From: Roman Rodichev (rodic000@xxxxxxxxxxx)
Date: Sat Jun 02 2001 - 00:37:11 GMT-3
Al, relax! Thanks for all the info! I'm making my first attempt in three
weeks and I wanted to know the specifics. If I get asked to set-up an ACL to
block SNMP I want to make sure I do it correctly. Did I ask an Off-Topic
question? You are kidding me!!
"If someone has _complete_ information (not partial) that you are 100% sure
of could you please share it with me" question "plain sucks" in your
opinion. If someone knows correct (complete) answer they can answer. Is
there something wrong with that? I'd rather get one or two responses that
someone is confident about. It's more efficient! Saves time, bandwidth,
storage.
Now back to the topic, the closest info that I found on CCO was:
"SNMP requests are typically sent to UDP port 161. SNMP responses are
typically sent from UDP port 161. SNMP notifications are typically sent to
UDP port 162." on
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_c/f
cprt3/fcd301.htm
In this statement, Al, do you know if "notifications" are sent from or to
the router? I suppose it's a router sending a packet to HPOV's port 162.
Correct?
P.S. And by the way, you are right this is not "a place to be asking random
questions about arbitrary TCP/IP applications", it's a place where 95% of
the messages are about ISDN DDR and OSPF<->FLSM redistribution.
>Well, for starters, OpenView will never send a trap anywhere (That is,
>unless there's another SNMP server that's actually managing your
>OpenView platform, which is doubtful).
>
>A 'trap' is an event notification that is generated by the router (Or
>any device that is running an SNMP Agent), and sent to the configured
>SNMP management station(s). The kinds of events which generate a trap
>can vary... On Cisco equipment, we have a number of different
>categories to choose from: Environmentals, Configuration, Interfaces,
>Frame-relay... Bunches and bunches.
>
>Most IP services have reserved port numbers for both TCP and UDP...
>That's just common practice. Very few use them both. There's no case
>that I'm aware of when SNMP utilizes TCP communiations.
>
>I'm not sure what you mean by "What additional traffic is added with
>"snmp-server host" command?" Generally speaking, SNMP is a fairly
>low-bandwidth application (moreso because it relies on UDP, rather
>than the additional overhead of establishing a TCP connection). This
>can vary, of course, with the polling interval, the number of stations
>being monitored, and the number of trap destinations for each
>montiored device.
>
>Finally, this is a list for people gearing up for the CCIE lab exam.
>It's not the place to be asking random questions about arbitrary
>TCP/IP applications... You could probably have gotten every single
>one of these questions answered very easily had you looked in the
>right place, namely a USENET group archive dedicated to either SNMP of
>OpenView. You could also look at some of the SNMP related RFCs, which
>also could have answered most of these. Finally, the way that you
>asked just plain sucks:
>
> > If someone has _complete_ information (not partial)
> > that you are 100% sure of could you please share it
> > with me.
>
>When asking for information of people, free of charge, you get what
>they are willing to give you. If you get any at all, particularly
>when asked in the completely wrong venue, you ought to consider
>yourself damn lucky.
>
>Alan
>
>----- Original Message -----
>From: "Roman Rodichev" <rodic000@hotmail.com>
>To: <ccielab@groupstudy.com>
>Sent: Friday, June 01, 2001 7:03 PM
>Subject: SNMP
>
>
> > Hello everyone,
> >
> > this is one of the topics that I still can't find _complete_
>information on.
> > If someone has _complete_ information (not partial) that you are
>100% sure
> > of could you please share it with me. I need to know exactly the
> > source/destination udp/tcp ports and types of communication
>(REQUEST,
> > RESPONSE, INFORM, TRAP) for SNMP traffic between a network device
>configured
> > with "snmp-server community" and "snmp-server host" commands and an
>HPOV
> > server (or other management station). I need to know what devices
>use
> > 161,162 UDP/TCP and in what situations. Here is what my
>understanding:
> >
> > HPOV will send REQUEST to Router's UDP161
> > Router will send RESPONSE from port UDP161
> > HPOV will send a TRAP to Router's UDP162
> >
> > When is TCP used?
> > What additional traffic is added with "snmp-server host" command?
> >
> > Thank you and have a great day
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:16 GMT-3