White Paper Case Study: SNMP CLI Abstract: The purpose of this document is to convey to the reader the usefulness of an SNMP (Simple Network Management Protocol) CLI (Command Line Interface). This document assumes the reader has a basic understanding of SNMP. For information on SNMP basics the following URL is provided. http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/3_1/service/ccm_serv/ccmsrv/ssnm p.htm
Introduction SNMP is a network management protocol used to exchange messages between NMS (Network Management Systems) and agents that are embedded in the OS (Operating System) of manageable network devices. SNMP allows NMS to manage network devices remotely. SNMP enable management systems to manage network device by using MIBs (Management Information Base). The concept of the MIB is simple when a technology, application, or system is being developed. The developer can make the determination as to what information in the form of variable would be useful to manage the specific item. The developer would then create a MIB, which would contain OIDs (Object Identifiers). It is these OIDs that reference the desired management data variable. An object identifier is simply a unique id represented by a series off numbers and point that has a unique corresponding name. The format of OID is a sequence of numbers with dots in between. The root for object identifiers starts at one and is represented here by its name and number:(iso -.1 ) Most object identifier starts with.1.3.6.1 ( where 1 = iso, 3 = org, 6 = dod, 1 = internet ). Once an OID is at the Internet identifier there are two branches, mgmt and private. Private OID are developed by vendors for managing their specific products. Below is the sysdescr OID.1.3.6.1.2.1.1.1.ios.org.dod.internet.mgmt.mib2.system.sysDescr The focus of this document will be to show the reader how to use the SNMP CLI for a number of task. Including: To verify the MIBs/OIDs that are supported by a device To manually pull data from a network device Provide a tool for light- weight tool development To show how to remotely set variables Content This paper will be using NET- SNMP (Formerly UCD- SNMP). http://net- snmp.sourceforge.net/ The reason we are using NET- SNMP for this paper is that it provides a wealth of useful features. In addition, it is freely available to anyone for download from Sourceforge, however, a number of network management tools provide a SNMP CLI such as HP OpenView. All SNMP CLIs tools perform the same
basic functions, the reader should use the one the they are most comfortable with. It must be noted that the syntax will be slightly different from tool to tool however. To use SNMP, you will need a management platform. We are going to use NET- SNMP, typically the OS (Operating System) won t matter as long as you have compiled or loaded NET- SNMP for your platform. Before we can start using SNMP, we will need a device to manage. Required is an SNMP manageable network device such as a router or an Ethernet switch configured with Community Strings and configured to allow SNMP management. The four basic SNMP delivery mechanisms are: get, getnext, set, and a trap. This document will demonstrate how to use the first three mechanisms, the last is an SNMP trap. A trap is an unsolicited message sent by a device to a management system. Traps are extremely useful for notifications of specific event but traps are slightly beyond the scope of this document. For more information on SNMP traps: http://www.cisco.com/warp/public/477/snmp/snmp_trap.html OID Instance Index In order to retrieve values for an object it is necessary to specify an instance for the particular object. An instance for an object identifier is specified by appending the instance index number to the end of the OID. To illustrate this take the OID that was given above,.1.3.6.1.2.1.1.1.0
.ios.org.dod.internet.mgmt.mib2.system.sysdescr.0 notice the 0 appended to the end of the OID. The 0 is the instance index which specifies the first instance; the values for instance indexes start at 0 for the first position and increase as needed. The OID presented here is a scalar value and therefore will always have and index of 0 because there can only be one sysdescr (System Description) for a device. Later in this document scalar indexes for columnar objects with values other than 0 will be presented. Loading MIBs SNMP MIBs must be loaded into the management system in order for the management system to be able to use the OIDs defined by that MIB. Most management systems will already have many standard MIBs already loaded. These MIBs are defined in publication called RFCs (Request or Comment). The SNMP agent residing on Cisco devices support most of the RFC. When working with private MIBs, most of the time, these MIBs will have to be loaded (often call Compiled) into the management system. Often there are dependencies when loading private MIBs MIB- Loading Dependencies and Loading Order Often SNMP MIBs use definitions that are defined in other MIBs. These dependencies are list under IMPORT at the top of the MIB definition. If MIB B imports a definition from MIB A, some MIB compilers require you to load MIB A prior to loading MIB B. If you get the MIB loading order wrong, the MIB compiler might complain about what was imported claiming it as undefined or not listed in IMPORTS. If this happens, look at the loading order of the MIB definitions from the IMPORTS of the MIB. Make sure the required MIBs were loaded first. Provided is a list of MIBs, from these MIBs many other MIBs are defined, and therefore the order should be followed as list from top to bottom. When loading Cisco MIBs in this order, this should eliminate any dependency issues. 