4. Introduction to MultiNet and TCP/IP Concepts

 

This chapter presents a brief description of MultiNet and general concepts useful for understanding the MultiNet software and TCP/IP networking.

What is MultiNet?

MultiNet is a collection of software that conforms to the set of internationally accepted standards for information exchange known as the TCP/IP protocol suite. The MultiNet software permits your VMS system to interact with other systems running TCP/IP software including PCs, Apple Macintosh systems, UNIX systems, and many others. Because TCP/IP is used on the Internet, using MultiNet lets you communicate locally, or globally with millions of other users and information services.

MultiNet provides applications, configuration tools, and programming libraries that make access to TCP/IP understandable and straight-forward. Whether your system serves one user or thousands of users, MultiNet gives all users access to a wide range of features that extend their use of the network and increase their productivity.

MultiNet works with the OpenVMS Operating System on the VAX, Alpha, and Itanium architectures. On the VAX architecture, MultiNet works with VAX/VMS 5.2-2 and later and OpenVMS VAX 6.1 or later. On the Alpha architecture, MultiNet works with OpenVMS AXP 6.2 and later.  On the Itanium architecture, MultiNet works with OpenVMS IA64 8.2 and later.  MultiNet is distributed on CD-ROM.

MultiNet for Users

With MultiNet, users can:

·         Send electronic mail to and receive electronic mail from other computer systems using SMTP extensions to OpenVMS Mail and ALL-IN-1 mail.

·         Access the Internet and other information services.

·         Log into remote systems using TELNET, RLOGIN, or SSH.

·         Execute commands on remote systems using RSHELL or SSH.

·         Transfer files between local and remote systems with FTP, RCP, TFTP, SCP, and SFTP.

·         Print files and manage print jobs on remote systems with the LPD and LPRM utilities.

·         Talk to other users interactively with the TALK utility.

·         Display information about other sites and users with the FINGER, RUSERS, and WHOIS utilities.

·         Read online information about MultiNet using the DCL HELP facility.

MultiNet for System Managers

With MultiNet, system managers can:

·      Configure devices and services easily with command line-based configuration utilities.

·      Provide IP connectivity for a variety of networking environments including IP-over-DECnet, Ethernet, FDDI, PPP, SLIP, and X.25.

·      Provide other networking connectivity over IP, including DECnet-over-IP.

·      Provide access to NFS-mounted file systems with the MultiNet NFS software.

·      Change the current configuration dynamically by modifying logical name definitions or by using the NETCONTROL utility.

·      Provide security for logging into systems across the network with Kerberos and SSH software.

·      Create and access name servers with DNS (Domain Name System) software.

·      Configure dynamic routing with the GATED service which supports routing protocols such as RIP, BGP, and others.

·      Manage remote printing to print servers or to printers connected to the network with the LPD and stream client software.

·      Provide remote access to local OpenVMS printers with the LPD server software.

·      Provide electronic mail services with the SMTP and POP protocols; MultiNet provides SMTP enhancements for Message Router (MR), OpenVMS Mail, and ALL-IN-1.

·      Access local and remote CD-ROMs, DATs, and conventional magnetic tape devices with the RMTALLOC utility.

·      Synchronize system clocks from a central time server with NTP software and provide time updates to other hosts on the network.

·      Provide binary compatibility with HP TCP/IP Services for OpenVMS (formerly called UCX) to support Hewlett-Packard and third-party applications such as TeamLinks, DECmcc, and applications written to use DCE for OpenVMS.

·      Diagnose system problems and messages with the CHECK, PING, TCPDUMP, TCPVIEW, TRACEROUTE, and X11DEBUG utilities.

·      View online information using either the DCL HELP facility.

·      Access RFCs on the MultiNet CD-ROM consolidated distribution.

MultiNet for Programmers

With MultiNet, programmers can:

·         Program with socket library routines.

·         Work with a $QIO interface.

