Talking Shop: Let SNMP do the walking

If you’re going to pass Win2K exams, particularly the Windows 2000 Server test, you’d best get up-to-speed on the use of the Simple Network Management Protocol service. Yes, even though it’s a protocol, this 32-bit troubleshooting and monitoring utility runs as a service on Win2K networks. And what’s nice is it can help you troubleshoot hardware and software issues remotely.
Receive Paperchase Digest in your e-mail box every Friday to make sure you catch all the columns, as well as timely tips and reviews not found on the site! It’s easy, and it’s free. Just go to the TechMails page and sign up for Erik Eckel’s Paperchase Digest to ensure you keep up-to-date on the latest certification tips, shortcuts, news, and more!
What’s it do?
SNMP permits the collection of hardware and software configuration information in a centralized database. This allows network administrators to monitor the performance of devices throughout the enterprise from their desktop or server room. They can even configure remote systems if the node has read/write access set.

SNMP possesses auditing capabilities and the ability to detect and locate network failures. Improper access attempts can also be “trapped” and forwarded to an administrator.
This is the third of three articles on Win2K’s monitoring and troubleshooting utilities. Be sure to check out these two articles if you missed them:
How’s it work?
The SNMP service uses three components:
  • A centralized host running network management software
  • SNMP agents
  • A management database

The centralized host is known as a network management station (NMS). You’re likely to hear some folks call it an SNMP manager.

Network nodes and systems can be SNMP agents. For example, SNMP agents can be servers, routers, desktops, hubs, or other compatible devices.

The database is known as the Management Information Base (MIB). It collects objects, with each collection gathering specific data, such as packet traffic on a single NIC. The MIB must store the statistical and performance information needed by the NMS.

An NMS works with MIBs to track activity on remote systems, or SNMP agents.

Much information can be gleaned from the nodes using the SNMP service, including device errors and software and hardware configuration information. You can also use SNMP to track the following:
  • Protocols
  • Device performance
  • Event messages
  • Application performance

How do I install it?
You can install SNMP by selecting Simple Network Management Protocol from Management And Monitoring Tools when installing Windows 2000 or by choosing Start | Settings | Control Panel | Add/Remove Windows Programs. Once you’ve installed SNMP, it can be accessed either from Start | Programs | Administrative Tools | Services or by adding the Services snap-in to a Microsoft Management Console.

It’s important to note that while Windows 2000’s SNMP service includes an SNMP agent, it does not include SNMP management software. Instead, just as with disk duplication, Redmond leaves a role to a third-party provider.

How do I configure it?
From within Services, you can right-click SNMP and select Properties. Seven tabs will appear.

When you right-click SNMP and select Properties, you’ll see seven tabs: General, Log On, Recovery, Dependencies, Agent, Traps, and Security.

The Log On tab enables you to set logon parameters.

You can set recovery specifications for first and subsequent failures on the Recovery tab.

The Dependencies tab lets you track critical services required for SNMP operation.

On the Agent tab, you specify a name, system location, and the network services an Internet Management System may request.

Community names (which are used to group SNMP hosts for administration purposes) are required if traps are to be set.

The Security tab controls several trap settings.

If a request is received that doesn’t possess a valid community name, or if the host sending a message is not an acceptable host member, the agent can be configured to send an authentication trap, or alert, to the destinations specified.

In order to work, the SNMP service must have a community name specified. Accepted community names are selected from the Security tab, as are permissions.

Administrators must also specify whether SNMP traffic is to be accepted from any host, or only from a list of specified hosts. The accepted hosts are set using the Security tab, too.

SNMP message types
The SNMP service uses UDP port 161 to listen for SNMP messages, while port 162 is used to listen for traps. Several message types are used, and you should be familiar with each. They are:
  • Get—Used to request information regarding a single MIB object.
  • Get-Next—Used to search a hierarchy of MIB objects.
  • Set—Used to send and assign updated MIB values.
  • Get-Bulk—Used to minimize protocol exchanges by requesting that transferred data be as large as possible.
  • Notify—Used for trap messages by SNMP agents to notify the host of an alert.

By becoming familiar with SNMP’s role in monitoring and troubleshooting Win2K networks, you’re much more likely to have a positive exam experience. But make sure you don’t wait too long to get up to speed. I recommend working with SNMP on a test network, at least, to familiarize yourself with its configuration and uses.

If you have further questions, you can find more information on Windows 2000’s SNMP service here.

Erik Eckel MCP+I, MCSE is editor in chief of TechRepublic’s IT communities. He’s previously held positions as a high-speed IP access product manager and a communications representative for nationwide long-distance, data networking, and Internet services providers.

If you'd like to share your opinion, please post a comment below or send the editor an e-mail.

Editor's Picks

Free Newsletters, In your Inbox