Homebrew NMS: Put It Together with Perl and Net::SNMP

Understanding SNMP is key to understanding what's going on with your network, and critical to any tool you build. Perl's Net::SNMP helps gather the data.

By Charlie Schluting | Posted Aug 29, 2007
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
Charlie Schluting

This week's look at building a homebrew NMS will focus on using SNMP to gather information about your network. Network Management requires SNMP, and you cannot escape the tangle of OID trees. Certain tools do make it easier, and once you learn a bit about them it becomes clear that this SNMP stuff is quite powerful.

Before we explore the Perl module Net::SNMP, let us have a quick refresher on SNMP.

The Simple Network Management Protocol agent listens on UDP port 161 for incoming requests. SNMP traps are sent, without warning, to UDP port 162 on a central management station that is configured to listen for traps. Traps can take the form of "link down," which is normally sent by a network device, or can be as complex as you'd like.

Most SNMP messages are identified by predefined OIDs, or Object identifiers. An OID is simply a series of numbers that identify an SNMP object. OIDs are hierarchical, and organized in a tree structure. Each node on the tree may have multiple branches, and OIDs typically get quite long. Most SNMP OIDs start in the ISO tree's root, which always begin with .1. In fact, most will be .1.3.6.1, which means iso.org.dod.internet. The Internet tree branches into private and mgmt. For example, 1.3.6.1.2.1.1.6.0 means "sysLocation," which can be discovered by walking down the OID tree to discover that the string of numbers actually mean:
iso.org.dod.internet.mgmt.mib-2.system.systemLocation.

The magical goo that defines what those numbers mean is called the Management Information Base, or a MIB. A MIB defines what types are allowed in each object (integer, string), as well as what they are called. A MIB essentially turns numbers into meaningful information, as well as defines allowed values.

Taking SNMP for a Walk

On to the useful stuff. Let's try out an SNMP query, using out old friend snmpwalk, which comes with the net-snmp software on most *nix hosts. The snmpget command is useful to get a single object, but if you want all information available down a certain branch of the tree, snmpwalk will do just that.

% snmpwalk -v2c -c public nermal 1.3.6.1.2.1.1.6
 SNMPv2-MIB::sysLocation.0 = STRING: "System administrators office"

Running snmpwalk on a specific OID, where nothing follows in the tree, is akin to using snmpget. However, if we bump it up a notch, we can get the entire system MIB:

% snmpwalk -v2c -c public nermal 1.3.6.1.2.1.1
 SNMPv2-MIB::sysDescr.0 = STRING: SunOS nermal.domain.com 5.10 Generic_118833-24 sun4u
 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.3
 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (338266757) 39 days, 3:37:47.57
 SNMPv2-MIB::sysContact.0 = STRING: "System administrator"
 …

Experiment with your network gear, and the private, instead of mgmt branch, under Internet to see what's available. In the Cisco MIB, we can get everything we'd ever want to know, including the ARP table, the Bridge table, and MAC address with port locations. Those are all standards-based OIDs, and the interesting Cisco-specific goodies are in the private tree, under 1.3.6.1.4.1.9.

Port numbers are difficult, since Cisco uses an interface identifier and a few layers of indirection to identify a specific port, but it is possible. Let's start off easier. We'll fetch the port descriptions (string assigned to a port) from our Cisco switch, so that we can ensure they are accurate based on our formatting standards and MAC address discovery information.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter