What Is SNMP? A Complete Guide to Versions, Architecture, and Operations

Overview of SNMP

Simple Network Management Protocol (SNMP) is a standard protocol for managing network devices across different vendors. It provides a unified interface that simplifies management of heterogeneous equipment.

SNMP Versions

There are three versions: SNMPv1, SNMPv2c, and SNMPv3.

SNMPv1 : earliest version, uses community‑string authentication, limited security and error reporting.

SNMPv2c : adds GetBulk and Inform operations, more error codes and data types such as Counter64.

SNMPv3 : enhances security with USM authentication/encryption and VACM access control; operations are the same as SNMPv2c.

SNMP System Architecture

The system consists of four parts: Network Management System (NMS), SNMP Agent, Managed Objects, and the Management Information Base (MIB).

NMS runs on a server and initiates requests to agents, receives responses, and processes traps.

SNMP Agent resides on each managed device, maintains the device’s MIB and replies to NMS queries.

Managed Object is any configurable element of a device, represented in the MIB.

MIB is a hierarchical database that defines object names, types, access rights, and OIDs. The OID tree uniquely identifies each object (e.g., system OID 1.3.6.1.2.1.1).

SNMP Operations

Query Operations

Three query types are defined: Get, GetNext, and GetBulk. SNMPv1 does not support GetBulk.

Get : retrieves one or more specific variables.

GetNext : retrieves the next variable in the MIB tree.

GetBulk : performs multiple GetNext operations in a single request.

Typical query flow: NMS sends a Get request with community string and OID; the agent authenticates, reads the MIB, and returns the value.

Set Operation

Set allows NMS to modify one or more MIB variables on a device. The process is similar to Get, but the PDU type is Set and includes the new values.

Trap and Inform

Traps are unsolicited notifications sent by an agent to NMS when an event occurs. Inform is similar but requires acknowledgment from NMS.

Trap: one‑way notification.

Inform: NMS must reply with InformResponse; otherwise the agent retries.

SNMP Message Format

All SNMP messages are UDP packets. Default ports are 161 for manager‑to‑agent traffic (Get/Set) and 162 for agent‑to‑manager notifications (Trap/Inform).

Message fields include version, community (or security parameters for v3), request ID, error status, error index, and variable bindings. SNMPv3 adds MsgID, MaxSize, Flags, SecurityModel, SecurityParameters, ContextEngineID, and ContextName.

Security Levels in SNMPv3

Three security levels are defined by the combination of authentication (authFlag) and privacy (privFlag): noAuthNoPriv, authNoPriv, and authPriv. Users and groups must be configured consistently.