT that this be a one-stop SNMP tutorial.
  There is NO INFERENCE that this is an authoritative or
  official document of any kind. What you see is what you get.
 
  You WILL need to read the books listed herein, maybe even
  some of the RFCs.  You may wish to take a class as well.
  Just think of this as your "tourist guide book."

1.01.02
SUBJECT: Where Can I Obtain This FAQ?

  This FAQ is available on the WWW at:

http://www.pantherdig.com (both text and HTML formats are available)

http://www.snmp.com/FAQs/snmp-faq-part1.txt
http://www.snmp.com/FAQs/snmp-faq-part2.txt

http://www.faqs.org/faqs/by-newsgroup/comp/comp.protocols.snmp.html
http://www.faqs.org/faqs/snmp-faq/

http://www.lib.ox.ac.uk/internet/news/faq/archive/snmp-faq.part1.html
http://www.lib.ox.ac.uk/internet/news/faq/archive/snmp-faq.part2.html

See also:
ftp://ftp.cs.utwente.nl/pub/src/snmp/

http://www.faqs.org/faqs/snmp-faq/part1/index.html
http://www.faqs.org/faqs/snmp-faq/part2/index.html

You can also find the most recent Web posting via

      http://www.deja.com/usenet [formerly "dejanews"]

and, last but not least, you can use your favorite search
engine such as

	http://www.altavista.digital.com
	http://www.infoseek.com
	http://www.yahoo.com

This FAQ is officially archived (as with all "licensed" FAQs) at
rtfm.mit.edu [18.181.0.24] under /pub/usenet/news.answers
as snmp-faq/part1 &/part2, or under /pub/usenet/comp.protocols.snmp
as its own self (the only files in that directory). Use
anonymous ftp to retrieve or send e-mail to 
 
       mailto:mail-server@rtfm.mit.edu
 
with
 
      "send usenet/news.answers/finding-sources"
 
for instructions on FTP via e-mail.

1.01.03
SUBJECT: Parlez-vous francais?

1.01.03.01
>
>Un petit conseil: Si tu postais en anglais, beaucoup plus de gens
>pourraient t'aider...

> Thomas Galley


1.01.03.02
Alternativement, si tu es vraiment fachez avec l'anglais ;-),
poster (ou xposter avec fu2) sur fr.comp.reseaux.supervision.

Steve Common

1.01.03.03
If you are in the Bayonne area and would like to forget
SNMP for a few hours in a great little country hotel, try

   L'Auberge de Biaudos (**)
   RN 117 15mn from Bayonne
   05 59 56 79 70

Tom Cikoski

1.01.03.04
SNMP-oriented Web Site hosted en France, avec quelques
linques francaises.

http://www.snmplink.org

Pierrick Simier


1.01.04
SUBJECT: Why is SNMP like golf?

> usually the fewer polls you take the better off you are
> but you are sometimes lost in the woods
> it helps to have a good set of tools in the bag
> it helps to have good instruction
> you need a few beers after a bad round

1.01.05
SUBJECT: What is a droog anyway?

What's a droog?

Eric Meyer

<Sigh> It is sad to think that an entire new generation of SNMPers has arisen
to push their elder brethern and sisteren, who have done such hard, essential
pioneer work, out of the way, and are too young to have seen "Clockwork Orange".

The label was actually applied to the readership of comp.protocols.snmp by
a rather snide and vehement proponent of SMUX. I took it as a badge of honor.

1.01.50
SUBJECT: HELP ME! MY SNMP PRODUCT IS DUE NEXT WEEK!

From time to time there appear posts in news:comp.protocols.snmp
which bring a tear to the eye of the casual observer. They often
have this form:

"My boss told me I need to have the SNMP running on our new
 100GB Muxiblaster for next week's first release. What is SNMP?
 Can I have it for Thursday?"

Sometimes there come, in private email, messages to regulars
of this newsgroup, often in this form:

"Please to sending me all SNMP keywords now. Regards."

Or:

"Tell me [by email] how SNMP differs from TMN and CMIP."

Oy!

The "simple" in SNMP doesn't mean "trivial". It cannot
be learned by flipping through a few emails or news posts.
The "simple" in SNMP is only in contrast to protocols
which are thought to be even more complex than SNMP.

There is no magic solution to learning SNMP. All
of us who have mastered the subject did so by 1)reading
several books on the subject, 2)reading/playing with the sample code
from CMU or NET-SNMP, 3)implementing several trial products
over a period of months.

If your boss expects SNMP miracles and will not listen to
reason, either become a good liar or find a new job.

Or, as David Perkins posted in recent response to a newbie:

"It will take you at least 6 months or so of studying and
usage to "comprehend SNMP very well". I suggest that
you read a few books (more than one) on SNMP and RMON,
since authors focus on different aspects of the subject
area."

You can find these resources listed in this FAQ and
on several other Web sites devoted to SNMP. Good luck!


1.01.99
SUBJECT: This FAQ Stinks!

1.01.99.01 The material is out-of-date!

A concerned reader writes:

"The SNMP FAQ contains incorrect sometimes outdated information and
it might therefore cause more questions than it answers. What is
your policy with regard to corrections? It sometimes looks that you
are just adding corrections and not removing the incorrect text.
This makes the FAQ difficult to use and it keeps incorrect stuff
around, which again causes confusion."

"There is also an issue with relationship to other documents. For
example, the SimpleTimes contains an up-to-date list of RFCs related
to SNMP. The FAQ contains several more or less correct and outdated
lists. I think it would be useful in cases like this to just refer
to a `reliable' source instead of trying to include information which
is not maintained."

Editor's note: Our concerned reader is perceptive. We rely on the good
will and support of our readers to notice omissions, commissions and
deprecations in the FAQ, although we do try and update RFC lists from
time to time. We will act on any notice from you that something ought
to be changed. Please send me your corrections.

URLs change often and we don't have the time to check them routinely.
We also publish the large personal collections of several contributors,
some of which offer conflicting details. That's the way it is with
tribal documents such as this. If any error in this FAQ causes you to
waste or loose precious time then you probably expected too much to
begin with. Please use it with our good wishes and this disclaimer.

1.01.99.02 In what language should you post?

The following exchange once took place ...

   A> Ich benvtige Wissen |ber SNMP und MIB und MIB II. Bin
   A> allerdings kein Informatik- oder
   A> Nachrichtentechnikstudent. Wenn einer von euch helfen kann,
   A> dann wdre ich sehr dankbar.

   B> [This is an international newsgroup, so the common language
       should be english.]

While B has a point, we support the right of posters to ask
questions in any language. Your best chance of receiving an
answer, of course, is if you ask in English. For online
translation, try www.babelfish.com.

1.10.00 --General Questions about SNMP and SNMPv1

1.10.01 
SUBJECT: What is SNMP?

The current state of the art [Ed Note: Jan 2003] is well summarized
in every recent RFC which contains a MIB module:

   The SNMP Management Framework presently consists of five major
   components:

      o  An overall architecture, described in RFC 2571 [RFC2571].

      o  Mechanisms for describing and naming objects and events for the
         purpose of management.  The first version of this Structure of
         Management Information (SMI) is called SMIv1 and is described
         in STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and
         RFC 1215 [RFC1215].  The second version, called SMIv2, is
         described in STD 58, RFC 2578 [RFC2578], RFC 2579 [RFC2579] and
         RFC 2580 [RFC2580].

      o  Message protocols for transferring management information.  The
         first version of the SNMP message protocol is called SNMPv1 and
         is described in STD 15, RFC 1157 [RFC1157].  A second version
         of the SNMP message protocol, which is not an Internet
         standards track protocol, is called SNMPv2c and is described in
         RFC 1901 [RFC1901] and RFC 1906 [RFC1906].  The third version
         of the message protocol is called SNMPv3 and is described in
         RFC 1906 [RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574].

      o  Protocol operations for accessing management information.  The
         first set of protocol operations and associated PDU formats is
         described in STD 15, RFC 1157 [RFC1157].  A second set of
         protocol operations and associated PDU formats is described in
         RFC 1905 [RFC1905].

      o  A set of fundamental applications is described in RFC 2573
         [RFC2573].  The view-based access control mechanism is
         described in RFC 2575 [RFC2575].

   A more detailed introduction to the current SNMP Management Framework
   can be found in RFC 2570 [RFC2570].

Juergen Schoenwaelder

1.10.01.01
  The Simple Network Management Protocol is a protocol for
  Internet network management services.  It is formally
  specified in a series of related RFC documents.

    (Some of these RFCs are in "historic" or "informational" status)
     
     RFC 1067 - A Simple Network Management Protocol
     RFC 1089 - SNMP over Ethernet
     RFC 1140 - IAB Official Protocol Standards
     RFC 1147 - Tools for Monitoring and Debugging TCP/IP
                Internets and Interconnected Devices
                [superceded by RFC 1470]
     RFC 1155 - Structure and Identification of Management
                Information for TCP/IP based internets.
     RFC 1156 (H)- Management Information Base Network
                Management of TCP/IP based internets
     RFC 1157 - A Simple Network Managment Protocol
     RFC 1158 - Management Information Base Network
                Management of TCP/IP based internets: MIB-II
     RFC 1161 (H)- SNMP over OSI
     RFC 1187 - Bulk Table Retrieval with the SNMP
     RFC 1212 - Concise MIB Definitions
     RFC 1213 - Management Information Base for Network Management
                of TCP/IP-based internets: MIB-II
     RFC 1215 (I)- A Convention for Defining Traps for use with the SNMP
     RFC 1224 - Techniques for Managing Asynchronously-Generated Alerts
     RFC 1270 (I)- SNMP Communication Services
     RFC 1303 (I)- A Convention for Describing SNMP-based Agents
     RFC 1470 (I)- A Network Management Tool Catalog
     RFC 1298 - SNMP over IPX (obsolete, see RFC 1420)
     RFC 1418 - SNMP over OSI
     RFC 1419 - SNMP over AppleTalk
     RFC 1420 - SNMP over IPX (replaces RFC 1298)

[EDITOR'S NOTE: RFCs for SNMPv2 and SNMPv3 are under their
 respective headings.]

1.10.01.02
     
"Just a reminder that if you are new to SNMP (or know someone who is)
you might want to check out my Web page at:"
 
http://www.inforamp.net/~kjvallil/t/snmp.html

Tyler Vallillee

Tyler Vallillee has a live SNMP site at
http://www.geocities.com/SiliconValley/Horizon/4519/snmp.html
I assume this replaced the old link in the FAQ.

The page calls a missing javascript file so it gives a 404 instead of
loading. Switch off Javascript and the page loads OK.
I've mailed Tyler about this so hopefully it will be fixed soon.

John Bradshaw


1.10.01.03

You can find the "Intro to SNMP" courtesy of the WayBack machine at
www.archive.org:

http://web.archive.org/web/20010803180509/www.ddri.com/Doc/

You can probably also find other long-lost URLs there, too.

