RFC 1157 - A Simple Network Management Protocol (SNMP)

Network Working Group
Request for Comments: 1157
Obsoletes: RFC 1098

Authors:
J. Case (SNMP Research)
M. Fedor (Performance Systems International)
M. Schoffstall (Performance Systems International)
J. Davin (MIT Laboratory for Computer Science)

Date: May 1990

Abstract

This RFC defines a simple protocol by which management information for a network element may be inspected or altered by logically remote users. In particular, together with its companion memos which describe the structure of management information along with the management information base, these documents provide a simple, workable architecture and system for managing TCP/IP-based internets and in particular, the Internet.

The Internet Activities Board (IAB) recommends that all IP and TCP implementations be network manageable. This implies implementation of the Internet MIB (RFC 1156) and at least one of the two recommended management protocols: SNMP (RFC 1157) or CMOT (RFC 1095).

1. Status of this Memo
2. Introduction
3. The SNMP Architecture
4. Protocol Specification
5. Definitions
6. Acknowledgements
7. References
8. Security Considerations
9. Authors' Addresses

1. Status of this Memo

This is an Internet Standard protocol. The IAB recommends that all IP and TCP implementations be network manageable, which implies implementation of SNMP.

2. Introduction

Goal of SNMP: To provide a simple protocol for managing network devices in the Internet.

Core Features:

Monitoring: Query device status and statistics
Configuration: Modify device configuration parameters
Notifications: Receive device exception alerts (Traps)
Simplicity: Easy to implement and deploy

SNMP Operation:

Manager                                   Agent
   |                                         |
   |------ GetRequest (query) -------------->|
   |<----- GetResponse (response) -----------|
   |                                         |
   |------ SetRequest (set) ---------------->|
   |<----- GetResponse (confirmation) -------|
   |                                         |
   |<----- Trap (unsolicited alert) ---------|

3. The SNMP Architecture

3.1 Goals of the Architecture

Simplicity: The protocol is simple and easy to implement
Extensibility: Support for adding new management objects
Independence: Independent of specific network architectures
Minimal Impact: Minimal performance impact on devices

3.2 Elements of the Architecture

3.2.1 Scope of Management Information

SNMP manages information including:

Interface statistics (traffic, errors, etc.)
Routing tables
TCP/UDP connections
System information

3.2.2 Representation of Management Information

Uses Management Information Base (MIB) representation:

MIB Object Example:

Object Identifier (OID): 1.3.6.1.2.1.1.1.0
Name: sysDescr (system description)
Syntax: OCTET STRING
Access: read-only
Value: "Cisco IOS Software, Version 15.2"

3.2.3 Operations Supported

Operation	Description	Direction
GetRequest	Request to get object value	Manager → Agent
GetNextRequest	Request to get next object value (for traversal)	Manager → Agent
SetRequest	Request to set object value	Manager → Agent
GetResponse	Response to Get/Set request	Agent → Manager
Trap	Asynchronous event notification	Agent → Manager

3.2.4 Form and Meaning of Protocol Exchanges

SNMP uses UDP protocol:

Manager port: 162 (receiving Trap)
Agent port: 161 (receiving Get/Set)

3.2.5 Definition of Administrative Relationships

SNMP uses Community Name for simple authentication:

Community name: "public" (default read-only)
Community name: "private" (default read-write)

3.2.6 Identification of Managed Objects

Object Instance Identification:

Scalar objects:

sysDescr.0  (append .0 for instance)

Table objects:

ifDescr.1   (description of interface 1)
ifDescr.2   (description of interface 2)

4. Protocol Specification

4.1 Elements of Procedure

SNMP Message Format

SNMP message ::= SEQUENCE {
    version         INTEGER,           -- SNMP version (0 = SNMPv1)
    community       OCTET STRING,      -- community name
    data            PDUs               -- protocol data unit
}

4.1.1 Common Constructs

Fields shared by all PDUs:

request-id: Request identifier
error-status: Error status
error-index: Error index
variable-bindings: Variable binding list

4.1.2 The GetRequest-PDU

Purpose: Retrieve values of one or more management objects.

Example:

GetRequest {
    request-id: 1234,
    error-status: 0,
    error-index: 0,
    variable-bindings: [
        {name: 1.3.6.1.2.1.1.1.0, value: NULL},  -- sysDescr
        {name: 1.3.6.1.2.1.1.3.0, value: NULL}   -- sysUpTime
    ]
}

4.1.3 The GetNextRequest-PDU

Purpose: Retrieve the lexicographic successor to each variable name in the variable bindings list.

Table Traversal Example:

Step 1: GetNextRequest(ifDescr)
Response: ifDescr.1 = "eth0"

Step 2: GetNextRequest(ifDescr.1)
Response: ifDescr.2 = "eth1"

Step 3: GetNextRequest(ifDescr.2)
Response: ifType.1 = 6  (next object)

4.1.4 The GetResponse-PDU

Purpose: Response to GetRequest, GetNextRequest, or SetRequest.

Error Status:

Value	Name	Description
0	noError	Success
1	tooBig	Response too large
2	noSuchName	Object does not exist
3	badValue	Invalid value
4	readOnly	Object is read-only
5	genErr	Generic error

4.1.5 The SetRequest-PDU

Purpose: Modify values of one or more management objects.

