The purpose of this article is to convey to the reader the usefulness of an SNMP (Simple Network Management Protocol) CLI (Command Line Interface). This article assumes the reader has a basic understanding of SNMP.
Introduction
SNMP is a network management protocol used to exchange messages between NMS (Network Management Systems) and agents that are embedded in the OS (Operating System) of manageable network devices. SNMP allows NMS to manage network devices remotely. SNMP enable management systems to manage network device by using MIBs (Management Information Base). The concept of the MIB is simple when a technology, application, or system is being developed the developer can make the determination as to what information in the form of variable would be useful to manage the specific item. The developer would then create a MIB, which would contain OIDs (Object Identifiers). It is these OIDs that reference the desired management data variable.
An object identifier is simply a unique id represented by a series off numbers and point that has a unique corresponding name. The format of OID is a sequence of numbers with dots in between. The root for object identifiers, starts at one and is represented here by its name an number:(iso – .1 ) Most object identifier starts with .1.3.6.1 ( where 1 = iso, 3 = org, 6 = dod, 1 = internet ). Once an OID is at the Internet identifier there are two branches, mgmt and private. Private OID are developed by vendors for managing their specific products.
Below is the sysDescr OID
.1.3.6.1.2.1.1.1
.ios.org.dod.internet.mgmt.mib2.system.sysDescr
The focus of this article will be the show the reader how to use the SNMP CLI for a number of tasks including:
• To verify the MIBs/OIDs that are supported by a device
• To manually pull data from a network device
• Provide a tool for light weight tool development
• To show how to remotely set variables
Content
For this article we will be using NET-SNMP (Formerly UCD-SNMP).
http://net-snmp.sourceforge.net/
The reason we are using NET-SNMP for this article is that it provides a wealth of useful features and it is freely available to anyone for download from Sourceforge; however, a number of network management tools provide an SNMP CLI such as HP OpenView. All SNMP CLIs tools perform the same basic functions; use the one you are most comfortable with. It must be noted that the syntax will be slightly different from tool to tool, however.
Typically the OS (Operating System) does not matter as long as you have compiled or loaded NET-SNMP for your platform. Identify an SNMP-manageable network device such as a router or an Ethernet switch configured with “Community Strings” and configured to allow SNMP management.
The four basic SNMP delivery mechanisms are: get, getnext, set, and a trap. This article will demonstrate how to use the first three mechanisms, but will not address SNMP traps. A trap is an unsolicited message sent by a device to a management system. Traps are extremely useful for notifications of specific events, but traps are slightly beyond the scope of this article. For more information on SNMP traps see: http://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/7244-snmp-trap.html
OID Instance Index
In order to retrieve values for an object it is necessary to specify an instance for the particular object. An instance for an object identifier is specified by appending the instance index number to the end of the OID. To illustrate this, take the OID that was given above:
.1.3.6.1.2.1.1.1.0
.ios.org.dod.internet.mgmt.mib2.system.sysDescr.0
notice the “0” appended to the end of the OID. The “0” is the instance index which specifies the first instance; the values for instance indexes start at “0” for the first position and increase as needed. The OID presented here is a scalar value and therefore will always have and index of “0” because there can only be one sysDescr (System Description) for a device. Later in this article, scalar indexes for columnar objects with values other than “0” will be presented.
Loading MIBs
SNMP MIBs must be loaded in to the management system in order for the management system to be able to use the OIDs defined by that MIB. Most management systems will already have many standard MIBs already loaded. These MIBs are defined in publication called RFCs (Request or Comment). The SNMP agent residing on Cisco devices support most of the RFC. When working with private MIBs most of the time these MIBs will have to be loaded (often call Compiled) into the management system. Often there are dependencies when loading private MIBs
MIB-Loading Dependencies and Loading Order
Often SNMP MIBs use definitions that are defined in other MIBs. These dependencies are list under IMPORT at the top of the MIB definition.
If MIB B imports a definition from MIB A, some MIB compilers require you to load MIB A prior to loading MIB B. If you get the MIB loading order wrong, the MIB compiler might complain about what was imported claiming it as undefined or not listed in IMPORTS. If this happens, look at the loading order of the MIB definitions from the IMPORTS of the MIB. Make sure the required MIBs were loaded first.
Provided is a list of MIBs from these MIBs many other MIBs are defined, and therefore the order should be followed as list from top to bottom. When loading Cisco MIBs if these MIBs have been loaded in this order, this should eliminate any dependency issues.