Phil Hord

The 'Overview of SNMP' document can currently be located at
http://www-t.zhwin.ch/it/ksy/Block07/SNMP_Overview.pdf
- I've no idea whether this link is reliable I'm afraid.
(Also referenced in FAQs 1.12.07.11 and 1.12.21.01)

Bruce Coker

The URL for the SNMP overview document given in FAQ section 1.10.01.03
is still active but the document is apparently no longer available
from that site, or from the alternative site that the page now refers you to.
I did find a copy of the document from May 2001 on the Wayback machine:

http://web.archive.org/web/20010602180805/www.ddri.com/Doc/SNMP_Overview.html

Alan Levy


1.10.01.04

Concord Communications offers a free network management reference
guide that includes the information you are looking for.  View online or
download it at http://www.concord.com/resctr/survival/guide/intro.htm

Rob Tandean

1.10.02
SUBJECT: How do I develop and use SNMP technology?

To deploy and use SNMP technology for management involves
many steps.
If you are a device vendor you need to:
1) decide what aspects of your products you want to
   be managable via SNMP
2) select the standard MIBs to implement (and the objects/traps
   within them to implement)
3) create proprietary MIB modules containing objects and traps
   for the management areas not covered by standard MIBs
4) Select an SNMP agent toolkit vendor
5) put instrumentation in your devices
6) following the directions from the SNMP toolkit vendor, create
   access routines (which some SNMP toolkit vendors call method
   routines) to get and set the values of from your instrumentation
7) Select an SNMP agent test package, and test your agent
8) Select an SNMP management API library
9) Write SNMP applications to manage your device

If you are an end-user, you need to:
1) determine what SNMP management capability that you have
   in your current devices
2) determine the SNMP management capability that is available
   in similar devices from other vendors (in case you need to
   upgrade or change)
3) determine what you want to accomplish with management
4) find off the self management packages that provide the
   management functions you want
5) possibly upgrade or replace your current devices with one
   that are managable with the package you chose.
6) implement additional management functions using scripting
7) implement additional management functions using custom written
   code using a purchased off the self SNMP management API library
8) configure your agents and applications to talk to each other.

David T. Perkins

1.10.04
SUBJECT: How does the Manager know that its SET arrived?

Praveen Dulam queried:
> SNMP is based on UDP. So the SNMP is not a reliable protocol. Let's say
> you did the SNMP SET operation. How do we gurantee that the SNMP SET
> packet reached the Agent.
>
> Do we need to write some application level programming to do this.

Yes, the management application and the agent need to work cooperatively
to take care of reliability.  Note that when an agent acts upon a SET
request it will send a response packet that is either a positive or
negative acknowledgment (the error code tells which).  So the main
problem is what to do at the management station when you time out and
get no response at all.

If the SET operation is idempotent (i.e. a second application on top of
a previous one does not change the results) then you can just re-send
the SET.  That would be the case if you are just storing values.  But
not all SET operations work that way:  there may be side effects when
an object is written.

Mike Heard

1.10.10
SUBJECT: How does an Agent know where to send a Trap?

I've noticed on the comp.protocols.snmp mailing list that the question
"how does an agent know where to send traps" (short answer is "its
implementation specific", long answer is, indeed, long, but has been
well answered numerous times) is, indeed, a Frequently Asked Question.
Any chance of adding it to your quite impressive FAQ posting?

T. Max Devlin

[Editor's Note: What T. Max is getting at here is that the trap
 destination IP address is not represented in MIB-II, so how can
 the agent know what it is? The answer is that most agents require
 an external configuration process to take place before they can
 be put into service, and that is how the IP address, among other
 interesting parameters, is set in the agent. How this setup is
 actually done varies among agent developers.]

1.10.12
SUBJECT: Which community string does the agent return?

Holger wrote:

> which community string is used in a response to a set-request and which is
> used in a response to a get-request?

The packet is a turn-around document with respect to the
community string. The community string in the response
is typically whatever it was in the request. [snip]
if you were to use the community-string field for passing
different information from the agent back to the manager
then it would not be standard SNMP.

Since you referred to "the" read/write community string
let me point out that there can be multiple read and multiple
write communities (although your agent/config file may
constrain that in some way). You can use them to provide
views of different portions of the mib for instance (but
there is no v1/v2c standard for this mapping).

The community string is a poor man's password scheme
because it is sent unencrypted in v1/v2c packets and tries to
to do the job of authentication, privacy, and views. V3 does
away with it.

Jim Jones

[Editor's Note: I would have said "SNMPv3 offers more and better
options for security and privacy in SNMP messages."]

1.10.15
SUBJECT: How can I remotely manage community strings?


Paul Nye wrote:

>I'm looking for a utility that enables me to change community names on
>multiple devices from a single management console.
>
>For example, provided I have the correct SU password, I would like to be
>able to identify a subnet or IP address range and the utility would query
>any SNMP aware device in the range, test whether the SU/community names are
>the same and if so, replace the SU password with one of my choice.

Because the methodology for setting community strings is not
standardized, every type of device/agent version may have a
different mechanism for handling this chore.  Therefore, there
are no "single console" products for setting community strings.
For this to be feasible, you would have to be able to
differentiate every agent type, and know how that particular
vendor/system/agent handles it.

T. Max Devlin

1.10.17
SUBJECT: What is the largest SNMP message?

George Chandy wrote:
> Is there a limit to the size of messages in SNMP ?

Every implementation must at least accept messages of 484 octets in 
size (RFC 1906).  That is the lower limit you can always bet on. The
upper limit basically depends on the two SNMP engines that communicate.
In most cases, people try to avoid IP fragmentation as it reduces the
likelihood that the message reaches its destination. 

[snip]

Note that the only hard limit in the SNMP protocol is the number of
varbinds you can have in a PDU. And that limit is 2147483647 - quite
a big number if you ask me.

Juergen Schoenwaelder

Remember that the definitions in a MIB module are
architectual, and not implementation limits. Note that
the OCTET STRING data type does have a limit of 65535 octets,
which will not fit in a UDP packet. Thus, there are
limits imposed by the protocol and transport in addition
to implementation limits of the SNMP agent or managed
system.

David T. Perkins

1.10.30
SUBJECT: Are there security problems with SNMP?

1.10.30.01
See http://www.cert.org/advisories/CA-2002-03.html

1.10.30.02

Recently there was a CERT advisory having to do with SNMPv1.
The problem was that the code to process SNMP messages when it
encountered malformed BER encoding, unsupported ASN.1 tags,
or ASN.1 that didn't follow the format of messages did not
"do the right thing". The code had programming errors which in
some cases caused the code to crash the system.

What the SNMP message processing code was suppose to do is increment
the counter snmpInASNParseErrs and drop the message.

David Perkins

1.11.00 --RFC

1.11.01
SUBJECT: What is an RFC?

  The letters stand for the title Request For Comment, which
  is the initial stage in the process for creating Internet
  standards.  RFCs go through several stages of review and
  refinement before they are adopted as final by the Internet
  community.
 
1.11.02
SUBJECT: Where can I get RFC text?

1.11.02.01

On WWW:
-------

Ohio State University has an extensive set of RFCs in html (browser)
format.  To see RFC 9898 (for example), use the following URL:

http://www.cis.ohio-state.edu/htbin/rfc/rfc9898.html
                                        ^^^^^^^
                           Put actual RFC number here.

Simply change the RFC number in the above URL to access the correct
file for your purpose.

Also, for an RFC "Home Page" see

http://www.cis.ohio-state.edu/hypertext/information/rfc.html

1.11.02.02
 
RFC-Info Simplified Help      submitted by: Mark Wallace
-----
 
Use RFC-Info by sending an email messages to RFC-INFO@ISI.EDU.
 
1.  To get a specific RFC send a message with text as follows:
 
        Retrieve: RFC   
          Doc-ID: RFC1500
 
This gets RFC 1500.  All RFC numbers in the Doc-Id are 4 digits 
(RFC 791 would be Doc-ID: RFC0791).
 
2.  To get a specific FYI send a message with text as follows:
 
        Retrieve: FYI
          Doc-ID: FYI0004
 
3.  To get a list of available RFCs that match a certain criteria:
 
        LIST: RFC
    Keywords: Gateway
 
Returns a list of RFCs with the word Gateway in the title or
specified as a keyword.
 
4.  To get information about other ways to get RFCs, FYIs, STDs,
    or IMRs.
 
        HELP: ways_to_get_rfcs
        HELP: ways_to_get_fyis
        HELP: ways_to_get_stds
        HELP: ways_to_get_imrs
 
5.  To get help about using RFC-Info:
 
        HELP: help
 
    or
 
        HELP: topics
 
===============================================================

1.11.02.03

Other possible sites:

     ftp.internic.net
     ftp.uu.net
     merit.edu
     nic.ddn.mil - note: avoid using this one, it's SLOW
     nis.nsf.net
     src.doc.ic.ac.uk
     venera.isi.edu
     ftp.std.com
 
     munnari.oz.au \___ Pacific Rim Sites use these
     archie.au     /
 
1.11.02.04
Use anonymous ftp & look for rfc or pub/rfc directories above.
 
     Details on obtaining RFCs via FTP or EMAIL may be obtained by
     sending an EMAIL message to "rfc-info@ISI.EDU" with the message
     body "help: ways_to_get_rfcs".  For example:
 
>>        To: rfc-info@ISI.EDU
>>        Subject: getting rfcs
 
>>        help: ways_to_get_rfcs
 

1.11.02.05
You can get a CD ROM with all the RFCs as of the date of the
CD ROM

> 	Info Magic
> 	11950 N. Highway 89
> 	Flagstaff, AZ
>	(800) 800-6613
>	(520) 526-9565
>
> 	http://www.infomagic.com/catalog5.htm#standards
>
>	Title is 'International & Domestic Standards' ($30)

Mark Aubrey
 
1.11.02.06
In Germany and Europe, try Christian Seyb:
 
     "I also offer a CDROM with all RFCs as of the date 
      of beginning of Aug 93."
 
The following CDROM is available for DM 98,-- (app. $60) and
contains the following software:
 
- Linux SLS V1.03, Kernel 0.99.11 and utilities for Linux
- 386BSD version 0.1 including patch-kit 0.2.4
- NetBSD version 0.8
- Utilities for 386BSD and NetBSD
- The Berkely Second Networking Distribution
- GNU software (gcc 2.4.5, emacs 19.17, gmake 3.68, etc)
- X11R5 up to patch 25 and lots of Contributed Software
- TeX version 3.14
- The Internet RFCs up to RFC1493
- News, mail and mailbox software and many utilities for Unix
 
  Issue: Aug 1993
 
Contact:
    CDROM Versand
    Helga Seyb
    Fuchsweg 86
                                Tel: +49-8106-302210
    85598 Baldham               Fax: +49-8106-302310
    Germany                 Bbs/Fax: +49-8106-34593
 
Christian Seyb  |    |  Mailbox/uucp/Fax: 08106-34593

1.11.02.07
Aloha and greetings from Cologne, Germany.
Maybe it is interested for you, that the Technical University of Cologne 
has a good script which translate the RFCs into HTML-RFCs.
So you can link between the RFCs and you can get online.

