SNMP Explained | Simple Network Management Protocol | Cisco CCNA 200-301

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
Hey what's up guys welcome to CertBros. In  this video, we're going to be looking at SNMP. This is bill you might remember him from  such videos as syslog. Bill discovered syslog   servers can help correlate and manage  his log files. This got him thinking.   Maybe there are more tools that can help make  network monitoring easy. He then discovered SNMP.   Using SNMP, Bill can now actively monitor the  health of his network all from the comfort of his   own chair. If an interface goes down on one of his  routers, he's quickly alerted to the change and he   can leap into action. And it doesn't stop there  he can monitor the network bandwidth, CPU usage,   and even the temperature of his devices.  This is all possible with the SNMP protocol.   So let's take a step back. What is SNMP? SNMP  stands for Simple Network Management Protocol   it's a standardized protocol used to  collect and organize device information   on a network. It does this over UDP port  161. There are three versions of SNMP SNMPv1, which is the original version of SNMP.  SNMPv2c, this is the revised version which   introduced some enhancements, most notably the use  of community strings. You can think of a community   string like a password. SNMPv3, which is another  improvement adding authentication and encryption.   This version is much more secure than the previous  ones. In this video we will be covering the   concepts of SNMPv2c. Most of the concepts apply  to version 3 however version 3 adds further   complexity with authentication and encryption.  That can be covered in a whole nother video.   Ok, so to see how this works let's take this  router as an example. A device that is SNMP   enabled is known as an agent. An agent has  several objects that can be interacted with.   Some objects are part of an industry standard  and some will be vendor-specific for this device.   For example, this router will have objects  for the name, the uptime, the interfaces,   and the routing table to name just a few.  Each object is assigned an object identifier   or OID the OID is a sequence of numbers which  at first glance can look like an IP address.   This is used to identify the object. These  OIDs are stored in a file called a MIB   which stands for Management Information Base.  The mib itself follows a tree structure.   This is an example of the MIB  structure for the sysname object. As you can see each level has a number.  This is where the OID number comes from.   It tells the agent the exact  location of the object.   So that's the agent and the MIB,  but to interact with these objects   we need something called a Network Management  System or NMS. The NMS is a piece of software   that can communicate with the SNMP agent. There  are a few ways the NMS can speak to the agent.   The first way is by using get requests. Get  messages include Get, GetNext and GetBulk. They   are used to actively request information from the  agent. For example, our NMS may ask "what is your   name?" and it sends a get request. The agent  will then see this request for the name object   and it replies with "my name is r1" and  it sends a get response back to the NMS.   The second way we can talk to an agent is by  using set requests. The set request is used   to change the value of an object on the agent.  For example, our NMS might say "change your name   to r5" and it sends a set request. The agent  changes its name to r5 and sends a response back.   The last method I want to talk about is traps  and in forms. Agents use traps and informs to   actively communicate back to the NMS. These  are useful for monitoring critical events.   The agent can send a trap or an inform to  the NMS when an event occurs on the device.   For example, if an interface goes down the agent  can straight away tell the NMS software with a   trap or inform message. Traps and informs are  two different types of messages but they both   do the same thing. The difference is that  informs are reliable. An inform message will   wait for an acknowledgement from the NMS, if it  doesn't receive one it will resend the inform.   A trap on the other hand is sent and  then forgotten. Even though informs are   considered reliable they both still use UDP. So  now let's look at SNMP in action. Here is my PC   which is acting as our NMS. I also have  a connected router which will be our SNMP   agent. The first thing we need to do  is configure the router to accept SNMP   requests. So I'll go into global config by typing  configure terminal then I'll type snmp-server and we have several options here but the one we  want is community. The description says "enable   snmp set the community string and access  privilege". A community string is similar   to a password, if a request is received with the  correct community string the agent will reply.   So we need to type snmp-server community and then  we need to choose a text string, in this example   I'll just write CertBros. If i then type question  mark you can see we have an option for read-only   access and read write access. I'll type RO for  read-only access and press enter. But I also want   write access so i'll just press the up arrow  on the keyboard remove the RO and then type RW   for write access. The last thing I need to  do is configure an IP address on the router.   I'll type interface fastethernet 0/0 which  is the interface connected to this computer,   IP address 192.168.0.254 with  a subnet mask of 255.255.255.0 and then no shutdown to bring the interface  up. With the interface now up our router is   ready to receive SNMP requests. So I'll minimize  the router and i'm going to open this program   called managed engine mid browser. I'll open  it full screen to make it easier to see.   