1. SNMPv2-SMI.my
2. SNMPv2-TC.my
3. SNMPv2-MIB.my
4. RFC1213-MIB.my
5. IF-MIB.my
6. CISCO-SMI.my
7. CISCO-PRODUCTS-MIB.my
8. CISCO-TC.my
These MIBs as well as all the Cisco private MIBs can be downloaded from:
ftp://ftp.cisco.com/pub/mibs/
Using the CLI
CLI (Command Line Interface) is a text-based human interface that prompts the user for a command to execute an action. For the example, in this article we will be using NET-SNMP loaded on a Sun Solaris platform. However, NET-SNMP functions the same regardless of the platform it has been compiled and loaded on. If should be noted how that some of the augments for the commands have changed from version to version and some of the examples presented in this article may require slight modification to execute properly.
Why an SNMP CLI? Having a SNMP CLI is useful for a number of reasons. It can be used for determining what MIBs are supported on a particular device if there is a lack of documentation. It can be used to verify or troubleshoot SNMP conversations between a management station and an SNMP agent. It allows a user to quickly query information that may not be available by other means. It can also be used for quickly developing light-weight network management tool.
To be able to pull any information from a device via SNMP the user will require several items
- Access to the SNMP CLI
- The required MIBs loaded
- The read community string to request data
- The write community string to set data
- The destination device IP address or host name if in DNS
- The OID/OIDs to be polled
- Index Number
- A basic understanding of the OS (Operating System) servicing the CLI
Through the rest of this article, the command line prompt will be denoted as follows “prompt–>”. When the reader sees this prompt they should know what follows is an SNMP command.
For this and the rest of the examples we will use the following information as noted above.
- Sun Solaris Platform
- All Required MIBs have been loaded
- Read community string == asteroid
- Write community string == meteorshower
- Destination IP address == 10.100.25.1
- OID == .1.3.6.1.2.1.1.1
- Index Number == 0
- prompt–>
Example 1
For the first example we are going to use the sysDescr OID presented earlier in this article. We are going to request the device at 10.100.25.1 to give us a description of itself. The syntax for our SNMP CLI will be as follows:
SNMP command, –options, device, community string, OID
The following is the actual statement typed at the command line. (Remember not to forget to append the index number at the end of the OID)
prompt–>snmpget –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.1.1.0
The following is the reply from the SNMP agent residing on the network device
system.sysDescr.0 = “Cisco Internetwork Operating System Software ..IOS ™ C2900XL Software (C2900XL-H2S-M), Version 11.2(8.1)SA6, MAINTENANCE INTERIM SOFTWARE..Copyright (c) 1986-1999 by cisco Systems, Inc…Compiled Fri 14-May-99 17:35 by jchristy”
As one can see from this example the device being quarried responded with the type of Operating System it is running( Cisco IOS), the type of switch(C2900XL-H2S-M), the version of IOS 11.2(8.1)SA6, and the Compilation date.
Example 2
For example two we will query the same device with the same OID but this time will use the unique name instead of the dot number notation. This will show that the two are completely interchangeable. It is also acceptable to mix the two types for example, have it half dot number notation and half dot name notation. Once again don’t forget to append the index number to the end of the OID.
prompt–>snmpget –Ov 10.100.25.1 asteroid ios.org.dod.internet.mgmt.mib2.system.sysDescr.0
system.sysDescr.0 = “Cisco Internetwork Operating System Software ..IOS ™ C2900XL Software (C2900XL-H2S-M), Version 11.2(8.1)SA6, MAINTENANCE INTERIM SOFTWARE..Copyright (c) 1986-1999 by cisco Systems, Inc… Compiled Fri 14-May-99 17:35 by jchristy”
Notice that the response was exactly the same as in example 1.
Example 3
This next example will demonstrate the use of the SNMP set command. Before we can use the SNMP set command we must have an OID that is defined as Read-Write. If we attempted to use the OID from the previous two examples we would get an error. For example 3 we are going to demonstrate writing to a couple OIDs. The first will be sysContact (System Contact) or .1.3.6.1.2.1.1.4. Once again there can only be one sysContact for a device therefore the instance index will be “0”. We will be using all the same information as in examples 1, and 2 with the exception of the OID, and this time we will use the write community string instead of the read.
