Полезная информация

LogoSNMP Querying with Linux

This page is a resource of the Networking Group of the BTC, affiliated with the College of Computing of Georgia Tech.

Taxonomy

There are several basic toolkits available with which the Linux user may perform SNMP queries. Note that although many of these are old and no longer supported, that does not mean they should be ignored; SNMP version 1 has not changed for years, so there is no reason that new tools will work better than those completed a dozen months ago.

Some of these packages not only let you perform queries yourself, but include a daemon you can run on your computer that will answer SNMP queries made to your machine. Those packages are denoted by the label `daemon' in this list.

There is at least one other SNMP package, produced by the University of Tennessee; here is its home page. It is both no longer supported and native to SunOS, so I have not attempted to compile it under Linux or test it.

Features

To allow more easy comparison, here are the SNMP querying packages together with their abilities.

Package SNMP Version Language Asynchronous
Requests
Performance
v1v2Cv2UCShellPerlTclPython (lower numbers better)
Linux CMU YES YES YES YES YES no no no no 1.174
UCD YES no no YES YES no no no no 2.494
Tricklet YES no no YES YES YES YES no no 1.762 (sh), 1.279 (Perl)
Scotty YES YES YES no no no YES no YES 0.341
CMU/Perl5 YES no no no no YES no no no 0.371
SNMPY YES YES YES no no no no YES YES (not available at this time)

The performance is monotonically related to the amount of time required to compose and send an SNMP packet.

Commentary on Performance

(Refer to the performance figures in the above chart.) The CMU, UCD, and Tricklet packages provide a Unix command to do a query, so for each query a Unix process must run and complete; hence their query times are high. Tricklet also provides a sort of daemon that can be handed commands through pipes and thus employed from Perl (or whatever else you want); this sounds more efficient than invoking separate commands, but the CMU Linux shell command has slightly better performance nonetheless. Scotty and the CMU/Perl5 package both use C libraries linked into their respective scripting languages, are thus provide the most efficient operation.

Performance Measuring Methodology

First, I chose ten representative MIB variables, and wrote a script for each package that could send and receive an SNMP query involving those variables. Each script accepted a numeric argument n, which is the number of times in a row to perform this query; the queries are done synchronously in each case.

Now, if I just ran the same number of queries with each package, I would be measuring not just the amount of time they take to do the queries, but also the amount of time they require to load and initialize themselves; but I am not interested in the start up time, since in most critical SNMP applications the program will be run as a daemon that loads once then sits around doing periodic queries.

So what I did was to run each program with a small number of queries, then again with a large number of queries, and took their difference. The result was the amount of time required just to perform the extra queries.

I was careful to run the tests when I was the only user on a Linux machine (the 200MHz Pentium Dell machine which I use at work), without X Windows running, with all the scripts querying the Sun Ultra that is sitting next to me unused, and when the local network was temporarily isolated from the Internet. Even so, there was a small variance among the results; so what I really did was to run each program 30 times doing only a few queries and 30 times doing many queries, then subtracted the averages. The difference in seconds between the averages is the number in the table above.

Since Linux uses memory to cache files recently accessed on disk, a program usually runs much more quickly if it has been run recently. So, as a final touch of finesse, I had my testing scripts run each program once without saving the results before proceeding with the 30 runs that counted.

If anyone wants to discuss, replicate, or dispute these results, email me.

Detailed Descriptions

Real CMU SNMP Library and Software
Home page:http://www.net.cmu.edu/projects/snmp/
Source:ftp://ftp.net.cmu.edu/pub/snmp/cmu-snmp-V1.11.tar.gz
Supports:SNMPv1, SNMPv2C, SNMPv2U.

This is the original free SNMP project from which many of the other packages here were derived. The original version supported v1, and then the experimental party-based security model for v2. The project stopped there, inspiring many groups to begin independent lines of development (see below).

In early 1997 the CMU project reawakened. They have now been releasing new versions almost every two months and have incorporated modern v2 security behaviors. They compile fine under Linux; but the current SNMP included with the Red Hat distribution is Linux CMU SNMP (see below), which seems to have an incompatible API; it might be preferable on that platform because of its more widespread distribution.

The original and Linux CMU projects might merge in the future.

Linux port of Carnegie Mellon University (CMU) SNMP Tools
Home page:http://www.gaertner.de/snmp/
Source:ftp://ftp.ibr.cs.tu-bs.de/pub/local/linux-cmu-snmp/cmu-snmp-linux-3.5-src.tar.gz
RPMs: cmu-snmp-3.3-2.i386.rpm (RedHat)
cmu-snmp-devel-3.3-2.i386.rpm (RedHat)
cmu-snmp-utils-3.3-2.i386.rpm (RedHat)
SRPM: cmu-snmp-3.3-2.src.rpm (RedHat)
DEB:ftp://ftp.debian.org/debian/stable/binary-i386/net/snmp_3.2-2.deb
Supports:SNMPv1, SNMPv2C, SNMPv2U.

This package was originally written at the computer science department of Carnegie-Mellon University, but has since been adapted to Linux and is currently maintained by Jürgen Schönwälder and Erik Schönfelder (see README.linux in the source distribution for full credits). The current version is 3.5, which was released just this February; RedHat is still shipping version 3.3 which was released in March 1997. It includes command line utilities with which queries can be performed, a C library of SNMP communication routines, an snmpd daemon that will respond to SNMP requests received by the workstation on which it is run, and an snmptrapd daemon to intercept and log SNMP traps.

