This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 27 and 28
Revision 27 as of 2007-08-24 18:23:28
Size: 12290
Editor: LuisOntanon
Comment: There had to be a reson for them to call it "Simple"!
Revision 28 as of 2008-04-12 17:50:00
Size: 12400
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 12: Line 12:
Typically, SNMP uses ["UDP"] as its transport protocol. The well known UDP ports for SNMP traffic are 161 (SNMP) and 162 (SNMPTRAP). It can also run over ["TCP"], ["Ethernet"], ["IPX"], and other protocols. ["ATM"] uses SNMP as its ["ILMI"] (Integrated Local Management Interface) protocol. Typically, SNMP uses [[UDP]] as its transport protocol. The well known UDP ports for SNMP traffic are 161 (SNMP) and 162 (SNMPTRAP). It can also run over [[TCP]], [[Ethernet]], [[IPX]], and other protocols. [[ATM]] uses SNMP as its [[ILMI]] (Integrated Local Management Interface) protocol.
Line 20: Line 20:
Wireshark uses the [http://www.net-snmp.org/ Net-SNMP] libraries to resolve numeric OIDs (e.g. 1.3.6.1.2.1.2.2.1.6.1) into human readable format (e.g. IF-MIB::ifPhysAddress.1). The default installation only contains some common MIB files so Wireshark won't be able to resolve all possible OIDs. Wireshark uses the [[http://www.net-snmp.org/|Net-SNMP]] libraries to resolve numeric OIDs (e.g. 1.3.6.1.2.1.2.2.1.6.1) into human readable format (e.g. IF-MIB::ifPhysAddress.1). The default installation only contains some common MIB files so Wireshark won't be able to resolve all possible OIDs.
Line 22: Line 22:
You can configure which MIB files are loaded by using the preference setting mentioned below, the MIBS environment variable or by editing snmp.conf as described in the [http://www.net-snmp.org/tutorial/tutorial-5/commands/mib-options.html Net-SNMP Tutorial] (XXX - is this true for Win32?) (XXX - which setting takes precedence?). You can configure which MIB files are loaded by using the preference setting mentioned below, the MIBS environment variable or by editing snmp.conf as described in the [[http://www.net-snmp.org/tutorial/tutorial-5/commands/mib-options.html|Net-SNMP Tutorial]] (XXX - is this true for Win32?) (XXX - which setting takes precedence?).
Line 39: Line 39:
The following will give an example to add the missing information to display attachment:SampleCaptures/b6300a.cap correctly. The following will give an example to add the missing information to display [[attachment:SampleCaptures/b6300a.cap]] correctly.
Line 43: Line 43:
What's missing now is the enterprise with the id 253. [http://www.iana.org/assignments/enterprise-numbers The IANA Private Enterprise Numbers list] tells us that this is Xerox. What's missing now is the enterprise with the id 253. [[http://www.iana.org/assignments/enterprise-numbers|The IANA Private Enterprise Numbers list]] tells us that this is Xerox.
Line 91: Line 91:
attachment:SampleCaptures/b6300a.cap A bunch of GETs and RESPONSEs [[attachment:SampleCaptures/b6300a.cap]] A bunch of GETs and RESPONSEs
Line 94: Line 94:
A complete list of SNMP display filter fields can be found in the [http://www.wireshark.org/docs/dfref/s/snmp.html display filter reference] A complete list of SNMP display filter fields can be found in the [[http://www.wireshark.org/docs/dfref/s/snmp.html|display filter reference]]
Line 101: Line 101:
You cannot directly filter SNMP protocols while capturing. However, if you know the ["UDP"] ports used (see above), you can filter on that ones. You cannot directly filter SNMP protocols while capturing. However, if you know the [[UDP]] ports used (see above), you can filter on that ones.
Line 110: Line 110:
 * [http://www.ietf.org/rfc/rfc1028.txt RFC 1028] ''A Simple Gateway Monitoring Protocol''  * [[http://www.ietf.org/rfc/rfc1028.txt|RFC 1028]] ''A Simple Gateway Monitoring Protocol''
Line 114: Line 114:
 * [http://www.ietf.org/rfc/rfc1155.txt RFC 1155] ''Structure and Identification of Management Information for TCP/IP-based Internets''
 * [http://www.ietf.org/rfc/rfc1156.txt RFC 1156] ''Management Information Base for Network Management of TCP/IP-based internets''
 * [http://www.ietf.org/rfc/rfc1157.txt RFC 1157] ''A Simple Network Management Protocol (SNMP)''
 * [http://www.ietf.org/rfc/rfc1158.txt RFC 1158] ''Management Information Base for Network Management of TCP/IP-based internets: MIB-II''
 * [[http://www.ietf.org/rfc/rfc1155.txt|RFC 1155]] ''Structure and Identification of Management Information for TCP/IP-based Internets''
 * [[http://www.ietf.org/rfc/rfc1156.txt|RFC 1156]] ''Management Information Base for Network Management of TCP/IP-based internets''
