What commands are used in each version of snmp (Legacy KB ID CNC TS14450 )

Document ID : KB000052311
Last Modified Date : 14/02/2018
Show Technical Document Details

SNMP itself is a simple request/response protocol.  There are three SNMP versions which are the SNMPv1, SNMPv2c and SNMPv3. 

SNMPv1 was the standard and the first version of SNMP, which is defined in RFCs 1155 and 1157. The SNMPv2 was created as an update of SNMPv1 adding several features. The key enhancements to SNMPv2 are focused on the SMI, Manager-to-manager capability and protocol operations. The SNMPv2c combines the community-based approach of SNMPv1 with the protocol operation of SNMPv2 and omits all SNMPv2 security features. One notable deficiency in SNMP was the difficulty of monitoring networks, as opposed to nodes on networks. A substantial functional enhancement to SNMP was achieved by the definition of a set of standardized management objects referred to as the Remote Network Monitoring (RMON) MIB. Another major deficiency in SNMP was the complete lack of security facilities. The development of SNMPv3 was based on the security issues. SNMPv3 defines two security-related capabilities. The User-Based Security Model (USM) and the View-Based Security Model (VACM).


1.  The SNMPv1 messages contains two part. The first part contains a version and a community name. The second part contains the actual SNMP protocol data unit (PDU) specifying the operation to be performed (Get, Set, and so on) and the object values involved in the operation.

SNMPv1 operations:

Get - Allows the NMS to retrieve an object variable from the agent.

GetNext - Allows the NMS to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a NMS wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations.

Set - Allows the NMS to set values for object variables within an agent.

Trap - Used by the agent to inform the NMS of some events. 


2.  SNMPv2c also defines two new protocol operations:  The Get, GetNext, and Set operations used in SNMPv1 are exactly the same as those used in SNMPv2c. SNMPv2c, however, adds and enhances protocol operations. The SNMPv2c trap operation, for example, serves the same function as the one used in SNMPv1. However, a different message format is used.

SNMPv2c Operations:

SNMPv2c also defines two new protocol operations:

 

GetBulk - Used by the NMS to efficiently retrieve large blocks of data, such as multiple rows in a table. GetBulk fills a response message with as much of the requested data as fits.

Inform - Allows one NMS to send trap information to another NMS and receive a response. If the agent responding to GetBulk operations cannot provide values for all the variables in a list, the agent provides partial results.
 

3.  SNMPv3 Operations:  SNMPv3 protocol operations are the same as defined for SNMPv2c.

The SNMPv3 message consists of the following fields.

 

msgVersion - The SNMP message version. A value of 0 means SNMPv1 message, 1 means a SNMPv2c, 2 means a SNMPv2 and 3 means a SNMPv3 message respectively. The value of message version is used to choose between the different message processing models (v1, v2c or v3) available in the SNMP engine/entity. This value is 3 for a SNMPv3 message.

 

The following fields are part of only the SNMPv3 message and are not available in the v1 or v2c message.

 

msgID - The SNMP message identifier. This is the unique ID associated with the message. The msgID field is different from the reqID field available in the PDU. It is possible that a received PDU that is part of a message cannot be decoded due to mismatch in security parameters between the SNMP entities. The msgID is used to relate the request with a response during a transaction.

 

msgMaxSize - The maximum size of the SNMPv3 message the requesting SNMP entity .will accept.

 

msgFlags - The msgFlags in the SNMPv3 message contains the message security level. The bit 0 of msgFlags is used to indicate whether a message is authenticated or not. The bit 1 is used to indicated whether a message uses privacy or not. The bit 2 is used to indicate to the receiving SNMP entity whether a report PDU is expected for the message (in case the message is dropped or a response cannot be generated)

 

msgSecurityModel - This field indicates the security model used to generate the message. The SNMPv3 standard recommends the use of USM security model. (This field has a value of 3 when USM is used)

 

msgSecurityParameters - The security model dependent security parameters. For the USM security model, this field contains the authentication parameters and the privacy parameters. For a AuthPriv message the authentication parameters has the digest computed for the message using the authentication protocol applicable for the USM entry and the privacy parameter has the salt generated while encrypting the message using the privacy protocol applicable to the USM entry.

 

contextEngineID - Within an administrative domain, the contextEngineID uniquely identifies an SNMP entity that may realize an instance of a context with a particular contextName.

 

contextName - A contextName is used to name a context. Each contextName MUST be unique within an SNMP entity

 

PDU- The SNMP PDU (Protocol Data Unit) used for communication between the peer SNMP entities. The SNMP request id, error status, variable bindings etc. are encapsulated in the PDU. There are different types of SNMP PDU like GetRequest-PDU, GetNextRequest-PDU, GetBulkRequest-PDU, Response-PDU, SetRequest-PDU, Trap-PDU, InformRequest-PDU, SNMPv2-Trap-PDU, Report-PDU etc. The exact format of the PDU (the different fields inside the PDU) depends on the PDU type.

.

Related Issues/Questions:
What commands are used in each version of snmp
How many versions are  there of snmp
Do all versions of snmp use the same commands

Problem Environment:
eHealth

Additional Information:
For more information, see what versions of SNMP does eHeatlh support.


(Legacy KB ID CNC TS14450 )