·         Program with RPC library routines.

·         Access sample programs and user exits that can be used to provide additional security and to customize other services (such as printing).

TCP/IP Concepts

This section describes some of the basic concepts of TCP/IP networking.

Physical Networks

Physical networks are the cables and associated wiring components that link computers to one another for network communications. Common physical networks are Ethernet, Token Ring, FDDI (Fiber Distributed Data Interface), point-to-point links, and telephone with modems.

LAN (Local Area Network) Hardware Addresses

Network interface board manufacturers assign a unique hardware (physical) address to each interface board they produce. These hardware addresses are burned into the circuit at the time of manufacture, but can usually be overridden later by a network administrator, if desired.

A hardware address is usually composed of six numbers, one for each octet or eight-bit byte in the address value, separated by colons, such as 00:DD:A8:13:48:C5. The first three octets identify the manufacturer, while the remaining three octets are unique to the board.

Hardware addresses identify individual interfaces and aid in fast and efficient delivery of packets on the physical network.

IP Addresses

IP addresses identify hosts or interfaces on an IP network. An IP address consists of four numbers, one for each octet or eight-bit byte in the address value. IP addresses are written in dotted-decimal format, such as 10.1.2.3.

An IP address has two basic parts:

·         A network number

·         A host number

Traditionally, the portions of the address that identify the network and host were determined by the class of the network:

Class A networks

Class A addresses are identified by a value from 1 to 127 in the first octet, such as in 26.1.1.1. In class A addresses, the first octet identifies the network, while the three remaining octets identify the host. For example, IP address 26.1.1.1 identifies host 1.1.1 on network 26.

Class B networks

Class B addresses are identified by a value from 128 to 191 in the first octet, such as in 161.1.1.1. In class B addresses, the first and second octets identify the network, while the remaining two octets identify the host. For example, IP address 161.1.1.1 identifies host 1.1 on network 161.1.

Class C networks

Class C addresses are identified by a value from 192 to 223 in the first octet, such as in 197.1.1.1. In class C addresses, the first three octets identify the network, while the remaining octet identifies the host. For example, IP address 197.1.1.1 identifies host 1 on network 197.1.1.

 

With the introduction of subnet masks, the division between the network and host portions of an IP address has become much more flexible. See Subnet Masks for more information.

The network class determines the size of the network. A class A network can have 16,777,214 hosts, while a class B network can have 65,534 hosts, and a class C network can have only 254 hosts.

Subnet Masks

The original Internet addressing scheme made it possible for every host on a network to talk directly with every other host on the same network; other hosts were directly accessible if they used the same network number. In class A and class B networks, where very large numbers of hosts with the same network number are available, this scheme is no longer realistic because the underlying physical networks are constrained by bandwidth considerations. Ethernet and Token Ring networks cannot accommodate thousands or hundreds of thousands of hosts in a single, flat network space.

Subnet masks allow you to create multiple smaller networks from host addresses. For example, a class A network can be partitioned into class C subnetworks. These smaller, internal networks are called subnets. Subnet addresses are not exposed outside of the network; all changes to accommodate the additional addresses are handled internally. This simplifies routing information for the network and minimizes the amount of information the network must advertise externally.

Inside the network, you determine how to reallocate addresses by choosing how many bits of the host portion of each address are used as the subnet address and how many bits are used as the host address. You use subnet masks to divide the existing addresses into network and host portions. The subnet mask identifies how much of the existing address can be used as the network portion. The underlying physical network must also be divided into smaller, physical subnets when using a subnet mask to create subnets.

The following example illustrates how to create class C subnets from a class B network address:

The class B network address 161.44.0.0 can be divided by reallocating the first 24 bits of the 32-bit IP address to subnet addressing using the netmask 255.255.255.0. This reallocation allows you to use 161.44.1.0, 161.44.2.0, and so forth, up to 161.44.254.0 as network addresses. All traffic bound for any IP address beginning with the 16-bit network portion 161.44 will be routed to your site where internal routers handle subnetwork addresses. Valid addresses on the internal network, such as 161.44.4.42 and 161.44.224.12, can be reached from anywhere on the Internet; final delivery is handled by the routers on the individual physical subnets that contain the hosts associated with those addresses.

