Chapter 7 SNMPv3 The SNMP Engine.As shown in Figure 7.2,an SNMP entity has one SNMP engine,which is identified by a unique snmpEngineID.The SNMP engine ID is made up of octet strings.The length of the ID is twelve octets for SNMPv1 and SNMPv2,and is variable for SNMPv3,as shown in Figure 7.3.The first four octets in both formats are set to the binary equivalent of the agent's SNMP management private enterprise number.The first bit of the four octets is set to 1 for SNMPv3 and 0 for earlier versions.For example,if Acme Networks has been assigned {enterprises 696}, the first four octets would read '800002b8'H in SNMPv3 and '000002b8'Hin SNMPy1 and SNMPv2. Hint 696=512+128+56+16+8=1010111000=2b8=000002b8
Chapter 7 SNMPv3 The SNMP Engine. As shown in Figure 7.2, an SNMP entity has one SNMP engine,which is identified by a unique snmpEngineID. The SNMP engine ID is made up of octet strings. The length of the ID is twelve octets for SNMPv1 and SNMPv2, and is variable for SNMPv3, as shown in Figure 7.3. The first four octets in both formats are set to the binary equivalent of the agent's SNMP management private enterprise number. The first bit of the four octets is set to 1 for SNMPv3 and 0 for earlier versions. For example, if Acme Networks has been assigned {enterprises 696}, the first four octets would read '800002b8'H in SNMPv3 and '000002b8'H in SNMPv1 and SNMPv2. Hint 696=512+128+56+16+8=1010111000=2b8=000002b8
Chapter 7 SNMPv3 7.3.2 Names Naming of entities,identities,and management information is part of SNMPv3 specifications.We have already mentioned the naming of an entity by its SNMP engine ID,snmpEnginelD.Two names are associated with identities,principal and securityName.The principal is the "who"requesting services.It could be a person or an application.The securityName is a human-readable string representing a principal.The principal could be a single user or a group of users.The principal is made nonaccessible;it is hidden and is protected by the security method being used. A management entity can be responsible for more than one managed object
Chapter 7 SNMPv3 7.3.2 Names Naming of entities, identities, and management information is part of SNMPv3 specifications. We have already mentioned the naming of an entity by its SNMP engine ID, snmpEngineID. Two names are associated with identities, principal and securityName. The principal is the "who" requesting services. It could be a person or an application. The securityName is a human-readable string representing a principal. The principal could be a single user or a group of users. The principal is made nonaccessible; it is hidden and is protected by the security method being used. A management entity can be responsible for more than one managed object
7.4 SNMPv3 Applications SNMPv3 formally defines five types of applications, but they are not the same as those of the functional model that the OSI model addresses.They may be considered as the application service elements used to build applications.They are the command generator,command responder,notification originator, notification receiver,and proxyi forwarder and are described in RFC 2273. 7.4.1 The Command Generator The command generator application is used to generate get-request,get-next-request,get-bulk,and set-request messages.It also processes the response to the command sent.Typically,the command generator application is associated with the network manager process
7.4 SNMPv3 Applications SNMPv3 formally defines five types of applications, but they are not the same as those of the functional model that the OSI model addresses. They may be considered as the application service elements used to build applications. They are the command generator,command responder, notification originator, notification receiver,and proxy forwarder and are described in RFC 2273. 7.4.1 The Command Generator The command generator application is used to generate get-request, get-next-request, get-bulk, and set-request messages. It also processes the response to the command sent. Typically, the command generator application is associated with the network manager process
Chapter 7 SNMPv3 7.4.2 The Command Responder The command responder processes the get and set requests destined for it from a legitimate remote entity.It performs the appropriate action of get or set on the network element,prepares a get- response message,and sends it to the remote entity that made the request,as shown in Figure 7.6.In contrast to Figure 7.5,which depicts two asynchronous processes,the processes shown in Figure 7.6 are run concurrently.Typically,the command responder is in the management agent associated with the managed object