LJ Archive

A Practical Guide to SNMPv3 and Network Management

Charles Curley

Issue #72, April 2000

The book assumes a cursory familiarity with SNMP, but does not require any knowledge of the underlying protocols (UDP, IPX, etc.).

  • Author: David Zeltserman

  • Publisher: Prentice Hall

  • URL: http://www.phptr.com/

  • Price: $54.00 US

  • ISBN: 0-13-021453-1

  • Reviewer: Charles Curley

Prentice Hall is very good at issuing books which are very good within a narrow specialty. You can use the book intensively and learn much from it, in which case it is worth what you pay for it. If you are only casually interested in the subject, the book isn't worth the price of admission and you should look for something else. A Practical Guide to SNMPv3 and Network Management is one of those books.

Engineering students working on SNMP (simple network management protocol) and engineers designing and implementing SNMP entities (devices and network management software) will benefit the most from this book. If you are a network administrator who uses SNMP engines but you don't “get under the hood” very often, then this book is probably overkill. It is aimed specifically at SNMP version 3, with historical references to older versions of SNMP. If you need a more general introduction to SNMP, the classic one is The Simple Book by Marshall T. Rose, now in its second edition.

The book assumes a cursory familiarity with SNMP, but does not require any knowledge of the underlying protocols (UDP, IPX, etc.). There is an introduction to SNMP, so if you have never dealt with versions of SNMP prior to 3, it will bring you up to speed with a historical perspective. Since any network of reasonable size will have a mixed bag of SNMP versions on it, this historical perspective is essential.

The book builds on some basic blocks, such as a detailed description of the character set allowed for the data type DisplayString. There is a table of control characters indicating what they do. These basic building blocks may be tedious to read about, but they are essential if you want to avoid misunderstanding.

Much of the text is accompanied by pseudo-code, written in the author's own pseudo-code language. The language is a bit disconcerting to start with, but easy enough to learn. The pseudo-code examples are detailed, well-commented and occasionally extend across multiple pages. The pseudo-code examples should port readily to C.

The author divides SNMP into three areas. First is the SNMP protocol itself. This consists of the messages SNMP uses, their formats and how SNMP entities interchange them. Second is the Structure of Management Information (SMI), a set of rules for ordering information on a managed device. Third is the structured collection of information on a managed device or a management information base (MIB).

After the introduction and a chapter on the basics, the author takes us on a tour of MIB-II, as modified by experience, if not formal standards. We are presented with an item-by-item list of the entries in MIB-II. However, the author also gives his own opinions from time to time. I'm glad to have the benefit of Zeltserman's 16 years of experience building networks and network devices.

Sometimes, however, the author's experience gets in the way. MIB-II is divided into several groups, one of which is the EGP group. He simply informs us that it isn't used any more, so he doesn't describe it. Given the thorough detail in most of the book, that terse statement is disconcerting. It's okay for folks implementing a brand-new SNMP entity. But for those readers who might have to deal with an older entity, it would be nice to know why the EGP group is no longer used. Even better would be to document it and say why it isn't used any more, leaving the decision to the reader. Any serious reader of this book has access to other literature and especially to the RFCs, so this is certainly a deficiency the reader could quickly remedy, if need be.

The next chapter introduces the architecture of the SMNPv3 framework. It introduces some concepts new to SNMPv3, particularly the modularity of the framework, and new security and administration features.

One portion of SNMPv3 engines consists of applications for such things as generating and responding to commands and notifications (formerly traps). This is the subject of Chapter 5.

Chapter 6 begins coverage of security, which SNMPv1 veterans will find changed and considerably enlarged. Authentication and the data encryption algorithm are discussed.

Chapter 7 covers view-based access control. This is a security technique that allows the administrator to determine which users may see and modify certain views into an MIB.

Chapter 8 deals with coexistence. This is the problem of translating from older versions of SNMP to SNMPv3. This becomes problematic either when a proxy may have to translate, or when an entity supports multiple versions of SNMP.

RMON2 is covered in Chapter 9. Where previous versions of RMON dealt only with the physical address (MAC address for Ethernet), RMON2 goes to higher-level protocols and lets you analyze traffic for specific protocols.

A shortcoming common to many technical books is the failure to explore the implications of the subject for personal privacy, a right rapidly vanishing from the Internet. Because RMON2 can look at an individual computer's application layer network traffic, it has clear implications for personal privacy at home and work. This, in turn, brings up ethical questions, such as: do network administrators want to provide proof that Joe is looking at porn web sites—or Dilbert—on company time? Is it our business that Sue is using e-mail to set up an assignation with a man not her husband? Yet, the author provides no warning to that effect.

The final chapter describes a number of Cisco private MIBs. Cisco has done an excellent job of documenting their private MIBs, and has a large share of the market, so the Cisco private MIBs are an excellent choice. Still, a comparable HP MIB or two, say, would have made an interesting comparison. The gist of the chapter suggests how the network manager can take advantage of private MIBs.

One private MIB the author explores is the Ping MIB, which like the TCP/IP networking utility of the same name, lets you measure instantaneous network response times. This has clear implications for network tuning. This and other private MIBs may lead one to speculate that beneath the dull exteriors of some Cisco boxes beats the heart of a penguin.

The book has an index. It appears to list every object described in the book, which makes it an excellent reference work. However, some concepts are missing, and that makes the book harder to use as a high-level reference work.

The bottom line: if you are serious about SNMPv3, get this book.

Charles Curley (ccurley@trib.com) lives in Wyoming, where he rides horses and herds cattle, cats and electrons. Only the last of those pays well, so he also writes documentation for a small software company headquartered in Redmond, WA.

LJ Archive