NetCrossing Gateway NX-2E1/T1 Operator’s Manual
5-3
simple, transaction-based (command/response) protocol, which allows a variety of third-party
software products to query network devices and collect data for these purposes.
For a generic introduction to the SNMP protocol, we recommend the book "The Simple Book - An
Introduction to Internet Management" by Marshall T Rose (P T R Prentice-Hall, 1994).
5.2.2
What is SNMP?
The SNMP protocol is described in the following documents:
•
RFC1157 - Simple Network Management Protocol (SNMP) -
ftp://ftp.isi.edu/in-notes/rfc1157.txt
•
RFC1155 - Structure and identification of management information for TCP/IP-based internets -
ftp://ftp.isi.edu/in-notes/rfc1155.txt
•
RFC1213 - Management Information Base for Network Management of TCP/IP-based internets:
MIB-II -
ftp://ftp.isi.edu/in-notes/rfc1213.txt
SNMP is a specification for the interaction (
protocol
) between the
SNMP agent
embedded in a
network device, and the
SNMP manager
software running on another machine in the network.
The data provided by the SNMP agent in a network device is described by a document called the MIB
(Management Information Base).
MIB-II
describes the basic information provided by all devices,
and additional documents describe optional extensions for components that may not exist in most
devices.
Devices may also provide non-standard MIB groups. In order for a network management system to
make use of these extended features, the MIB description must be obtained from the device
manufacturer and loaded into the management station.
SNMP data travels in IP packets, using the UDP port 161 for the agent, so in order to use SNMP, the
device must have an IP address.
5.2.3
Security Considerations in SNMP
SNMP was designed before the Internet grew commercial, and the original design was not secure.
Later versions intended to provide security, but grew cumbersome and complex. As a result, most
devices provide secure operation in a non-standard way.
The original SNMP design as embedded in the protocol, assigns network devices to named
communities. Any transactions exchanged between the agent and the manager include the name of the
community to which they both belong. The agent has a list of which access rights (set, get, trap) it
will grant for each community of which it is a member.
In the NetCrossing Gateway, this has been re-interpreted: The gateway has a list of up to 4
management stations from which it will accept requests, and for each one - identified by its IP address
- it is indicated what access rights it is granted, and which community string it must use. Requests
from all other sources are ignored. Refer to the
snmp
command in section 5.6 for details on how to
configure the gateway for management using SNMP..
Summary of Contents for NX-2E1
Page 2: ......
Page 4: ......
Page 8: ...NetCrossing Gateway NX 2E1 T1 Operator s Manual iv ...
Page 10: ...NetCrossing Gateway NX 2E1 T1 Operator s Manual vi ...
Page 34: ......
Page 56: ......