Simple Network Management Protocol, or SNMP in short, is a framework used to manage a wide range of devices on the Internet. Typically, it monitors these devices and detects any problems or network faults in them.
This Internet Standard protocol works on the Application layer of the OSI model and gathers details from applications that support SNMP.
This information gathered by SNMP devices is used by different software to assess the health and performance of each device, and changes or fixes are done as needed. Sometimes, these SNMP devices can also be used to configure remote devices.
SNMP Components
SNMP gathers the required details from every device due to the presence of three components, namely:
- SNMP Manager – Also known as the Network Management System (NMS), a centralized system that monitors the network. This is often installed on a single device.
- SNMP agent – This component is a software module installed on the device that needs to be monitored like switches, routers, PCs, workstations, etc.
- Management Information Database – This is the repository of object instances, one for each device connected to the network.
Working of SNMP
SNMP communicates through the User Datagram Protocol (UDP), mainly on UDP port 161. It all starts when the NMS sends a request via port 161 to the agent, and the response is sent back to NMS on port 162. This information is accordingly stored in the MIB.
In every transmission, a single piece of information is sent from one device to another, called the Protocol Data Unit (PDU). There are a total of eight PDUs that SNMP uses. Five of these are available on SNMP1. Two more were added to SNMP2, and one more in SNMP3 respectively.
These PDUs are as follows:
- GetRequest – A message from the NMS to the agent to get the value of a particular variable.
- SetRequest – A message from the NMS to the agent to set a value to a variable.
- GetNextRequest – A message from the NMS to the agent to get the value of all variables. It is similar to running through the MIB starting from Object ID (OID) 0, but one value is returned for every request.
- GetBulkRequest – This is an optimized use of the GetNextRequest where all the values and their bindings of a variable are returned.
- Response – An acknowledgment from the agent to the NMS for every command sent.
- Trap – A message sent asynchronously from the agent to the manager without being explicitly asked for it.
- InformRequest – Since SNMP uses UDP where there is a possibility for dropped packets, InformRequest acts as an acknowledgment.
- ReportPDU – This PDU is mainly used to determine a problem and its cause.
Now that you have a grasp of the SNMP basics let’s dive into what SNMPwalk is.
What is SNMPwalk?
SNMPwalk is a process to collect information from your SNMP-enabled devices automatically. It allows you to see all the OID parameters of your MIB database and set rules against each of them.
SNMPwalk aims to set up a library of MIBs, so there is a defined workflow to SNMP.
To understand this, let’s go back to our MIB. As mentioned earlier, it is a file or a repository that informs the NMS of the information that an agent can send or receive from each device. Accordingly, the NMS can be programmed to act in a certain way for each event.
For example, if it gets a trap message from a device, it immediately looks up the MIB to know if it can send a SET value to that device and acts accordingly. This sequence can be programmed, but it requires a library of SNMP MIBs.
Further, the SNMPwalk can be used to ensure a stream of communication between the agents and NMS to reduce the possibility of unexpected shutdowns and device failures. In some ways, it also tests the effectiveness of each response by empowering you with the required information from SNMP-related queries.
So, you might wonder why it’s called a “walk”? It is likely to signify that you walk through every situation and condition in your network with a test of different parameters to enable the devices and eventually the applications and network to run smoothly.
Here is a practical scenario of how SNMPwalk can help:
Let’s say you have an SNMP-enabled server, and the temperature is high. So, the SNMP agent sends a trap message. Your SNMPwalk is programmed to send a GET message for this trap message, and the NMS sends that to the agent.
The response for the GET looks terrible, so as per the SNMPwalk, the NMS now sends a SET message to the agent. This back and forth communication is possible only because the SNMPwalk leads through the Management Information Database.
It is also popularly used to replace multiple GetNext commands, thereby saving some time and effort. However, note that this SNMPwalk command should be on the root node to ensure that the value loops through all the nodes in the sub-tree.
Thus, this is how a SNMPwalk works, and it can significantly bring down the efforts needed for monitoring and maintaining devices.
Examples of SNMPwalk for Windows
Moving on, let’s look at some SNMPwalk for Windows.
Installing SNMPwalk
First off, we’ll talk about installing SNMPwalk, and in Windows, this is a relatively straightforward process.
