In the Name of the Most High SNMPv

  • Slides: 43
Download presentation
In the Name of the Most High SNMPv 2: Conformance, MIB and PDU by

In the Name of the Most High SNMPv 2: Conformance, MIB and PDU by Behzad Akbari Fall 2008 1

Conformance Statements for SMIv 2 (RFC 2580) n n Conformance guarantees that implementation meets

Conformance Statements for SMIv 2 (RFC 2580) n n Conformance guarantees that implementation meets a minimum set of features Four Macros in SNMPv 2 -CONF q q OBJECT-GROUP macro NOTIFICATION-GROUP macro MODULE-COMPLIANCE macro AGENT-CAPABILITIES macro 2

Conformance: OBJECT-GROUP • Conformance defined by • OBJECT-GROUP macro • NOTIFICATION-GROUP macro • OBJECT-GROUP

Conformance: OBJECT-GROUP • Conformance defined by • OBJECT-GROUP macro • NOTIFICATION-GROUP macro • OBJECT-GROUP • Compiled during implementation, not at run time • OBJECTS clause names each object • Every object belongs to an OBJECT-GROUP • Access defined by MAX-ACCESS, the maximum access privilege for the object 3

OBJECT-GROUP MACRO : : = BEGIN TYPE NOTATION : : = Objects. Part "STATUS"

OBJECT-GROUP MACRO : : = BEGIN TYPE NOTATION : : = Objects. Part "STATUS" Status "DESCRIPTION" Text Refer. Part VALUE NOTATION : : = value(VALUE OBJECT IDENTIFIER) Objects. Part : : = "OBJECTS" "{" Objects "}" Objects : : = Object | Objects ", " Object : : = value(Object. Name) Status : : = "current" | "deprecated" | "obsolete" Refer. Part : : = "REFERENCE" Text | empty Text : : = value(IA 5 String) END 4

OBJECT-GROUP Example 5

OBJECT-GROUP Example 5

Conformance: NOTIFICATION-GROUP • Contains trap entities defined in SMIv 1 • NOTIFICATIONS clause identifies

Conformance: NOTIFICATION-GROUP • Contains trap entities defined in SMIv 1 • NOTIFICATIONS clause identifies the notifications in the group • NOTIFICATIONS-GROUP macro compiled during implementation, not at run time 6

NOTIFICATION-GROUP MACRO : : = BEGIN TYPE NOTATION : : = Notifications. Part "STATUS"

NOTIFICATION-GROUP MACRO : : = BEGIN TYPE NOTATION : : = Notifications. Part "STATUS" Status "DESCRIPTION" Text Refer. Part VALUE NOTATION : : = value(VALUE OBJECT IDENTIFIER) Notifications. Part : : = "NOTIFICATIONS" "{" Notifications "}" Notifications : : = Notification | Notifications ", " Notification : : = value(Notification. Name) Status : : = "current" | "deprecated" | "obsolete" Refer. Part : : = "REFERENCE" Text | empty Text : : = value(IA 5 String) END 7

NOTIFICATION-GROUP Example link. Up. Down. Notifications. Group NOTIFICATION-GROUP NOTIFICATIONS { link. Up, link. Down

NOTIFICATION-GROUP Example link. Up. Down. Notifications. Group NOTIFICATION-GROUP NOTIFICATIONS { link. Up, link. Down } STATUS current DESCRIPTION "The notifications which indicate specific changes in the value of if. Oper. Status. " : : = { if. Groups 14 } 8

Compliance • Compliance has two classes of groups • MANDATORY-GROUPS. . . Required •

Compliance • Compliance has two classes of groups • MANDATORY-GROUPS. . . Required • GROUP …Optional 9

MODULE-COMPLIANCE MACRO : : = BEGIN TYPE NOTATION : : = "STATUS" Status "DESCRIPTION"

MODULE-COMPLIANCE MACRO : : = BEGIN TYPE NOTATION : : = "STATUS" Status "DESCRIPTION" Text Refer. Part Module. Part VALUE NOTATION : : = value(VALUE OBJECT IDENTIFIER) 10

Module. Part : : = Modules : : = Module | Modules Module :

Module. Part : : = Modules : : = Module | Modules Module : : = "MODULE" Module. Name Mandatory. Part Compliance. Part Module. Name : : = identifier Module. Identifier | empty Module. Identifier : : = value(OBJECT IDENTIFIER) | empty Mandatory. Part : : = "MANDATORY-GROUPS" "{" Groups "}“ | empty Groups : : = Group | Groups ", " Group : : = value(OBJECT IDENTIFIER) 11

Compliance. Part (1/2) Compliance. Part : : = Compliances | empty Compliances : :

Compliance. Part (1/2) Compliance. Part : : = Compliances | empty Compliances : : = Compliance | Compliances Compliance : : = Compliance. Group | Object Compliance. Group : : = "GROUP" value(OBJECT IDENTIFIER) "DESCRIPTION" Text Object : : = "OBJECT" value(Object. Name) Syntax. Part Write. Syntax. Part Access. Part "DESCRIPTION" Text 12

