Simple Network Management Protocol
The Simple Network Management Protocol (SNMP) constitutes a powerful yet simple solution to remote control and automation. Entities controlled through the SNMP interface become SNMP agents responding to queries from remote managers. It is possible for managers to communicate with several agents through a single application to enable collaborative operation across them. SNMP queries can be scripted to implement complex interactions with the agents.
Any user with an Ethernet / IP connection to the agent could use the SNMP interface to generate queries. Agents may change its configuration or operation depending on the received queries. SNMP agents can also reply to controllers with information about the current configuration.
Fig 1. Net.Time network clock
Without an agreement between SNMP managers and agents about the information to be exchanged and the format of this information it would not be possible any communication. Definition and detailed specification of this information is done by one or various Management Information Bases (MIBs). MIB modules are text files containing descriptions of the management information available in the agent. ALBEDO Telecom publishes the MIBs required for interaction with Net.Time and documentation about how to use them. Some MIBs, such as the PTP management
MIB (ATSL-PTP-MIB), are ALBEDO telecom proprietary. Some others (IF-MIB,…) are defined and maintained by the IETF, IEC or other authority.
SNMP Management Model
SNMP operates in the Application Layer of the IP protocol stack. SNMP agents receive requests on UDP port 161 and they generate unsolicited notifications to UDP port 162. SNMP messages consist of a header and a payload with a format that depends on the particular SNMP version in use. The payload encodes different messages with different purposes. Five of them (GetRequest, SetRequest, GetNextRequest, Response and Trap) were defined in the first version of the protocol and two more (GetBulkRequest and InformRequest) were added in version 2.
SNMP works on the basis that network management systems send out a request and the managed devices reply with a response. This mechanism is implemented with the message types mentioned in the previous paragraph. For example, GET commands (GetRequest, GetNextRequest, GetBulkRequest) retrieve information from the agent, and SET commands (SetRequest) can be used to modify the current configuration. Agents can also generate information autonomously (without any query from the manager) through the so called traps and informs.
Fig 2. Client-server SNMP communications model. The manager generates queries. These queries either change the internal configuration of the agent or report status information to the manager
Traps and informs
The traditional client-server model is useful to configure or retrieve information from managers but it is of limited use if there is the need to report events that could potentially occur at any moment. Asynchronous event reporting is achieved in SNMP with the help of traps and informs. The main differences between them is that traps are unacknowledged but informs require an acknowledgment message to be successful. In trap reports, the authoritative entity is the agent but informs work in the opposite way. In practical terms, the difference means that when a trap is generated, it is signed and encrypted with the keys from a local user and the target must be aware of the key or community name from the local system but in an inform, authentication and encryption is done with the key / community from a foreign user.
Fig 3. Traps and informs. They can be used to convey the same kind of information but, unlike traps, informs require acknowledgement from the far end
There are currently two popular versions of SNMP, the main difference between them is the security model. Version 2c offers low security level through “communities”. An special name is given to two different communities. One of them enables reading values from the agent (read-only community), and the second allows both reading and writing values in the agent (read-and-write community). SMMP managers not aware of the community names are unable to exchange data with the agent. On the other hand, SNMP version 3 is based on the more sophisticated User Security Model (USM) that provides authentication, authorization and privacy to all message transactions. Net.Time supports both protocol versions but network administrators must decide which one to use because it is not allowed to deploy both at the same time.