You can try it by using the URL

http://rfc.fh-koeln.de/rfc.html

1.11.02.08
General RFC Information

http://www.cis.ohio-state.edu/hypertext/information/rfc.html

Praveen

1.11.02.09

http://www.simple-times.org/pub/simple-times/issues/8-1.html#standards
2/3 down the page is a complete list of SNMP RFCs 

1.11.02.10

http://www.simpleweb.org maintains up-to-date RFC list for network management.

1.12.00 --SNMP Reference

1.12.01 
SUBJECT: What books are there which cover SNMP?

You may wish to visit http://www.pantherdig.com/snmpfaq
for a preset search on Barnes & Noble dot Com for SNMP.
A small part of each sale goes toward supporting the
SNMP FAQ.

1.12.01.00 SNMP Books from Barnes & Noble dot com

1. SNMP, SNMPv2, SNMPv3, and RMON 1 and 2
William Stallings / Hardcover / Addison Wesley Longman, 
Inc. / December 1998
ISBN: 0201485346          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0201485346&bfmtype=book

2. Understanding SNMP MIBs: With Cdrom
Evan McGinnis,With David Perkins / Hardcover / Prentice 
Hall / September 1996
ISBN: 0134377087          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0134377087&bfmtype=book 

3. Windows NT SNMP: Simple Network Management Protocol
James D. Murray,Deborah Russell (Editor) / Paperback / 
O'Reilly & Associates, Incorporated / February 1998
ISBN: 1565923383          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=1565923383&bfmtype=book 

4. Managing Internetworks with SNMP with Cdrom
Mark A. Miller,P. E. Miller / Paperback / IDG Books 
Worldwide / July 1999
ISBN: 076457518X          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=076457518X&bfmtype=book

5. A Practical Guide to SNMPv3 and Network Management
Dave Zeltserman / Hardcover / Prentice Hall / May 1999
ISBN: 0130214531          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0130214531&bfmtype=book

6. Troubleshooting with SNMP & Analyzing MIBs
Louis Steinberg / Paperback / McGraw-Hill Companies, The 
/ June 2000
ISBN: 0072124857          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0072124857&bfmtype=book

7. SNMP Network Management
Paul Simoneau / Paperback / McGraw-Hill Companies, The / 
January 1999
ISBN: 0079130755          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0079130755&bfmtype=book

8. Snmp++: An Object-Oriented Approach to Developing 
Network Management Applications
Peter E. Mellquist,Hewlett-Packard Company / Paperback / 
Prentice Hall / July 1997
ISBN: 0132646072          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0132646072&bfmtype=book 

9. LAN Management with SNMP and RMON
Gilbert Held / Paperback / Wiley, John & Sons, 
Incorporated / August 1996
ISBN: 0471147362          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0471147362&bfmtype=book 

10. SNMP Application Developers Manual
Robert L. Townsend / Hardcover / Wiley, John & Sons, 
Incorporated / December 1997
ISBN: 0471286400          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0471286400&bfmtype=book 

11. Total SNMP: Exploring the Simple Network Management 
Protocol
Sean J. Harnedy,Sean J. Harnedy / Paperback / Prentice 
Hall / June 1997
ISBN: 0136469949          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0136469949&bfmtype=book 

12. How to Manage Your Network Using SNMP: The Networking 
Management Practicum
Marshall T. Rose,Keith McCloghrie / Paperback / Prentice 
Hall / September 1994
ISBN: 0131415174          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0131415174&bfmtype=book 

13. RMON: Remote Monitoring of SNMP-Managed LANs
David T. Perkins / Hardcover / Prentice Hall / September 
1998
ISBN: 0130961639          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0130961639&bfmtype=book 

14. SNMP V3 Survival Guide: Practical Strategies for 
Integrated Network Management
Rob Frye,Jon Saperia / Hardcover / Wiley, John & Sons, 
Incorporated / January 1999
ISBN: 0471356468          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0471356468&bfmtype=book 

15. SNMP-Based ATM Network Management
Heng Pan / Hardcover / Artech House, Incorporated / 
September 1998
ISBN: 0890069832          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=0890069832&bfmtype=book 

16. SNMP: Simple Network Management Protocol: Theory and 
Practice, Versions 1 and 2: Theory and Practice, 
Versions 1 and 2
Mathias Hein,David Griffiths (Editor) / Paperback / Itcp 
/ May 1995
ISBN: 1850321396          To order from Barnes & Noble:
http://service.bfast.com/bfast/click?bfmid=2181&sourceid=1713751&bfpid=1850321396&bfmtype=book

For a list of other books which may or may not be in 
print, go to http://www.pantherdig.com/snmpfaq/otherbks.txt

1.12.02
SUBJECT: What periodicals are heavily oriented to SNMP?

1.12.02.01
     One bi-monthly newsletter is "SIMPLE TIMES".
     You can subscribe via email at
 
     mailto:/st-subscriptions@simple-times.org
 
     Use HELP on the Subject line for details. Also try

     http://www.simple-times.org
 
     For back issues of Simple Times, try

        http://www.simple-times.org/pub/simple-times/issues

1.12.02.02
     ConneXions, The Interoperability Report
     480 San Antonio Road, Suite 100
     Mountain View, CA 94040
 
     Ph: 415-941-3399
     Fx: 415-949-1779
 
 
1.12.03
SUBJECT: What classes are available on the topic of SNMP?

1.12.03.01
     Softbank Forums
     303 Vintage Park Drive
     Foster City, CA 94404
 
     415-578-6986
 
     EMail: onsite@interop.com


1.12.03.02 
     Network World Technical Seminars
 
     Ph: 800-643-4668  (direct: 508-820-7493)
     Fx: 800-756-9430

     [Fax back line, ask for document 55]

1.12.03.03
     Learning Tree International
     1805 Library St
     Reston, VA 22090-9919

     800-843-8733 or 703-709-6405

     http://www.learningtree.com

1.12.03.04
     American Research Group, Inc.
     PO Box 1039
     Cary, NC  27512
   
     919-380-0097

1.12.03.05

    Chateau Systems, Inc
    SNMP Training & Development
    360 862-1154
    http://www.chateausystems.com

    Larry R. Walsh


1.12.04
SUBJECT: What email discussion groups are available for SNMP?
 
1.12.04.01
SUBJECT: Mailing lists for SNMPv1
 
"This mailing list is currently being managed with ListProcessor,
v6.0c."

Updates to be made include the request address.  It should be:

	listproc@lists.psi.com

The subject line is not looked at.  The body of the message should
contain:

	subscribe <list> <your email address>

For the snmp list, subscribe to the list by sending a message to:

	listproc@lists.psi.com

with a message body of:

	subscribe snmp <emailaccount>@<mailhostname.domain>"

George Smith

It appears the new valid snmpv1 mailing list address is
snmp-request@lists.psi.com.

However, when I tried to subscribe to snmpv2 mailing list, my email was
simply not recieved by anyone.

Paul Ledbetter


1.12.04.02
SUBJECT: Mailing lists for SNMPv2

"For the snmpv2 list, subscribe to the list by sending a message to:

        snmpv2-request@tis.com

with a message body of:

        subscribe snmpv2 <emailaccount>@<mailhostname.domain>"

George Smith

[Editor's Note: Out of action? See above topic]

 
1.12.05
SUBJECT: What trade shows cater to SNMP?

   These days nearly every networking trade show in the
   US, and many outside the US, covers the SNMP market.

   The "big name" in internetworking is (their text):
 
"NetWorld+Interop (the definitive networking event)

Online registration at
	http://www.interop.com

Phone registration and customer service: 800-962-6513 and 650-372-7079

Mail registration
NetWorld+Interop
c/o ZD Events
PO Box 45295
San Francisco CA 94145-0295"
   
 
1.12.06
SUBJECT: What SNMP Product User Groups Are There?
 
1.12.06.01
HP OPENVIEW:

For owners of a run time license to HP OpenView, there
is the the OpenView Forum (a yearly fee is charged).

OpenView users should be directed to the OpenView Forum at their web site:
http://www.ovforum.org


"You might also want to include a pointer/reference somewhere on your site
for Summit Online.  It's a great resource (check it out).  The URL is
http://www.summitonline.com"

Rick Sturm

There is an email list for the ovforum.
It is very active (20-40 messages per day).
to submit questions or responses:
	ovforum.ovforum.org
To Subscribe:
	I think it's majordomo@ovforum.org.  If you try to subscribe to
      ovforum.ovforum.org it will respond with subscription instructions.

Matt Dougherty

 
1.12.06.02
SUNNET MANAGER (revised 3/95):

  If you wish to subscribe to snm-people, send a message to

          listproc@zippy.Telcom.Arizona.EDU

   with no subject, containing only the words:

   subscribe snm-people "Kent F Enders"
                        [^^^^^^^^^^^^^^^^^^^]

   [Editor's note: we assume this should be your name here!]

  If you wish to unsubscribe from snm-people, send the message:

    unsubscribe snm-people

  For more information on using listproc, send the message:

    help 
 
This list is devoted to the issues revolving around the use of the
SunNet Manager Software package.
 
An anonymous FTP area is set up on Zippy.Telcom.Arizona.EDU as
ftp://128.196.128.85/~/pub/snm
 
For those users that do not have access to ftp directly, zippy also
supports ftps by mail.  If you want to try it out send an email
message with the word `help' in the body of the message for some
instructions.  Send that email message to
            ftpmail@zippy.telcom.arizona.edu.
 
An archive of the mail messages sent to the list subscribers is
maintained as well. To get an index of these messages send a message
to listproc@zippy.telcom.arizona.edu with a single line message of:
 
   INDEX SNM-PEOPLE
 
To remove your name from the mailing list send a one line mail message
to  listproc@zippy.telcom.arizona.edu.  The message should contain the
line:
 
   UNSUBSCRIBE SNM-PEOPLE
 
To receive a list of the commands for the listproc send a message to
listproc@zippy.telcom.arizona.edu with a message of:
 
   HELP
 
To send a message to the list send mail to 

mailto:snm-people@zippy.telcom.arizona.edu
 
1.12.06.03
IBM NetView

There is a NetView User's mailing list (not affiliated or run
by Tivoli) that is a great place to learn about NetView and
ask questions.  Quoting from the nv-l instructions:

 To subscribe to the NV-L list, send mail to LISTSERV@UCSBVM.UCSB.EDU
 (not to NV-L nor NV-L-request), with the single line in the body
 of the note:

   SUBSCRIBE NV-L firstname lastname

 This list is for the discussion of NetView and all related products,
 platforms, usage questions, bugs, and for the dissemination of
 announcements and updates by members of the NetView Association.
 Vendors are welcome to post short announcements of products and/or
 services.

