IBM Tivoli Directory Integrator
The SNMP Server Connector supports SNMP v1. SNMP v2 is supported
without the SNMP v2 authentication and encryption features.
The Connector does not support SNMP TRAP messages.
The SNMP Server Connector operates in server mode only.
The transport protocol it uses is UDP and not TCP. UDP is an unreliable
transport protocol, and SSL cannot run on top of an unreliable transport
protocol. That is why the Connector cannot use SSL to protect the
transport layer.
The SNMP Server Connector (contrary to other Connectors in Server
Mode) uses DatagramSockets. That is why there is no notion of connection.
The SNMP Server Connector uses a single DatagramSocket which receives
SNMP packets from many different SNMP managers on the network.
In the getNextClient() method, the socket blocks on the receive()
method until an SNMP packet is received. Then, the Connector creates
a new instance of itself, passes the received packet to the child
Connector and returns the child Connector.
The getNextEntry() method extracts the SNMP request packet attributes
and sets them in the conn Entry, ready for
Input Attribute Mapping.
The replyEntry() method extracts the Attributes from the conn Entry and creates an SNMP response packet
and returns it to the client; the conn Entry
should be populated using Output Attribute Mapping.
The replyEntry() method uses the parent Connector's DatagramSocket
to send back the response. Since the parent Connector's DatagramSocket
is shared among all child Connectors the access to the DatagramSocket
is synchronized.
The SNMP Server Connector makes the following Attributes available
for Input Attribute Mapping:
- snmp.operation
- java.lang.String object, which represents the SNMP operation
invoked. The supported operation types are GET, GETNEXT and SET.
- snmp.community
- Defines an access environment for a group of Network Management
Systems (NMSs). NMSs within the community are said to exist within
the same administrative domain. Community names serve as a weak form
of authentication because devices that do not know the proper community
name are precluded from SNMP operations.
- snmp.remoteip
- IP address of the SNMP client (dot notation).
- snmp.errorcode
- Indicates one of a number of errors and error types. Only the
response operation sets this field. Other operations set this field
to zero.
- snmp.errorindex
- Associates an error with a particular object instance. Only
the response operation sets this field. Other operations set this
field to zero.
- snmp.request-id
- Associates SNMP requests with responses.
- snmp.PDU
- Protocol Data Unit. SNMP PDUs contain a specific command (Get, Set, etc.) and operands that indicate the object instances involved
in the transaction.
- snmp.oid
- OID is an address of a MIB structure, indicating a specific
variable or attribute to be read or modified in the target system.
A GET can contain a list of OIDs, while a SET can also include the
corresponding values to be set for those variables in the target system.
However, most SNMP deployments use only one OID per SNMP message.
- snmp.oidvalue
- Contains the corresponding value of one OID. This is a String
representation.
- snmp.oidvalue.raw
- Contains the corresponding value of one OID. This is an Object
representation.
The SNMP Server Connector uses the following parameters:
- UDP Port
- Specifies the UDP port on which the Connector (1) receives incoming
SNMP request packets and from which (2) sends SNMP response packets.
The default value is 161, which is the standard port for SNMP GET/SET
operations.
- Verify Community
- Specifies the SNMP Community name. SNMP Community names serve
as a weak form of authentication because devices that do not know
the proper community name are precluded from SNMP operations.
If
set, the Connector discards all messages not matching this community
string. If blank, the Connector allows all community strings.
The
default value is "public".
- Detailed Log
- If enabled, will generate detailed Log messages.