Intro to SNMP
The Simple Network Management Protocol (SNMP) is an Internet Standard used to request information from a device like a router, switch, or server, about the status of its resources, such as CPU, memory, and network interfaces. The type of information that can be obtained from a specific network device varies based on vendor and model. Each vendor publishes a set of management information base (MIB) files that describe what parameters can be queried from a specific device. The MIB files are then imported into the NMS to collect information and monitor such devices.
cbgpRouteTable OBJECT-TYPE
SYNTAX SEQUENCE OF CbgpRouteEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information about routes to
destination networks from all BGP4 peers. Since
BGP4 can carry routes for multiple Network Layer
protocols, this table has the Address Family
Identifier(AFI) of the Network Layer protocol as the
first index. Further for a given AFI, routes carried
by BGP4 are distinguished based on Subsequent Address
Family Identifiers(SAFI). Hence that is used as the
second index. Conceptually there is a separate Loc-RIB
maintained by the BGP speaker for each combination of
AFI and SAFI supported by it."
REFERENCE
"RFC-1771: A Border Gateway Protocol 4 (BGP-4),
RFC-2858: Multiprotocol Extensions for BGP-4,
RFC-2547: BGP/MPLS VPNs"
::= { cbgpRoute 1 }Example of SNMP MIB: here is the snippet of the CISCO-BGP4-MIB.my for the Cisco ISR 1000 router.
SNMP Architecture
The protocol relies on a software agent that runs on each monitored device and replies to queries from a network management server (NMS). The NMS, also called SNMP poller, periodically requests each device utilization values of its resources to get a status update and verify that it’s working properly. If the value of one or more resources reported by the agent exceed a threshold set by the administrator, the server will generate an alert for the network administrator. An SNMP agent uses port UDP 161 to receive requests from a poller. SNMP can also be used to apply configuration changes to devices and, if needed, to send notifications, called traps, to an SNMP trap receiver when an event that requires administrative attention happens on the device itself. An SNMP trap could be generated if, for example, the network interface of a router goes down or if a BGP neighbor becomes unreachable. By default, SNMP traps are sent via UDP to port 162.
SNMP limits and NetBeez
Network monitoring tools based on SNMP are needed to detect unavailability and performance degradation issues of network devices that could negatively affect the status and performance of network services. Knowing the status of network devices is necessary, but not sufficient to assure availability and performance of network services offered to the users. SNMP monitoring tools can tell you if a router or switch is working, but can’t tell you if users are having connectivity or quality performance to web and cloud applications. For this reason, an SNMP poller and trap receiver should be complemented by a set of dedicated sensors that perform active tests against applications like DNS servers, web servers, and cloud applications. These tests are used to verify that users are having a good experience with the network and application. This is the goal of NetBeez. NetBeez relies on hardware (Ethernet and WiFi) and software sensors that are configured to continuously perform tests like ICMP, DNS, HTTP, and Traceroute. These tests can detect end-user experience issues derived by network and application degradation like packet loss, increased network latency, increased DNS and HTTP response time.
Test | Type of Information |
PING | Round-trip-time, packet loss, host unreacheable |
DNS | DNS query time, DNS failure rate, DNS service down |
HTTP | GET time, GET failure rate, web server unavailable and other HTTP error codes |
Speedtest | Download speed, upload speed |
Iperf | TCP/UDP throughput, packet loss, jitter |
Network Monitoring Sensors Location
An important factor of active monitoring tools like NetBeez is the location of the sensors. When implementing this monitoring solution, you should have enough observation points to get a complete view of the network. Each network location where there are users (e.g. offices) or applications (e.g. data centers), should include one or more sensors. To deploy sensors in a Wide Area Network (WAN), you can use single-board computers like the Raspberry Pi, the Utilite, or the Upboard. These platforms are also useful to monitor wireless networks, which are intrinsically more challenging to monitor and support than wired networks. On the other side, if you need to monitor a set of applications in a data center, the monitoring sensors can be provisioned as virtual appliances or software containers.
Network Type | Sensor Options |
Remote office location | Single-board computer, virtual appliance, dedicated workstation with software package, Cisco ISR virtual service, … |
Data center or cloud | OVA, KVM, AMI, … |
WiFi | Single-board computer with WiFi card |
I hope this article helps in explaining the utility of SNMP and how it differs from active monitoring solutions like NetBeez. If you want to learn more about SNMP, you can start with the this SNMP Wikipedia article. As for NetBeez, you can test it yourself by requesting a free account or scheduling a demo for a customized product tour.