1. SNMPv2- SMI.my 2. SNMPv2- TC.my 3. SNMPv2- MIB.my 4. RFC1213- MIB.my 5. IF- MIB.my 6. CISCO- SMI.my 7. CISCO- PRODUCTS- MIB.my 8. CISCO- TC.my
These MIBs as well as all the Cisco private MIBs can be downloaded from: ftp://ftp.cisco.com/pub/mibs/ Using the CLI CLI (Command Line Interface) is a user interface which is a text based human interface that prompts the user for a command to execute an action. For the examples is this document we will be using NET- SNMP loaded on a Sun Solaris platform, however NET- SNMP functions the same regardless of the platform it has been compiled and loaded on. If should be noted now however that some of the arguments for the commands have changed from version to version and some of the examples presented in this document may require slight modification to execute properly. Why an SNMP CLI? Having a SNMP CLI is useful for a number of reasons. It can be used for determining what MIBs are supported on a particular device if there is a lack of documentation. It can be used to verify or troubleshoot SNMP conversations between a management station and an SNMP agent. It allows a user to quickly query information that may not be available by other means. It can also be used for quickly developing light- weight network management tool. To be able to pull any information from a device via SNMP, the user will require several items 1. Access to the SNMP CLI 2. The required MIBs loaded 3. The read community string to request data 4. The write community string to set data 5. The destination device IP address or host name if in DNS 6. The OID/OIDs to be polled 7. Index Number 8. A basic understanding of the OS (Operating System) servicing the CLI Through the rest of this document the command line prompt will be denoted as follows prompt- - >. When the reader sees this prompt they should know what follows is an SNMP command. For this and the rest of the examples we will use the following information as noted above 1. Sun Solaris Platform 2. All Required MIBs have been loaded 3. Read community string == asteroid
4. Write community string == meteorshower 5. Destination IP address == 10.100.25.1 6. OID ==.1.3.6.1.2.1.1.1 7. Index Number == 0 8. prompt- - > Example 1 For the first example, we are going to use the sysdescr OID presented earlier in this document. We are going to request the device at 10.100.25.1 to give us a description of itself. The syntax for our SNMP CLI will be as follows SNMP command, options, device, community string, OID The following is the actual statement typed at the command line. (Remember not to forget to append the index number at the end of the OID) prompt- - >snmpget Ov 10.100.25.1 asteroid.1.3.6.1.2.1.1.1.0 The following is the reply from the SNMP agent residing on the network device system.sysdescr.0 = "Cisco Internetwork Operating System Software..IOS (tm) C2900XL Software (C2900XL- H2S- M), Version 11.2(8.1)SA6, MAINTENANCE INTERIM SOFTWARE..Copyright (c) 1986-1999 by cisco Systems, Inc...Compiled Fri 14- May- 99 17:35 by jchristy" As one can see from this example, the device being queried responded with the type of Operating System it is running( Cisco IOS), the type of switch(c2900xl- H2S- M), the version of IOS 11.2(8.1)SA6, and the Compilation date. Example 2 For example 2, we will query the same device with the same OID but this time will use the unique name instead of the dot number notation. This will show that the two are completely interchangeable. It is
also acceptable to mix the two types for example, have it half dot number notation and half dot name notation. Once again don t forget to append the index number to the end of the OID. prompt- - >snmpget Ov 10.100.25.1 asteroid ios.org.dod.internet.mgmt.mib2.system.sysdescr.0 system.sysdescr.0 = "Cisco Internetwork Operating System Software..IOS (tm) C2900XL Software (C2900XL- H2S- M), Version 11.2(8.1)SA6, MAINTENANCE INTERIM SOFTWARE..Copyright (c) 1986-1999 by cisco Systems, Inc... Compiled Fri 14- May- 99 17:35 by jchristy" Notice that the response was exactly the same as in example 1. Example 3 This next example will demonstrate the use of the SNMP set command. Before we can use the SNMP set command, we must have an OID that is defined as Read- Write. If we attempted to use the OID from the previous