Simple Network Management Protocol
SNMP is widely used to gather information from network nodes. SNMP is
an application layer protocol that runs on top of TCP/IP, typically on UDP
port 161. SNMP is most often used in read-only mode, in which information
is read from the node, but no changes can be made. SNMP also supports
read-write mode, which allows changes to be made to the node’s configuration.
SNMP information can be read passively or sent based on triggered
events. When used passively, a network management host reads the SNMP
Management Information Bases (MIB) on the router to gather information
on a periodic basis. The router can also send event-triggered SNMP traps to
a network management host when a particular event occurs.
SNMP exists in Versions 1, 2, and 3. SNMPv1 and SNMPv2 lack strong
security mechanisms. Read-only or read-write access is controlled via a
community string, which is sent across the network in clear text. Using
SNMP read-write with clear text community strings is particularly dangerous.
SNMPv3 supports strong security by enabling the use of MD5 or SHA
hashed authentication and DES encryption with SNMP messages.
Example 5-9 shows a basic SNMPv3 configuration allowing a management
host to read MIBs on the router.
Example 5-9 Configuring SNMPv3
R2(config)#snmp-server group SNMP_GROUP v3 auth
R2(config)#snmp-server user SNMP_USER SNMP_GROUP v3 auth md5
my_password