You may want to visit the Tivoli NetView web page at:

 http://www.support.tivoli.com/faqs/prod5.html

Also, the IBM NetView "red books" are a good practical
source of information on NetView.  Try

 http://www.rs6000.ibm.com/resource/aix_resource/Pubs/redbooks/

or 

 http://www.redbooks.ibm.com

Brett Coley


1.12.07
SUBJECT: Where can I find SNMP-related material on WWW?

[from comp.dcom.net-management...]
----------------

1.12.07.01
it's best if you check out the following www page: it's devoted to
network management and contains an excellent overview and links to
all the different organisations and commitees:

	http://smurfland.cit.buffalo.edu/NetMan/index.html

Andreas Weder


1.12.07.02
Re: HNMS:
 
http://snmp.cs.utwente.nl/General/snmp-faq.html
 
Re: The tkined & scotty network management system:
 
http://www.cs.tu-bs.de/ibr/cgi-bin/sbrowser.cgi
http://www.cs.tu-bs.de/ibr/projects/nm/scotty/tcl+snmp.html
http://wwwhome.cs.utwente.nl/~schoenw/scotty/

 
1.12.07.03

[Deleted]

1.12.07.04
Commercial SNMP Software

(See SNMP FAQ Part 2):


1.12.07.05

[Deleted]

1.12.07.06

THIS SPACE WAS FORMERLY OCCUPIED BY A HUGE BUT UNMAINTAINED
LIST OF URLS SUBMITTED IN 1996 BY BRUCE BARNETT. IT HAS BEEN
REMOVED TO CONSERVE SPACE AND SINCE SO MANY OF ITS LINKS
HAD BECOME OBSOLETE. TO SEE IT FOR POSSIBLE VALUE, GO TO

http://www.pantherdig.com/snmpfaq/bb_urls.txt

1.12.07.07
eg3.com is a free resource, serving the needs of designers in
board-level, embedded, dsp, and realtime.

We already link to Simple Network Management Protocol,
as an important resource for the engineer in our free listings.

Judy Perry

1.12.07.08

http://www.snmpworld.com

1.12.07.09

http://www.SNMPLink.org -- based in France & well-maintained

1.12.07.10

http://www.simpleweb.org -- from Germany & well-maintained

1.12.07.11

Good overview of net management generalities, context into
which snmp fits:

    http://netman.cit.buffalo.edu/Doc/DStevenson

Good snmp intro for tech guys (like me).  I wouldn't want
to talk about snmp before knowing about half this stuff.
Ignore chapter 4, though, as it's basically hype for their
software.  But eveything else is not wasted reading.

    http://www.ddri.com/Doc/SNMP_Overview.pdf

The SNMP FAQ is very outdated, I feel.  Better is the
UCD-SNMP FAQ that comes with the linux software!

Erik Kruus

1.12.07.12

http://net-snmp.sourceforge.net


1.12.08
SUBJECT: What related mailing lists exist?

1.12.08.01

J. Lindsay wrote:

"I have started a mailing list for those interested in web-based network
and systems management.  To subscribe send email to
      mailto:web-manage-request@qds.com

with an email body of

      "subscribe web-manage <your email address here>"

The most applicable usenet news group is
news://comp.dcom.net-management.

TO UNSUBSCRIBE:

If you send an "unsubscribe me" message to the list itself
it is almost certain your mail box will overflow with people
flaming you.

The list is open and unmoderated. All requests should go to:

mailto:web-manage-request@qds.com

1.12.20 What related newsgroups exist?

1.12.20.01

Please also visit our cousin newsgroup
        news://comp.dcom.net-management.

1.12.20.02

There's a discussion group on delphi concerning Enterprise Management.
The areas covered are CA Unicenter, HP OpenView, Tivoli, Platinum Tech,
Enterprise Management,Trade Shows, EM User Groups, Networking Jobs,
Industry Discussion, and General Discussion.

Again, this is focusing on Enterprise Management. There are over 423
members to this forum as of 11/11/98.  You can visit this site at....

http://www.delphi.com/emc2

Christopher Smiga

1.12.21
SUBJECT: Are there introductory materials?

1.12.21.01

Look for a document called "ACE-SNMP An Introductory Overview of SNMP"
at http://www.ddri.com, I've found it very easy to read and understand and a
needed step before getting at RFCs.

Alessandro Scotti

1.12.21.02

"SNMP for Dummies" at:

   http://www.netcom-sys.com/techdocs.html

Is also good startup reading.

John J. Miller


1.13.00 --Miscellaneous

1.13.01
SUBJECT: SNMP and Autodiscovery

1.13.01.01

"Automated topology discovery is a hard problem due to the diversity of deployed
systems and the wide distribution of resource information.  I will briefly
mention some reasons why a ping/traceroute based approach will not work :
subnetting, tunneling, firewalls, virtual LANS.  Your network topology
discovery tool would have to extract more information like subnet masks,
etc and use heuristics for "guessing" the real topology.

I was a teaching assistant for the computer networks course offered in the
spring at Columbia, and assigned the third class project on network topology
discovery.  You may want to refer to the project resources WWW page at the
URL="http://www.cs.columbia.edu/networks97/project3/resources.html"

Alexander V. Konstantinou"

1.13.01.02

"[...]these are some of the methods that I had used

1. SNMP Broadcast on your local net; all SNMP agents respond
2. Listening for RIP, and OSPF ports, you'll get info on the routers around,
and consequently the different sub-networks connected by this router. If you
need a better discovery you could listen on both IP and IPX ports.
3. ICMP Router interface discovery; this will again give you information on
all the router interfaces (sub-nets)
4. Once you know a sub-net and it's mask (I'm speaking about IP nets) you
could issue an ICMP-echo spray to all the possible IP addresses in that
range, the one's who are alive will respond. But this has to be fine tuned
so that you do not swamp the network with disocvery packets. In case of IPX
you issue an IPX diagnostic message spray (the counterpart of ICMP in Novell
networks).
5. You could walk the routing tables (MIB2) and get information about other
routers and sub-nets. You could figure out the type of the sub-net (MAC
layer) by looking up "ifType" for each of the router interfaces.

NOTE: The typical problems you would face is handling unnumbered router
ports, and proxy-ARP issues."

Mohit Tendolkar

1.13.01.03

Check out this paper:
http://www.cs.cornell.edu/skeshav/papers/discovery.pdf

Daniel Secci

1.13.02
SUBJECT: SNMP Traps and NOTIFICATION-TYPE

1.13.02.01 - Traps

I am relatively ignorant about SNMP. However, I have spent a
reasonable amount of effort investigating agents, managers, the
technology, and I have read most of the important RFCs.

There are a bunch of related but simple, practical questions to which
I cannot get a straight answer: Are SNMP traps useful in the real
world? Can you depend on traps being sent across networks? Do agents
repeat traps? How do you select a polling interval if there are traps
you consider very important?

RFC 1215 (the one with the TRAP-TYPE macro) says traps are a bad idea
(well, sort of). RFC 1224 seems to describe a method to acknowledge
SNMP traps and throttle them?

What's the real feeling...you know, in practice? The real state of the
art?

Shyamal Prasad

Traps are very useful to us. They let us know when a router link goes down,
when network performance is degrading, when a power failure has occurred,
etc. - just to name a few.

You don't poll for traps - the agent just sends the traps to the network
management station(s) you tell it to send them to. Now you can program the
network management station to take automatic action if you so desire. For
example, if one of our ethernet concentrators sends us traps on a
misbehaving port we automatically do some checking and if it is a situation
that could potentially take our whole segment down we automatically
partition the port off of the network. I'm sure this has saved numerous
network outages.

Yes, agents may send repetitive traps. The way you throttle or deal with
them depends on the software you use on your network management station.

All that said - you cannot rely on traps alone. For example, if I die - I
cannot pick up the phone and tell someone that "I am dead". Neither can a
SNMP agent. Therefore it is good to poll the agents periodically just to see
if they are alive and well.

Blaine Owens

1.13.02.02 - NOTIFICATION-TYPE

The current terminology in use in SNMP is the following:

  The NOTIFICATION-TYPE construct is used to define events
  or conditions of interest in a managed system. (In the
  earlier, but now obsolete, version of the SMI, the
  TRAP-TYPE construct was used.)

  SNMPv1 protocol contains the TRAP message type that
  is sent when an event or condition defined by a
  NOTIFICATION-TYPE construct occurs.

  SNMPv2c and SNMPv3 protocols contain the v2TRAP and
  INFORM message types that are sent when an event or
  condition defined by a NOTIFICATION-TYPE construct
  occurs. A v2TRAP message is not confirmed, and an
  INFORM message is confirmed (that is, a response
  message is sent back).

  There is no such thing as an alarm in SNMP.

David T. Perkins

1.13.02.03 - Enterprise versus Generic Traps

There were 6 defined traps [SNMPv1] that were considered to be common
that could be generally useful for most/many SNMP agents
[perhaps some more important than others]. There was also
the need to let agent/MIB designers implement the idea of
traps that were specific to their hardware/software/management
needs. In the v1 packet there are 2 fields associated with
these, the one for generic traps would be given a value of 0..5
to identify which of the generic traps the packet was related
to, or 6, in which case the other [enterprise specifc] field was
used to carry the information about what trap was being
triggered. Plus there are was another OID field in the v1 trap
packet that the manager application would get to identify the
[enteprise specific] trap since different agents on different types
of hardware would likely use the same values. The v1
approach was not great. With v2 packets this changes
somewhat. SMIv2 MIBs traps (NOTIFICATIONS) are not identified
as some integer value but rather as a node in the tree. The 6 generic
traps were specified as 6 children of a parent node down under a
new SNMPv2 subtree in the world-wide tree specification (with
node values 1..6, not 0..5). There is no longer a special trap
packet format for v2... the old v1 special fields are now v2
varbinds in a standard v2 response packet. 

Jim Jones

1.13.02.04 -- SNMPv1 Traps versus SNMPv2/v3 Notifications

In the SNMPv1 protocol, there is a single type of operation
to send an unsolicited message from an agent to a manager,
which is a [v1]Trap. SMIv1 uses the TRAP-TYPE construct to
define the conditions when such a message can be generated,
the identification of the message, and the management
information to be contained in the message.

When the second version of the SNMP framework was created,
it was realized that the simple model for sending unsolicited
messages needed to be generalized and a few problems solved.
The class of unsolicited messages was renamed to notfications,
and contained two types, which are v2TRAP (an unconfirmed
notification), and INFORM (a confirmed notification).
(Please note that an it is incorrect to characterize v1/v2TRAPs
as unreliable and INFORMs as reliable.) Due to politics at the time,
INFORMS were labelled as "manager-to-manager" communication.
However, this labelling has been fixed (and anyone that
claims that INFORMs are "manager-to-manager" communications
is living with a 1996 world view and not a present world
view!)

The first and second frameworks for SNMP-based management
do not contain a standard mechanism to configure where to
send notification nor the other details such as which type,
and the security parameter values. The result has been
proprietary definitions that vary in sophistication.
The simplest is a table of IP addresses where to send
traps (with no support for INFORMs, and other properties).

The third version of the SNMP framework contains in RFC 2573
and RFC 2576 a VERY RICH mechanism for managing notification
generation.

David T. Perkins

1.13.03
SUBJECT:  SNMP and/versus the Web

1.13.03.01
SNMP MIB Browsers for Web Software

1.13.03.01.01
Commercially Available.

1.13.03.01.01.01
     MibMaster, an SNMP to HTML Gateway from Equivalence

     http://www.equival.com/
     An evaluation version is available free.  A fully-functional
     version can be purchased.

1.13.03.01.02
Public Domain.

http://www.uni-ulm.de/urz/mibbtogather/

1.13.03.02
Web Browsers as Network Agents/Managers

No data available.


