Michael W Lucas - SNMP Mastery

SNMP Mastery

Michael W Lucas

SNMP Mastery

Copyright 2020 by Michael W Lucas (https://mwl.io).

All rights reserved.

Author: Michael W Lucas

Copyediting: Amanda Robinson

Cover art: Eddie Sharam

ISBN (paperback): 978-1-64235-037-1

ISBN (hardcover): 978-1-64235-036-4

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including but not limited to photocopying, recording, transcoding into nightgaunt DNA, or by any information storage or retrieval system, without the prior written permission of the copyright holder and the publisher. For information on book distribution, translations, or other rights, please contact Tilted Windmill Press (accounts@tiltedwindmillpress.com).

The information in this book is provided on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor Tilted Windmill Press shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.

Tilted Windmill Press

https://www.tiltedwindmillpress.com

Sign up for Michael W Lucas mailing list.

https://mwl.io

More Tech Books from Michael W Lucas

Absolute BSD

Absolute OpenBSD (1st and 2nd edition)

Cisco Routers for the Desperate (1st and 2nd edition)

PGP and GPG

Absolute FreeBSD (2nd and 3rd edition)

Network Flow Analysis

the IT Mastery Series

SSH Mastery (1st and 2nd edition)

DNSSEC Mastery

Sudo Mastery (1st and 2nd edition)

FreeBSD Mastery: Storage Essentials

Networking for Systems Administrators

Tarsnap Mastery

FreeBSD Mastery: ZFS

FreeBSD Mastery: Specialty Filesystems

FreeBSD Mastery: Advanced ZFS

PAM Mastery

Relayd and Httpd Mastery

Ed Mastery

FreeBSD Mastery: Jails

Novels (as Michael Warren Lucas)

Immortal Clay

Kipuka Blues

Butterfly Stomp Waltz

Terrapin Sky Tango

Hydrogen Sleets

git commit murder

Writing a book on SNMP feels like reconstructing a culture five millennia gone. All you can do is scavenge and rebuild all the busted-up bits of clay tablets it left behind. Its possible, but deciphering cuneiform that varies by region and century will give you such a headache. The reasons for many design decisions are lost in thirty-year-old unindexed mailing lists, and many of the perpetrators have passed. Additionally, everybodys experience with SNMP differs, and everyone has implemented SNMP slightly differently.

This means my technical reviewers were more important than in any other book Ive written. I sincerely thank James Allen, Tim Enders, Ilya Etingof, John-Mark Gurney, Pieter Hollants, Joni Julian, Johannes Kastl, John Liggett, JP Mens, Florian Obser, Mike OConnor, Shawn OShea, Gavin Rebeiro, Neil Roza, and Adam Thompson for providing the breadth of experience with this most pervasive and perplexing of protocols. I must especially thank Martijn van Duren, for helping me understand SNMP to a degree that cant possibly be healthy.

Why would I write a book on SNMP? Well, Kurt Mosiejczuk says, Really, I blame myself. To which all I can say is:

Good. He should. I certainly do.

The Simple Network Management Protocol, SNMP, seemed like a great idea at the time. Computer vendors needed a straightforward protocol that allowed devices to communicate management information to one another. System managers should be able to sit at a central console and command their entire fleet: start that process, close that interface, kick that user off the system, acknowledge that error, dispatch that intern for coffee, blackhole that spammer, and so on. Such a protocol should be both straightforward and highly structured. Everyone came to an agreement on the requirements and how the protocol should work, and thus was spawned SNMP.

Then the real world got involved, with predictably disastrous results.

Some developers and organizations went all-in on SNMP, determined that their product should be a first-class network citizen. Others added bare-bones SNMP as an afterthought, or only in response to customer demand. Equipment evolved in ways that SNMPs creators didnt anticipate, and vendor engineering teams either thoughtfully stretched the standard to fit reality or slapped something together and went for a drink.

Thirty-odd years later, SNMPs simplicity has suffered indignities best not discussed in polite company. Some folks have attempted to create more modern network management protocols, but those efforts offered no real improvement over SNMP, havent achieved wide adoption, or both. Some vendors have implemented proprietary protocols, which work tremendously well so long as you use only that vendors equipment.

SNMP takes a lot of heat for complexity. It has simple right in the name, but produces all these long streams of numbers and weird abbreviations? Please! The protocol underlying SNMP itself is not at all complex, but it blatantly exposes our digital infrastructures ever-swelling complexity. Additionally, some organizations implemented SNMP software and libraries so poorly and insecurely that theyve soiled the protocols reputation.

Were left with a protocol thats incredibly powerful and flexible, but bears all the scars of its history. SNMP lets you invoke ancient standards from the void. It grants you incredible system-changing power, and can destroy everything youve worked for. SNMP exposes the secrets of your servers, andif youre thoughtlessreconfigures them into unspeakable nightmares. Its like something out of an H. P. Lovecraft tale, without the rampant xenophobia but with all the alien system topologies. Just call this book The Networknomicon.

SNMP is network duct tape. It works on both servers and network hardware alike. It works on Unix and Linux and Windows . While TCP /IP and UDP are the common protocols, vendors of old implemented support for IPX and AppleTalk and CLNS and whatever protocol made sense for their equipment. SNMP runs on otherwise wildly incompatible devices that no rational person would consider interconnecting, which is good because most medium-to-large networks contain a distressingly large number of devices that no rational person would consider interconnecting. Like SNMP itself, installing every one of them made sense at the time.

SNMP doesnt produce pretty graphs or reports. It generates data that you feed to other tools that generate pretty graphs and nicely formatted reports. Some tools hide their SNMP underpinnings behind friendly interfaces. But when the pretty GUI doesnt have the feature you want or flat-out fails, you must dig into the protocol underneath.

Basic SNMP gives you unprecedented ability to extract data from hosts. Mastering SNMP lets you issue commands to remote hosts. Its not that SNMP is the be-all and end-all of systems and network management, but SNMP can offer solutions when nothing else works.

SNMP uses the standard client-server model, but its a little different from management protocols like Secure Shell (SSH ). An individual SNMP query can be sent and answered before an SSH session finishes negotiating connection parameters.

An SNMP manager is the client software that issues SNMP requests. Its called a manager because its expected to extract management information from devices and issue commands to them.

An SNMP agent is the server running on a device such as a router, server, or workstation. An agent is a little more dynamic than most server software; its expected to be able to interrogate the local system and provide information to the manager , and it might even reconfigure the host if its configured properly. A human agent performs work for you, supposedly according to your wishes. An SNMP agent also labors at your command, but on a remote hostand theoretically adheres more closely to your desires than any human agent.