The syntax for an snmpset is as follows
snmpset [options…] {} [ …]
prompt–>snmpget –Ov 10.100.25.1 meteorshower .1.3.6.1.2.1.1.4.0
response
system.sysContact.0 = “Bugs Bunny Ph(512)555 1234″
prompt–>snmpset 10.100.25.1 meteorshower .1.3.6.1.2.1.1.4.0 s “Wile E Coyote Ph(512)555-4321”
response
system.sysContact.0 = ” Wile E Coyote Ph(512)555-4321″
prompt–>snmpget –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.1.4.0
response
system.sysContact.0 = ” Wile E Coyote Ph(512)555-4321″
In this example we first used the snmpget command to check the current information stored in the sysContact variable on the network device. Note that the information was gathered using the write community string. This was done to demonstrate that the write community string can be used to query information. The information was then changed using the snmpset command. The “s” option place behind the OID is there to tell NET-SNMP that it will be sending a string to the device. The final snmpget command was used to verify that the previous snmpset set the data correctly.
Example 4
Example 4 demonstrates using an instance index other than “0” appended to the end of an OID. For this example we will be using the ifDescr, and the ifSpeed OID. The fully qualified notation for these OIDs is
.1.3.6.1.2.1.2.2.1.2 and .1.3.6.1.2.1.2.2.1.5
respectively. The ifDescr will be used to demonstrate how the instance index references a port defined in Cisco IOS for this particular OID. The ifSpeed OID will then be used to get the speed for the defined port.
prompt–>snmpget –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.2.2.1.2.5
“FastEthernet0/4”
prompt–>snmpget –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.2.2.1.2.6
“FastEthernet0/5”
prompt–>snmpget –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.2.2.1.5.6
Gauge32: 100000000
In this example two gets were performed using the ifDescr OID the only thing that changed was the index number at the end, resulting in the next port number being returned. Following these the two IfDescr gets was a get performed to retrieve the port speed for FastEthernet 0/5 (instance index “6”) the result was 1000000000. This may seem wrong at first but his number must be divided by 10000000.
Speed = Result/1.0*X^7
100=1000000000/10000000
for FastEthernet 0/5 the current operating speed in 100Mb/s
Example 5
Example 5 will demonstrate the use of the getnext command. The getnext command is used to get the next OID variable instance. If we use the ifDescr as we did in the previous example, and we use the instance index of “6” like we did for second get command from the previous example. The getnext command if used with an instance index of “6” then we would get the a response as if we would have used an instance index of “7”.
prompt–>snmpgetnext –Ov 10.100.25.1 asteroid .1.3.6.1.2.1.2.2.1.2.6
“FastEthernet0/6”
Notice that the getnext command produced a response we would have expected if we used and index number of “7”.
SNMP In Simple Scripts
An SNMP command line can be extremely useful by itself, however it becomes far more powerful when used in scripts to create small but extremely useful tool. Because the needs of network administrators vary so widely it would be impossible for the developers of network management system to develop tools for every organizational need. At some point and time nearly every network administrator will require a tool that is not commercially available. It will be up to the network administration staff to build some sort of light-weight tool to fill their requirement.
Example 6
Example 6 will show the reader a script written in the Borne shell which incorporates the NET-SNMP commands into a small useful utility. The following script should be able to run on any UNIX system that has NET-SNMP installed.
#/bin/ksh
touch SwitchStats
rm SwitchStats
OutPutFile=$1″_switch”
CommunityString=enquire
Switch=$1
echo $Switch
ifNumber=.1.3.6.1.2.1.2.1.0
NumOfPorts=`snmpget -Ov $Switch $CommunityString $ifNumber`
echo “The Number of Interfaces is ” $NumOfPorts
echo “InterNumber ” $NumOfPorts
num=1
while [ $num -lt NumOfPorts ]
do
ifAdminStatus=.1.3.6.1.2.1.2.2.1.7.
ifOperStatus=.1.3.6.1.2.1.2.2.1.8.
upstat=1
downstat=2
ifInOctets=.1.3.6.1.2.1.2.2.1.10.
ifOutOctests=.1.3.6.1.2.1.2.2.1.16.
IfSpeed=.1.3.6.1.2.1.2.2.1.5.
AdminStat=`snmpget -Ov $Switch $CommunityString $ifAdminStatus$num`
OperStatus=`snmpget -Ov $Switch $CommunityString $ifOperStatus$num`
if[“$AdminStat” = “$upstat” -a “$OperStatus” = “$upstat”]
then
InBites=`snmpget -Ov $Switch $CommunityString $ifInOctetsIns$num`
OutBites=`snmpget -Ov $Switch $CommunityString $ifOutOctets$num`
Speed=`snmpget -Ov $Switch $CommunityString $IfSpeed$num`
Port=`echo $Speed | nawk ‘{ print $2 }’`
InOct=ShutDown
OutOct=ShutDown
TrueSpeed=ShutDown
InOct=`echo “In Bites ” $InBites | nawk ‘{print $4}’`
OutOct=`echo “Out Bites ” $OutBites | nawk ‘{print $4}’`
TrueSpeed=`expr $Port / 1000000`
echo “Port #” $num >> SwitchStats
echo “Speed is ” $TrueSpeed >> $OutPutFile
echo “InOct ” $InOct >> $OutPutFile
echo “OutOct ” $OutOct >> $OutPutFile
fi
num=`expr $num + 1`
done
Example 6 displays a script using the NET-SNMP statements in the script. The following is a simple script that accepts a switch name as an argument when the script is executed. The script then queries the device to see how many interfaces it has. It then quarries each interface to see if it is up. If the interface is up it then pulls the number of Octets In and Out along with the speed of the interface. All this is then put into a log file.