1.13.04
SUBJECT:  SNMP and Java

"If you have a Linux or Windows NT environment check out:
  http://www.equival.com/

For Java see:
  http://www.adventnet.com/"

Carl H. Wist

Other sources:

http://www.mindspring.com/~jlindsay/javamgmt.html
http://www.research.att.com/~nikos/marvel/
http://madonna.postech.ac.kr/~sunhokim/snmp.html
http://java.sun.com/products/JavaManagement/index.html
http://www.thinsoft.com/
http://www.west.nl/archive/java/snmp/
http://www.westhawk.co.uk/

Hope this helps.

Martin Cooley


1.13.04.01
Java Classes/Applets/Etc for SNMP

1.13.04.01.01
Commercially Available

1.13.04.01.01.01
     Advent Network Management, Inc.

     http://www.adventnet.com

     mailto:info@adventnet.com

       AdventNet, Inc.
       1090 King Georges Post Road, Suite 405
       Edison, NJ 08837
       Phone: 1-800-470-5959 OR +1-732-738-6669
       Fax    :  +1-732-738-5377

1.13.04.01.01.02
     SunSoft

     http://java.sun.com

     Note: the above is one place to start, but don't
     forget to search the Web

"Another option for building SNMP agents in Java is Sun's
Java Dynamic Management Kit (JDMK) product.  Take a look at
http://www.sun.com/software/java-dynamic/

JDMK is based on Java Beans -- as the agent developer, all you have to
do is to adhere to the Java Beans design patterns in your Java code.
An SNMP MIB compiler is provided that translates an SNMP MIB definition
into Java Beans, you then need to fill in the methods of the generated
Beans."

Dave Hendricks

>  ... could some one tell me how to subscribe to the JDMK mailing
> list I have subscribed using the indication of the JDMK home page but I
> do not think some thing happening on this list :

You should subscribe by sending an email to listserv@java.sun.com 
containing in the body:

SUBSCRIBE JDMK-FORUM <your email address>

(I am not sure whether you should also remove your signature, but I 
guess it is safer anyway)

To get a better response time, please direct your questions regarding
JDMK to the JDMK-FORUM list rather than to this forum.

The JDMK-FORUM archives are accessible at 
    http://archives.java.sun.com

You might want to have a look at the Java Dynamic Management Kit 
at http://www.sun.com/software/java-dynamic/ 

Daniel Fuchs

1.13.04.01.01.03
     Gamelan

     http://www.gamelan.com

     Lots of links to Java sites, developers, code, etc.

1.13.04.01.01.04

[...]Furthermore, the coupling of Sun's Jini and JDMK looks promising for
creating "plug-and-manage" systems

http://www.sun.com/consumer-embedded/cover/jdmkjini.html

Steve Common

1.13.04.01.01.05
You may want to mention Cyberons for Java -- SNMP Manager Toolkit from
Netaphor

This product sells for $499 per developer license and royalty-free
unlimited distributions.

The product also provides high level functions such as device
discovery, MIB walks, columnar and row access to tabular data, etc.

A programmer's guide is available online at http://cyberons.com.

Shripathi Kamath

Cyberons for Java SNMP Manager Toolkit version 2.0 supports SNMP v3, and
includes easy-to-use classes which provide access to all v3 features. We
paid a great deal of attention while designing these classes to ensure that
management applications can be written to work with all versions of SNMP
with minimal differences in code, and provide numerous examples to
illustrate usage.

Also available as a separate product is Cyberons for Java SNMP Utilities
1.0, which is a set of utilities to work with the SNMP Manager Toolkit.
These utilities include a MIB compiler/loader, a MIB browser and test
application.

More information about these products, including a complete programmer's
guide, can be obtained from http://cyberons.com

Gopal Narayan

1.13.04.01.02
Public Domain

1.13.04.01.02.01

From Jan-Arendt Klingel ...

"Beside MIB-Master there is the JaSCA class library (Java SNMP Control  
Applet). The URL is http://termiitti.akumiitti.fi/nixu/. The organisation  
is called Nixu Oy and is located in Finland. One of the three authors is  
Pekka Nikander (Pekka.Nikander@nixu.fi).

[Note: This site seems to have moved to www.nixu.fi, is all in Finnish.]

1.13.04.01.02.02

There is a mailing list called "Java Network Management Mailing List" on  
java-nm@clearlight.com. To subscribe send an email to  
majordomo@clearlight.com with a body of "subscribe java-nm". There is not  
so much traffic on the list (maybe because of a bug in the majordomo  
list).

1.13.04.01.02.03

The URL http://www.West.nl/archive/java/snmp/ seems to have disappeared.
-Ed

1.13.04.01.02.04

A very nice Java tool can be found on http://misa.zurich.ibm.com/~lde/.  
It's Luca Deris hot application called "Liaison", developed at the IBM  
Research Center in Zurich. There are SNMP and CMIS-agents to query network  
management data.

[Note: Site reported unreachable, 11/20/98]

In the next three months I will hopefully present a network management  
application with Java "droplets". The URL is http://193.174.26.169:8080.  
Remember to switch off "lock ports above 1024" at your firewall."

Jan-Arendt Klingel

1.13.04.01.02.05

From "Patrick"

If you are looking for creating SNMP agents in Java, you can look at :

JDMK : contains a mib compiler that creates java (agent) classes from a mib.

JMAPI :  Java Management API (JMAPI)

Java Dynamic Management Kit : http://www.sun.com/software/java-dynamic
JMAPI : http://java.sun.com:80/products/JavaManagement/index.html

1.13.04.01.02.06

"JMGMT is a java implementation of a SNMP stack.
It also includes source code of examples [of]
how to start writing servlets and an agent with JMGMT.
The JMGMT java classes include packages for

 * the representation of ASN.1 values,
 * BER encoding and decoding of ASN.1 values,
 * the representation of SNMP v1 packets,
 * SNMP I/O with peers and connections,
 * and SNMP exception handling.

2nd public release, now with full source code.

JMGMT is a java implementation of a SNMP v1 stack.

It also includes the complete source code of all classes
and examples how to start writing servlets and an agent with JMGMT.

The JMGMT java classes include packages for =

 * the representation of ASN.1 values, =

 * BER encoding and decoding of ASN.1 values, =

 * the representation of SNMP v1 packets, =

 * SNMP I/O with peers and connections, =

 * and SNMP exception handling. =

The JMGMT classes are free and available for download on

  http://i31www.ira.uka.de/~sd/mgmt/jmgmt-1.1.zip

API documentation is online at

  http://i31www.ira.uka.de/~sd/mgmt/jmgmt/README.html

Sven Doerr

1.13.04.01.02.07
You may try MIB Designer which is a Java 1.2.2/1.3 application
that will run on Unix if that Unix support one of the JREs.
MIB Designer has all the features you requested and much
more. It can be found at http://www.mibdesigner.com

Frank Fock

1.13.05
SUBJECT: SNMP and CORBA

1.13.05.01

>I am currently using an SNMP Manager from SNMP Research on a UNIX
>Solaris box and am looking for a CORBA compliant SNMP Manager.  Does
>anyone know of such an animal?

>Dave Stephens

What do you mean when you say "CORBA compliant" SNMP manager?
If you mean that the SNMP manager should provide a CORBA programming
interface you will find some products when you search the internet
for the term "JIDM" (Joint Inter Domain Management).

Werner Poeppel

1.13.05.02

I worked on such a project.  SNMP and TL1 were embedded peers
running on top of Corba.  Esentially, the implementation for
the SNMP functions made Corba service calls to get the data
they needed to satisfy the SNMP request.

The Corba layer abstracts the device and, thus, the SNMP/TL1/etc
developers worked at a high-level.  This made it fast to support
new MIBs (as long as the Corba IDL was there), but at a
slight/moderate cost to performance.  One challenge is the style
of IDL, i.e. course- or fine-grained object defs.  Course grained
object defs makes it easy/efficient for such things as GUIs to
operate over Corba but meant SNMP had to pull a lot more data
than it typically needed to satisfy a SNMP request.  Also [you]
have to provide "next" IDL methods otherwise it is very inefficient
for SNMP getNext hooks to repeatedly make Corba calls until the "right"
object is found.  In sum, my impression is that if SNMP is the
primary method of managing a device, then SNMP/Corba stack is
questionable.  If SNMP is a minor service, then maybe this is a
good choice.  Either way, IDL designers need to consider SNMP
issues before they set the IDL into stone.

I understand there are tools/stds to convert MIBs into Corba IDL,
which would make it easy/efficient to stack SNMP over Corba. However,
this produces fine-grained object defs which may not be suitable for
Java/GUI impls that use such tools to serve as the primary mgmt
interface.

Lauren Heintz

1.13.06
SUBJECT: SNMP and Visual Basic

1.13.06.01
Terri Coleman wrote:
> 
> I need to be able to write SNMP Sets and Gets from within a Visual Basic
> application.  Can anyone help?

Maybe this package of ocx's contains what you are looking for
	http://www.dart.com/powertcp/
Free trail version for download available.

Bernhard Fischer

1.13.06.02
LogiSoft AR has SNMPv2 toolkit for Visual Basic that includes SNMP
ActiveX control and utilities supporting v1 and v2c
Look up www.logisoftar.com

Alan Revzin

1.13.06.03
NETAPHOR SOFTWARE, INC., has recently released Cyberons, a
suite of ActiveX components for engineering and networking applications,
which includes a SNMP Manager control.

Please note that we do not support trap reception at this time, though this
feature will be included in our next release. But if you want to perform
SNMP Get, GetNext and Set operations with a real lightweight control, which
requires minimal VB code in order to be functional, I think you will find
the Cyberons product to be an ideal match.

You can check out our free 30-day trial by downloading it from
http://www.netaphor.com/products/index.asp

Gopal Narayan

1.13.06.04
You may want to try Mabry Software.  They have an OCX that you can download
from http://www.mabry.com.

Richard Grier

1.13.07
SUBJECT: SNMP and IPv6

> I have a question regarding SNMP and IPv6, and more particularly
> SNMP v1 and IP v6.
>
> Can SNMP v1 be used over an IP v6 network?
>
> Daniel Fuchs

Yes. The only thing that is missing are concrete values for the
TDomain and appropriate TCs which define the address formats. This
is being worked on. The latest document is available at:

<http://www.ibr.cs.tu-bs.de/~schoenw/draft-ietf-ops-taddress-mib-02.txt>

Discussions take place on the <mibs@ops.ietf.org> mailing list.

> In that case how do you handle the agent-addr field of the
> trap v1 PDU? (agent-addr is NetworkAddress which is IpAddress
> which is OCTET STRING (SIZE(4)) which doesn't have enough room
> for an IP v6 address).

This not only applies to IPv6 but also to other non-IPv4 transports.
In general, agent-addr is broken and the second version of the
protocol operations use a trap format which does not have the
agent-addr field anymore.

> Now if you're agent is bilingual (or trilingual) how do you
> handle trap conversion from v2 to v1 when your network is 
> based on IPv6?

With SNMPv3, you use the engineID to identify the originator of a
notification. In SNMPv2 or SNMPv1, you are lost.

