[개발관련] SNMP walk, bulkwalk 비교

snmpwalk 와 snmpbulkwalk의 차이가 궁금하여 알아보았다

결론.
snmpwalk= snmp get-next-request 와 response 의 반복
snmpbulkwalk = getBulkRequest 와 response의 반복

.1.3.6.1.5.1.2021.4 (memory mib)

OID 1.3.6.1.4.1.2021.4 memory reference info

 

snmp walk
-응답 받은 다음 oid를 다시 get-next-request 한다.
-get-next-request는 다음(next) oid 를 응답 받는다.
-snmp walk 는 next oid가 있을 때까지 요청을 반복하는 것. 단, 하나 씩 받기 때문에 요청/응답 횟수가 많다.
-bulkwalk 응답에는 있지만 walk에는 없는 oid 가 몇 개 있다.

(wireshark 필터, udp.port==161 || udp.port==162)

no	src	dst	protocol	length	info
1	{manager IP}	{agent IP}	SNMP	84	get-next-request 1.3.6.1.4.1.2021.4
	{agent IP}	{manager IP}	SNMP	87	get-response 1.3.6.1.4.1.2021.4.1.0
2	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.1.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.2.0
3	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.2.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.3.0
4	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.3.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.4.0
5	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.4.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.5.0
6	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.5.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.6.0
7	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.6.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.11.0
8	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.11.0
	{agent IP}	{manager IP}	SNMP	88	get-response 1.3.6.1.4.1.2021.4.12.0
9	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.12.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.13.0
10	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.13.0
	{agent IP}	{manager IP}	SNMP	88	get-response 1.3.6.1.4.1.2021.4.14.0
11	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.14.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.15.0
12	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.15.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.18.0
13	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.18.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.19.0
14	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.19.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.20.0
15	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.20.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.21.0
16	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.21.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.22.0
17	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.22.0
	{agent IP}	{manager IP}	SNMP	88	get-response 1.3.6.1.4.1.2021.4.23.0
18	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.23.0
	{agent IP}	{manager IP}	SNMP	89	get-response 1.3.6.1.4.1.2021.4.24.0
19	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.24.0
	{agent IP}	{manager IP}	SNMP	88	get-response 1.3.6.1.4.1.2021.4.25.0
20	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.25.0
	{agent IP}	{manager IP}	SNMP	90	get-response 1.3.6.1.4.1.2021.4.26.0
21	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.26.0
	{agent IP}	{manager IP}	SNMP	87	get-response 1.3.6.1.4.1.2021.4.100.0
22	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.100.0
	{agent IP}	{manager IP}	SNMP	86	get-response 1.3.6.1.4.1.2021.4.101.0
23	{manager IP}	{agent IP}	SNMP	86	get-next-request 1.3.6.1.4.1.2021.4.101.0
	{agent IP}	{manager IP}	SNMP	88	get-response 1.3.6.1.4.1.2021.10.1.1.1

snmpbulkwalk
-같은 oid 에 대한 요청이 3번 만에 끝났다.
-response가 덩어리(bulk) 로 온다. 
-10개씩 덩어리로 묶어서 응답을 하는 것으로 보인다.
-직전 응답의 마지막 oid를 요청 oid 로 사용하는 것으로 보이며, 그 다음 10개의 oid 묶어서 응답 받는 것 같다.

(wireshark 필터, udp.port==161 || udp.port==162)

no	src	dst	protocol	length	info
1	{manager IP}	{agent IP}	SNMP	84	getBulkRequest 1.3.6.1.4.1.2021.4
	{agent IP}	{manager IP}	SNMP	263	get-response 1.3.6.1.4.1.2021.4.1.0 1.3.6.1.4.1.2021.4.2.0 1.3.6.1.4.1.2021.4.3.0 1.3.6.1.4.1.2021.4.4.0 1.3.6.1.4.1.2021.4.5.0 1.3.6.1.4.1.2021.4.6.0 1.3.6.1.4.1.2021.4.11.0 1.3.6.1.4.1.2021.4.12.0 1.3.6.1.4.1.2021.4.13.0 1.3.6.1.4.1.2021.4.14.0
2	{manager IP}	{agent IP}	SNMP	86	getBulkRequest 1.3.6.1.4.1.2021.4.14.0
	{agent IP}	{manager IP}	SNMP	266	get-response 1.3.6.1.4.1.2021.4.15.0 1.3.6.1.4.1.2021.4.18.0 1.3.6.1.4.1.2021.4.19.0 1.3.6.1.4.1.2021.4.20.0 1.3.6.1.4.1.2021.4.21.0 1.3.6.1.4.1.2021.4.22.0 1.3.6.1.4.1.2021.4.23.0 1.3.6.1.4.1.2021.4.24.0 1.3.6.1.4.1.2021.4.25.0 1.3.6.1.4.1.2021.4.26.0
3	{manager IP}	{agent IP}	SNMP	86	getBulkRequest 1.3.6.1.4.1.2021.4.26.0
	{agent IP}	{manager IP}	SNMP	272	get-response 1.3.6.1.4.1.2021.4.100.0 1.3.6.1.4.1.2021.4.101.0 1.3.6.1.4.1.2021.10.1.1.1 1.3.6.1.4.1.2021.10.1.1.2 1.3.6.1.4.1.2021.10.1.1.3 1.3.6.1.4.1.2021.10.1.2.1 1.3.6.1.4.1.2021.10.1.2.2 1.3.6.1.4.1.2021.10.1.2.3 1.3.6.1.4.1.2021.10.1.3.1 1.3.6.1.4.1.2021.10.1.3.2

 

명령어로 확인할 수 있는 oid 항목은 동일하다.

snmpwalk 와 snmpbulkwalk 결과 비교. 가지고 오는 값의 항목은 동일하다.

 

한편, snmpget 명령어의 경우 get-request를 하고 요청했던것과 동일한 oid를 응답 받는다.

snmpget 명령어 wireshark

 

snmp 메소드에 대해 RFC 를 참조 해보자.

RFC 3416: Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP)

 

rfc1157

 

 

*snmp set 을 이용한 스위치 rule, condition, action 설정 및 수정이 가능하다
# snmpset {set oid}.{oidvlue문자length}.{한 문자 씩 '.'으로 구분한 askii} value
(옆 회사에 놀러갔다가 재밌는 것을 알게 되었다.)