The script presented here isn’t overly useful with the exception of providing some information on a particular switches interface. The point here is to show how SNMP commands can be used in conjunction with one another to create simple tools but effective tool to help network administrators manage their devices.
Below is a portion of the log file created.
Additional NET-SNMP Tools
The primary focus of this white paper was to provide the read with an understanding of how to use the basic SNMP commands at the command line to gather or verify information. Below are a couple extra tools provided by NET-SNMP that are extremely useful but are not part of the standard SNMP specifications.
SNMP Translate
snmptranslate is a tool in NET-SNMP used for converting OID between the sybolic name notation and the number notation. Snmptranslate will also allow the user to view and entire branch of an MIB.
Example 7
Example 7 is a simple example and shows how the snmptranslate tool easily converts between the sybolic name notation and the number notation.
prompt–> snmptranslate -Onf .1.3.6.1.2.1.2.1.1.7
.iso.org.dod.internet.mgmt.mib-2.system.sysServices
prompt–>snmptranslate –Ofe .iso.org.dod.internet.mgmt.mib-2.system.sysServices
.1.3.6.1.2.1.2.1.1.7
The follow show how simple it is to convert an OID.
Example 8
snmptranslate will also produce down stream tree structures for a MIB example 8 will display the system branch of the “MIBII” MIB.
prompt–>snmptranslate –Ofn .1.3.6.1.2.1.2.1.1.7
+–system(1)
|
+– -R– String sysDescr(1)
| Textual Convention: DisplayString
| Size: 0..255
+– -R– ObjID sysObjectID(2)
+– -R– TimeTicks sysUpTime(3)
+– -RW- String sysContact(4)
| Textual Convention: DisplayString
| Size: 0..255
+– -RW- String sysName(5)
| Textual Convention: DisplayString
| Size: 0..255
+– -RW- String sysLocation(6)
| Textual Convention: DisplayString
| Size: 0..255
+– -R– INTEGER sysServices(7)
| Range: 0..127
+– -R– TimeTicks sysORLastChange(8)
| Textual Convention: TimeStamp
|
+–sysORTable(9)
|
+–sysOREntry(1)
| Index: sysORIndex
|
+– —- INTEGER sysORIndex(1)
| Range: 1..2147483647
+– -R– ObjID sysORID(2)
+– -R– String sysORDescr(3)
| Textual Convention: DisplayString
| Size: 0..255
+– -R– TimeTicks sysORUpTime(4)
Textual Convention: TimeStamp
GetTable
NET-SNMP also has a gettable command. This command is used for getting tables defined in MIBs. The gettable command retrieves the requested table data and formats the information in an easy to read layout. Tables can provide a wealth of information. All the information gathered in the script displayed earlier plus much more could be retrieved by using the ifTable. However a script allows for only gather needed data.
Tables can be extremely valuable but there can be a cost for the information. Pulling tables from a network device can require the device to use large amounts of resources to fulfill the request. Gathering information from tables should be used sparingly. Table should NOT be polled on a regular bases for performance statistics. This can cause a network device to unnecessarily use valuable resources to fulfill these request often at the expense of transferring data.
Conclusion
The author of this article hopes that the content in this article has provided the reader with a good understanding of the benefits and some of the practical uses for an SNMP CLI. SNMP, can because an invaluable to for network administrators, however one should always use SNMP caution. A user should always validate the polling of data will not have an adverse effect on the network. Additionally all security precautions should be exercised when using SNMP on a network to insure unauthorized personnel or system do gain access to any network device.
Glossary
SNMP: Simple Network Management Protocol
OS: Operation System
IOS: Internet Operation System
OID: Object Identifier
MIB: Management Information Base
SMI: Structure of Management Information
CLI: Command Line Interface
RFC: Request For Comment
Educational Material Provided by Tobias International Inc.
Contact Us for more information