SNMP

SNMP stands for Simple Network Management Protocol

SNMP used to monitor Network Element performance and also used to remotely modify the configuration of the Network Elements.

This was initially developed for monitoring the Network routers and switches, eventually it has been used to monitor wide variety of hardware devices like windows and linux machines, printers and Inverters etc.. 

There are two important terminology been used in SNMP world, they are

OID (Object Identifier)

Everything on the Device which can be monitored will have an Identifier which is called OID, these are represented in the form of numbers separated by period.

OID: 1.2.40...56

we can think of it like an IP address for a machine, unlike IP, OID is an identification of the things we can monitor for a given device.

when SNMP client wants to monitor total number of packets transferred through a given router, client will send the OID for "TotalTraffic" to the router and get the number of packets routed in response.

MIB (Management Information Base)

MIB is a word representation of an OID/OID's. we can easily remember MIB since it is represented in words rather than sequence of number like OID.

we can always send OID's instead of MIB, but MIB makes the life easy to remember the basic SNMP commands and do not have to remember OID for each of the device since most of the basic OID's comes in wrapped with a MIB

For example if we want to know the up time of a switch, router or linux machine, we just have to send MIB

sysuptime.0

instead of remembering 3 different OID to get the response from 3 different NE's it is good enough to remember just one MIB. The best way to know different supported OID and MIB is referring the device user manual.

Network Monitoring applications send 

SNMP Polling request to port 161 to connect to the device and request value for a OID or MIB.

in response NE will Notify Network Monitoring application with the values to port 162. these messages also called traps, Notification or informs

There are 3 versions of SNMP v1, v2c and v3. major difference between v1,v2c and v3 are

• v3 is more secured compared to other two.
• in v1 and v2c we do not have to send username, we just have to pass in "Community String" to connect to the NE.
• but in v3 it is mandatory send username and password. again NE should be supporting v3. majority of the old NE are still on v1 or v2c.
• v1 and v2c does not entry the data while v3 support encryption

 

POP3, IMAP and SMTP

POP3 & IMAP

POP3 and IMAP are two different email protocols, these protocols used to retrieve emails from a email server.

lets say we have email client like outlook installed and it uses either of these two protocols to retrieve email from the mail server. the client can be installed on a computer, tablet or a mobile phone to access the emails from mail server by configuring either POP3 or IMAP.

there are few key differences between the two protocol

POP3 stands of Post Office Protocol 3

• This is simplest among the two, it only download the inbox mails from the server to clients inbox. it does not download any of the content from other folders on the server.
• By default it deletes the copy of the email from the server after successfully downloading it to the clients inbox.
• assume that we have two email clients accessing the same email account they can have different folders at client besides inbox.
• since the copy of the email gets deleted from the server, only one of the clients accessing the server will get the email other will miss it. however most of the email clients will have a setting to "leave the copy at the server" This helps other clients of the same account to access the same email from the server.

Pros

• we can access emails offline even if we dont have internet connection since the emails gets downlaoded and stored at the client side.
• saves storage space on the server, since the emails gets deleted on the server after it is download at the client by default.

Cons

• we need to have backup plan of storing the email and access the emails from different clients.
• client device has more vulnerable of viruses and hacks than the server. 

IMAP stands for Internet Message Access Protocol

• unlike POP3, IMAP syncup all the folders on the mail server at the clients. so every client will have same folders and custom folders besides inbox.
• it does not delete the copy of the email at the server so all the clients will be in sync at any given instance of time and gets caches at the client side.
• when we delete the mails from one client same emails gets deleted on the server and other client as well. because the all client cache gets refreshed all the time and in sync with the server.

Pros

• we can access the emails from multiple devices whether it is web email client or client software installed on the device
• all the folders are synchronized between the devices

Cons

• emails can not be viewed with out an internet
• however some of the client software "allows to down load the email" along with caching to access them offline.