> Is there any RFC that specifically addresses SNMP and IPv6 ?

Not really. The ID I have cited above is part of the solution. I am
not sure we need much more because UDP is UDP regardless which IP
version you use (except that the network layer address format changes).

Juergen Schoenwaelder

1.13.10
SUBJECT: SNMP and C#

>I am planning to make an SNMP manager (using C#) that will query any SNMP
>agent. Currently I'm not able to find any SNMP libraries for C#. Can anyone
>point me to a direction.

>Also any simple C# code for SNMP will be helpful.

>Rubaiyat

You access SNMP devices using the SNMP provider for WMI.WMI is wrapped by
the System.Management namespace classes.

Please refer the folowing link for more more details
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/
installing_the_wmi_snmp_provider.asp
http://www.c-sharpcorner.com/Code/2002/Sept/SnmpLib.asp

Sreejumon


Also, have a look at this snmp libraries for .NET:

http://www.csharphelp.com/archives2/archive380.html

Kumar Gaurav Khanna

I know some of you have posted looking for a C# Snmp library or one
for dotnet. Anyone who is interested check out NetToolWorks, Inc.

http://www.nettoolworks.com

 
1.20.00 --General Questions about SNMPv2

1.20.01
SUBJECT: What is SNMPv2?

 
   SNMPv2 is a revised protocol (not just a new MIB)
   which includes improvements to SNMP in the areas
   of performance, security, confidentiality, and
   manager-to-manager communications.
 
        
   SNMPv2 Framework :
   The following RFCs identify the major components of SNMPv2.

   Historical
   ----------
 
   RFC 1441 - Introduction to SNMP v2
   RFC 1442 - SMI For SNMP v2
   RFC 1443 - Textual Conventions for SNMP v2
   RFC 1444 - Conformance Statements for SNMP v2
   RFC 1445 - Administrative Model for SNMP v2
   RFC 1446 - Security Protocols for SNMP v2
   RFC 1447 - Party MIB for SNMP v2
   RFC 1448 - Protocol Operations for SNMP v2
   RFC 1449 - Transoport Mappings for SNMP v2
   RFC 1450 - MIB for SNMP v2
   RFC 1451 - Manager to Manger MIB
   RFC 1452 - Coexistance between SNMP v1 and SNMP v2

Micha Kushner adds:

RFC Number   Title                                   Status
--------------
RFC 1901     Introduction to Community-based SNMPv2  Experim Standard
RFC 1902     SMI for SNMPv2                          Draft Standard
RFC 1903     Textual conventions for SNMPv2          Draft Standard
RFC 1904     Conformance statements for SNMPv2       Draft Standard
RFC 1905     Protocol operations for SNMPv2          Draft Standard
RFC 1906     Transport mappings for SNMPv2           Draft Standard
RFC 1907     MIB for SNMPv2                          Draft Standard
RFC 1908     Coexistence between SNMPv1 and SNMPv2   Draft Standard

Wes Hardaker adds:

"All SNMPv2 versions but one are historical.  Only SNMPv2c is
experimental, but is widely accepted as the SNMPv2 standard.  Note
that the other pieces of SNMPv2 (protocol, SMI, etc) are on the
standards track.  Only the architecture that ties them together is
experimental.  The SNMPv2 messaging protocol, etc, are referenced in
the SNMPv3 documents, which are on the standards track at draft
standard right now."


1.20.02
SUBJECT: What is SNMPv2*/SNMPv1+/SNMPv1.5/SNMP++?

 
  SNMPv2 had been announced for many months, and most of us assumed that it was
  accepted as the next step up from SNMPv1. That assumption was false.  In fact there
  were several points on which the members of the IETF subcommittee could not agree.
  Primary among them was the security and administrative needs of the protocol.

  Simply put, SNMPv2*/SNMPv1+/SNMPv1.5 is SNMPv2 without the contentious
  pieces, but *with* the stuff everyone agrees is of value.

  You may wish to check
     http://www.int.snmp.com/v2star.html
   for more details.

===

Edward M. Hourigan wrote:
: I keep hearing about SNMP++.  What is it?  Are there any web pages
: describing what it is? 

  I believe there is a Web site with this info at :

	http://rosegarden.external.hp.com/snmp++/

  Hope this helps,

	John Silva

also:

The original SNMP++ 2.6 sources can be found at

http://rosegarden.external.hp.com/snmp++

If you`re looking for a Linux/Solaris/Digital port you might
try 

http://fock.de/frank/english/agent++src


Frank Fock


[Editor's Note:  See also Part 2: Public Domain SNMP software]


I'd like to announce availability of MG-WinSNMP SDK V1.0b6,
a 32-bit implementation of WinSNMP specification. It is 
available under the shareware license and you are welcome 
to download it from the following URLs:

http://www.mg-soft.si/
http://www.abit.co.jp/varidocs/download.html

This release of MG-WinSNMP SDK (wsnmp32.dll, a 32-bit 
winsnmp.dll library) by MG-SOFT Corporation has been 
published in order to gain compatibility with the Revision 
2.5f of SNMP++, an Open Specification for Object Oriented 
Network Management Development Using C++ by Peter Erik 
Mellquist, Hewlett Packard Company.
(http://rosegarden.external.hp.com/snmp++/)


Matjaz Vrecko

[Editor's Note:  See also Part 2: Public Domain SNMP software]

1.20.03
SUBJECT: What is SNMPv2c?

SNMPv2c is the combination of the enhanced protocol features
of SNMPv2 without the SNMPv2 security. The "c" comes from the
fact that SNMPv2c uses the SNMPv1 community string paradigm
for "security".

1.20.04
SUBJECT: What the heck other SNMPv's are there?

1.20.04.01
See http://www.simple-times.org/pub/simple-times/issues/5-1.html

1.20.04.02
Unfortunately, many people are confused about the SNMP protocol
versions, which are:
  SNMPv1 - a standard and widely used
  SNMPv2p - party based, now obsolete (not used)
  SNMPv2c - community based, "expermental", but has usage
  SNMPv2u - user based, experimental and not used
  SNMPv3 with USM - standards track, trying to get traction

In SNMPv1, there was no standards-track mechanism defined that
specified where to send traps, so every vendor defined their
own approach. The SNMPv3 framework documents include mechanisms
that can also be used in SNMPv1 and SNMPv2c. They are very
complicated, but do work in specifying the targets for traps
in SNMPv1 and traps and informs in SNMPv2c and SNMPv3.

David T. Perkins

1.20.04.03
My advice would be to make SNMPv1 the first priority and SNMPv3 the second.
I would not bother to implement SNMPv2c unless it came for free with the
agent toolkit.

Mike Heard

1.20.04.04

There are several varients of the SNMPv2 protocol. They are:
  SNMPv2p(OBSOLETE): For this version, much work was done to
        update the SNMPv1 protocol and the SMIv1, and not just security.
        The result was updated protocol operations, new protocol
        operations and data types, and party-based security from
        SNMPsec. This version of the protocol, now called
        party-based SNMPv2 is defined by RFC 1441, RFC 1445,
        RFC 1446, RFC 1448, and RFC 1449. (Note this protocol
        has also been called SNMPv2 classic, but that name has
        been confused with community-based SNMPv2. Thus, the
        term SNMPv2p is preferred.)

  SNMPv2c(experimental, but widely used): This version of the
        protocol is called community string-based SNMPv2. It is
        an update of the protocol operations and data
        types of SNMPv2p, and uses community-based security from
        SNMPv1. It is defined by RFC 1901, RFC 1905, and RFC 1906.

  SNMPv2u(experimental): This version of the protocol uses the protocol
        operations and data types of SNMPv2c and security based on users.
        It is defined by RFC 1905, RFC 1906, RFC 1909, and RFC 1910.

  SNMPv2*(experimental): This version combined the best features of
        SNMPv2p and SNMPv2u. (It is also called SNMPv2star.) The
        documents defining this version were never published as RFCs.
        Copies of these unpublished documents can be found at the
        WEB site owned by SNMP Research (a leading SNMP vendor and
        previously a proponent of this version).


What this all means is that SNMPv2c is in current usage, whereas the
other variants are only around in limited form in labs are in some
versions of software that have been obsoleted.

David Perkins

1.22.00 --General Questions about SNMPv3

1.22.01
SUBJECT: What is SNMP V3?

Refer to http://www.ietf.org/html.charters/snmpv3-charter.html

See also:

"I am happy to announce that a SimpleTimes issue on SNMPv3 is now
available from the SimpleTimes Web server:

          http://www.simple-times.org/

The journal is available in PostScript and HTML format. New
SimpleTimes issues are announced over a special mailing list.  More
details about the SimpleTimes project and how to subscribe to this
mailing list can be found in the December 1997 issue or on the Web
server.

I hope you all enjoy reading this issue on SNMPv3 and I wish you all
the best for 1998."

Juergen Schoenwaelder

Juergen later added:

"You can find these links and many more on the SNMPv3 web page at:

	http://www.ibr.cs.tu-bs.de/projects/snmpv3/"

Micha Kushner adds:

RFC Number   Title                            Status=PROPOSED
--------------
Status = 3D PROPOSED
RFC 2271   An Architecture for Describing SNMP Management Frameworks
RFC 2272   Message Processing and Dispatching for the Simple Network
           Management Protocol (SNMP)
RFC 2273   SNMPv3 Applications
RFC 2274   User-based Security Model (USM) for version 3 of the 
	     Simple Network Management Protocol (SNMPv3)
RFC 2275   View-based Access Control Model (VACM) for the Simple
	     Network Management Protocol (SNMP)

Status = 3DDRAFT STANDARD
RFC 2570     Introduction to Version 3 of the Internet-standard Network
             Management Framework  (Status=3DINFORMATIONAL)
RFC 2571     An Architecture for Describing SNMP Management Frameworks
RFC 2572     Message Processing and Dispatching for the Simple Network
             Management Protocol (SNMP)
RFC 2573     SNMP Applications
RFC 2574     User-based Security Model (USM) for version 3 of the
             Simple Network Management Protocol (SNMPv3)
RFC 2575     View-based Access Control Model (VACM) for the Simple
             Network Management Protocol (SNMP)
Internet-
  Draft      Coexistence between Version 1, Version 2, and Version 3
             of the Internet-standard Network Management Framework

also, for SNMPv3 implementations ...

"See the list on
	http://www.ibr.cs.tu-bs.de/projects/snmpv3/#Implementations"

Simon Leinen

Bill Stallings writes:

My paper, "SNMPv3: A Security Enhancement to SNMP" published in the 4th
Quarter 1998 issue of the online journal IEEE Communications Surveys, is
now available at http://www.comsoc.org/pubs/surveys.

 http://www.comsoc.org/pubs/surveys/4q98issue/stallings.html
 
1.30.00 --RMON

1.30.01
SUBJECT: What is RMON?
----------------
  The Remote Network Monitoring MIB is a SNMP MIB for remote
  management of networks.  While other MIBs usually are created to
  support a network device whose primary function is other than
  management, RMON was created to provide management of a network. 
  RMON is one of the many SNMP based MIBs that are on the IETF
  Standards track.
 
