Version: July, 2006

This is a snapshot of an on-line document. Paper copies are valid only on the day they are printed. Please refer to the author if you are in any doubt about the currency of this document. While every effort has been taken to verify the accuracy of this information, neither INFRAX incorporated nor the author of this publication can accept any responsibility or liability for errors, omissions, or damages resulting from the use of the information herein. The current electronic of the document will be found at : www.INFRAX.com/Publications

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Version : July, 2006 Version: July, 2006

This document was created on 9 April 2001 and is based on the best information available at revision time. The copyright in this work belong to INFRAX Incorporated. Please direct permission questions to [email protected] and content feedback to the author: [email protected]. Products or corporate names may be trademarks or registered trademarks of other companies and are used only for the explanation and to the owners benefit, without intent to infringe. Reproduction Guideline You may print this document and distribute it electronically. If you quote or reference this document, you must appropriately attribute the contents and authorship. You may not alter this document in any way nor charge for it. About the Author Benot H. Dicaire is the founder and Information Security Strategist for INFRAX. With nearly two decades of experience providing key strategies and technology solutions for managing information security risks, Dicaire now focuses his work on Security Posture Assessment and Enterprise Architecture for organizations in Canada and around the world. A trusted advisor, Dicaire is frequently consulted by leaders of private and government organizations. About INFRAX INFRAX is an independent Information Security consulting firm dedicated to providing our clients with top-level security solutions, advice and protection. Furthermore, unbiased in-depth INFRAXstructure analysis helps organizations make smarter enterprise architecture decisions adapted to todays increasingly complex environments.

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference

Variable Bindings

PDU Type

Entreprise

Agent Address

Generic Trap Type

Specific Trap Type

Object 1 : Value 1

Object 2: Value 2

...

SNMP Message Trap PDU Version Community GetRequest, GetNextRequest, GetResponse or SetRequest PDU SNMP Message

PDU Type

Request ID

Error Status

Error Index

Object 1 : Value 1

Object 2: Value 2

...

Variable Bindings

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 3 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference

Field
Enterprise: Agent Address: Generic Trap Type:

Description
SNMP sysObject ID. IP address of SNMP Agent. Specifies the message type. Values are: 0 = coldStart 1 = warmStart 2 = linkDown 3 = linkUp 4 = AuthenticationFailure 5 = egpNeighborLoss 6 = enterpriseSpecific Trap code.

Field
Version: Community: PDU Type:

Description
Protocol version. Community name. Specifies the PDU being transmitted: 0 = GetRequest 1 = GetNextRequest 2 = GetResponse 3 = SetResponse 4 = Trap

Specific Trap Type: Timestamp:

Current value of that Agent's sysUpTime object.

Variable Bindings: Pairing of object name and value.

Field
Request ID: Error Status:

Description
Used to correlate the Request and Response. Exception condition for the request. Values are: 0 = noError 1 = tooBig 2 = noSuchName 3 = badValue 4 = readOnly 5 = genErr Pointer to Variable Binding that caused the error. Pairing of object name value.

Error Index: Variable Bindings:

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 4 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference

RFC
1155 1157 1212 1213 1214 1215 1270 1303 1418 1419 1420 1493

Subject
Structure of Management Information Simple Network Management Protocol (SNMP) Concise MIB Definitions Management Information Base (MIB-II) OSI Internet Management MIB Convention for Defining Traps SNMP Communications Services Convention for Describing SNMP Agents SNMP over OSI SNMP over Apple Talk SNMP over IPX Managed Objects for Bridges

RFC
1512 1559 1643 1694 1695 1748 1757 1850 1901 2021 2115 2271

Subject
FDDI MIB DECnet Phase IV MIB Extensions Managed Objects for Ethernet Managed Objects for the SMDS SIP Interface ATM MIB IEEE 802.5 Token Ring MIB Remote Network Monitoring (RMON) MIB OSPF Version 2 MIB Community-based SNMPv2 RMON2 MIB Frame Relay DTE MIB SNMPv3

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 5 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference
SNMPv2 Message Version Community SNMPv2 PDU

PDU Type

Request ID

Error Status or Non-Repr

Error Index or Max-Reps

Object 1, Value 1

Object 2, Value 2 Variable Bindings

Error Status: Exception Condition for the request 0 = noError 1 = tooBig 2 = noSuchName 3 = badValue 4 = readOnly 5 = genErr 6 = noAccess 7 = wrongType 8 = wrongLength 9 = wrongEncoding 10 = wrongValue 11 = noCreation 12 = inconsistentValue 13 = resourceUnavailable 14 = commitFailed 15 = undoFailed 16 = authorizationError* 17 = notWritable 18 = inconsistentName

Version: Community: PDU Type:

Protocol version (SNMPv2 = 1). Community name. Specifies the PDU being transmitted: 0 = GetRequest 1 = GetNextRequest 2 = Response 3 = SetRequest 4 = obsolete 5 = GetBulkRequest 6 = InformRequest 7 = SNMPv2-Trap 8 = Report Used to correlate the Request and Response. Pointer to the Variable Binding in error.

