Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Understanding SNMP

Posted on 2004-08-26
20
Medium Priority
?
880 Views
Last Modified: 2012-05-05
I'd like someone to just explain in plain english the basics of SNMP.

What I'm trying to get to is a VB program that can query a network devices IP address and return information on device type, manufacturer and model etc.

So WMI has SNMP support, so I thought I could develop something which loops through an IP range and queries each device. Problem is I don't know where to start and most of the articles require a good understanding of SNMP and networking to start with. Also I don't know what to install just to get a simple "hello world" snmp program running !!
0
Comment
Question by:plq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
20 Comments
 
LVL 45

Assisted Solution

by:sunnycoder
sunnycoder earned 200 total points
ID: 11900118
Hi plq,

from the SNMP FAQ
The "simple" in SNMP doesn't mean "trivial". It cannot
be learned by flipping through a few emails or news posts.
The "simple" in SNMP is only in contrast to protocols
which are thought to be even more complex than SNMP.

There is no magic solution to learning SNMP. All
of us who have mastered the subject did so by 1)reading
several books on the subject, 2)reading/playing with the sample code
from CMU or NET-SNMP, 3)implementing several trial products
over a period of months.

If your boss expects SNMP miracles and will not listen to
reason, either become a good liar or find a new job.

Or, as David Perkins posted in recent response to a newbie:

"It will take you at least 6 months or so of studying and
usage to "comprehend SNMP very well". I suggest that
you read a few books (more than one) on SNMP and RMON,
since authors focus on different aspects of the subject
area."

You can find these resources listed in this FAQ and
on several other Web sites devoted to SNMP. Good luck!

http://www.faqs.org/faqs/snmp-faq/part1/

Sunnycoder
0
 
LVL 3

Assisted Solution

by:fatlad
fatlad earned 1200 total points
ID: 11900273
Using SNMP will be a huge pain to do, as it requires some form of authentication (it varies by version) before it will respond, so you will need to log onto every machine and configure this before you can scan them, which defeats the object of your project.

Why not just try mingsweeper (www.hoobie.net/mingsweeper/) or some similar application? Mingsweeper uses the way machines IP stacks respond to packets to identify the OS. This would seem to be a closer alignment to what you are after.

Regards

FatLad
0
 
LVL 4

Accepted Solution

by:
cyrnel earned 600 total points
ID: 11900307
I've only scratched the surface with a few very specific projects so don't pretend to be an expert. The FAQ above is mandatory, and the net-snmp project provides a great toolkit to get something running. http://www.net-snmp.org/
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 8

Author Comment

by:plq
ID: 11900550
Thanks chaps. Yes I've researched this a few times in the past and whats out there is getting better but still its impossible to understand without spending months on it.

I don't actually mind how the end result is achieved, whether from free tools or programming, snmp or ip stacks. I downloaded nmap once but didn't have a clue how to use it.

Is it really that difficult to query a device to ask it for device type, manufacturer and model ? networkview seems to do it ok  :(

I'll research all these links and come back later....

0
 
LVL 8

Author Comment

by:plq
ID: 11900670
OK this is definitely a "getting started" problem.

I've got a very basic dlink router/firewall on 192.168.0.1, this is a domainless network, just a few XP and 2000 boxes linked out via a hub to the router.

How could I use one of the net-snmp programs (like snmp-walk) to query the router for information ?

0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900676
What info are you after?
0
 
LVL 8

Author Comment

by:plq
ID: 11900705
Ultimately manufacturer, model and device type but just anything other than "timeout" would be good !

I'd like to be able to query a device for which information it can give. Then I can decide whether to collect it or not. Some clients might want ports in use and the ip address connected to each port, others will just want basic asset info.

thanks
0
 
LVL 8

Author Comment

by:plq
ID: 11900713
But I'm not interested in querying PC's or *ux boxes - only routers, switches, firewalls etc for asset info
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900722
It depends on the model of router, I would think that something aimed at the SOHO market like a dlink would only have a very limited set of SNMP MiBs.
0
 
LVL 8

Author Comment

by:plq
ID: 11900728
So can I query the router to ask it what MIBs it supports ?
0
 
LVL 8

Author Comment

by:plq
ID: 11900764
networkview could query it

Description; Value;
IP Address; 192.168.0.1;
MAC Address; 00-0D-88-60-B7-3E;
NIC Manufacturer; ;
DNS Name; ;
SysDescr; Internet Gateway Device;
Company; D-Link Systems;
SysContact; ;
SysLocation; ;
SysUpTime; 15 days 9 h. 18 m. 13 s.;
SysObjectID; .1.3.6.1.4.1.171;
SysName; ;
Type; SNMP Device;
Note; ;
Active TCP ports; 80;
Ftp; ;
Telnet; ;
Smtp; ;
Http; ;
Pop3; ;
Imap4 (143); ;
; ;
; ;
0
 
LVL 8

Author Comment

by:plq
ID: 11900770
I'm sure they got company from a look list of mac address, but I think sysdescr must have come from SNMP ?
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900781
Much easier to look at it, get the model number and then check the dlink website!

Basically the MiB is a list of information that can be processed by SNMP. There are a basic MIBs that all devices must support to be SNMP capable. There are then more specific MIBs for individual devices.

SNMP is not really designed to be used as a discovery method for devices. It normally requires configuration at both device and NMS to work correctly. Something like network view will use many other things besides SNMP to get the majority of info.
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900787
the sysdescr may come from SNMP, but it will only be visibile if the community strings are set correctly.
0
 
LVL 8

Author Comment

by:plq
ID: 11900852
I think I'm getting warmer

I can do
 snmpbulkget -v2c -Cn1 -Cr5 -Os -c public acomputername system ifTable

thats giving me the OS version and Network Card details. This also works:

 snmpbulkget -v2c -Cn1 -Cr5 -Os -c public 192.168.0.150 system ifTable

 but when I try it with the router address it errors (Error in packet, a general failure occurred, Failed object ifTable). If I can just get that returning sysdescr and mac address thats a great start.
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900876
I think that bulkget is an SNMP v2 feature it could be that your other router is not capable or not configured to run v2.
0
 
LVL 8

Author Comment

by:plq
ID: 11900948
Brilliant. I now have:

snmpget -v2c -c public 192.168.0.1 system.sysDescr.0

giving me "Internet Gateway Device"

Do you know where I can get a list of standard MIB strings incl the string for mac address ?
0
 
LVL 3

Expert Comment

by:fatlad
ID: 11900986
0
 
LVL 8

Author Comment

by:plq
ID: 11901102
Good, I've found a few pointers.

One more thing. Whats the way of getting the mac address from ip address using these tools - is there a string that I can snmpget, or is there another way ? I understood it was a hex representation of a string of 6 numbers ?? , so all I need is how to query the device for those numbers .
0
 
LVL 8

Author Comment

by:plq
ID: 11901140
I found it in

interfaces.ifTable.ifEntry.ifPhysAddress.1

Now the fun starts... C programming :)

thanks for your help
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question