This is a discussion on Re: snmp version - SNMP ; On 19/04/2008, snmp girl wrote: > I am being confused , when should i use v1 or v 2c or even v3? You should use SNMPv3 when you are concerned about security. This version includes an authentication mechanism which ensures ...
On 19/04/2008, snmp girl
> I am being confused , when should i use v1 or v 2c or even v3?
You should use SNMPv3 when you are concerned about security.
This version includes an authentication mechanism which ensures
that a request or response has been sent from the system you
expect (i.e. protects against spoofing), and hasn't been altered
in transit (i.e. protects against tampering).
It also includes an encryption mechanism, so that requests
or responses can't be viewed en route.
Neither SNMPv1 nor SNMPv2c provide any such guarantees.
The only "security" (such as it is) is in the use of a supposedly
unknown community string (although this could be determined
by capturing network traffic), and in the source address of the
request (although this could be forged).
The main difference between SNMPv1 and SNMPv2c is in
the protocol operations. The basic operations are mostly
the same (Get/GetNext/Set/Trap), but SNMPv2c
offers two more (GetBulk - a supercharged GetNext,
and Inform - a Trap+acknowledgement).
SNMPv2c also introduced improved error reporting for GET*
and SET requests.
If both the client and the agent you are using support SNMPv2c,
this is generally preferable to SNMPv1, particularly with
unsuccessful requests. But there's really not much
difference between them.
SNMPv3 gives you a lot more security (as in some, rather
than none!), but is somewhat more complex to set up and
> what can be changed if I send a trap with using v1 instead of v 2c ?
The structure of an SNMPv1 trap is significantly different to that
of SNMPv2. But the basic information contained is much the same.
If your trap receiver understands SNMPv2c, then I'd be inclined to
stick with that - it's conceptually slightly simpler.
But fundamentally, the first question is always what version(s)
the software that you are using understands. If you're just using
Net-SNMP programs, you have a choice of all three. But some
systems may only understand SNMPv1 or (perhaps less likely)
only SNMPv3, or some other combination.
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
Net-snmp-users mailing list
Please see the following page to unsubscribe or change other options: