The Volume 4•Issue 3

MAY–JUNE 2003

Extension
A Technical Supplement to Control Network

© 2003 Contemporary Control Systems, Inc.

Introduction to SNMP
By George Thomas, Contemporary Controls “trap” be set by the agent. A trap is simply a report to be
issued in the future which is triggered when a set of condi-
INTRODUCTION tions are met, similar to an alarm. The trap is triggered upon
an event and once it occurs, the agent immediately reports
One of the numerous acronyms from the Internet world the occurrence without a poll from the manager. This is no
is SNMP which stands for Simple Network Management different from having a remote I/O device report on a
Protocol. Of course, anything termed “simple” is suspect. “change of state.” The NMS that receives the trap can then
SNMP is an Internet protocol for managing devices on take appropriate action such as notifying personnel of the
IP networks. Usually people think SNMP only applies to event. In this situation, the NMS is acting as a server by
managed Ethernet switches, but it can be applied to any gathering data from agents and providing information on the
device that supports IP or TCP protocols. This includes state of devices to clients.
printers, workstations, servers, modems and even Manager Agent
industrial I/O devices. SNMP introduces us to the con-
cept of “managed” devices which offers numerous
advantages over unmanaged devices and could prove SNMP SNMP
Application Application
beneficial in industrial applications. As more and more
devices embrace Ethernet, adding SNMP support can UDP UDP
lead to greater advantages.
IP IP

SNMP Versions Ethernet Ethernet

When we say a device is managed, we mean the device

supports the SNMP protocol beyond its normal functions. The
SNMP protocol, described in RFC 1157, was developed in the
FIG. 1 — SNMP Communication occurs between a manager
80s as a simple means of accessing devices remotely.
and agent by means of UDP datagrams.
Originally intended to manage routers, SNMP can be used to
manage any device including programmable logic controllers Let’s consider a real-world example. We have a remote
and remote I/O blocks. The example that is usually given pumping station with a SCADA system attached to several
refers to its use in monitoring the temperature inside a router. devices. The SCADA system is powered from an uninterrupt-
If this can be done, then there are a host of industrial ible power supply (UPS) that has an SNMP agent. An Ethernet
applications limited only by our imagination. fiber optic link is used for communication between the
remote pumping station and the main control room. An
One would think there is only one version of SNMP since
Ethernet switch, located in the pump house, connects the UPS
this acronym is frequently quoted as if it is understood by all.
and the SCADA system to the Ethernet link. An SNMP manag-
Actually, there are three. The first is SNMPv1 which remains
er application, running on a desktop workstation located in
the most popular version. SNMPv2 builds upon the com-
the main control room and functioning as a NMS, instructs
mands of version 1. SNMPv3 addresses the biggest criticism of
the agent in the pump house UPS to set a trap that will be
SNMP. The commands are sent in clear-text and, therefore,
triggered if there’s a loss of main power. If this condition
insecure. SNMPv3 adds cryptography. Simply understanding
occurs, the agent would send a trap message back to the
SNMPv1 is enough to learn the concepts.
NMS which, in turn, pages the maintenance shop. This is a
SNMP is an application layer protocol that sits above the simple case in point of how SNMP can aid applications in
TCP/IP stack. However, SNMP does not use TCP at all. It our industry.
uses the UDP (datagram) protocol for communication which
The beauty of SNMP is that it is indeed straightforward.
provides no acknowledgement that a transmission was
There are only five commands with SNMPv1 and a total of
successful. This was done to minimize the software require-
nine for SNMPv2 and SNMPv3. The commands for SNMPv1
ments in the “agent” which is the device being managed. The
are listed below:
“manager” is the device requesting information from the agent
and it is called a Network Management Station (NMS). The • get
interaction between a manager and an agent is similar to the • get-next
interaction between a master and a slave device. The manager
• set
can initiate a “poll” of the agent requesting information or
directing an action. The agent, in turn, generates a response • get-response
to the query from the manager. This is how a remote I/O • trap
protocol works. However, the manager can request that a

