In the Name of the Most High SNMPv

In the Name of the Most High SNMPv 2 by Behzad Akbari Fall 2008 1

Overview SNMPv 1 was developed as an interim solution to an eventual adoption of OSI. This never came about: OSI was not as widely adopted as originally hoped. SNMPv 2, released in 1996, was basically major revisions added to SNMP. 2

SNMPv 1 n n n SNMPv 1 Protocol q RFC 1157 – Simple Network Management Protocol SMIv 1 Data Definition Language Full Standards: q RFC 1155 - Structure of Management Information q RFC 1212 - Concise MIB Definitions Informational: q RFC 1215 - A Convention for Defining Traps SMIv 1 MIB Modules Full Standards: q RFC 1213 - Management Information Base II q RFC 1643 - Ethernet-Like Interface Types MIB 3

SNMPv 2 n n SMIv 2 Data Definition Language Full Standards: q RFC 2578 - Structure of Management Information q RFC 2579 - Textual Conventions q RFC 2580 - Conformance Statements SMIv 2 MIB Modules Full Standards: q RFC 2819 - Remote Network Monitoring MIB q RFC 3411 - SNMP Framework MIB q RFC 3412 - SNMPv 3 MPD MIB q RFC 3413 - SNMP Applications MIBs q RFC 3414 - SNMPv 3 USM MIB q RFC 3415 - SNMP VACM MIB q RFC 3418 - SNMP MIB 4

Major Changes n § § § § Bulk data transfer RFC 2578 Manager-to-manager message Enhancements to SMI: SMIv 2 § Module definitions: MODULE-IDENTITY macro (information) § Object definitions: OBJECT-TYPE macro (managed object) § Trap definitions: NOTIFICATION-TYPE macro Textual conventions (Help define new data types) Conformance statements (Compatibility to standard) Row creation and deletion in table MIB enhancements (added security & snmpv 2) Transport mappings Security features, originally to be in SNMPv 2, moved to SNMPv 3 – Hence, SNMPv 2, like SNMPv 1, uses a community-based administrative framework SMIv 2 5

SMIv 1, SMIv 2 n SMIv 1: q q q n SMI (RFC 1155) Concise MIB (RFC 1212) Trap-Type (RFC 1215) SMIv 2: q q q SMIv 2 (RFC 2578) Textual Conventions (RFC 2579) Conformance Statements (RFC 2580) 6

Three Parts of SMIv 2 n Module definitions q MODULE-IDENTITY n Object definitions q OBJECT-TYPE n Notification definitions q NOTIFICATION-TYPE 7

MODULE-IDENTITY 8

MODULE-IDENTITY Example 9

OBJECT-TYPE MACRO : : = BEGIN TYPE NOTATION : : = "SYNTAX" Syntax Units. Part "MAX-ACCESS" Access "STATUS" Status "DESCRIPTION" Text Refer. Part Index. Part Def. Val. Part VALUE NOTATION : : = value(VALUE Object. Name) 10

"SYNTAX" Syntax : : = -- Must be one of the following: -- a base type (or its refinement), -- a textual convention (or its refinement), or -- a BITS pseudo-type | "BITS" "{" Named. Bits "}“ Named. Bits : : = Named. Bit | Named. Bits ", " Named. Bit : : = identifier "(" number ")“ -- number is nonnegative 11

(Example) SYNTAX BITS protocol. Dir. Type OBJECT-TYPE SYNTAX BITS { extensible(0), address. Recognition. Capable(1) } MAX-ACCESS read-only STATUS current DESCRIPTION “…” : : = { protocol. Dir. Entry 5 } 12

Units. Part: UNITS Units. Part : : = "UNITS" Text | empty hr. Disk. Storage. Capacity OBJECT-TYPE SYNTAX KBytes UNITS "KBytes" MAX-ACCESS read-only STATUS current DESCRIPTION "The total size for this long-term storage device. If the media is removable and is currently removed, this value should be zero. " : : = { hr. Disk. Storage. Entry 4 } Back to OBJECT-TYPE 13

"MAX-ACCESS" Access : : = "not-accessible" | "accessible-for-notify" | "read-only" | "read-write" | "read-create" ordered from least to greatest: "not-accessible": not-accessible indicates an auxiliary object "accessible-for-notify": accessible-for-notify accessible only via a notification "read-only": read only read-only "read-write": read and write, but create read-write does not. 14

"STATUS" Status : : = "current" | "deprecated" | "obsolete" “current”: current the definition is current and valid. “deprecated”: indicates an obsolete definition, it perm deprecated new/continued implementation. “obsolete”: obsolete the definition is obsolete and should not be implemented. 15

Refer. Part : : = "REFERENCE" Text | empty ip. Forward. Table OBJECT-TYPE SYNTAX SEQUENCE OF Ip. Forward. Entry MAX-ACCESS not-accessible STATUS obsolete DESCRIPTION "This entity's IP Routing table. " REFERENCE "RFC 1213 Section 6. 6, The IP Group“ : : = { ip. Forward 2 } 16