 * [[http://www.ietf.org/rfc/rfc1157.txt|RFC 1157]] ''A Simple Network Management Protocol (SNMP)''
 * [[http://www.ietf.org/rfc/rfc1158.txt|RFC 1158]] ''Management Information Base for Network Management of TCP/IP-based internets: MIB-II''
Line 121: Line 121:
 * [http://www.ietf.org/rfc/rfc1441.txt RFC 1441] ''Introduction to version 2 of the Internet-standard Network Management Framework''
 * [http://www.ietf.org/rfc/rfc1442.txt RFC 1442] ''Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1443.txt RFC 1443] ''Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1444.txt RFC 1444] ''Conformance Statements for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1445.txt RFC 1445] ''Administrative Model for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1446.txt RFC 1446] ''Security Protocols for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1447.txt RFC 1447] ''Party MIB for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1448.txt RFC 1448] ''Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1449.txt RFC 1449] ''Transport Mappings for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1450.txt RFC 1450] ''Management Information Base for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1451.txt RFC 1451] ''Manager-to-Manager Management Information Base''
 * [http://www.ietf.org/rfc/rfc1452.txt RFC 1452] ''Coexistence between version 1 and version 2 of the Internet-standard Network Management Framework''
 * [[http://www.ietf.org/rfc/rfc1441.txt|RFC 1441]] ''Introduction to version 2 of the Internet-standard Network Management Framework''
 * [[http://www.ietf.org/rfc/rfc1442.txt|RFC 1442]] ''Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1443.txt|RFC 1443]] ''Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1444.txt|RFC 1444]] ''Conformance Statements for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1445.txt|RFC 1445]] ''Administrative Model for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1446.txt|RFC 1446]] ''Security Protocols for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1447.txt|RFC 1447]] ''Party MIB for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1448.txt|RFC 1448]] ''Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1449.txt|RFC 1449]] ''Transport Mappings for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1450.txt|RFC 1450]] ''Management Information Base for version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1451.txt|RFC 1451]] ''Manager-to-Manager Management Information Base''
 * [[http://www.ietf.org/rfc/rfc1452.txt|RFC 1452]] ''Coexistence between version 1 and version 2 of the Internet-standard Network Management Framework''
Line 136: Line 136:
 * [http://www.ietf.org/rfc/rfc1901.txt RFC 1901] ''Introduction to Community-based SNMPv2''
 * [http://www.ietf.org/rfc/rfc1902.txt RFC 1902] ''Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1903.txt RFC 1903] ''Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1904.txt RFC 1904] ''Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1905.txt RFC 1905] ''Protocol Operations for Version 2 of Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1906.txt RFC 1906] ''Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1907.txt RFC 1907] ''Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [http://www.ietf.org/rfc/rfc1908.txt RFC 1908] ''Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework''
 * [[http://www.ietf.org/rfc/rfc1901.txt|RFC 1901]] ''Introduction to Community-based SNMPv2''
 * [[http://www.ietf.org/rfc/rfc1902.txt|RFC 1902]] ''Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1903.txt|RFC 1903]] ''Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1904.txt|RFC 1904]] ''Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1905.txt|RFC 1905]] ''Protocol Operations for Version 2 of Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1906.txt|RFC 1906]] ''Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1907.txt|RFC 1907]] ''Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2)''
 * [[http://www.ietf.org/rfc/rfc1908.txt|RFC 1908]] ''Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework''
Line 147: Line 147:
 * [http://www.ietf.org/rfc/rfc2271.txt RFC 2271] ''An Architecture for Describing SNMP Management Frameworks''
 * [http://www.ietf.org/rfc/rfc2272.txt RFC 2272] ''Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)''
 * [http://www.ietf.org/rfc/rfc2273.txt RFC 2273] ''SNMPv3 Applications''
 * [http://www.ietf.org/rfc/rfc2275.txt RFC 2275] ''View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)''
 * [http://www.ietf.org/rfc/rfc3414.txt RFC 3414] ''User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)''
 * [http://www.ietf.org/rfc/rfc3826.txt RFC 3826] ''The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model''
 * [[http://www.ietf.org/rfc/rfc2271.txt|RFC 2271]] ''An Architecture for Describing SNMP Management Frameworks''
 * [[http://www.ietf.org/rfc/rfc2272.txt|RFC 2272]] ''Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)''
 * [[http://www.ietf.org/rfc/rfc2273.txt|RFC 2273]] ''SNMPv3 Applications''
 * [[http://www.ietf.org/rfc/rfc2275.txt|RFC 2275]] ''View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)''
 * [[http://www.ietf.org/rfc/rfc3414.txt|RFC 3414]] ''User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)''
 * [[http://www.ietf.org/rfc/rfc3826.txt|RFC 3826]] ''The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model''
Line 156: Line 156:
 * [http://www.ietf.org/rfc/rfc1271.txt RFC 1271] ''Remote Network Monitoring Management Information Base''
 * [http://www.ietf.org/rfc/rfc1513.txt RFC 1513] ''Token Ring Extensions to the Remote Network Monitoring MIB''
 * [http://www.ietf.org/rfc/rfc1513.txt RFC 1757] ''Remote Network Monitoring Management Information Base'' (obsoletes 1271)
 * [http://www.ietf.org/rfc/rfc2021.txt RFC 2021] ''Remote Network Monitoring Management Information Base - Version 2 - using SMIv2''
 * [http://www.ietf.org/rfc/rfc2613.txt RFC 2613] ''Remote Network Monitoring MIB Extensions for Switched Networks Version 1.0''
 * [http://www.ietf.org/rfc/rfc2895.txt RFC 2819] ''Remote Network Monitoring Management Information Base'' (obsoletes 1757)
 * [http://www.ietf.org/rfc/rfc2895.txt RFC 2895] ''Remote Network Monitoring MIB Protocol Identifier Reference''
 * [http://www.ietf.org/rfc/rfc2896.txt RFC 2896] ''Remote Network Monitoring MIB Protocol Identifier Macros''
 * [http://www.ietf.org/rfc/rfc3144.txt RFC 3144] ''Remote Monitoring MIB Extensions for Interface Parameters Monitoring''
 * [http://www.ietf.org/rfc/rfc3273.txt RFC 3273] ''Remote Network Monitoring Management Information Base for High Capacity Networks''
 * [http://www.ietf.org/rfc/rfc3287.txt RFC 3287] ''Remote Monitoring MIB Extensions for Differentiated Services''
 * [http://www.ietf.org/rfc/rfc3395.txt RFC 3395] ''Remote Network Monitoring MIB Protocol Identifier Reference Extensions''
 * [http://www.ietf.org/rfc/rfc3434.txt RFC 3434] ''Remote Monitoring MIB Extensions for High Capacity Alarms''
 * [[http://www.ietf.org/rfc/rfc1271.txt|RFC 1271]] ''Remote Network Monitoring Management Information Base''
 * [[http://www.ietf.org/rfc/rfc1513.txt|RFC 1513]] ''Token Ring Extensions to the Remote Network Monitoring MIB''
 * [[http://www.ietf.org/rfc/rfc1513.txt|RFC 1757]] ''Remote Network Monitoring Management Information Base'' (obsoletes 1271)
 * [[http://www.ietf.org/rfc/rfc2021.txt|RFC 2021]] ''Remote Network Monitoring Management Information Base - Version 2 - using SMIv2''
 * [[http://www.ietf.org/rfc/rfc2613.txt|RFC 2613]] ''Remote Network Monitoring MIB Extensions for Switched Networks Version 1.0''
 * [[http://www.ietf.org/rfc/rfc2895.txt|RFC 2819]] ''Remote Network Monitoring Management Information Base'' (obsoletes 1757)
 * [[http://www.ietf.org/rfc/rfc2895.txt|RFC 2895]] ''Remote Network Monitoring MIB Protocol Identifier Reference''
 * [[http://www.ietf.org/rfc/rfc2896.txt|RFC 2896]] ''Remote Network Monitoring MIB Protocol Identifier Macros''
 * [[http://www.ietf.org/rfc/rfc3144.txt|RFC 3144]] ''Remote Monitoring MIB Extensions for Interface Parameters Monitoring''
 * [[http://www.ietf.org/rfc/rfc3273.txt|RFC 3273]] ''Remote Network Monitoring Management Information Base for High Capacity Networks''
 * [[http://www.ietf.org/rfc/rfc3287.txt|RFC 3287]] ''Remote Monitoring MIB Extensions for Differentiated Services''
 * [[http://www.ietf.org/rfc/rfc3395.txt|RFC 3395]] ''Remote Network Monitoring MIB Protocol Identifier Reference Extensions''
 * [[http://www.ietf.org/rfc/rfc3434.txt|RFC 3434]] ''Remote Monitoring MIB Extensions for High Capacity Alarms''
Line 172: Line 172:
 * [http://tools.ietf.org/html/rfc2578 RFC 2578] ''Structure of Management Information Version 2 (SMIv2)''
 * [http://tools.ietf.org/html/rfc2579 RFC 2579] ''Textual Conventions for SMIv2''
 * [http://tools.ietf.org/html/rfc2580 RFC 2580] ''Conformance Statements for SMIv2''
 * [[http://tools.ietf.org/html/rfc2578|RFC 2578]] ''Structure of Management Information Version 2 (SMIv2)''
 * [[http://tools.ietf.org/html/rfc2579|RFC 2579]] ''Textual Conventions for SMIv2''
 * [[http://tools.ietf.org/html/rfc2580|RFC 2580]] ''Conformance Statements for SMIv2''