Example:

SetRequest {
    request-id: 1235,
    error-status: 0,
    error-index: 0,
    variable-bindings: [
        {name: 1.3.6.1.2.1.1.6.0, value: "New Location"}  -- sysLocation
    ]
}

4.1.6 The Trap-PDU

Purpose: Agent sends asynchronous notifications to manager.

Trap Types:

Trap	Description
coldStart	Device cold start
warmStart	Device warm start
linkDown	Link down
linkUp	Link up
authenticationFailure	Authentication failure
egpNeighborLoss	EGP neighbor loss
enterpriseSpecific	Vendor-specific event

Trap Message Format:

Trap-PDU ::= SEQUENCE {
    enterprise       OBJECT IDENTIFIER,  -- enterprise OID
    agent-addr       NetworkAddress,     -- agent address
    generic-trap     INTEGER,            -- generic trap type
    specific-trap    INTEGER,            -- specific trap code
    time-stamp       TimeTicks,          -- time stamp
    variable-bindings VarBindList        -- variable bindings
}

5. Definitions

ASN.1 Definitions (simplified):

RFC1157-SNMP DEFINITIONS ::= BEGIN

IMPORTS
    ObjectName, ObjectSyntax, NetworkAddress, IpAddress, TimeTicks
        FROM RFC1155-SMI;

-- PDU types
PDUs ::= CHOICE {
    get-request       GetRequest-PDU,
    get-next-request  GetNextRequest-PDU,
    get-response      GetResponse-PDU,
    set-request       SetRequest-PDU,
    trap              Trap-PDU
}

-- GetRequest, GetNextRequest, SetRequest share this structure
GetRequest-PDU ::= [0] IMPLICIT PDU
GetNextRequest-PDU ::= [1] IMPLICIT PDU
SetRequest-PDU ::= [3] IMPLICIT PDU

PDU ::= SEQUENCE {
    request-id      INTEGER,
    error-status    INTEGER,
    error-index     INTEGER,
    variable-bindings VarBindList
}

GetResponse-PDU ::= [2] IMPLICIT PDU

Trap-PDU ::= [4] IMPLICIT SEQUENCE {
    enterprise      OBJECT IDENTIFIER,
    agent-addr      NetworkAddress,
    generic-trap    INTEGER,
    specific-trap   INTEGER,
    time-stamp      TimeTicks,
    variable-bindings VarBindList
}

VarBindList ::= SEQUENCE OF VarBind

VarBind ::= SEQUENCE {
    name ObjectName,
    value ObjectSyntax
}

END

6. Acknowledgements

The development of SNMP benefited from the broad participation and contributions of the Internet community.

7. References

[RFC1155] - Structure and Identification of Management Information for TCP/IP-based Internets
[RFC1156] - Management Information Base for Network Management of TCP/IP-based internets
[RFC1098] - A Simple Network Management Protocol (obsoleted by this RFC)

8. Security Considerations

SNMPv1 Security Limitations:

Weak Authentication: Community names transmitted in cleartext
No Encryption: All data transmitted in cleartext
No Integrity Protection: Messages may be tampered with

Mitigation Measures:

Use strong community names
Restrict SNMP access by IP address
Use read-only community names for monitoring
Deploy firewalls to protect SNMP ports

Subsequent Version Improvements:

SNMPv2c: Enhanced protocol operations
SNMPv3: Added authentication, encryption, and access control (RFC 3414)

9. Authors' Addresses

(Original document contains author contact information)

SNMP is the cornerstone protocol for network management. Although SNMPv1 has weak security, it is still widely used due to its simplicity.

Common SNMP Tools:

# Query system description
snmpget -v1 -c public 192.168.1.1 sysDescr.0

# Walk interface table
snmpwalk -v1 -c public 192.168.1.1 ifTable

# Set system location
snmpset -v1 -c private 192.168.1.1 sysLocation.0 s "Beijing"

Common OIDs:

1.3.6.1.2.1.1.1.0 - sysDescr (system description)
1.3.6.1.2.1.1.3.0 - sysUpTime (system uptime)
1.3.6.1.2.1.2.2.1.2 - ifDescr (interface description)
1.3.6.1.2.1.2.2.1.10 - ifInOctets (interface input octets)

Related RFCs:

RFC 1155 - SMI (Structure of Management Information)
RFC 1156 - MIB-I
RFC 1213 - MIB-II
RFC 3414 - SNMPv3 Security

Abstract​

Table of Contents​

1. Status of this Memo​

2. Introduction​

3. The SNMP Architecture​

3.1 Goals of the Architecture​

3.2 Elements of the Architecture​

3.2.1 Scope of Management Information​

3.2.2 Representation of Management Information​

3.2.3 Operations Supported​

3.2.4 Form and Meaning of Protocol Exchanges​

3.2.5 Definition of Administrative Relationships​

3.2.6 Identification of Managed Objects​

4. Protocol Specification​

4.1 Elements of Procedure​

SNMP Message Format​

4.1.1 Common Constructs​

4.1.2 The GetRequest-PDU​

4.1.3 The GetNextRequest-PDU​

4.1.4 The GetResponse-PDU​

4.1.5 The SetRequest-PDU​

4.1.6 The Trap-PDU​

5. Definitions​

6. Acknowledgements​

7. References​

8. Security Considerations​

9. Authors' Addresses​