two examples we would get an error. For example 3, we are going to demonstrate writing to a couple OIDs. The first will be syscontact (System Contact) or.1.3.6.1.2.1.1.4. Once again there can only be one syscontact for a device; therefore, the instance index will be 0. We will be using all the same information as in examples 1 and 2, with the exception of the OID, and this time we will use the write community string instead of the read. The syntax for an snmpset is as follows snmpset [options...] <hostname> {<community>} [<objectid> <type> <value>...] prompt- - >snmpget Ov 10.100.25.1 meteorshower.1.3.6.1.2.1.1.4.0 response system.syscontact.0 = "Bugs Bunny Ph(512)555 1234" prompt- - >snmpset 10.100.25.1 meteorshower.1.3.6.1.2.1.1.4.0 s Wile E Coyote Ph(512)555-4321 response system.syscontact.0 = " Wile E Coyote Ph(512)555-4321"
prompt- - >snmpget Ov 10.100.25.1 asteroid.1.3.6.1.2.1.1.4.0 response system.syscontact.0 = " Wile E Coyote Ph(512)555-4321" In this example, we first used the snmpget command to check the current information stored in the syscontact variable on the network device. Note that the information was gathered using the write community string. This was done to demonstrate that the write community string can be used to query information. The information was then changed using the snmpset command. The s option place behind the OID is there to tell NET- SNMP that it will be sending a string to the device. The final snmpget command was used to verify that the previous snmpset set the data correctly. Example 4 Example 4 demonstrates using an instance index other than 0 appended to the end of an OID. For this example, we will be using the ifdescr, and the ifspeed OID. The fully qualified notation for these OIDs is.1.3.6.1.2.1.2.2.1.2 and.1.3.6.1.2.1.2.2.1.5 respectively. The ifdescr will be used to demonstrate how the instance index references a port defined in Cisco IOS for this particular OID. The ifspeed OID will then be used to get the speed for the defined port. prompt- - >snmpget Ov 10.100.25.1 asteroid.1.3.6.1.2.1.2.2.1.2.5 "FastEthernet0/4" prompt- - >snmpget Ov 10.100.25.1 asteroid.1.3.6.1.2.1.2.2.1.2.6 "FastEthernet0/5" prompt- - >snmpget Ov 10.100.25.1 asteroid.1.3.6.1.2.1.2.2.1.5.6
Gauge32: 100000000 In this example, two gets were performed using the ifdescr OID. The only thing that changed was the index number at the end, resulting in the next port number being returned. Following these two IfDescr gets was a get performed to retrieve the port speed for FastEthernet 0/5 (instance index 6 ), the result was 1000000000. This may seem wrong at first but this number must be divided by 10000000. Speed = Result/1.0*X^7 100=1000000000/10000000 for FastEthernet 0/5 the current operating speed in 100Mb/s Example 5 Example 5 will demonstrate the use of the getnext command. The getnext command is used to get the next OID variable instance. If we use the ifdescr as we did in the previous example, and we use the instance index of 6 like we did for second get command from the previous example. The getnext command if used with an instance index of 6 then we would get the a response as if we would have used an instance index of 7. prompt- - >snmpgetnext Ov 10.100.25.1 asteroid.1.3.6.1.2.1.2.2.1.2.6 "FastEthernet0/6" Notice that the getnext command produced a response we would have expected if we used an index number of 7. SNMP In Simple Scripts
An SNMP command line can be extremely useful by itself, however, it becomes far more powerful when used in scripts to create small but extremely useful tool. Because the needs of network administrators vary so widely it would be impossible for the developers of network management system to develop tools for every organizational need. At some point and time, nearly every network administrator will require a tool that is not commercially available. It will be up to the network administration staff to build some sort of light- weight tool to fill their requirement. Example 6 Example 6 will show the reader a script written in the Borne shell which incorporates the NET- SNMP commands into a small useful utility. The following script should be able to run on any UNIX system that has NET- SNMP installed. #/bin/ksh touch SwitchStats rm SwitchStats OutPutFile=$1"_switch" CommunityString=enquire Switch=$1 echo $Switch ifnumber=.1.3.6.1.2.1.2.1.0 NumOfPorts=`snmpget - Ov $Switch $CommunityString $ifnumber` echo "The Number of Interfaces is " $NumOfPorts echo "InterNumber " $NumOfPorts num=1 while [ $num - lt NumOfPorts ] do ifadminstatus=.1.3.6.1.2.1.2.2.1.7. ifoperstatus=.1.3.6.1.2.1.2.2.1.8. upstat=1 downstat=2
