Homebrew NMS: Put It Together with Perl and Net::SNMP
Understanding SNMP is key to understanding what's going on with your network, and critical to any tool you build. Perl's Net::SNMP helps gather the data.
Before we explore the Perl module Net::SNMP, let us have a quick refresher on SNMP.
The Simple Network Management Protocol agent listens on UDP port 161 for incoming requests. SNMP traps are sent, without warning, to UDP port 162 on a central management station that is configured to listen for traps. Traps can take the form of "link down," which is normally sent by a network device, or can be as complex as you'd like.
The magical goo that defines what those numbers mean is called the Management Information Base, or a MIB. A MIB defines what types are allowed in each object (integer, string), as well as what they are called. A MIB essentially turns numbers into meaningful information, as well as defines allowed values.
Taking SNMP for a Walk
On to the useful stuff. Let's try out an SNMP query, using out old friend snmpwalk, which comes with the net-snmp software on most *nix hosts. The snmpget command is useful to get a single object, but if you want all information available down a certain branch of the tree, snmpwalk will do just that.
% snmpwalk -v2c -c public nermal 126.96.36.199.188.8.131.52 SNMPv2-MIB::sysLocation.0 = STRING: "System administrators office"
Running snmpwalk on a specific OID, where nothing follows in the tree, is akin to using snmpget. However, if we bump it up a notch, we can get the entire system MIB:
% snmpwalk -v2c -c public nermal 184.108.40.206.2.1.1 SNMPv2-MIB::sysDescr.0 = STRING: SunOS nermal.domain.com 5.10 Generic_118833-24 sun4u SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.3 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (338266757) 39 days, 3:37:47.57 SNMPv2-MIB::sysContact.0 = STRING: "System administrator" …
Experiment with your network gear, and the private, instead of mgmt branch, under Internet to see what's available. In the Cisco MIB, we can get everything we'd ever want to know, including the ARP table, the Bridge table, and MAC address with port locations. Those are all standards-based OIDs, and the interesting Cisco-specific goodies are in the private tree, under 220.127.116.11.4.1.9.
Port numbers are difficult, since Cisco uses an interface identifier and a few layers of indirection to identify a specific port, but it is possible. Let's start off easier. We'll fetch the port descriptions (string assigned to a port) from our Cisco switch, so that we can ensure they are accurate based on our formatting standards and MAC address discovery information.