SNMP 网络协议

1. SNMP 笔记

Simple Network Management Protocol (SNMP).

SNMP Definition: Simple Network Management Protocol is an application-layer protocol that allows for the exchange of monitoring and managing information between network devices.

1.1. OID

Object identifier (OID).

To define OID, it’s an address used to uniquely identify managed devices and their statuses. Want to know the temperature reading coming from a sensor at your mountaintop remote facility? There’s an OID for that.

Example, the branch of the SNMP MIB tree structure and its OIDs used by DPS Telecom equipment:

The table node OIDs are 1(iso).3(org).6(dod).1(internet).4(private).1(enterprises).2682(dpsInc/DPS Telecom).1(dpsAlarmControl).

The first part of the OID will be the same for every piece of equipment you’ll ever use:

So far, we know that a private enterprise will be declared as the manufacturer of this SNMP device. This will be true for virtually every network device you work with. That makes “1.3.6.1.4.1…” an almost-universal prefix to OIDs. Let’s continue:

If you have questions about DPS RTUs, you can ask them here. Notice how long the “device manufacturer” number is (“2682”). There are a lot of manufacturers out there, and they all must have a unique integer value. This section of the OID also told us that we’re working with an RTU, which collects alarms from non-SNMP equipment.

Native SNMP gear would have a different OID value here. Let’s finish reading this OID now:

查询网站: http://oid-info.com/get/1.3.6.1.2.1.1.1

1.1.1. Who decides on the structure of SNMP OIDs

OIDs are defined in the SNMP MIB file, a kind of “codebook” for SNMP. The manufacturer (DPS Telecom in this example) spells out the second half of the OID for their own devices by supplying a MIB file to their users. The first half is established by a standard referenced “RFC” MIB used worldwide.

1.2. MIB

The SNMP OID is a value defined in the management information base (MIB), used to identifying MIB members.

example(huawei):

Node Name	Node OID	Description	Type	Access
driverVersion	1.3.6.1.4.1.2011.2.298.1	Driver version	OCTET STRING	Read-only
hioCount	1.3.6.1.4.1.2011.2. 298.4	Number of devices	Integer32	Read-only
hioIndex	1.3.6.1.4.1.2011.2.298.2.1.1	Device index	Unsigned32	Read-only
runTime	1.3.6.1.4.1.2011.2.298.2.1.9	Run time	Counter64	Read-only

OIDs point to network monitoring objects stored in a database called the Management Information Base (MIB). A MIB object holds the structure of the network alarms being monitored (like a map of the “city”), and it uses the OIDs to keep track of the individual components (like the address to a house or other location).

1.2.1. 华为

下载交换机 MIB 参考文件: https://support.huawei.com/enterprise/zh/index.htm, 搜索交换机型号

The SNMP system creates a table instance for each solid-state drive (SSD) device, and the table node OIDs are 1(iso).3(org).6(dod).1(internet).4(private).1(enterprises).2011(huawei).2(products).298(ES3000V2).2(hioCardTable).

HUAWEI-PORT-MIB is used to configure attributes for interfaces. You can use this MIB to set the attributes of Ethernet interface, including the transmission rate, duplex mode, auto-negotiation mode and period before an interface goes up or down. In addition, you can query these attributes of Ethernet interface.

The OID of the root object is as follows: iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).huawei(2011).huaweiMgmt(5).hwDatacomm(25).hwPortMib(157).

1.2.1.1. Refrence

• HUAWEI-PORT-MIB
• SNMP OID

1.3. SNMP Manager

When the SNMP Manager, a T/Mon, in this case, will collect information by requesting the value (“state”) of any object it is monitoring, it sends a message with that object’s OID to its Management Information Base. The MIB will decode the address and attach a text description to it. This allows the SNMP Manager to present the value of the alarm condition with the identifying description of the labeled alarm.

So for example, let’s say the SNMP Manager wants to know if there is a car in the driveway of your house (a “yes or no” question, often referred to as a discrete alarm in the alarm monitoring world). The SNMP Manager would look up the corresponding reference in the MIB in order to “poll” (ask) if there is a car in the driveway at 123 Main St. The MIB references 123 Main St. and translates it into the OID of your driveway.

In our example OID above, it would be 123 Main St = 1.3.6.1.4.1.2681.1.2.102. The driveway (or alarm point we want to monitor) would be represented by the “102” portion of the address. The “value” reported is the current state of the driveway 102 : occupied by a car or not.