Broadcast Addresses

A system uses broadcast addresses to send information to all hosts on the network. Packets addressed to the network broadcast address are transmitted to every host with the same network number as the broadcast address. Broadcast packets are routinely used by the network to share routing information, field ARP requests, and send status and informational messages.

There are two common conventions used for broadcast addresses. The old convention, which older versions of SunOS and Berkeley UNIX BSD use, implements a broadcast address as the network portion of the address followed by all zeros. Using this convention, the broadcast address for the network 161.44 is 161.44.0.0. The new convention, which MultiNet and most other TCP/IP implementations use, implements a broadcast address as the network portion of the address followed by binary ones in all host portions of the address. In this scheme, the broadcast address for network 161.44 is 161.44.255.255.

If the network contains subnets, the broadcast address is relative to the local subnet. For example, host 128.44.12.1 with a subnet mask of 255.255.255.0 has an IP broadcast address of 128.44.12.255.

Host Names

Most sites assign host names to each system on the network because names are easier to remember than IP addresses. On a small, locally contained network, a host name may be only one word, such as WILLOW. However, on larger networks or on networks connected to the Internet, names are longer and denote a place in the organization and ultimately on the Internet. These longer, more detailed names are called fully qualified host names or fully qualified domain names (FQDNs). An example is BIGBOOTE.EXAMPLE.COM, where BIGBOOTE is the individual host (or system) name, EXAMPLE identifies the organization to which it belongs, and COM indicates this organization is involved in commerce on the Internet.

TCP/IP Operation

The following steps present a highly simplified view of the events that occur during successful network communication.

1.       Using the appropriate application, such as electronic mail, a user initiates communication to another system, identifying the remote system by name, such as BIGBOOTE.EXAMPLE.COM.

2.       The application asks for the IP address of the system identified as BIGBOOTE.EXAMPLE.COM.

3.       Using either DNS or host tables, the IP address of BIGBOOTE.EXAMPLE.COM is determined.

4.       A connection is established using a three-way handshake.

5.       Application information is organized into packets for transmission across the network.

6.       The MTU (Maximum Transmission Unit) of the physical network is determined; if necessary, the packets are fragmented before being sent to the network interface card for delivery.

7.       The hardware address of the next host (or hop) in the route to the target host is determined.

8.       Each host along the route receives the packets and forwards them to the next hop in the route.

9.       Once the packets arrive at the destination, they are reassembled in the appropriate order and delivered to the appropriate application. Some protocols acknowledge receipt of the packets to the sending host.

 

Basic TCP/IP Protocols

Networking protocols ensure reliable delivery of information from one host to another.

This section describes several of the more important TCP/IP protocols.

·         IP (Internet Protocol)

·         IPv6 (Internet Protocol V6)

·         TCP (Transmission Control Protocol)

·         UDP (User Datagram Protocol)

·         SLIP (Serial Line Internet Protocol)

·         PPP (Point-to-Point Protocol)

IP (Internet Protocol)

IP (Internet Protocol) is the networking protocol used to deliver data packets from one computer to another. The computers may reside on different networks as long as information can travel between them.

The IP layer in a TCP/IP stack is responsible for:

Routing data packets from one system to the next until they reach their destination

When a packet is received, the IP layer examines its routing and interface tables to see if the IP address of the destination host is one of its own IP addresses or a broadcast address. If the destination IP address is the same as the local IP address, IP passes the packet to the TCP or UDP layer.

If the IP address does not belong to this host and is not a broadcast address, the IP layer determines the next hop in the route. If this host is configured as a router, it forwards the packet to the next hop. If this host is not configured as a router, it discards the packet.