ifinoctets=.1.3.6.1.2.1.2.2.1.10. ifoutoctests=.1.3.6.1.2.1.2.2.1.16. IfSpeed=.1.3.6.1.2.1.2.2.1.5. AdminStat=`snmpget - Ov $Switch $CommunityString $ifadminstatus$num` OperStatus=`snmpget - Ov $Switch $CommunityString $ifoperstatus$num` if["$adminstat" = "$upstat" - a "$OperStatus" = "$upstat"] then InBites=`snmpget - Ov $Switch $CommunityString $ifinoctetsins$num` OutBites=`snmpget - Ov $Switch $CommunityString $ifoutoctets$num` Speed=`snmpget - Ov $Switch $CommunityString $IfSpeed$num` Port=`echo $Speed nawk '{ print $2 }'` InOct=ShutDown OutOct=ShutDown TrueSpeed=ShutDown InOct=`echo "In Bites " $InBites nawk '{print $4}'` OutOct=`echo "Out Bites " $OutBites nawk '{print $4}'` TrueSpeed=`expr $Port / 1000000` fi echo "Port #" $num >> SwitchStats echo "Speed is " $TrueSpeed >> $OutPutFile echo "InOct " $InOct >> $OutPutFile echo "OutOct " $OutOct >> $OutPutFile done num=`expr $num + 1`
Example 6 displays a script using the NET- SNMP statements in the script. The following is a simple script that accepts a switch name as an argument when the script is executed. The script then queries the device to see how many interfaces it has, then queries each interface to see if it is up. If the interface is up, the script pulls the number of Octets In and Out along with the speed of the interface. All this is then put into a log file. The script presented here isn t overly useful with the exception of providing some information on a particular switches interface. The point here is to show how SNMP commands can be used in conjunction with one another to create simple tools but effective tool to help network administrators manage their devices. Below is a portion of the log file created. Additional NET- SNMP Tools The primary focus of this white paper was to provide the read with an understanding of how to use the basic SNMP commands at the command line to gather or verify information. Below are a couple extra tools provided by NET- SNMP that are extremely useful but are not part of the standard SNMP specifications. SNMP Translate snmptranslate is a tool in NET- SNMP used for converting OID between the symbolic name notation and the number notation. Snmptranslate will also allow the user to view and entire branch of an MIB. Example 7 Example 7 is a simple example and shows how the snmptranslate tool easily converts between the symbolic name notation and the number notation. prompt- - > snmptranslate - Onf.1.3.6.1.2.1.2.1.1.7.iso.org.dod.internet.mgmt.mib- 2.system.sysServices prompt- - >snmptranslate Ofe.iso.org.dod.internet.mgmt.mib- 2.system.sysServices.1.3.6.1.2.1.2.1.1.7 The follow shows how simple it is to convert an OID.
Example 8 snmptranslate will also produce down stream tree structures for a MIB. Example 8 will display the system branch of the MIBII MIB. prompt- - >snmptranslate Ofn.1.3.6.1.2.1.2.1.1.7 +- - system(1) +- - - R- - String sysdescr(1) Textual Convention: DisplayString Size: 0..255 +- - - R- - ObjID sysobjectid(2) +- - - R- - TimeTicks sysuptime(3) +- - - RW- String syscontact(4) Textual Convention: DisplayString Size: 0..255 +- - - RW- String sysname(5) Textual Convention: DisplayString Size: 0..255 +- - - RW- String syslocation(6) Textual Convention: DisplayString Size: 0..255 +- - - R- - INTEGER sysservices(7) Range: 0..127 +- - - R- - TimeTicks sysorlastchange(8) Textual Convention: TimeStamp +- - sysortable(9) +- - sysorentry(1) Index: sysorindex
+- - - - - - INTEGER sysorindex(1) Range: 1..2147483647 +- - - R- - ObjID sysorid(2) +- - - R- - String sysordescr(3) Textual Convention: DisplayString Size: 0..255 +- - - R- - TimeTicks sysoruptime(4) Textual Convention: TimeStamp GetTable NET- SNMP also has a gettable command. This command is used for getting tables defined in MIBs. The gettable command retrieves the requested table data and formats the information in an easy to read layout. Tables can provide a wealth of information. All the information gathered in the script displayed earlier plus much more could be retrieved by using the iftable. However a script allows for only gather needed data. Tables can be extremely valuable but there can be a cost for the information. Pulling tables from a network device can require the device to use large amounts of resources to fulfill the request. Gathering information from tables should be used sparingly. Table should NOT be polled on a regular bases for performance statistics. This can cause a network device to unnecessarily use valuable resources to fulfill these request often at the expense of transferring data. Conclusion The author of this document hopes that the content in this document has provided the reader with a good understanding of the benefits and some of the practical uses for an SNMP CLI. SNMP can become an invaluable tool for network administrators, however one should always use SNMP with caution. A user should always validate the polling of data, which will not have an adverse effect on the network. Additionally all security precautions should be exercised when using SNMP on a network to ensure unauthorized personnel or system to gain access to any network device.
Glossary SNMP: Simple Network Management Protocol OS: Operation System IOS: Internet Operation System OID: Object Identifier MIB: Management Information Base SMI: Structure of Management Information CLI: Command Line Interface RFC: Request For Comment