TCP/IP vs UDP/IP

Internet Protocol (IP)

IP is a protocol or set of rules for routing and addressing the data traveling over network. so that the data can reach the correct destination.

Data transferred over network in the form of small packets, each device in the network will have dedicated IP address assigned. so each packet will be labeled with destination IP, this helps the routers to route the data to appropriate device.

each data packet header will have sender and receiver IP address along with 42 other information fields in bits to send the packet over.

few such fields are

• Header Length
• Packet Length
• TTL(Time To Live) or Number of Hops each packet can make before it discard packet.
• Transport Protocol information (TCP or UDP)

TCP/IP

TCP (Transmission Control Protocol) is a transport protocol, which means it dictate how the packet data needs to be transported. each packet data will have TCP header information attached along with IP header.

TCP guaranties the packet delivery and order of the packets between source and destination IP by following 3 way acknowledgement for each packet transmission. This is the reason TCP is slower than UDP. but most reliable transport protocol.

TCP is used in many places where packet loss is not compromised and order of the packets is important. like File Transfer, web pages (http) etc..

UDP/IP

UDP (User Datagram Protocol) is another widely used transport protocol. where speed is required over guaranty and order of packets. it is faster then TCP but less reliable.

UDP will have simple 8 byte header compared to 20 byte TCP header.

UDP is a connection less protocol meaning it will not establish a connection before sending or while receiving the packets. it will just keep sending the packetet and do not expect acknowledgement.

An example of a use of the UDP protocol is DNS queries. When you attempt to use your Web browser to access www.syngress.com, it must first resolve the name to an IP address. This would require a DNS query. The query is sent over a single UDP packet. The DNS server would then respond by telling the originating system the IP address of the Web server. Because the UDP response is faster than setting up a TCP session, UDP makes sense in these situations. Another example of using UDP is Voice over IP (VoIP), video and audio streaming. The downfall, of course, is the lack of reliability, so you may have to employ other methods to guarantee delivery.

TCP used in 80% of the network and the rest is UDP

What is API

API stands for Application Programming Interface

API is developed for exposing built-in services which can be reused anywhere in our application or can access from outside world.

Many of the functionalities are converted to API so that programmers do not have to re-code or re-build the same for using it in different parts of the applications.

one of the examples of the API is Graph API developed and made available by Facebook, Google and Microsoft etc..

If a developer wanted to upload a post from the mobile app they don't have to download Facebook SDK to build and upload in web. they can simply register the mobile app with Facebook and start using the GraphAPI which enables the programmer to do CURD operations like upload post, delete post and update post etc..

Microsoft and Google also provides similar Graph API to use their inbuilt services like O365 calendar, google calender etc.. with a simple RESTApi call. 

Example of simple API usage: lets assume that DAO layer in big application is developed as API and running a application server. all the CURD operations are exposed as API endpoints and can be accessed using RESTFull service call.

Now we can access this API from any where [where we have access to the host] and the client below could be developed in any language of our preference. 

API using in Micro Services:

We all know the pain points in maintaining Monolithic applications and advantages in converting them to Micro Services Module based architecture.

API is used as a gateway to access different modules in Micro Services Architecture. below flow depicts advantage in splitting one big application into different smaller modules and interact them using API.

There are different tools and frameworks available to generate template for API development. few popular frameworks are spirgboot(spring.io), swagger openAPI(editor.swagger.io), python Django and Falsk etc..

Conclusion:

API is used to expose the different functionalities to the outside world to access it over the internet. so it can be used to communicate between the modules developed in different languages with the application or it can be used to expose necessary services to the application running on whole different Network or organization.

This makes each module in the application lightweight and can be developed, test, deploy and maintain independently. It also brings both development and Operations close together and forms DevOps.

Though API has many advantages like saving development time and effort, easy of maintenance, speed in development and avoid production bugs. There are disadvantages as well, they would impose extra latency in exchange data over internet and API developers has to give top priority in building security around the applications.