Please teach me basic knowledge about SNMP, MIB and OID. What does this stand for? How do they work?
SNMP, MIB and OIDs—an Overview
SNMP is one of the most commonly used technologies when it comes to network monitoring. Unified Monitoring programs—like PRTG Network Monitor—use it. But how does SNMP work? What are MIB files and OIDs? Read this condensed introduction and make the first step into the world of SNMP!
1. SNMP Basics
SNMP stands for Simple Network Management Protocol and consists of three key components:
- managed devices,
- agents, and
- network management systems (NMSs).
A managed device resides on a managed network and is usually represented as one of the many nodes of the network. Such devices can be routers, access servers, switches, bridges, hubs, computer hosts, printers, and even all kinds of IoT devices that "speak" SNMP.
An SNMP managed device has an SNMP agent on it. An agent is a software module that translates device information into an SNMP compatible format in order to make the device information available for monitoring with SNMP.
A network management system runs monitoring applications. They provide the bulk of processing and memory resources required for network management.
SNMP version 1 was the initial development of the SNMP protocol (see Request for Comments RFC 1157 for a description) and it works within the specification of the Structure of Management Information (SMI). It operates over User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless Network Services (CLNS), AppleTalk Datagram Delivery Protocol (DDP), and Novell Internet Packet Exchange (IPX). SNMP has been further developed (although its functionality basically stays the same with some extensions) and SNMP v2c and SNMP v3 are potentially available SNMP implementations. However, manufacturers decide on which SNMP version they will ship with their devices, so you may not necessarily have the choice between all SNMP versions.
SNMP v2c is considered the de facto network management protocol in the Internet community, but also SNMP v1 is still in use. SNMP v3 is not yet widespread, although it is the securest SNMP version, because it causes some load to be processed.
2. SNMP—A Closer Look at MIB and OIDs
MIB stands for Management Information Base and is a collection of definitions that define the properties of the managed object within the device to be managed. MIB files are written in an independent format and the object information they contain is organized hierarchically. The various pieces of information can be accessed by SNMP.
OIDs or Object Identifiers uniquely identify managed objects in the MIB.
For example, the typical objects to monitor on a printer are the different cartridge states and maybe the number of printed files, and on a switch the typical objects of interest are the incoming and outgoing traffic as well as the rate of package loss or the number of packets addressed to a broadcast address. Every single object has its own object ID.
The MIB is organized hierarchically and can be depicted as a tree with different levels from the root to the single leaves. Each OID has an address that follows the levels of the OID tree.
Generally, an OID is a long sequence of numbers, coding the nodes, separated by dots. Here is a sample structure of an OID:
The nodes of the OID tree can be assigned by different organizations. Root level MIB object IDs (OIDs) belong to different standard organizations. Vendors define private branches including managed objects for their own products. All manageable features of all products (from each vendor) are arranged in this MIB tree structure.
For example, to get to the Internet, you need to reach the fourth node of the OID tree you can see below. If you move further to the leaves of the tree (further down in this case) the names get more and more specific and each node represents a particular feature on a specific device (or agent).
OIDs are generally provided by the hardware vendors or can be found in so-called OID repositories, where you can find collections of MIB branches and the corresponding OIDs or MIB files.
There are two types of objects you can find in the MIB: scalar ones and tabular ones. Scalar objects define a single object instance and tabular objects define multiple related object instances grouped in MIB tables.
Every managed device keeps a database of values for each of the available object definitions written in "their" MIB file. So, the available data is actually not dependent on the database, but on the implementation.
How SNMP Works
SNMP basically works like a client-server communication where network management systems (clients) send out a request and the managed devices (servers) return a response.
The most common four request operations are Get, GetNext, Set, and Trap. SNMP messages consist of a header and a PDU (Protocol Data Unit). The headers consist of the SNMP version number and the community name. The community name is used as a sort of password to increase security in SNMP. See also More SNMP message types.
The PDU depends on the type of message that is sent. The Get, GetNext, and Set, as well as theResponse PDU, consist of PDU type, Request ID, Error status, Error index and Object/Variable fields. The Trap consists of Enterprise, Agent, Agent address, Generic trap type, Specific trap code, Timestamp and Object/Value fields.
If you want to monitor the system uptime (this is your monitoring object) of your computer, you will need the OID
220.127.116.11.18.104.22.168.1.0 from the HOST-RESOURCES-MIB file.
In your monitoring solution, this can look like this:
PRTG SNMP Custom Sensor Showing the System Uptime (Custom Display Version)
3. Go Further...
... heading to SNMP expertise!
Boost Your Knowledge
- Paessler Monitoring Encyclopedia: SNMP
- Paessler Website: SNMP, the Pillar in IT (about SNMP, its versions and FCAPS)
- Paessler Website: MIB and OIDs and why you need them for monitoring
- Paessler Website: SMI (and why it makes SNMP so universal)
- Paessler Website: How do I enable SNMP on my operating system?
- Paessler Website: SNMP doesn't work, can somebody out there help me?!
- Knowledge Base: What SNMP Sensors does PRTG offer?
- Knowledge Base: Where can I find MIB files for my device?
- Knowledge Base: How do I find out what OID I need to use for a custom sensor?
- Knowledge Base: Tutorial - Can't find a sensor for my device in PRTG but I believe it supports SNMP
- Free tools: SNMP Tester
- Free tools: MIB Importer
We are also running enterprise switched rack PDU's however the out of the box support for them does not work. Even the custom one does not seem to log any relevant data. Have confirmed with the SNMP tester you can connect and there is data there, however when you try to load a sensor PRTG says: No available interfaces on this device (code: PE049)
Disappointed PRTG does not support such a well know brand and an import piece of IT infrastructure.
We're talking about the PDUs of APC? What exact model do you have? APC usually has MIB files for all of their network devices. You could use the MIB importer to convert it for PRTGs SNMP Library Sensor. Then you should see all the values the devices has to offer :)