Discovering the MTU

The MTU (Maximum Transmission Unit) is the size of the largest packet that can be sent along the physical network. The MTU depends on the type of physical network being used. For example, a typical MTU for Ethernet networks is 1500 bytes, while a typical MTU for FDDI is 4352 bytes.

When the IP layer receives a packet to send, it determines which route it will use to forward the packet and obtains that route's MTU.

Fragmenting and reassembling packets

If a packet is larger than the MTU, the IP layer is responsible for breaking the packet into smaller pieces or fragments that travel along the network. A fragment can be further fragmented as required by the next segment of the network.

All reassembly occurs at the destination, where the IP layer is responsible for putting all the fragments together in the right order before passing the packets on to the TCP or UDP layer.

 

IPv6 (Internet Protocol Version 6)

IPv6 is an advancement on IP (v4) which supports a larger address space and has various efficiency and security improvements.  It has the same responsibilities that IPv4 does in the stack and can be used by the TCP or UDP layer.

TCP (Transmission Control Protocol)

TCP (Transmission Control Protocol) provides a reliable mechanism for delivery of information to remote hosts.

On the sending host, the TCP layer of the TCP/IP stack is responsible for:

·         Organizing the information sent by the application into segments (the amount of data that will fit into an IP datagram)

·         Specifying the endpoints (ports) of the connection with the remote host

·         Establishing a connection with the remote host

·         Ensuring the remote host acknowledges packets that have been sent within a specified time

On the receiving host, the TCP layer of the TCP/IP stack is responsible for:

·         Acknowledging received packets

·         Organizing the packets into the correct sequence upon receipt from the sending host

·         Forwarding the packets to the application using the specified port

TCP requires more overhead than UDP but provides reliable delivery of packets to the remote host.

UDP (User Datagram Protocol)

Applications can also use UDP (User Datagram Protocol) to deliver information to a remote host.

The UDP layer of the TCP/IP stack is responsible for:

·         Organizing the information to be sent into a packet called a datagram

·         Using a port to identify the program on the remote host to which the datagram is to be sent

·         Verifying that the datagram contains the correct IP source and target addresses

UDP does not verify the successful delivery of packets to the target host. As a result, UDP requires less overhead than TCP. To accommodate this lack of verification, applications that use UDP often provide their own mechanisms for ensuring messages reach the target host in the correct sequence when required.

SLIP (Serial Line Internet Protocol)

SLIP (Serial Line Internet Protocol) allows the transmission of IP packets over serial lines. SLIP can be used over a direct connection between the serial ports of two systems, or over telephone lines with modems.

PPP (Point-to-Point Protocol)

Like SLIP, PPP (Point-to-Point Protocol) allows the transmission of IP packets over serial lines. PPP is a more versatile protocol than SLIP, and contains functionality that SLIP does not, such as:

·         The ability to share the serial line with other protocols

·         Error detection

·         Support for both synchronous and asynchronous communication

·         Dynamic configuration

·         Negotiation of parameter values

·         Support for different user-authentication protocols

While PPP is a more versatile serial-line protocol than SLIP, it is not available with all TCP/IP implementations.

Dynamic Configuration Protocols

To communicate with the rest of the network, a host must have an IP address. However, some systems do not have the hardware to permanently store an IP address. In addition, computers frequently share IP addresses when there are more computers than IP addresses, or when IP addresses are used only temporarily. For these situations, there are three dynamic configuration protocols: RARP, BOOTP, and DHCP.

RARP (Reverse Address Resolution Protocol)

RARP (Reverse Address Resolution Protocol) sends IP addresses to workstations that broadcast RARP requests containing their hardware addresses. RARP supplies IP addresses only and is commonly used by diskless workstations to determine their Internet addresses.

