Network Operations and Control Wiki
Don't have an account?
Register
Advertisement
Register
in: All

Xx62

Revision as of 06:10, 23 May 2013 by TELE9752 lecturer (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
 Edit

Background: Know: Management agent, hierarchies of network managers, Recognize:

Anticipates: SNMPv3

Up

Previous

Next

Down Communities restrict access

Background:[]

Know:[]



SNMP Communities[]

In SNMP Terminologies the word “ Community “ stands for a trust relationship between the managers and the agents which belong to several differnt networks. The managers and agents in the same community are able to communicate with each other.

The authentication of membership is usually identified by using Identified by a text string and the default community is "Public". Furthermore, managers and agents can also belong to mutiple communities.

The agents can be configured to in three community names:

  • Read Only
  • Read - Write
  • Trap


As the communities' name, the Read Only community only allows managers to read data values, the Read - Write community allows managers to read and modify the data and the Trap community allows the managers to receive traps (asynchronous notifications) from the agent.


Mostly the equipment is sent with default community strings "Public" for the read only community and Private for the Read-Write Community. It is absolutely essential to set the equipment to default community before the device becomes active on the network.


All the terminologies described earlier go for SNMPv1 and SNMPv2 . The main problem with SNMP's Authentication is that Community Strings are sent in Plain Text which is not secure for network. This problem has been addressed in SNMPv3 with secure authentication and communication between SNMP devices.


Communities are identified generally by the name assigned to them and are used to authenticate SNMP Messages. These forms a base for a secure SNMP service. A Host can belong to several communities at any time but SNMP agent never accepts requests from a Management system in a community that is not on its list of acceptable community names. The following example illustrates functions between two communities Public and Public 2.


In the example mentioned above, the Agent 1 can have the access to requests and traps from Manager 2 since they are in the same community Public 2. So is the case with Agent 2, 3 and 4 since they are all in the same Public Community.



See also[]

Corresponding TELE9752 lecture slide


Reference[]

SNMP Communities

Example of SNMP Communities

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More Network Operations and Control Wiki