Compliance. Part (2/2) Syntax. Part : : = "SYNTAX" Syntax | empty -- must

Compliance. Part (2/2) Syntax. Part : : = "SYNTAX" Syntax | empty -- must be a refinement for object's SYNTAX clause Write. Syntax. Part : : = "WRITE-SYNTAX" Syntax | empty Syntax : : = type | "BITS" "{" Named. Bits "}" Named. Bits : : = Named. Bit | Named. Bits ", " Named. Bit : : = identifier "(" number ")" Access. Part : : = "MIN-ACCESS" Access | empty Access : : = "not-accessible" | "accessible-for-notify" | "read-only" | "read-write" | "read-create" 13

MODULE-COMPLIANCE Example MODULE-COMPLIANCE snmp. Basic. Compliance STATUS current DESCRIPTION "The compliance statement for SNMPv

MODULE-COMPLIANCE Example MODULE-COMPLIANCE snmp. Basic. Compliance STATUS current DESCRIPTION "The compliance statement for SNMPv 2 entities which implement the SNMPv 2 MIB. " MODULE -- this module MANDATORY-GROUPS { snmp. Group, snmp. Set. Group, system. Group, snmp. Basic. Notifications. Group } GROUP snmp. Community. Group DESCRIPTION "This group is mandatory for SNMPv 2 entities which support community-based authentication. " : : = { snmp. MIBCompliances 2 } 14

Agent Capabilities • AGENT-CAPABILITIES macro • SUPPORTS modules and includes groups • VARIATION identifies

Agent Capabilities • AGENT-CAPABILITIES macro • SUPPORTS modules and includes groups • VARIATION identifies additional features 15

AGENT-CAPABILITIES 16

AGENT-CAPABILITIES 16

SNMPv 2 MIB 17

SNMPv 2 MIB 17

SNMPv 2 Internet Group 18

SNMPv 2 Internet Group 18

SNMPv 2 SNMP MIB 19

SNMPv 2 SNMP MIB 19

20

20

system group { mib-2 1 } n n n n sys. Descr sys. Object.

system group { mib-2 1 } n n n n sys. Descr sys. Object. ID sys. Up. Time sys. Contact sys. Name sys. Location sys. Services Object Resources - describe the SNMP entity's support of various MIB modules. n sys. ORLast. Change n sys. ORTable q sys. OREntry n n sys. ORIndex sys. ORID sys. ORDescr sys. ORUp. Time 21

sys. ORTable Example 22

sys. ORTable Example 22

snmp group { mib-2 11 } n n n n snmp. In. Pkts snmp.

snmp group { mib-2 11 } n n n n snmp. In. Pkts snmp. In. Bad. Versions snmp. In. Bad. Community. Names snmp. In. Bad. Community. Uses snmp. In. ASNParse. Errs snmp. Silent. Drops snmp. Proxy. Drops snmp. Enable. Authen. Traps { snmp 1 } { snmp 3 } { snmp 4 } { snmp 5 } { snmp 6 } { snmp 31 } { snmp 32 } { snmp 30 } enabled(1), disabled(2) n snmp. Set. Serial. No - for atomic operations { snmpset 1 } 23

Object Types for SNMPv 2 Traps 24

Object Types for SNMPv 2 Traps 24

Notification Types: warm. Start cold. Start, 25

Notification Types: warm. Start cold. Start, 25

authentication. Failure 26

authentication. Failure 26

Link. Down, Link. Up (RFC 2233) 27

Link. Down, Link. Up (RFC 2233) 27

SNMPv 2 New Messages • inform-request • manager-to-manager message • get-bulk-request • transfer of

SNMPv 2 New Messages • inform-request • manager-to-manager message • get-bulk-request • transfer of large data • SNMPv 2 -Trap • transfer of notifications • Report • not used 28

SNMPv 2 PDU 29

SNMPv 2 PDU 29

SNMPv 2 PDU 30

SNMPv 2 PDU 30

SNMPv 2 Error Status 31

SNMPv 2 Error Status 31

SNMPv 2 Get. Bulk. Request PDU • Error status field replaced by Non-repeaters •

SNMPv 2 Get. Bulk. Request PDU • Error status field replaced by Non-repeaters • Error index field replaced by Max repetitions • No one-to-one relationship between request and response 32

Get-Bulk-Request 33

Get-Bulk-Request 33

Get-Next-Request Operation Manager Process 34

Get-Next-Request Operation Manager Process 34

Get-Bulk-Request Operation 35

Get-Bulk-Request Operation 35

36

36

SNMPv 2 Trap • Addition of NOTIFICATION-TYPE macro • OBJECTS clause, if present, defines

SNMPv 2 Trap • Addition of NOTIFICATION-TYPE macro • OBJECTS clause, if present, defines order of variable bindings • Positions 1 and 2 in Var. Bind. List are sys. Up. Time and snmp. Trap. OID 37

NOTIFICATION-TYPE 38

NOTIFICATION-TYPE 38

NOTIFICATION-TYPE 39

NOTIFICATION-TYPE 39

Inform-Request • Inform-Request behaves as trap in that the message goes from one manager

Inform-Request • Inform-Request behaves as trap in that the message goes from one manager to another unsolicited • The receiving manager sends response to the sending manager 40

Compatibility with SNMPv 1 n Compatibility with SNMPv 1 q q n Bilingual Manager

Compatibility with SNMPv 1 n Compatibility with SNMPv 1 q q n Bilingual Manager Proxy Server Bilingual Manager expensive in resource and operation 41

SNMP Proxy Server 42

SNMP Proxy Server 42

SNMP Proxy Server (…) 43

SNMP Proxy Server (…) 43