BOOTP (Bootstrap Protocol)

BOOTP (Bootstrap Protocol) lets a host receive an IPv4 address and other configuration information from a BOOTP server on the network. BOOTP often specifies a bootstrap file for a client system to download, normally via TFTP (Trivial File Transfer Protocol). BOOTP lets systems that have no hard disk retrieve the information necessary to access their bootstrap file.

DHCP (Dynamic Host Configuration Protocol)

DHCP (Dynamic Host Configuration Protocol) builds upon the BOOTP protocol by letting a system receive all of the information necessary to function as a host on the network directly from a DHCP server. Unlike BOOTP, which only provides for permanent IPv4 addresses, DHCP supports three different mechanisms for allocating IPv4 addresses:

Automatic

Hosts requesting an IPv4 address receive a permanent IPv4 address

Dynamic

Hosts requesting an IPv4 address receive a temporary IPv4 address

Manual

IPv4 addresses are manually configured and DHCP delivers the assigned addresses to requesting hosts

 

Routing

Routing is the process of selecting the path that data packets take to reach their destination. Routing can be as simple as delivering packets to another host on the same network (direct routing), or it may involve forwarding packets to routers on the way to the destination network. This section explains the basics of IP routing.

IP routing determines how to forward packets to a destination host. When a packet is forwarded to a local host (that is, a host on the same network), routing is direct; if the packet must be forwarded through one or more routers to reach its destination, the route is indirect.

Routing information for indirect routes is stored in a table of IP and router address pairs. Information in the routing table can be specified in three ways:

Static routes

Static routes are used to specify routing information explicitly. They are usually easy to maintain, but they provide no mechanism to respond automatically to changing environments.

Default routes

Default routes are used when a host has no specific route for the destination host or network in its routing table. If data cannot be delivered directly (because the routing table has no entry for the destination host or network), the data is forwarded to the default router.

Dynamic routing

Dynamic routing can use a service such as GATED to exchange routing information between cooperating systems. The protocols used to exchange information are RIP (Routing Information Protocol), EGP (Exterior Gateway Protocol), HELLO (DCN Local Network Protocol), and BGP (Border Gateway Protocol).

 

The following sections describe routing tables and GATED in more detail.

The Routing Table

The routing table stores information about the routes that hosts can use to reach other hosts on the network or Internet. The routing table entries can be configured statically by the system manager, or dynamically by a program such as GATED.

·         Static entries are established by manually entering information. Once a static routing table is established, you must update the table as changes occur.

·         Dynamic entries are generated from information provided by a routing protocol (such as RIP) which collects information from other routers to populate the table. Dynamic routing solutions automatically share information and update the table as routing information changes.

The routing table is designed to supply the next hop address (which is always local) for data bound for other networks. The routing table never contains information about routers beyond the local network segment, nor does it contain information about how to reach individual host addresses (although it can contain host-specific entries). Routers always forward data to networks until the destination network is the local network. When the data arrives at the destination network, it is forwarded directly to the appropriate host.

Host-specific routes are special routing table entries that specify which router to use when data is bound for a specific remote host. Host-specific routes are frequently used to test new routers or to implement network security procedures.

Router Discovery

Router discovery is a method of finding a router when no default route entry exists in the routing table. When booting, a host using router discovery broadcasts a message asking for available routers. The available routers reply with a message indicating their address. The host adds the information to its routing table and sets the default route based on advertisements from routers on the local network automatically. Local routers must also support RDISC (Router Discovery protocol).

Under IPv6 Router Discovery is performed by the RTSOLD program after line initialization.

GATED

GATED can both learn and advertise known routes, allowing for automatic handling of network configuration changes and automatic selection of the best available route. Other routers on the local network must also support at least one of the protocols used by GATED (EGP, BGP, RIP, and HELLO). GATED only supports IPv4 routing.

DNS (Domain Name System) and Host Tables

DNS (Domain Name System) and host tables are two methods of mapping between host (computer) names and their IP addresses. When you specify a host by name, DNS or host tables are used to map the host name to its IP address. The host name can be local to your organization or anywhere in the world, if your site is connected to the Internet. DNS and host tables can also be used to map IP addresses to host names.