The sensor at the driveway reports back: Nope. Nobody’s in the driveway.

1.3.1. Vendors and Their Unique MIBs

Finally, remember that the first several pieces of each OID are almost always the same. These upper location levels are defined by a series of standard reference within the MIB. These series are called RFCs, or Requests for Comments.

The RFCs that define SNMP OIDs are part of a larger group of RFC documents that define the Internet as a whole. Individual vendors create their own SNMP enterprise MIBs that only include the OIDs for their devices.

If you have unique requirements, look for a vendor that can create custom SNMP MIB files.

1.4. snmp-cmds 系列工具命令

1.4.1. snmpget

Wrapper around Net-SNMP's ``snmpget`` command
    
    Runs the equivalent of 
    '``snmpget -Oqv -Pe -t {timeout} -r 0 -v 2c -c {community} {host} {oid}``' 
    and parses the result. if the response from the server is a 
    ``No Such Object`` or a ``No Such Instance`` error, this function returns 
    :obj:`None`. Otherwise, it returns the value retrieved from the server

1.4.2. snmpgetsome: 这里我们可以传入一个 list 的 oids

Warpper around Net-SNMP's 
    
    Runs Net-SNMP's 'snmpget' command on a list of OIDs, and returns a list 
    of tuples of the form (oid, result).

1.4.3. snmpwalk

Runs Net-SNMP's 'snmpget' command on a list of OIDs, and returns a list 
    of tuples of the form (oid, result).

1.4.3.1. 概述

SNMPWALK 是一个通过 SNMP GET-NEXT 类型 PDU, 实现对目标 AGENT 的某指定 MIB 分支信息进行完整提取输出的命令工作。

1.4.3.2. 命令⾏

snmpwalk [选项] agent [oid]

1.4.3.3. 选项参数

由于 SNMP 协议中, 不不同的协议版本存在不不同的参数选项, 以下参数按协议分开说明。

1. 普通选项

• a) –h 显示帮助
• b) –v 1 | 2c | 3 指定 SNMP 协议版本
• c) –V 显示当前 SNMPWALK 命令⾏行行版本
• d) –r RETRIES 指定重试次数, 默认为 0 次。
• e) –t TIMEOUT 指定每次请求的等待超时时间, 单为秒, 默认为 3 秒。
• f) –Cc 指定当在 WALK 时, 如果发现 OID 负增⻓长将是否继续 WALK。

2. V1、V2C 选项

• a) –c COMMUNITY 指定共同体字符串串

3. V3 选项

• a) –l LEVEL 指定安全级别: noAuthNoPriv | authNoPriv | authPriv
• b) –u USER-NAME 安全名字
• c) –a PROTOCOL 验证协议: MD5 | SHA。如果-l 指定为 authNoPriv 或 authPriv 时才需要。
• d) –A PASSPHRASE 验证字符串串。如果-l 指定为 authNoPriv 或 authPriv 时才需要。
• e) –x PROTOCOL 加密协议: DES。如果-l 指定为 authPriv 时才需要。
• f) –X PASSPHRASE 加密字符串串: 如果-l 指定为 authPriv 时才需要。

1.4.3.3.1. oid

可以是 1.3.6… 数字形式, 也可以是 ifSpeed, system 等名称。

1.4.3.3.2. 示例

• SNMPWALK V2C 版本

snmpwalk –v 2c –c cisco 192.168.0.2 1.3.6

使⽤用 v2c 版本, 共同体为 cisco, 来对 192.168.0.2 的整个 mib 进⾏行行walk。

snmpwalk –v 2c –c cisco –Cc –r 1 –t 5 192.168.0.3 1.3.6 > 192.168.0.3.mib

使⽤用 v2c 版本, 共同体为 cisco, 来对 192.168.0.2 的整个 mib 进⾏行行walk。并且通过 -Cc 指定 OID 负增⻓长也可以继续, -r 指定重试 1 次, -t 指定超时为 5 秒, 最后使⽤用 >192.168.0.3.mib 输出重定向到 192.168.0.3.mib ⽂文件中去。

