Key Attributes
| Protocol Type: | Layer7 Protocol (Application Layer) |
|---|---|
| Standard: | RFC1155, RFC1157, RFC3415 |
| Purpose: | Network Management |
| Carrier Protocol: | UDP |
| Versions: | 3 (SNMPv1, SNMPv2c, SNMPv3) |
| Port: | UDP161 (Requests/Responses), 162 (Notifications) |
| Hierarchy Type: | OID Based Tree Hierarchy |
| Protocol Model Type: | Client Pull + Server Push Model |
SNMP Versions
| SNMP v1 | SNMP v2c | SNMP v3 | |
|---|---|---|---|
| Year Released | 1988 | 1993 | 1999 |
| Standard | RFC1155-1157 | RFC1901-8, 2578 | RFC1905-06, 3411-18 |
| Authentication | Community String | Community String | Username, MD5, SHA |
| Encryption | No | No | DES, AES |
| 64-bit counters | Not Supported | Supported | Supported |
SNMP Components
| SNMP Manager | Centralised Software for Network Management |
|---|---|
| SNMP Agent | Network Elements (a SW on them) that are managed e.g. routers, switches, hosts etc |
| MIB | SNMP Database data exchange between the Manager and the Agent remains structured |
SNMP Message Types
| snmp TRAP | Event Notification from Equipment(Agent to Manager) |
|---|---|
| snmp GET | Query for a value(Manager to Agent) |
| snmp GET-RESPONSE | Response to GET/SET/NEXT/BULK or error(Agent to Manager) |
| snmp GET-BULK | Multiple GetNext requests(Manager to Agent) |
| snmp GET-NEXT | Query for next value(Manager to Agent) |
| snmp INFORM | Confirmation of receiving the message(Manager to Agent) |
| snmp SET | Set a value, or perform action(Manager to Agent) |
SNMPv3 Security Levels
| noAuthPriv | No authentication, No privacy |
|---|---|
| authNoPriv | Authentication with No privacy |
| authPriv | Authentication with Privacy |
SNMPWALK Introduce
The snmpwalk command is a utility used to retrieve information from network devices that support the Simple Network Management Protocol (SNMP). SNMP is a protocol used for managing and monitoring network devices such as routers, switches, and servers.
The snmpwalk command allows you to query SNMP-enabled devices to retrieve a hierarchical list of values, known as Object Identifiers (OIDs), from the device’s Management Information Base (MIB). The MIB is a database that stores information about the device’s configuration, status, and performance.
Syntax
Here is the basic syntax of the snmpwalk command:
snmpwalk [options] agent [OID]
agentrefers to the IP address or hostname of the SNMP agent you want to query.OID(optional) is the Object Identifier that specifies the location in the MIB tree from which you want to retrieve information. If you don’t specify an OID,snmpwalkwill start from the root of the MIB tree and retrieve all available information.
Some common options you can use with snmpwalk are:
-v: Specifies the SNMP version to use (e.g.,-v1,-v2c,-v3).-c: Sets the community string for SNMPv1 or SNMPv2c.-m: Specifies a MIB module to load.-t: Sets the timeout for SNMP requests.-r: Sets the number of retries for failed SNMP requests.
Here’s an example of using the snmpwalk command to retrieve system information from a device:
snmpwalk -v2c -c public 192.168.1.1 system
In this example, we use SNMP version 2c with the community string “public” to query the device at IP address 192.168.1.1. We retrieve information from the “system” subtree of the MIB.
Note that the specific OIDs and MIBs available on a device may vary, so you’ll need to refer to the device’s documentation or MIB files to determine the exact OIDs you want to query.
It’s worth mentioning that snmpwalk is just one of the many SNMP-related tools available, and there are other similar commands like snmpget, snmpgetnext, and snmpbulkwalk that provide different functionalities for interacting with SNMP-enabled devices.
More Examples:
- Retrieve the complete MIB tree from a device:
snmpwalk -v2c -c public 192.168.1.1
In this example, we omit the OID argument, which results in snmpwalk retrieving the entire MIB tree from the device.
- Query a specific OID on a device:
snmpwalk -v2c -c public 192.168.1.1 system.sysDescr.0
This command retrieves the value of the sysDescr object in the system subtree of the MIB from the device.
- Use SNMPv3 with a specified username and authentication/privacy protocols:
snmpwalk -v3 -u myuser -a SHA -A myauthpass -x AES -X myprivpass 192.168.1.1 system
In this example, we use SNMP version 3 with the username “myuser” and authentication protocol SHA (Secure Hash Algorithm) with the authentication password “myauthpass”. We also specify the privacy protocol AES (Advanced Encryption Standard) with the privacy password “myprivpass”.
- Load additional MIB modules:
snmpwalk -m +MY-MIB -v2c -c public 192.168.1.1 myMIBObject
In this command, we load a custom MIB module called “MY-MIB” using the -m option. We then query the OID “myMIBObject” in that MIB on the device.
- Set a timeout and retry values:
snmpwalk -v2c -c public -t 5 -r 3 192.168.1.1 system
Here, we set the timeout for SNMP requests to 5 seconds (-t 5) and the number of retries for failed requests to 3 (-r 3).
Remember to replace the IP address, community strings, usernames, passwords, and OID values with the appropriate ones for your specific device and configuration.
- Retrieve interface information from a network device:
snmpwalk -v2c -c public 192.168.1.1 ifDescr
This command retrieves the interface descriptions (ifDescr) from the device, which provides information about each interface on the device.
- Retrieve CPU utilization information from a device:
snmpwalk -v2c -c public 192.168.1.1 hrProcessorLoad
This command retrieves the CPU utilization values (hrProcessorLoad) from the device, indicating the percentage of CPU usage for each processor on the device.
- Retrieve system uptime information from a device:
snmpwalk -v2c -c public 192.168.1.1 sysUpTime
This command retrieves the system uptime (sysUpTime) from the device, indicating how long the device has been running since its last restart.
- Retrieve the list of connected devices from a switch:
snmpwalk -v2c -c public 192.168.1.1 dot1dTpFdbTable
This command retrieves the forwarding database (dot1dTpFdbTable) from a switch, providing information about the devices connected to the switch and their MAC addresses.
- Retrieve temperature sensor readings from a device:
snmpwalk -v2c -c public 192.168.1.1 lmTempSensorsValue
This command retrieves the temperature sensor readings (lmTempSensorsValue) from the device, indicating the temperature values measured by various sensors on the device.