DNS (Domain Name System)

TCP/IP applications use DNS to convert host names to IP addresses, and vice versa. This conversion is called resolving.

A DNS resolver sends requests to another computer, called a DNS server, to resolve names into IP addresses. The DNS resolver can also send requests to the DNS server to resolve IP addresses to names.

DNS servers store host name and IP address information. If your computer needs information that is not on one DNS server, the server automatically requests the information from other servers.

Domains

In DNS terminology, a domain is a group of computers. The domain administrator determines which computers are in the domain. A domain name identifies a domain and consists of words separated by dots. An example of a domain name is EXAMPLE.COM.

The parts of a domain name are created by the domain administrator or may be special words used on the Internet. Domain names can pertain to a site, an organization, or to types of organizations.

When read right to left, the first word in the domain name is the top-level domain which identifies the function of an organization or specifies a country name code. In the name EXAMPLE.COM, .COM indicates an organization engaged in commerce. The top-level domain can also indicate a country, such as .FR for France, or .IT for Italy. The name of the organization is to the left of the top-level domain, such as EXAMPLE. Any words to the left of the top-level domain are called subdomains. The left-most word in the domain name is the host name. For example, in BIGBOOTE.EXAMPLE.COM, BIGBOOTE is a host in the EXAMPLE.COM organization.

Domains and subdomains are organized in a hierarchical tree structure. Just as the root directory in VMS is expressed as an implicit 000000., the root directory in DNS is expressed as a dot (.). Domains are analogous to directories; subdomains are analogous to subdirectories within directories.

Top-level domains such as .ORG, .COM, and .EDU exist in the United States. Other countries group their domain names below their two-letter country code. Domains grouped under country codes include domains such as .CO for commercial and .AC for academic. In the United States, .US is occasionally used instead of another top-level domain name. Subdomains may provide additional geographic information, such as .PALO-ALTO.CA.US.

DNS Server

A DNS server is any computer running DNS software that lets it communicate with other DNS servers and store address information for later retrieval. DNS servers are also called name servers. Name servers cache (store) domain name information in memory for faster retrieval. Your network administrator provides the IP address of the name server on your network. Hosts implementing DNS come in five varieties:

Root name server

A root name server provides information about the start or base of the domain name tree. A root name server delegates authority to other primary name servers for the top-level domains such as .COM, .EDU, .US, .IT, etc. A root name server usually also handles those domains just below the root.

Primary name server

A primary name server has authority over one or more domains or subdomains. A primary name server reads information about the domain over which it has authority from the zone file, a special file that describes information about the domain and the hosts in that domain.

Secondary name server

A secondary name server for a domain receives information updates from the primary name server for that domain at regular intervals, and stores this information on disk. A secondary server is also authoritative for the domain.

Caching-only name server

A caching-only name server is not authoritative for any domain. If a caching-only name server cannot resolve a request, it forwards the request to an authoritative name server for that domain and caches the results for future use.

Resolver

A resolver sends requests for resolution to a DNS server. Any name server that can handle the request returns the response.

 

Host Tables

If DNS is not configured on your network, you can configure MultiNet host tables to resolve names and addresses. Like DNS, host tables also map between IP addresses and host names; unlike DNS, however, the information is stored locally on your computer and must be updated manually. Using host tables, you must ensure that every host name you specify while running TCP/IP applications is listed with its IP address. Whenever a change occurs on the network, such as when a new computer is added that you need to access, you must add the information to the host table. With the growth of the Internet, maintaining host tables for it has become practically impossible.

When you add or modify a host table entry, you specify the host name, the IP address, an optional description, and one or more optional, alternative names (aliases) for the host.

Using DNS and Host Tables Together

If you are using DNS, you may also want to use host tables. This is useful for temporary situations, such as when a new computer is added to the network, but has not yet been added to DNS.