• SNMPWALK V3 版本

snmpwalk –v 3 –l noAuthNoPriv –u gov 192.168.0.3 .1.3.6

使⽤用 v3 版本, 安全级别为 noAuthNoPriv, 指定安全名字为 gov, 对 192.168.0.3 设备的。1.3.6 分⽀支进⾏行行walk。

snmpwalk –v 3 –l authNoPriv –u gov –A MD5 –a"gov auth pass" –r 3 192.168.0.3 .1

使⽤用 v3 版本, 安全级别为 authNoPriv, 指定安全名字为 gov, 指定验证协议为 MD5 同时验证字符串串为 gov auth pass 对 192.168.0.3 的整个 mib 进⾏行行walk。同时指定重试 3 次。

snmpwalk –v3 –l authPriv –u gov –A MD5 –a "gov auth pass" –X DES –x "gov priv pass" 192.168.0.3 .1.3.6

使⽤用 v3 版本, 安全级别为 authNoPriv, 指定安全名字为 gov, 指定验证协议为 MD5 同时验证字符串串为 gov auth pass, 指定加密协议为 DES 同时验证字符串为 gov priv pass, 对 192.168.0.3 的。1.3.6 分⽀支 mib 进⾏行行walk。

华为获取⽤用户名和密码:

snmpwalk -c public -v 1 $IP 1.3.6.1.4.1.2011.10.2.12.1.1.1

linux OID 值说明:

1.3.6.1.2.1.6.13 tcp connection table      相当与 netstat -t 命令
1.3.6.1.2.1.4.20                           ⽹网⼝口的 ip 地址和⼦子⽹网掩码
1.3.6.1.2.1.3.1                            IP-MAC 地址转换表
1.3.6.1.2.1.1                              系统信息
1.3.6.1.2.1.25.4.2.1.2                     系统进程列列表
1.3.6.1.2.1.25.6.3.1.2                     系统安装软件列列表

其他示例:

snmpwalk -v 2c -c public 10.1.1.1 .1.3.6.1.2.1.25.1 得到取得 windows 端的系统进程用户数等
snmpwalk -v 2c -c public 10.1.1.1 .1.3.6.1.2.1.25.2.2 取得系统总内存
snmpwalk -v 2c -c public 10.1.1.1 hrSystemNumUsers 取得系统用户数(注意: hrSystemNumUsers 与。1.3.6.1.2.1.25.1.5 是等效的)
snmpwalk -v 2c -c public 10.1.1.1 .1.3.6.1.2.1.4.20 取得 IP 信息
snmpwalk -v 2c -c public 10.1.1.1 system 查看系统信息
snmpwalk -v 2c -c public 10.1.1.1 ifDescr 获取网卡信息

1.4.4. snmptable

Runs Net-SNMP's 'snmptable' command on a given OID, converts the results
    into a list of dictionaries, and optionally sorts the list by a given key.

1.4.5. snmpset

Runs Net-SNMP's 'snmpset' command on a given OID, and returns the result 
    if successful.

1.5. SNMP trap simulator

• https://www.ireasoning.com/download.shtml

1.6. 问题

有些设备为了安全需要额外配置放行 SNMP, 具体因设备而异。比如华为系防火墙, 需要在 “启用访问管理” 中勾选 SNMP 以放行。可以使用 snmpwalk 命令来测试采集侧与设备侧是否配置连通成功: snmpwalk -O bentU -v 2c -c [community string] [IP] 1.3.6(适用 v2c 版本) 或 snmpwalk -v 3 -u user -l authPriv -a sha -A [认证密码] -x aes -X [加密密码] [IP] 1.3.6(适用 v3 版本)。如果配置没有问题的话, 该命令会输出大量数据。snmpwalk 是运行在采集侧的一个测试工具, MacOS 下自带, RedHat 系 Linux 安装方法: sudo yum install net–snmp–utils, Debian 系 Linux 安装方法: sudo apt–get install snmp。

1.6.1. snmpwalk 访问华为防火墙 snmp 服务超时失败问题

测试访问如下:

snmpwalk -v 3 -u xxxx -l authPriv -a sha -A xxxxx -x aes -X xxxxx 10.xx.xx.xx ".1.3.6.1.2.1"
snmpwalk: Timeout

查看 acl 和域间策略, 已经开放 snmp 服务。

最后排查为访问管理功能限制, 在防火墙对应的端口增加 service-manage snmp permit 即可正常访问。

需要放行 SNMP: 菜单 网络 => 接口 => 找到 IP 地址 栏下正确交换机 IP 地址的那个, 进入, 勾选 SNMP。

1.7. 资源

• How To Calculate Bandwidth Utilization Using SNMP