(No part of the Extension may be reproduced without the written consent of Contemporary Controls.) 1
 The additional commands for SNMPv2 and SNMPv3 are OBJECT ID
as follows:
Managed objects within an agent are organized into a
• get bulk tree-like hierarchy similar to the way files and folders are
• notification used to represent the contents of a hard disk. In fact, some
NMS software displays the management objects in a graphical
• inform fashion as if they were indeed files. However, the nomenclature
• report is different. Managed objects are identified as a series of
integers separated by dots representing the nodes on a tree.
Naming begins at the root, followed by branches and ending
Query from manager in leaves. Let me give an example. In FIG. 3 you will see
the tree structure for finding MIB-2. It begins at the root on
Manager Response from agent Agent the left. There are three branches, but we are interested only
in iso(1). From iso(1) we have three more branches, but we
Trap info from agent are only interested in org(3). Next there are six more branches,
but we follow dod(6). From this branch we go to internet(1).
At this node we are at the base of all SNMP MIBs. The short
FIG. 2 — A manager polls an agent in a similar fashion to a form for representing where we are is 1.3.6.1 or we could
master/slave protocol. say iso.org.dod.internet.
To understand how the commands are applied, we need At this point we could follow either mgmt(2) or
to introduce an integral component in the process: the private(4) branches. If we follow the mgmt(2) branch, we
managed objects that reside in the agent. will find standard MIBs. If we follow the private(4) branch,
we will find vendor-specific MIBs. This is where a vendor
MANAGED OBJECTS can register unique products with corresponding unique
Each agent consists of a collection of managed objects management information. For example, a UPS would have
that explain the capabilities and behavior of the agent in an much different information to share than an Ethernet switch.
abstract form. This is no different from the method by which We will follow the mgmt branch and locate MIB-2 which is at
a DeviceNet device is described by a collection of objects. 1.3.6.1.2.1 or you could simply say mgmt(1) which uniquely
The objects supported by a DeviceNet limit switch differ from identifies its location.
that of a DeviceNet We have found
pneumatic manifold MIB-2, but we do not
block; however, all know the location of the
DeviceNet devices individual managed
support some common objects. It’s best to
objects. This is the remember that MIB-2 is a
same situation with collection of objects and
agents. All SNMP each object description is
agents must support identified in RFC 1213. If
a common set of we study RFC 1213, we
managed objects, will learn there are ten
called a Management managed object groups
Information Base in MIB-2 as explained on
(MIB). But an agent page 3.
must support, at a
minimum, what is The first object group
defined in is system. The system
RFC 1213: MIB-2. group lets you enter the
physical location of the
You might ask device, the name of the
what happened to device and who is
MIB-1? In the ever- responsible for the
changing Internet device. Therefore, if the
world, MIB-2 super- FIG. 3 — The identification of objects follows a hierarchical structure.
device is queried by a
seded MIB-1. Before management system, it could say it was tagged UPS-1, locat-
we examine the ed in the pump house and if there is trouble to call Randy in
details of MIB-2, we need to understand the structure and the Instrument Shop. Another attribute of this object is up-
naming convention of MIBs. The Structure of Management time. It will continue to accumulate time until it is unpowered.
Information (SMI) is described in RFC 1155. First, we will
study the naming convention for managed objects and the
MIBs themselves, which are simply a collection of managed
objects. The term to identify an object is simply the
Object ID (OID).

2
The 10 Managed Object Groups in MIB-2

mib-2 1 system ; General information about device for administrative purposes

mib-2 2 interfaces ; Keeps track of each interface on device
mib-2 3 at ; Address translation (only for backward compatibility)
mib-2 4 ip ; Tracks IP (Internet Protocol) aspects
mib-2 5 icmp ; Tracks ICMP (Internet Control Message Protocol) aspects
mib-2 6 tcp ; Tracks TCP (Transmission Control Protocol) aspects
mib-2 7 udp ; Tracks UDP (User Datagram Protocol) aspects
mib-2 8 egp ; Tracks EGP (Exterior Gateway Protocol) aspects
mib-2 9 (no longer used)
mib-2 10 transmission ; Currently not used
mib-2 11 snmp ; Tracks SNMP (Simple Network Management Protocol) aspects