Simple Network Management Protocol (SNMP)

SNMP is used to monitor and manage devices on networks.

History

XXX - add a brief description of SNMP history

Protocol dependencies

Typically, SNMP uses UDP as its transport protocol. The well known UDP ports for SNMP traffic are 161 (SNMP) and 162 (SNMPTRAP). It can also run over TCP, Ethernet, IPX, and other protocols. ATM uses SNMP as its ILMI (Integrated Local Management Interface) protocol.

Wireshark

The SNMP dissector is fully functional. If propperly configured allows to decrypt encrypted SNMPv3 packets.

MIB files

Wireshark uses the Net-SNMP libraries to resolve numeric OIDs (e.g. 1.3.6.1.2.1.2.2.1.6.1) into human readable format (e.g. IF-MIB::ifPhysAddress.1). The default installation only contains some common MIB files so Wireshark won't be able to resolve all possible OIDs.

You can configure which MIB files are loaded by using the preference setting mentioned below, the MIBS environment variable or by editing snmp.conf as described in the Net-SNMP Tutorial (XXX - is this true for Win32?) (XXX - which setting takes precedence?). You can also specify "ALL" in the preferences, resulting in all MIBs being loaded.

When specifying the MIB modules to load, use a colon separator. Note that the MIB module name is not necessarily the name of the file itself. The MIB name to use may be discovered by looking for the DEFINITIONS keyword in the MIB file.

For Unix systems, the MIB files are stored in /usr/local/share/snmp/mibs. Also make sure you have installed the Net-SNMP libs, the package is usually named something like libsnmp (XXX - which version is needed?).

For Windows, the MIB files are stored e.g. in C:\Program Files\Wireshark\snmp\mibs. The Net-SNMP libs are installed by the Wireshark setup.

XXX - are all MIB files in these dirs are inspected and only the "right" files loaded?

Many network-related MIBs definitions can be downloaded from http://bytesphere.com/mibs/detail.html or http://www.mibdepot.com.

Which MIB's do I need?

If you see any unresolved OID's you may need to add a MIB file to the Net-SNMP libs.

The following will give an example to add the missing information to display SampleCaptures/b6300a.cap correctly.

In packet 7 you see: SNMPv2-SMI::enterprise.253.8.64.4.2.1.5.10.14150900 resp. 1.3.6.1.4.1.253.8.64.4.2.1.5.10.14150900.

What's missing now is the enterprise with the id 253. The IANA Private Enterprise Numbers list tells us that this is Xerox.

Get hold of the Xerox MIBs from one of the links above and place them in the mibs directory (you need the printer-MIB as well) and change the file ending from .mib to .txt.

When loading a specified MIB module failed a warning message like: Cannot find module (IP-MIB): At line 0 in (none) will be shown on the console at Wireshark startup. WIN32: To have a console window already open at that time, set the preference setting "Open a console window" to "Always", Save the Preferences and restart Wireshark. Otherwise the console will be open too late and you'll see nothing.

Preference Settings

Wireshark's SNMP protocol preferences let you control the display of the OID in the info column, desegmentation of SNMP over TCP, and which MIB modules to load (see above).

The USMuserTable file preference allows the user to choose a file with the engine-ids, usernames and passwords in order to allow decryption of encrypted packets. The file is formated as follows:

# this is an example snmp_users_file

# comments start with a # and finish at the end of line
# empty lines are ignored 

# each record has the following fileds
# engine-id username auth_pass priv_pass auth_proto priv_proto
# fileds are separated by whitespace
# engine-id, username and passwds can be either "double quoted" or hex
# double quoted strings are c-style strings and take escape chars
# a '*' as engine-id matches any any given engine-id
# auth_proto can be either MD5 or SHA1 (or just SHA). Defaults to MD5 if not given.
# priv_proto can be either DES or AES. Defaults to DES if not given.
# protocols are case-insensitive (md5 == MD5)
# first match wins (place localized entries before those for any engine)

