Home >Common Problem >What layer protocol is snmp?
SNMP is an application layer protocol. SNMP (Simple Network Management Protocol) is a standard protocol specially designed for managing network nodes in IP networks. It is located at the top level (ie, application layer) of the ISO/OSI and TCP/IP network models. It is an application layer protocol and is at the transport layer. Rely on UDP protocol for transmission.
Simple Network Management Protocol (SNMP) is a protocol specially designed for managing network nodes (servers, workstations, routers, switches, HUBS, etc.) on IP networks. A standard protocol, it is an application layer protocol.
A brief introduction to the SNMP protocol
Before understanding the SNMP protocol, you must first understand the network models of ISO/OSI and TCP/IP. ISO/OSI divides the network into 7 layers, and TCP/IP divides the network into 4 layers (there are also 5 layers)
SNMP is located at the top level of the two network models. The application layer belongs to the application layer protocol and relies on the UDP protocol for transmission at the transport layer. SNMP data packets are at the transport layer, so they are called PDU (Protocol Data Unit).
SNMP (Simple Network Management Protocol) is a simple network management protocol. It is mainly used to manage devices in a local area network. The most widely used one is the management of network devices such as routers and switches. Of course, it is not limited to network devices.
SNMP enables network administrators to manage network performance, identify and resolve network problems, and plan for network growth. Network management systems are notified of network problems by receiving random messages (and event reports) via SNMP.
SNMP is divided into management side and agent side (agent). The default port of the management side is UDP 162, which is mainly used to receive Agent messages such as TRAP alarm messages; the Agent side uses UDP 161 port to receive the messages sent by the management side. Messages such as SET/GET instructions, etc.
Differences between versions of the SNMP protocol
There are currently three versions of the SNMP protocol in use, namely V1, V2C, and V3. The main differences are in security and messaging Encapsulation format, GET efficiency, etc.
1. SNMPV1 version introduction
SNMPV1 defines 5 types of PDUs: Get (gets parameter values, cannot traverse table type parameter groups), GetNext (can get table type parameters) value, a set of parameters), Set (set parameter value) and Trap (send an alarm), Response (response information of GET operation).
SNMPv1 uses the community word (community) as identity authentication information. The Agent will respond to the message only after it receives the management message with the same community key.
SNMPV1 The entire message is transmitted in clear text, and the clear text can be seen through packet capture tools such as wireshark/tcpdump.
2. SNMPV2 version introduction
SNMPV2 defines 7 types of PDUs: Get (gets parameter values, cannot traverse table type parameter groups), GetNext (can get table type parameter values) , a set of parameters), Set (set parameter values) and Trap (send an alarm), GetBulk (the basic operation corresponding to the GetBulk operation is GetNext, by setting the Non repeaters and Max repetitions parameters, efficiently obtain a large number of Management object data, if one of the parameters in get-request does not exist, the request will still be executed normally; in SNMPv1, an error message will be received), inform (equivalent to an upgraded version of Trap, but after the Trap message is sent No response message will be received, but the inform message can receive the response message after it is sent), Response (response information of the GET operation).
SNMPv2c also uses community word authentication.
SNMPV2C The entire message is transmitted in clear text, and the clear text can be seen through packet capture tools such as wireshark/tcpdump.
3. SNMPV3 version introduction
SNMPV3 follows the 7 types of PDU in V2, and adds report (the message is sent when the message cannot be decrypted).
SNMPV3 adopts USM and VACM technology. USM provides authentication and encryption functions, and VACM determines whether a user is allowed to access specific MIB objects and how.
USM (user-based security model): Agent compares the user, password (using MD5 or SHA encryption), authkey (authentication key) and engineid (agent’s identification code) carried in the management message. The message is authenticated and integrity verified, and the entire message body is encrypted using DES.
SNMPV3 data messages are transmitted in ciphertext, and the actual content cannot be seen through packet capture tools such as wireshark/tcpdump.
When the SNMP management terminal and agent communicate, both parties must have a common set of parameters to "communicate" normally. This set of parameters is called MIB (Management Information Base), due to the file organization format. It is a tree shape, collectively referred to as MIB tree. MIB trees of different manufacturers and different device types are generally different
The above is the detailed content of What layer protocol is snmp?. For more information, please follow other related articles on the PHP Chinese website!