SNMPv1 and SNMPv2 use the notion of communities to establish trust between managers and agents. An agent is configured with three community names: read-only, read-write, and trap. The community names are essentially passwords; there’s no real difference between a community string and the password you use to access your account on the computer. The three community strings control different kinds of activities. As its name implies, the read-only community string lets you read data values, but doesn’t let you modify the data. For example, it allows you to read the number of packets that have been transferred through the ports on your router, but doesn’t let you reset the counters. The read-write community is allowed to read and modify data values; with the read-write community string, you can read the counters, reset their values, and even reset the interfaces or do other things that change the router’s configuration. Finally, the trap community string allows you to receive traps (asynchronous notifications) from the agent.

Most vendors ship their equipment with default community strings, typically public for the read-only community and private for the read-write community. It’s important to change these defaults before your device goes live on the network. (You may get tired of hearing this because we say it many times, but it’s absolutely essential.) When setting up an SNMP agent, you will want to configure its trap destination, which is the address ...