1.30.02
SUBJECT: RMON Standardization Status

  RMON is one of the many SNMP based MIBs that are on the IETF
  Standards track (RFC 1310).  Currently (Jan 94) RMON has two
  instantiations in the IETF standards process.  First, RFC
  1271 - a Proposed Standard, specifies the general structure
  of RMON and the particulars of an Ethernet based RMON agent.
  RFC 1513 - a Proposed Standard specifies the additional RMON
  groups and specifics for a Token Ring network.
 
1.30.03
SUBJECT: RMON Working Group.

  The RMON Working Group is an IETF Working Group under the Network
  Management Area.  The WG meets periodically - usually at all IETF 
  meetings.  The WG maintains a mailing list for Questions and
  Comments concerning RMON.
 
    Mail List: mailto:rmonmib@cs.hmc.edu  ?

    If no luck there, try rmonmib@cisco.com

   The group's charter can be found at:

   http://www.ietf.cnri.reston.va.us/html.charters/rmonmib-charter.html
 
1.30.04
SUBJECT: Joining the RMON Working Group Mailing List

  To join the RMON Working Group mailing list, send mail to:
 
    Mail List Request: mailto:rmonmib-request@jarthur.claremont.edu.
 
  DO NOT send a request to join message to the general mailing list.

[Editor's Note: We have received a complaint that this request
 may bounce. The claremont.edu addresses may no longer be active]

    You may also wish to try: mailto:rmonmib-request@cisco.com

(Thanks to James Stansell for the detective work.)
 
1.30.05
SUBJECT: Historical RMON Records

  There are copies of the RMON mailing list messages and meeting
  minutes within the IETF archive structure - available at various
  sites.
 
  There is also a RMON archive directory which can be accessed via 
  anonymous ftp at:

   jarthur.cs.hmc.edu,  directory /pub/rmon
 
[Editor's Note: We have received a complaint that site no longer exists
 (or, was not at home when someone called). Anyone know if this site remains active?
 Is this the same place as jarthur.claremont.edu?]

1.30.06
SUBJECT: RMON Documents

  1.  RMON White Paper in  the anonymous ftp directory at 
  jarthur.cs.hmc.edu.  There are two formats: frame and postscript. 
  This paper was developed by members of the RMON working group
  prior to an Interop.  It is a superficial discussion of RMON.
 
  2.  Chapter 7 in "SNMP, SNMPv2 and CMIP: The Practical Guide to
      Network Management Standards" by William Stallings, (c) 1993
  Addison-Wesley, goes into some detail on the RMON MIB.

1.30.07
SUBJECT: RMON2

RMON2 is an IETF standards track effort.

The IETF RMON working group started on the RMON2 MIB module
back in the fall of 1994. It was published as RFC 2021 in
January 1997. All of the leading probe vendors, including
NetScout, Technically Elite, Solcom, HP, etc have probes
that support it. Also, many of the networking device manufacturers
including Bay Networks and 3Com have embedded RMON2 support
in their products. 

There was an interoperability test summit in December 1997, which
was attended by all of the companies above plus Cisco and
Cabletron.

The RMON2 specification is quite stable and ready for advancement
in the standards process. Two additions are in the works to be
published. They are RMON extensions for switches and an RMON
extension for fast networks.

The major difference [between RMON and RMON2] is that RMON provided
statistics only at the data link layer, where as RMON2 provides
statistics at the network and upper layers. 

As to the original questions from Paul Black,

It is difficult to take advantange of all the features in RMON
with generic tools. With RMON2, it is even more difficult.

Try
 http://www.netscout.com
 http://www.tecelite.com
 http://www.solcom.com

David T. Perkins [post edited for conciseness]

 
1.40.00 --ISODE

1.40.01
SUBJECT: What is ISODE?
------
ISODE (pronounced "eye-so-DEE") is an acronym for "ISO Develoment
Environment".  It is an implementation of SNMP which can be used
as the starting point for further refinement by you. In order to use
it you must agree to the conditions. This quote is from "The Simple Book", 2nd ed.:

"[ISODE] is openly available but is NOT in the public domain. You are
allowed and encouraged to take this software and use it for any lawful
purpose. However, as a condition of use, you are required to hold
harmless all contributors."

Most MIB compilers seen by this editor sprang from ISODE roots.

1.40.02
SUBJECT: Where can I get ISODE?


The old archive was ...
ftp.ics.uci.edu:mrose/isode-snmpV2/isode-snmpV2.tar.Z
        4BSD/ISODE 8.0 SNMPv2 package
        This distribution has moved.
        One place a copy can be obtained is listed below.
 
        Questions may be sent to ISODE-SNMPv2@ida.liu.se
        Mailing list may be subscribed by sending mail to
                isode-snmpv2-request@cs.utk.edu
 
  ftp://ftp.ida.liu.se/pub/isode-snmpV2/isode-snmpV2.tar.gz
        A copy of the 4BSD/ISODE 8.0 SNMPv2 package

  ftp://ftp.ida.liu.se/pub/isode-snmpV2/isode-8.tar.gz
  ftp://ftp.ida.liu.se/pub/isode-snmpV2/isode-snmpV2.tar.gz

1.40.03
SUBJECT: Is there an ISODE  SNMPv2 Mailing List?


Yes.  To subscribe, send email to:

    mailto:isode-snmpv2-request@cs.utk.edu


1.50.00 --Using SNMP to Monitor or Manage

1.50.01
SUBJECT:How do I calculate utilization using SNMP?

Brad Harris wrote:

> We are trying to setup T-1 utilization percentage stats using ifInOctets
> and ifOutOctets.

MANY ANSWERS FOLLOW:

1.50.01.01

I would suggest:

(DELTA(ifInOctets) + DELTA(ifOutOctets)) * 8
-------- * 100
(DELTA(sysUpTime) / 100) * 1 540 000

where DELTA(attribute) means the difference of the value
of attribute between two polls. Of course, the values for
ifInOctets, ifOutOctets and sysUpTime should be requested
in one single PDU.

Olivier Miakinen

1.50.01.02

Serial lines (including TDM systems like T1) measure interface
speed as half duplex.  That is, the 1.544 Megabit per second
bandwidth is one way; a full duplex line actually has twice that
value.  1.544 Mb for transmit, 1.544 Mb for receive.  If you want
the "interface utilization", then you would add outOctetcs and
inOctets together, as you did, but use 3088000 for the interface
speed.

If you want "line utilization" (which is more valuable for
typical management operations), you could use the "max" value of
in or out Octets, as in the previous example.  This is more
useful, because the line may be at 50% utilization (using your
method) and still be saturated, if all traffic is going one way.

T. Max Devlin

1.50.01.03

Make sure your time delta doesn't exceed the wrap time the 32 bit MIB2
counters,  ~6 Hrs for T1.  Its a nice touch if ifInOctets and ifOutOctets are
bound in the same PDUs.  Also bind sysUpTime in each PDU so you can detect
agent reload.

Charlie Dellacona

1.50.01.04

T1 circuits are duplex, you have to have separate
utilisation formulae for both in and out. Otherwise you run the risk of
missing that your heavily utilised in one direction because the other is
very light. In many configurations this is a likely situation, a short
frame requesting data from a server or mainframe resulting in megabytes
heading in the opposite direction.

Wim Harthoorn

1.50.01.05

To make your figures mean something useful, generate incoming and outgoing 
utilization separately. A T1 link is full-duplex....1.544 Mbps in each
direction. An organizational T1 Internet link will saturate on the incoming 
side while the outgoing side is less than half utilized.  Your formula would 
indicate that the link had some extra bandwidth capability when in reality 
its a major bottleneck.

Gary Flynn

1.50.01.06

You are missing a few subtleties of getting this exactly right.  What
you want to do is sample (all in one packet exchange) the values of
ifInOctets, ifOutOctets, and sysUptime.  Then, you sample all three
again (after some interval) and use the three deltas to compute:

	Delta(ifInOctets)*8
	-- => Input % utilization
	Delta(sysUptime)*154

And likewise for output.  Note that there are two factors of 100
folded into the denominator (that's why 154 instead of 1540000), one
since sysUptime is hundredths of a second and the second to get a
percent rather than a fraction.  You could also fold the 8 and 154
together as well, but that's not an integer...  And be sure your Delta
function properly accounts for wrapping.

You should do this periodically, each time computing the deltas from
the previous sample, dropping intervals that are "insane"
(e.g. sysUptime has a large delta [positive or negative] compared to
the wall [or monitoring system] clock).  You will want to compute
_both_ deltas and plot them over time as well as extracting just the
maximum value.  You want a sampling period that's small enough to
really indicate peaks, without being so short it overloads the
monitoring or monitored systems.  If you can, you want to monitor both
ends of the line (ifOutOctets at one end may be greater than
ifInOctets at the other, in which case it's a better measure of load
in that direction).

Michael A. Patton

1.50.01.07

Dependent on your need for reproduction and historical tracking of the
utilization and other factors such as error rates, you might want to
consider purchasing a performance monitoring and reporting tool to help
you through some of this.

We have a tool for doing precisely what you want, and it also solves for
cases of counter roll-over and sysuptime resets.  Our tool is called
ClearStats and is very economical and flexible.  We have autodiscover
and automated/scheduled reporting. Check us out at
http://www.clearstats.com

John Catalano

1.50.01.08

Dan Cox wrote:
> if you look in the rmon mib and look at the description of
> etherstatsoctets it tells you if you
> want to get utilization that you sample etherstatsoctets at two
> intervals and use this formula.  I want someone to explain the formula
> to me.
> 
> Here it is
>                        Packets   *   (9.6 + 6.4) + (Octets * .8)
> utilization =     ----------------------------------------------
>                                      Interval  *  10,000
> 
> I assuming this is for 10 mbps ethernet.
> What is the 9.6 and 6.4?
> Why do you need to know the number of packets?
> What formula do you use if you are using 100 mbps ethernet?
> What if it is full-duplex?


In the formula, 9.6 is the interpacket gap time in micro seconds.
6.4 is the preamble+start-frame-delimiter time in micro seconds.
Each time you send a packet, these are present.
The 10,000 is the speed. You change this to 100,000 for 100 Mb/s
ethernet.
For full duplex, the formula is the same, but it applies to
each channel. That is, full duplex is a point-to-point technology.
If you connect nodes A and B. There are essentially two dedicated
and contention free channels, one from from A to B and the other
from B to A. You can compute utilization on each channel.

David T. Perkins

1.50.01.09

Have a look at http://www.statscout.com/support/paper1.html for a little
bit of info on calculating utilization statistics. 

Paul Koch

1.50.01.10

Raja Kolli wrote:

> How do you represent the speed for full-duplex links e.g. full-duplex 10Mb
> ethernet, Should it be 10Mbps or 20Mbps? Or is there any other object (new
> ifType value etc.,) that can be used to represent full-duplex operation?
> Appreciate any pointers on the standrards.

Page 7 of RFC 2358, Definitions of Managed Objects for the Ethernet-like
Interface Types, describes how the ifSpeed object from IF-MIB should be
set for full-duplex ethernet interfaces:

[RFC quote deleted -- go get yourself a copy. Ed.]