SETTING TRAPS needed before installing a DeviceNet limit switch or photo-

eye. With DeviceNet, you would use some tool or a program
As mentioned before, a trap is an exception report similar running on a laptop PC. Some devices will have a serial port
to a change-of-state response from an I/O device. The man- that will support an ASCII terminal. If a terminal is unavailable,
ager establishes the trap in an agent. The agent monitors the you could run a terminal emulation program on a PC. The
situation and only reports to the manager if the trap is advantage of this approach is that your network does not
tripped. There are seven generic traps, but one is reserved need to be up in order to commission the device. The
for vendors for their specific application. The traps are second approach is to run a Telnet session over Ethernet. Of
as follows: course, to do this the device must have its IP address already
Generic Trap assigned. The screen on the PC will look the same but the
Name, Number and Definition network needs to be running. However, you could commis-
sion the device remotely from the control room with Telnet.
coldStart (0) In both of these cases, text screens are provided and the
Indicates that the agent has rebooted. All management vari- operator simply needs to fill in the blanks. The third approach
ables will be reset; specifically, Counters and Gauges will be is to use a web browser. This assumes that the managed
reset to zero (0). When a device is powered on, it sends this device will serve up a web page for commissioning. With
trap to its trap destination. web technology, the screens are more colorful and data input
is not restricted to simple command lines. Any of these
warmStart (1)
approaches is possible but what data must be entered?
Indicates that the agent has reinitialized itself. None of the
There are several parameters that must be set in the
management variables will be reset.
agent. The agent will consume an IP address for it to function
linkDown (2) as a management port. You might want to name the device,
Sent when an interface on a device goes down and identifies indicate its physical location and identify the person respon-
which interface. sible for the device. You can even append a password to
protect your settings. If traps are to be used, you need to
linkUp (3)
identify the IP addresses of the managers that will receive
Sent when an interface on a device comes back up and the traps. There is usually space to list several IP addresses.
identifies which interface. What is significant here is that you need to know all this infor-
authenicationFailure(4) mation before commissioning and to be careful not to reas-
sign the master IP addresses, otherwise the traps will fail to
Indicates that someone has tried to query the agent with an
find a manager. It would be a good idea to document all
incorrect password.
these parameters so a replacement device can be properly
egpNeighborLoss (5) configured before putting the unit into service.
Indicates that an Exterior Gateway Protocol (EGP) neighbor MANAGERS
has gone down.
enterpriseSpecific (6) Most of the discussion has been about agents and little
about network management software. Command line
Indicates that the trap is vendor specific. programs can be used to poll agents and view responses,
As seen from this list, a much simpler approach can be but the process is tedious since the operator needs to fully
taken to monitoring a device in the field besides polling. For understand the structure of MIBs and each object’s syntax.
example, a coldstart could indicate some unauthorized There are several commercial software packages and some
activity in the field that triggered the trap. The use of traps is freeware packages that will poll agents, set traps and receive
no different from having the benefit of a remote annunciator and display trap responses while providing a more convenient
in the field but without the added expense. By studying the user interface. Since SNMP was developed before the
vendor specific traps that are available from a particular Worldwide Web protocols were developed, much of the data
product, more ingenious reporting is possible. that is displayed is text-based. Later versions of network
management software take advantage of Windows
CONFIGURATION functionality and provide more versatility such as trending.
It will take an operator some time to learn the intricacies of
Before commissioning a managed device in the field, its
agent must be configured. This is not unlike the commissioning

3
 the program but from one workstation, an operator can view CONCLUSION
all SNMP compatible devices.
With more and more devices
embracing Ethernet and Internet
protocols, the addition of SNMP
protocol support adds benefits to the
device. Managed devices support the
SNMP protocol and are called agents.
Agents consist of a collection of
managed objects that can be queried by
a manager to determine the health of
the network or the status of particular
devices. By displaying this data in an
easily understood format, operators and
maintenance personnel, located at a
central site, can monitor the performance
of the entire network by observing
selected devices and pinpointing
potential problems before they occur.
Although commercial and freeware net-
work management software programs
exist for this purpose, the trend is to
use more web-based tools. SNMP is not
restricted to just the management of
switches and routers. Any industrial
device can have SNMP
FIG. 4 — Typical manager screen. support and could provide much aid in industrial applications.

With increasing interest in making a web browser the

default operator interface for a system, can SNMP data be
displayed on a browser screen? Some newer managed
devices have built-in web servers that can serve up SNMP REFERENCES
data. The advantage of a built-in web server is that it
provides a convenient method of configuring the device and,
an opportunity to verify that the device is functioning by Mauro, Douglas R. & Schmidt, Kevin J., Essential SNMP,
being able to access it from the web. The other advantage is O’Reilly & Associates, Inc., 2001.
that the managed device with its internal web server can
operate stand-alone without the need for any network Open DeviceNet Vendors Association, DeviceNet
management software. The trick comes in when several Specifications, Volume 1, Release 2.0, 1995.
managed devices are to be viewed from one browser. There
is no consistency of data presentation from the various Internet Engineering Task Force, RFC 1157—A Simple
vendors of web-based managed devices. It is also inconvenient Network Management Protocol (SNMP), 1990.
to remember all the various URLs that must be selected to
view the individual managed devices. Internet Engineering Task Force, RFC 1213—Management
For our industry, there is another approach. It is possible Information Base II, 1990.
to have an OPC server running in the manager that under-
stands the SNMP protocol and can query MIB data, but
display the data in a format comfortable to the operator. If
the operator is viewing a process automation screen to view
instruments and controllers and alarms, the information from
managed devices can be included within the same screen;
thus, making for a neat uniform appearance. The operator
does not need to run a totally different application program
to monitor the health of the network. There are several
vendors in our industry that provide such a product.

www.ccontrols.com

Past issues of the Extension are available. If you would like a

copy, please send your request to [email protected]