Windows NT Network Management
SNMP (Simple network management protocol) is used to manage devices on a network. It uses agents on the remote side and managers are used to communicate with and configure the remote devices. SNMP allows:
- Reconfiguration of the network device.
- Viewing status of network devices.
- Viewing throughput and collision statistics
Examples include alerting the SNMP manager of a computer running low in disk space, changing route tables on routers, examining a router routing table, or viewing statistics about the number of forwarded packets.
When network devices are purchased they are one of the following types:
- Managed - Comes with a microprocessor and software to manage the device.
- Unmanaged - No management software comes with the device.
- GetRequest - The manager requests information from the agent.
- GetNextRequest - This is used to get information that is contained by an array.
- GetResponse - Used by the agent to satisfy a request sent by the manager.
- SetRequest - The manager changes the value of an agent's parameter.
- Trap - A command or message used by the agent to inform the manager of a certain event.
Information collection methods:
- The agent will send trap message alerts to the SNMP manager.
- The SNMP manager will poll the network devices.
Management Information Base (MIB) describes the entries in the agent database. Supported MIBs:
- Internet MIB II - RFC 1213. Defines 171 objects.
- LAN Manager MIB for NT - Defines 90 objects for computers running NT.
- DHCP MIB - Installed when the DHCP server is installed. The MIB file is DHCPMIB.DLL. There are about 14 DHCP objects.
- WINS MIB - Installed when the WINS server is installed. The MIB file is WINSMIB.DLL. There are about 70 objects.
SNMP Agent Installation and Configuration
SNMP uses communities to configure which managers can poll specific agents. There is a public community which may be added to the alerts list of agents allowing any manager to receive alerts from the device. If the manager in not in the same community with the agent, it cannot get information from the device unless the agent includes the public community. An agent may be in several communities.
The SNMP service is installed from the control panel network applet, services tab. It is called "SNMP Service". The following parameters are configured during installation:
- Send Trap with Community Names - The name of the community trap messages are sent to.
- The Trap Destination - The list of computer names or IP addresses the SNMP messages are sent to. If names are used, they must be able to be resolved using hosts files, DNS or some other method.
Agent Options include:
- Send Authentication Trap checkbox will send a trap message to the manager anytime a manager fails an attempt to authenticate.
- A list of accepted community names
- Accept SNMP packets from Any Host checkbox is checked by default.
- Only Accept SNMP Packets from These Hosts checkbox and list will allow specification of hosts with specific IP addresses that SNMP packets are accepted from.
SNMP properties menu sections:
- Agent tab
- Traps - Specify community name, and traps destinations.
- Security - Includes:
- Specify "Send Authentication Trap" checkbox, with a list of accepted community names that may be modified.
- "Accept SNMP packets from Any Host" checkbox.
- "Only Accept SNMP Packets from These Hosts" checkbox with a list that may be modified.
The event viewer system log at the management station may be used to view SNMP errors.
The SNMPUTIL.EXE program is provided by the Windows NT 4.0 Resource kit. It can verify whether or not agents were correctly configured with SNMP by making the same calls a management station makes. Commands are:
Some SNMP Counters
- TCP Segments/sec - The number of frames sent and received.
- TCP Segments re-translated/sec - The number of frames re-translated.
- UDP Datagrams/sec
- Network Interface Output Queue Length - The number of packets waiting to be sent. If this value is above 2, there is network congestion.