The advantage of using DNS and host tables together for name resolution is that your system can access other systems even if the DNS server is not running or if the network is down. If you maintain entries in the host table for your local network, you can continue communicating with local systems until the DNS server or network is restored.

Warning!: It is crucial to keep your host table entries synchronized with the DNS information.

ARP (Address Resolution Protocol)

Before hosts can communicate with each other, the sending host must discover the hardware address of the receiving host.

Hardware addresses are unique numbers (for example, 00:DD:A8:13:48:C5) assigned to network interface boards by their manufacturers or by network administrators.

ARP (Address Resolution Protocol) discovers the hardware address corresponding to a specific IP address and dynamically binds the hardware address to the IP address.

ARP is a low-level protocol that lets network administrators assign IP addresses to hosts on a network as they see fit. There is no need to match the addresses to those on the physical network because ARP handles this process dynamically.

An ARP mapping (also called a translation) provides the correct delivery address (that is, the hardware address) on the network for data destined for an IP address. ARP mappings are stored in a table in memory known as the ARP cache.

When data is to be delivered to a local IP address (an IP address on the same physical network), the TCP/IP stack broadcasts an ARP request to all hosts on the local network segment. The request message asks all hosts if the IP address belongs to them. If the IP address belongs to a host on the local network segment, that host adds its hardware address to the packet and returns it to the sender. All other hosts on the network discard the request. The ARP cache stores the address resolution information returned and makes it available each time network data is bound for that IP address.

Old mappings are deleted from the ARP cache automatically after a short period of time. Old mappings are also deleted automatically when they no longer work (that is, when new, correct mappings become available).

 

Neighbor Discovery

Neighbor Discovery is the IPv6 mechanism for mapping an IPv6 address to a hardware interface address.  It works in similar ways to ARP does for IPv4, though it has improvements to reduce the impact on nodes other than the one that the address is being resolved for.  Neighbor Discovery is also used as part of the Duplicate Address Detection portion of the autoconfiguration of interfaces.

 

SNMP (Simple Network Management Protocol)

SNMP (Simple Network Management Protocol) allows you to manage remote hosts on a network (for example, routers, hubs, and workstations). Both the network management host and the managed hosts (called agents) must follow the SNMP rules. Because SNMP is an open standard, you can mix and match network management hosts and agents from different vendors.

SNMP maintains information about your workstation in a management information base (MIB).

SNMP Traps

One of the main uses of SNMP is to make it easy to keep track of important events that occur on the managed network. To help automate network management, SNMP agents automatically send messages called traps to the network management host when certain events occur. For example, your workstation sends a trap when you reboot it.

One important type of SNMP trap is the authentication failure trap. Because SNMP network management hosts have access to sensitive configuration settings for the hosts on a managed network, it is important for network administrators to guard against breaches in network security that involve illegitimate use of SNMP messages.

For this reason, every SNMP message must be authenticated by network management hosts and SNMP agents using passwords called communities. If your agent receives an SNMP message that contains an incorrect community name for the type of operation requested, your agent sends a message to a network management host. This message contains information about the request your agent received:

·         What the message requested

·         Why your agent would not fulfill the request

SNMP Communities

An SNMP community is a type of password used by the SNMP network management host and SNMP agents to ensure that only known and trusted hosts can send SNMP messages to and receive SNMP messages from each other. Every SNMP message includes a community name, so every message can be validated. There are three types of community names:

Read

The network management host must use the correct read community name when asking your SNMP agent to send it information about your host.

Write

The network management host must use the correct write community name when asking your SNMP agent to change some characteristic about your configuration.

Trap

If certain events happen in your workstation (for example, when you reboot your host, or when a network management host sends an SNMP message that contains the wrong read or write community name), your SNMP agent sends a trap message to a network management host. If your trap message is to be handled, the trap community name you send must match the name known to the target network management host.