The original and Linux CMU projects might merge in the future.

University of California Davis (UCD) SNMP
Readme:ftp://ftp.ece.ucdavis.edu/pub/snmp/ucd-snmp.README
Source:ftp://ftp.ece.ucdavis.edu/pub/snmp/ucd-snmp.tar.gz
Supports:SNMPv1, outdated SNMPv2.
License:Free software.

This package was adapted from CMU SNMP active development on CMU ceased. Like the Linux version of CMU, it includes the command line utilities, the two daemons, and a C library. It also includes extension files for HP OpenView so that hosts using UCD SNMP will have UCD icons.

Scotty
Home page:http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/
Screen shot:(of Tkined) http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/news.gif
Source code:ftp://ftp.ibr.cs.tu-bs.de/pub/local/tkined/
RPMs: scotty-2.1.5-3.i386.rpm (contrib)
DEB:ftp://ftp.debian.org/debian/stable/binary-i386/net/scotty_2.0.2-4.deb
Supports:SNMPv1, SNMPv2C, SNMPv2U.

This package is maintained by Jürgen Schönwälder, one of the maintainers of CMU SNMP for Linux. It consists of two components. Tkined is a rudimentary graphical user interface for network management, designed to be easily extensible by programmers interested in expanding its capabilities. Underlying it is Tmn, a mature library of Tcl functions providing access to:

When comparing these features to other packages, keep in mind that other languages (such as Python) possess many of these capabilities out of the box so their SNMP additions need not be as comprehensive.

The package appears to be well maintained, and very well documented. The most recent version is 2.1.6 from this past July, but the most up-to-date RPM is for release 2.1.5 of October 1996. It comes with a few sample utilities and extensions developed by other programmers.

CMU SNMP Perl5 Extension Module
Source:ftp://ftp.wellfleet.com/netman/snmp/perl5/SNMP.tar.gz
Supports:SNMPv1.

This is a Perl interface to the CMU SNMP collection of C library functions. It provides an object-oriented interface for those who want access to SNMP through the Perl scripting language. It is maintained by G. S. Marzot at Bay Networks.

SNMPY (for Python)
Home page:http://alumni.dgs.monash.edu.au/~anthony/snmpy/snmpy.html
Source:http://alumni.dgs.monash.edu.au/~anthony/snmpy/snmpy-alpha3.tar.gz
Supports:SNMPv1, SNMPv2C, SNMPv2U.

This is a library of Python object definitions providing an interface to the UCD SNMP package (which was derived from CMU SNMP). It comes with an attractive graphic MIB browser for those who have the Tkinter Python module. The current release is alpha-3, dated November 1996; the first beta version was slated to be out within one month, but is not out yet. The web page now says that it will be out in August 1997, a deadline which has unfortunately passed. But in the meantime, SNMPY seems to be a stable tool.

SNMP Sniff
Home Page:http://elektra.porto.ucp.pt/snmpsniff/
Source:http://elektra.porto.ucp.pt/snmpsniff/snmpsniff-0.5b.tar.gz
Requires:The libpcap library, whose source is at ftp://ftp.ee.lbl.gov/libpcap.tar.Z and which is also available as libpcap-0.4a4-2.i386.rpm, libpcap-devel-0.4a4-2.i386.rpm, and libpcap-static-0.4a4-2.i386.rpm. It also requires CMU SNMP, version 1.7 later.
Copyright:Freely redistributable and modifiable.
RPM:http://elektra.porto.ucp.pt/snmpsniff/snmpsniff-0.5b-6.i386.rpm

SnmpSniff is a promiscuous SNMP PDU sniffer. Because it is dedicated to the SNMP protocol, it offers exhaustive analysis of its packets. I recommend it for anyone analyzing SNMP transactions, and for anyone involved in teaching or instruction about network management. Version 0.5 was released in May, but I have not been able to run the RPM version on my machine due to an error it produces about a badly formed MIB.

BTNG - Beholder, the Next Generation
Home page:http://dnpap.et.tudelft.nl/DNPAP/Software/software.html
Source:ftp://dnpap.et.tudelft.nl/pub/btng/btng-6.5.tar.gz
ftp://dnpap.et.tudelft.nl/pub/btng/tricklet-6.0a.tar.gz

Beholder is an implementation of the RMON protocol. In a simple network management setup, the managing computer sends SNMP queries to all of the network elements itself; the idea of a remote monitor (abbreviated RMON) is that an intermediate network element can query a set of devices on its own, then present their summarized statistics to the main management machine through a portion of its own MIB.

Beholder also comes with Tricklet, a set of shell utilities to perform SNMP queries from the command line or a script. It includes a `ghost' (a modification of the term `daemon', perhaps?) that performs SNMP queries requested via its standard input and writes the result to its standard output; this is intended to provide an efficient interface for use from a scripting language. The distribution includes scripts illustrating this ability through the shell, Perl, and Tcl, and includes an object oriented API for Perl. An advantage of using the ghost is that no libraries have to be compiled and linked with your script language.


Generated 11 March 1999 by Brandon Craig Rhodes, who may be contacted at brandon@rhodesmill.org.