Start by downloading the SNMP tool and following extract its contents from the archive. Next, look for the snmpwalk.exe and run it on Command Prompt. You can also open Command Prompt and drag and drop the snmpwalk.exe file to it.
This will install SNMPwalk in your Windows.
SNMPwalk commands
After installation, you are all set to start using these commands.
While there are many parameters, the most straightforward SNMPwalk command is,
snmpwalk -v 2c -c public -On 192.1.1.0
In this command, -v stands for version, and you’re specifying the system to use SNMP v2 while -c is the community string that can take the “public” or “private” value. Finally, mention the IP address or the local host you want to poll.
This command will list all the existing OIDs on the network, and you can run through this list to find the OID you want. Once you identify that value, all that you have to do is run diagnostics on it.
The command will be like this.
snmpwalk -v 2c -c public -On 192.1.1.0 -iso.1.3.2.4.5.6.0.1
This command will fetch the details associated with a device that has the above OID.
There are many variations to this command. You can replace the IP address with the ID of the MIB if that works better for you.
snmpwalk -c public -v1 192.1.2.0 MIB [MIB name]
If your connection were successful, you would get the information you want. On the other hand, if the link was unsuccessful, you will see a timeout message like this:
Timeout: No response from 192.1.1.0
You can get this message if a firewall blocks the requests or even if the network is latent.
Many other parameters come with SNMPwalk, and the best way is to run a-h to get the list on your Command Prompt. Then, from the list, you can choose the commands you want.
SNMPwalk on Linux
Next, let’s see how to use SNMPwalk on Linux.
To install it on Linux, use the following command.
Yum install net -snmp -utils
Though this command works on Fedora and Red Hat, it may differ on different versions and editions.
Once you install, the generic format of the command will be,
snmpwalk [APPLICATION] [COMMON] [OID]
An example is,
snmpwalk -Os -c public -v 2c rome system
This command will retrieve all the values under this system.
Some of the other parameters that can be used are:
-cc | Will does not check whether the returned OIDs are increasing or not |
-ce {OID} | Will end the walk with the specified OID |
-ci | Will include the given range in its search |
-cp | Will print the number of variables |
Ct | Will print the time it took to collect the data |
Thus, these are some examples of how you can use snmpwalk on Linux.
Conclusion
In all, snmpwalk replaces a string of GetNext SNMP commands, and besides saving time and effort, it also helps you find just what you want. It works well on both Windows and Linux, though minor variations in the command’s syntax.
We hope this was useful for you to monitor the health and performance of devices in your network.
SNMPwalk FAQs
How does SNMPWalk work?
SNMPWalk works by sending SNMP requests to a network device and then displaying the response values in a hierarchical format.
What are some common uses of SNMPWalk?
SNMPWalk is commonly used for troubleshooting and debugging network devices, and for monitoring network performance and availability.
What types of network devices can be queried using SNMPWalk?
SNMPWalk can be used to query various types of network devices, including routers, switches, servers, and printers.
What types of information can be retrieved using SNMPWalk?
Information that can be retrieved using SNMPWalk includes device configuration settings, system and network performance metrics, and device status and availability.
How can I use SNMPWalk to retrieve information from a network device?
To use SNMPWalk to retrieve information from a network device, you must specify the device's IP address or hostname, and the SNMP community string or password.
What is an SNMP community string?
An SNMP community string is a string of characters that is used as a password to authenticate SNMP requests and responses between a network device and an SNMP manager.
What are some common alternatives to SNMPWalk?
Common alternatives to SNMPWalk include SNMPGet, SNMPSet, and SNMPTrap.
What are some best practices for using SNMPWalk?
Best practices for using SNMPWalk include ensuring that the correct SNMP community string or password is used, specifying the correct OID (Object Identifier) for the desired SNMP variable, and using the correct version of SNMP (SNMPv1, SNMPv2c, or SNMPv3).
How can I troubleshoot SNMPWalk issues?
Common issues that can be encountered when using SNMPWalk include incorrect community strings, incorrect OIDs, and network connectivity issues. Troubleshooting steps include verifying the community string, verifying the OID, and testing network connectivity using other tools such as ping or traceroute.