Request ID: Error Index:

Non-Repeaters: Max-Repetitions: Variable Bindings:

How many of the requested variables will not be processed repeatedly, e.g. single instances of variables. Used in GetBulkRequests only. Maximum number of repeated executions to retrieve specific variables. Used in GetBulkRequest only. Pairing of object name and value.

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 6 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference
SNMPv2 PDU Agent Generate Receice GetRequest x GetNextRequest x Response x SetRequest x GetBulkRequest x InformRequest SNMPv2-Trap x Manager Generate Receive x x x x x x x x x

Reference Documents
RFC
1901 1902 1903

Subject
Introduction to Community-based SNMPv2 SMI for SNMPv2 Textual Conventions for SNMPv2 Conformance Statements for SNMPv2 Protocol Operation for SNMPv2 Transport Mapping for SNMPv2 MIB for SNMPv2 SNMPv1 and SNMPv2 Coexitence Administrative Infrastructure for SNMPv2 User-based Security Model

When errors occur in the processing of SNMPv2 PDUs, the SNMPv2 entity prepares a Response PDU with the Error Status field set to indicate the error. Possible errors include:

1904 1905

SNMPv2 Error noError tooBig noSuchName(b) badValue(b) readOnly(b) genErr noAcces wrongType wrongLength wrongEncoding wrongValue noCreation inconsistentValue resourceUnavailable commitFailed undoFailed authorizationError notWritable inconsistentName

Get x x

GetNext x x

GetBulk x

Set x x

Inform x x

1906 1907 1908 1909

x(a)

x(a)

x(a)

x x x x x x x x x x x x(a) x x

1910

x(a)

Notes: (a) Unused with SNMPv2, per RFC 1901. (b) Never generated by a SNMPv2 entity (proxy compatibility only), per RFC 1905.

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 7 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference

Msg Version

Header Data

Msg Security Parameters

Scoped PDU Data

Msg ID

Msg Max Size

Msg Flags

Msg Security Model

Context Engine ID

Context Name or Encrypted PDU

Data

Scoped PDU (plaintext)

Encrypted PDU (cyphertext)

msgVersion: msgID:

Identifies the message as an SNMPv3 message when msgVersion = 3. Used to coordinate request and response messages between the manager and the agent. The msgID in a response must be the same as the msgID in a request.

msgMaxSize: conveys the maximum message size that the sender can accept. msgFlags: bit fields which control processing of the message: Field .... ...1 .... ..1. .... .1.. .... ..00 .... ..01 .... ..10 .... ..11 Meaning authFlag privFlag reportableFlag is OK, means noAuthNoPriv is OK, means authNoPriv reserved, must NOT be used is OK, means authPriv

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 8 / 9

SNMP v1, v2, and v3 Protocol Reference SNMP v1, v2, and v3 Protocol Reference

SNMPv3 Message Format-suite

msgSecurity Model: identifies the Security Model used for the message generation and reception. used for communication between the Security Model modules. either a plaintext scoped PDU, or a cyphertext encrypted PDU. identifies an administratively-unique context and PDU. determines the context to process this PDU, such as the correct application. identifies the context associated with the management information in the PDU. contains the SNMPv3 PDU, which must be one of the PDUs specified in RFC 1905: GetRequest, GetNextRequest, Response, SetRequest, GetBulkRequest, InformRequest, SNMPv2-Trap or Report.

SNMPv3 Protocol Reference Guide

RFC
2271

Subject
An Architecture for Describing SNMP Management Frameworks. Message Processing and Dispatching for the Simple Network Management Protocol (SNMP) SNMPv3 Applications User-based Security Model (USM) for SNMPv3 View-based Access Control Model (VACM) for SNMP

msgSecurityParameters:

scopedPduData:

2272

scopedPDU:

2273 2274

contextEnginelD:

contextName:

2275

data:

Copyright 2006 INFRAX Incorporated | ID: IFX-D100

Page 9 / 9