Ports/rules required by the snmpd service
SNMP operates at the application layer of the Internet protocol suite (layer 7 of the OSI model). The SNMP agent receives requests on UDP port 161. The manager can send requests from any available source port to port 161 on the agent. The response from the agent will be sent back to the source port on the manager. The manager receives notifications (Traps and InformRequests) on port 162. The agent can generate notifications from any available port. When used with Transport Layer Security requests are received on port 10161 and traps are sent to port 10162. SNMPv1 specifies five core protocol data units (PDUs). Two other PDUs, GetBulkRequest and InformRequest were added in SNMPv2 and carried over to SNMPv3.
All SNMP PDUs are constructed as follows:
- IP header
- UDP header community version
- PDU type
- Request-ID
- Status error
- Error rate
- Variable bindings
Generally, SNMP uses the following user datagram protocol (UDP) ports:
- 161 for the agent (the library)
- 162 for the manager (the host)
The following is the basic protocol for communications between the manager and the agent:
- The manager can send requests from any available port to the agent on port 161. The agent then replies to the requesting manager at that source port.
- The agent generates captures or notifications and sends them from any available port to the manager on port 162.