NOTIFICATION-TYPE MACRO : : = BEGIN TYPE NOTATION : : = Objects. Part "STATUS" Status "DESCRIPTION" Text Refer. Part VALUE NOTATION : : = value(VALUE Notification. Name) Objects. Part : : = "OBJECTS" "{" Objects "}“ | empty Objects : : = Object | Objects ", " Object : : = value(Object. Name) Status : : = "current" | "deprecated" | "obsolete" Refer. Part : : = "REFERENCE" Text | empty Text : : = value(IA 5 String) END Notification. Name : : = OBJECT IDENTIFIER 17

NOTIFICATION-TYPE Example Reference: SNMPv 2 -MIB (RFC 1907) 18

OBJECT-IDENTITY Macro • The OBJECT-IDENTITY macro is there to define information about an object identifier in the MIB. • Recall that an OBJECT IDENTIFIER defines the administrative identification of a node in the MIB – For example let’s consider a class of router that is manufactured by Info. Tech Services Inc. that is identified by the OBJECT IDENTIFIER isi. Router OBJECT-IDENTITY STATUS current DESCRIPTION "An 8 -slot IP router in the IP router family. " REFERENCE "ISI Memorandum No. ISI-R 123 dated January. 20, 1997" : : = {private. enterprises. isi 1} (a) Example of OBJECT-IDENTITY Macro 19

OBJECT-TYPE details the description needed for implementation of the managed object. It defines the type of a managed object. n router. Isi 123 OBJECT-TYPE SYNTAX Display. String MAX-ACCESS read-only STATUS current DESCRIPTION "An 8 -slot IP router that can switch up to 100 million packets per second. : : = {isi. Router 1} (b) Example of OBJECT-TYPE Macro 20

Table Aggregation n SNMPv 2 also defines a very powerful concept known as aggregate objects that support compound tables. This allows, for example, to define parameters associated with interface cards in a router. 3 types of table aggregation is supported: – Augmentation of a table (dependent table) adds additional columns to an existing table (base table) – Dense table enables addition of more rows to base table – Sparse table supplements less rows to a base table 21

Table Aggregation (…) • Can happen when all of the following are true: – Number of rows is not affected by the addition – Rows match one-to-one – The INDEX of the first table can be used for second one as well. Table 1: base table Table 2: augmented table 22

Augmentation of Tables: Example • For example the parameters of the interface of the router, Router. Isi 123, adds proprietary information to the standard ip. Addr. Table. • This new table, ip. Aug. Addr. Table has the same number of rows as ip. Addr. Table and adds information that defines the board and port number associated with the ip. Ad. Ent. Addr Figure 6. 13 Example of Augmentation of Tables 23

Dense Tables n In this case, the number of rows of an augmented table is more than that of the base table. The INDEX for the combined table is the combination of the 2 INDEX values of the tables. 24

Sparse Tables n In this case the number of rows of an augmented table is less than that of the base table. The INDEX for the combined table is the same of the base table. 25

Appending a Spare Table hr. Device. Table OBJECT-TYPE hr. Disk. Storage. Table OBJECT-TYPE SYNTAX SEQUENCE OF Hr. Device. Entry SYNTAX SEQUENCE OF Hr. Disk. Storage. Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table of devices…" "The (conceptual) table of long-term : : = { hr. Device 2 } storage devices contained by the host. . . " : : = { hr. Device 6 } hr. Device. Entry OBJECT-TYPE SYNTAX Hr. Device. Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A (conceptual) entry for one device contained by the host. …" INDEX { hr. Device. Index } : : = { hr. Device. Table 1 } hr. Disk. Storage. Entry OBJECT-TYPE SYNTAX Hr. Disk. Storage. Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A (conceptual) entry for one long-term storage devices contained by the host. . . " INDEX { hr. Device. Index } : : = { hr. Disk. Storage. Table 1 } 26

Textual Convention • Enables defining new data types • Makes semantics of data types consistent and human readable • Creates new data types using existing ones and applies restrictions to them • An important textual convention in SNMPv 2, Row. Status creates and deletes rows 27

• SNMPV 1: Display. String : : = OCTET STRING -- This data type is used to model textual information taken -- from the NVT ASCII character set. By convention, objects -- with this syntax are declared as having -- SIZE (0. . 255) • SNMPv 2: Also see Page 251 28

Interface. Index : : = TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "A unique value, greater than zero, for each interface or interface sub-layer in the managed system. It is recommended that values are assigned contiguously starting from 1. The value for each interface sub-layer must remain constant at least from one re-initialization of the entity's network management system to the next re-initialization. " SYNTAX Integer 32 (1. . 2147483647) 29

Creation of Row: Row. Status 30

31

Create-and-Go Row Creation Manager Process Agent Process Set. Request ( status. 3 = 4, index. 3 = 3, data. 3 = Def. Data ) Response ( status. 3 = 1, index. 3 = 3, data. 3 = Def. Data ) Managed Entity Create Instance Created 32

Create-and-Wait: Row Creation 33

Row Deletion 34