As you can see this is a very basic program. A MIB  browser lets us query the agent's MIB using SNMP.   Before doing that though we need to tell it  which device to query, so I'll add the router's   IP address which is 192.168.0.254. I'll then need  to add the community string we set so I'll write   certbros, we also need to enter this  in the write community string as well,   and we'll leave the default port of 161. On the  left side of the screen we have some pre-installed   MIBs these are standard SNMP MIBS but you can  add your own vendor-specific ones as well.   If we open up one of these MIBs you should  start to see the tree structure we saw earlier. I'm going to use the sysname object as an example.  If i right click on sysname I have the option to   send a get request or a set request. If I choose  get, a request will be sent to our router.   So the first one timed out which sometimes  happens, if I run it again you will see the   router responded to our request and gave us  the system name which in this case is R1.   Remember we can also change values using SNMP.  If I change the text in the value box at the top,   let's say we want to rename this router R5, I  then just need to right click on sysname again   but this time choose set. The router will respond  with its new name of R5, but just to be sure let's   send another get request. And yes, our router  is now named R5 we can even open the terminal, hit enter a few times and we will see the name  has changed. So that was a good introduction   to SNMP but to see the true benefits we  need to look at a monitoring application.   I have a program called PRTG network monitor,  this tool lets you monitor your network devices.   Now, this isn't a PRTG tutorial but i do want  to show you a few things so you get a good idea   of what SNMP can do and what is used for in  the real world. The first thing we need to do   is add our router. We go to  devices at the top of the screen   and click add device, we'll choose network  infrastructure as the group, click ok,   we need to choose a name because we  just renamed this router I'll type R5 then I'll add the IP address and if we scroll down we will see the options for  the SNMP credentials. The version v2c is already   selected and I'll change the community  string to certbros which we set earlier and then click ok. So now we've added our router   we can go to devices at the  top of the screen, select all,   and we can see our router has been added. If  we select it we can now see the router details.   But there's nothing here yet and that's because  we haven't told it what to monitor. To do this,   we need to add something called sensors. So we  need to click over here on the right, add sensor.   There are so many different sensors you can  add here but for this, I just want to choose   some very basic ones. The first one is system  uptime, so how long this router has been up for.   Hit the add button, there'll be some options,   then click create now. We can see the sensor  has been added. Let's add a couple more. The next thing I want to monitor is the  traffic. I'll click to add the sensor,   and on this we have a few more options. You  can see here it's already found the interfaces,   we just need to choose which ones to monitor.  Let's choose all of them and maybe I also want   to monitor the errors in and the errors out  so i'll select that as well. Click create and the sensor for each interface is added.   I'm going to add one more sensor, this time  I want to monitor the health of this device.   Now because there are so many health options,  it took me a minute to see the one I wanted!   I'll speed this bit up a  bit and spare you the pain. once I finally find the sensor I'm looking  for I click add. This sensor lets us monitor   several different hardware components I'll  just choose CPU and memory and click create. Now I have all of my sensors added. It will  take a few minutes to gather information,   in the meantime, I'm going to start a constant  ping to the router and try and generate some   traffic. I'll open PowerShell and type ping  192.168.0.254 space -t and I'll let this run   for a few minutes. Ok so now this ping has been  running for about five minutes, we should now   have a bit of traffic data. If we go back to  PRTG click on the interface we've been pinging we can now see some data. We can see traffic in,  traffic out, and if there have been any errors.   We can also see a live graph of the data received,   this would be great for looking at say traffic  spikes. This is just one example but you can do   a lot with these monitors. You can set warnings  and alerts and even email and SMS notifications.   Hopefully, this has demonstrated the  benefit of using a centralized SNMP server.   This video is part of our full CCNA course  which can be found in the description. So please   feel free to go and check that out. If you like  this video don't forget to give it a thumbs up,   leave a comment, and subscribe.  The support from you guys   really does help this channel grow.  Other than that thank you for watching.
Info
Channel: CertBros
Views: 49,183
Rating: 4.9774013 out of 5
Keywords: SNMP Explained, What is SNMP, How does SNMP work, SNMP, simple network management protocol, simple network management protocol (snmp), snmp versions, network monitoring, snmp traps, oid, mib, traps, port 161, community string, how snmp works, informs, how to monitor snmp, ccna 200-301, ccna training, cisco, cisco ccna, cisco networking, computer networking, computer networking course, networking, networking tutorial
Id: Lq7j-QipNrI
Channel Id: undefined
Length: 15min 15sec (915 seconds)
Published: Tue Nov 17 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.