80001F888059DC486145A26322 "pippo" "plutoxxx" "PLUTOxxx" MD5 DES

# pippo for any engine will use DES and MD5
* "pippo" "plutoxxx" "PLUTOxxx"


# SHA + DES
80001F888059DC486145A26322 "pippo2" "plutoxxx" "PLUTOxxx" SHA

# SHA + AES
80001F888059DC486145A26322 "pippo3" "plutoxxx" "PLUTOxxx" SHA AES

# MD5 + AES
80001F888059DC486145A26322 "pippo4" "plutoxxx" "PLUTOxxx" AES

Example traffic

SampleCaptures/b6300a.cap A bunch of GETs and RESPONSEs

Display Filter

A complete list of SNMP display filter fields can be found in the display filter reference

  • Show only the SNMP based traffic:

     snmp 

Capture Filter

You cannot directly filter SNMP protocols while capturing. However, if you know the UDP ports used (see above), you can filter on that ones.

  • Capture SNMP traffic over the default ports (161 and 162):

     udp port 161 or udp port 162 

SGMP (an ancestor of SNMP):

  • RFC 1028 A Simple Gateway Monitoring Protocol

SNMPv1

  • RFC 1155 Structure and Identification of Management Information for TCP/IP-based Internets

  • RFC 1156 Management Information Base for Network Management of TCP/IP-based internets

  • RFC 1157 A Simple Network Management Protocol (SNMP)

  • RFC 1158 Management Information Base for Network Management of TCP/IP-based internets: MIB-II

SNMPv2

  • RFC 1441 Introduction to version 2 of the Internet-standard Network Management Framework

  • RFC 1442 Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1443 Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1444 Conformance Statements for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1445 Administrative Model for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1446 Security Protocols for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1447 Party MIB for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1448 Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1449 Transport Mappings for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1450 Management Information Base for version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1451 Manager-to-Manager Management Information Base

  • RFC 1452 Coexistence between version 1 and version 2 of the Internet-standard Network Management Framework

SNMPv2 (Community based)

  • RFC 1901 Introduction to Community-based SNMPv2

  • RFC 1902 Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1903 Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1904 Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1905 Protocol Operations for Version 2 of Simple Network Management Protocol (SNMPv2)

  • RFC 1906 Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1907 Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2)

  • RFC 1908 Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework

SNMPv3

  • RFC 2271 An Architecture for Describing SNMP Management Frameworks

  • RFC 2272 Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)

  • RFC 2273 SNMPv3 Applications

  • RFC 2275 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)

  • RFC 3414 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)

  • RFC 3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model

RMON

  • RFC 1271 Remote Network Monitoring Management Information Base

  • RFC 1513 Token Ring Extensions to the Remote Network Monitoring MIB

  • RFC 1757 Remote Network Monitoring Management Information Base (obsoletes 1271)

  • RFC 2021 Remote Network Monitoring Management Information Base - Version 2 - using SMIv2

  • RFC 2613 Remote Network Monitoring MIB Extensions for Switched Networks Version 1.0

  • RFC 2819 Remote Network Monitoring Management Information Base (obsoletes 1757)

  • RFC 2895 Remote Network Monitoring MIB Protocol Identifier Reference

  • RFC 2896 Remote Network Monitoring MIB Protocol Identifier Macros

  • RFC 3144 Remote Monitoring MIB Extensions for Interface Parameters Monitoring

  • RFC 3273 Remote Network Monitoring Management Information Base for High Capacity Networks

  • RFC 3287 Remote Monitoring MIB Extensions for Differentiated Services

  • RFC 3395 Remote Network Monitoring MIB Protocol Identifier Reference Extensions

  • RFC 3434 Remote Monitoring MIB Extensions for High Capacity Alarms

SMI

  • RFC 2578 Structure of Management Information Version 2 (SMIv2)

  • RFC 2579 Textual Conventions for SMIv2

  • RFC 2580 Conformance Statements for SMIv2

Discussion

Is there an easy way to find out, which MIB is really needed? From the example above: do I need all Xerox MIBs? Is there an online resource to find a map between the OID and the MIB? http://www.mibdepot.com can help on this

:-) After years thinking and reading RFCs and various other documents, today, I finally understood. "Simple" refers to "Network" not to "Management Protocol"! So it is a Management Protocol for Simple Networks not a Simple Protocol for Management of Networks... That explains why it's called "Simple". It was that Simple but it took me years to understand it! -- LuisOntanon

SNMP (last edited 2019-11-01 21:48:45 by GuyHarris)