So, the answer to your question is that for a full-duplex 10BaseT interface
ifSpeed should be 10Mbps, just as it is for a half-duplex interface.

C. M. "Mike" Heard

1.50.02
SUBJECT: What are Appropriate Operating Thresholds?

>We've just installed brand new PS Hubs and a SSII switch 3300 with SNMP
>capabilities from 3Com, and we're managing it with the Transcend Workgroup
>for Windows 6.0 application. Does anyone know which are the suitable
>thresholds for both hub and switch alarms? Basicly, I'd like to know just
>the more usual : Total errors, FCS errors, alignment errors, broadcast
>packets, runts, collisions, undersize and oversize packets, long and short
>events.
>
> Jorge Alaman~ac

[Editor's Note: T. Max Devlin's response has been edited to fit.
 These out takes are noted by "[...]".]

Suitable thresholds are environmentally sensitive; everybody's "correct"
values area little different.  The best you will get from products or
info sources are more "defaults" than "best guesses", IMHO.  We've found
that the ideal setting for thresholds does not correlate to absolute
numbers, or even typical ranges. [...]

The best approach, seriously, to thresholding is to consider, not some
absolute concept of the perfect network metrics, but the results of the
thresholding.  Essentially, you should look at a simple plot of your
values over a few hours and a few days (baselining), then pick a
threshold value that will result in an "appropriate" number of alerts.
If you want a log-style "this is how many times this happens", you might
want every peak to trip the threshold.  If a more report-oriented "the
occurrences happened at this time", a slightly higher value might be
called for.  "This is a problem, you should know about it even if you
can't 'fix' it" thresholds might trigger a few times a week, and the
"the network is broken; get busy" alerts should essentially be set high
enough so that they never happen under typical network conditions.

The real issue is not what the numbers should be, but how often you want
to know about it. [...]

But just so I don't leave you high and dry, here's some beginning
defaults, if you insist:

Total errors: <2%
FCS errors: <2%
Alignment errors: <1%
broadcast packets: Start with 10%; bring up if you are flooded, bring
                   down if it never triggers
runts: <1%, but some systems might have much larger values under normal
            conditions
collisions: 10%
undersize and oversize packets: <1%
long and short events: <1%

T. Max Devlin

1.50.03
SUBJECT: Are MIBs available to monitor application traffic?

George Koukoulas  wrote:

: I would like to find out if there are any MIBs about management
: of application traffic, meaning separate management of ftp,
: http, telnet, smtp, etc application traffic.

There are two to-be-published MIBs that may be of interest to you.

The Application Management MIB <draft-ietf-applmib-mib-11.txt> provides
statistics for application or service IO channels. On top of these 
channels, one can have transaction streams with transaction kind 
specific statistics.

The WWW Services MIB <draft-ietf-applmib-wwwmib-11.txt> provides a core
set of statistics for Web services. It is written against an abstract
document transfer protocol. Mappings to FTP and HTTP are defined in the
document.

Both MIBs have been approved by the IESG for publication as Prosposed
Standards. They are currently sitting in the queue of the RFC editor
waiting for publications as RFCs. Both MIBs are the product of the
application management working group.
				
Juergen Schoenwaelder

1.50.04
SUBJECT: How can I make sense of the Interfaces Group?

You should definitely look at RFC 2863 which is the latest definition of 
the interfaces group. The introductionary text is very valuable in order
to understand of the IF-MIB evolved over time.

Juergen Schoenwaelder

1.50.04.01

> If an interface is full duplex, does that mean it can transmit at a
> rate of 'ifSpeed' in each direction simultaneously, or does it mean that
> the interface has 'ifSpeed' worth of bandwidth in total?
>
> Glenn Reesor

ifSpeed should represent an estimate of the bandwidth of the 
interface. ifHighSpeed should be used if ifSpeed isn't 
large enough. 

http://www.faqs.org/rfcs/rfc1573.html

Les Cargill

There seems to be rough consensus on the former interpretation, i.e.,
that the interface can transmit at a rate of 'ifSpeed' in each direction
simultaneously.

Mike Heard

1.50.04.02

> If an interface is half duplex, does that mean that it can transmit
> at a rate of 'ifSpeed' in each direction, but only one direction at a
> time?
>
> Glenn Reesor

There seems to be nearly universal agreement on this interpretation.

In searching the IETF mail archive (specifically 1998-07.mail.aug4)
I found the following two excerpts which might be helpful:

On Friday, 3 Apr 1998, Gary Hanson wrote:
> > Should the ifSpeed for a T1 interface be 1.54Mb or should it be 3.08Mb
> > in that it can sustain 1.54Mb in both the transmit and receive
>
> The latest <draft-ietf-trunkmib-ds1-mib-08.txt> for the DS1-MIB is
> unambiguous on this point.  In section 3.1 it says to use 1544000
> for the ifSpeed for DS1 lines.

On Wednesday, 20 May 1998, John Flick wrote:
>  > 5) How do you tell if the interface is half or full-duplex for
>  >    both ethernet and token ring interfaces?
>
> The current answer for Ethernet is ifMauType.  Using ifSpeed, as one
> response suggested, has been used by some vendors (a survey I did a
> few months ago showed about half of the responders doubled ifSpeed for 
> full-duplex, though most agreed that this is a kludge).  The consensus 
> of the hubmib WG was that this should be disallowed.  The hubmib WG is 
> currently debating whether ifMauType is adequate, or if we need to add 
> an object for duplex mode to either the Ethernet MIB or IF-MIB.

Mike Heard

1.50.04.03

The Interfaces Group of RFC1213 has been superseded by RFC2863 and RFC2864:

2863 The Interfaces Group MIB. K. McCloghrie, F. Kastenholz. June
     2000. (Format: TXT=155014 bytes) (Obsoletes RFC2233) (Status: DRAFT
     STANDARD)

2864 The Inverted Stack Table Extension to the Interfaces Group MIB.
     K. McCloghrie, G. Hanson. June 2000. (Format: TXT=21445 bytes)
     (Status: PROPOSED STANDARD)

Although RFC1643 is a full-standard, it does not properly support
100 BaseT.  It has been superseded by RFC2665, which does:

2665 Definitions of Managed Objects for the Ethernet-like Interface
     Types. J. Flick, J. Johnson. August 1999. (Format: TXT=110038 bytes)
     (Obsoletes RFC2358) (Status: PROPOSED STANDARD)

Even though these are all SMIv2 MIBS, everything in them except for the
Counter64 objects in the IF-MIB can indeed be implemented in an SNMPv1
agent.

Mike Heard

1.50.10
SUBJECT: When do I use GETBULK versus GETNEXT?

1.50.10.01

You use GETNEXT, typically, to get selected columns from one or more
rows of a table. If you want the values for columns S(1)..S(s)
from columns C(1)..C(c) (where s<c)) for all rows in the table
(and there are N rows), you would make N+1 GETNEXT requests.
(This assumes that the varBinds for columns S(1)..S(s) will
fit in a request and response message.)

You use GETBULK, typically, as an optimisation of GETNEXT, and
you would not typically know how many rows will be in the table.
You just issue GETBULKs until you get all of the rows, just like
using GETNEXT.

With GETNEXT, you know when you are done when the response is not
the next row. Likewise, with GETBULK. However, instead of getting
a single set of extra varBinds, you get upto the the value of
maxRepeaters. This behavior is called "overshoot". If the agent
and manager support large max message sizes, and the maxRepeaters
is large, then you will have many extra varBinds in the last
reponse to GETBULK. Typically, this is not too bad.

David Perkins

1.50.10.02

See RFC 1905 section 4.2.3 what the real correct behaviour of a 
GetBulkRequest is. Especially study the situations under which an
agent returns less than the total number of repetitions.

Juergen Schoenwaelder

1.50.10.03

I keep getting questions on GetBulk, and how it works and so on,
and especially multi-var bind GetBulk.

I'll attach an part email I've had to send out recently, which can
be dumped into the FAQ.  Feel free to edit/clean up as needed.

[Editor's Note: See http://www.pantherdig.com/snmpfaq/getbulk01.html]

Pete Flugstad

1.50.12
SUBJECT: What free products can be used to monitor?

> I am looking for some Network Monitoring Software that will give
> alerts when a device or server goes down and that will also log and
> monitor snmp information for devices and be able to graph the data it
> logged.

> Cyberspew

I use a combination of nagios (updated version of netsaint) and mrtg with
rrdtool. Nagios provides complete network monitoring, including device and
service availability. It will even produce graphics of the nodes in your
network.

Mrtg allows you to graph any snmp object on your network; the most common of
which are incoming and outgoing traffic. I also use it to monitor cpu usage,
disk usage and webcache requests.

http://nagios.sf.net/
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/

RRDtool is an alternative logger for mrtg, which does not generate graphs
automatically, in order to save cpu time.

http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/

If you do not want to go down the free route, there is program for windows
that will do all of this (except you cannot choose any snmp object to
graph - only traffic) from Solarwinds, called Network Performance Monitor.
Their website is at http://www.solarwinds.net/.

Chris

1.75.00 -- SNMP Engineering and Consulting

1.75.01
SUBJECT: SNMP Engineering and Consulting Firms

[Editor's Note: Business entities named in this section should have
a minimum of three years of direct experience implementing SNMP
solutions at either the manager or agent node.]

1.75.01.01

    Core Competence Inc.

    David M. Piscitello
    3 Myrtle Bank Lane
    Hilton Head, SC 29926

    Email: dave@corecom.com
    Phone: (843) 683-9988
    Fax: (843) 689-5595

1.75.01.02

     SNMP Research International, Inc.
     3001 Kimberlin Heights Road
     Knoxville, TN 37920-9716

     Ph: 865-579-3311
     Fx: 865-579-6565

     mailto:info@snmp.com
     
     http://www.snmp.com

SNMP Research provides consulting and development services in
conjunction with the licensing of our products and development tools.

Our customers' needs include the following:
                       Product definition
                       MIB design,
                       Hardware design
                       Implementation
                       System integration/testing
                       Life-cycle maintenance
Our expertise and business model allows us to match
our resources with customers' needs anywhere along this spectrum.

1.75.01.03

    Panther Digital Corporation
    Danbury, CT

    OEM Software Engineers and Consultants
    http://www.pantherdig.com
    panther@pantherdig.com

    203 312-0349


1.75.01.04

    G & H Computer Services, Inc
    Daytona Beach, FL
    http://www.gandhsoftware.com

    904 255-1599
    904 253-1545 FAX

1.75.01.05

Prism Communications, Inc
10015 Old Columbia Road, Suite F-100
Columbia MD 21046

Tel: 410-381-1515
Fax: 410-381-8787

mailto: info@prismComm.com
http://www.prismComm.com

Prism Communications has extensive experience with
the development of SNMP v1/2/3 based solutions 
including RMON1/2 and AgentX.

Customers look to us to design enterprise MIBs,
develop embedded agents, extend/develop manager
frameworks, develop scripts for detailed testing.

We have extensive experience with VxWorks/pSOS, 
Win32 and Solaris environments and are a Solutions
Partner for HP OpenView.

END OF PART 1,    SNMP FAQ   PLEASE CONTINUE WITH PART 2.






Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру