In the Name of the Most High SNMPv

In the Name of the Most High SNMPv 1 Communication and Functional Models by Behzad Akbari Fall 2011 These slides are based in parts upon slides of Prof. Dssouli (Concordia university) 1

Introduction • We have covered the organization and information models of SNMPv 1. • Here we will address the SNMPv 1 communication and functional models • SNMPv 1 does not formally define a functional model – What was the functional model? – Deals with the user oriented requirements: (configuration, fault, performance, security, and accounting) – The functions are actually built in the community based access policy of the SNMP administrative model 2

Communication Model q q Communicate mgnt information between network mgnt stations and managed elements Goals: o o o q Operation: 5 messages o o q Management functions maintained by agents are kept simple Protocol flexibility (addition of new aspects of operation and management) Transparency (should not be affected by the architecture of particular hosts and gateways) get-request, get-next request, set-request get-response, trap SNMP messages are exchanged using UDP (connection less) transport protocol

Message Format version q q Protocol entities support application entities Communication between remote peer processes Message consists of : o o q q community Version identifier Community name Protocol Data Unit Message encapsulated in UDP datagrams and transmitted q Loss of message time out! data r Like FTP, SNMP uses two well- known ports to operate: m m m UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap Messages Size of SNMP message: 1472 bytes

Message Format version q community data SNMP message format is defined using ASN. 1, encoded for transmission over UDP using BER Message : : = SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs } 3 different versions: SNMPv 1, SNMPv 2, SNMPv 3

Message Format-Set/Get PDU version community data Message : : = SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs } PDUs: : = CHOICE { get-request [0] IMPLICIT PDU, get-next-request [1] IMPLICIT PDU, get-response [2] IMPLICIT PDU, set-request [3] IMPLICIT PDU, trap [4] IMPLICIT Trap-PDU }

Message Format-Set/Get PDUtype requestid errorstatus errorindex PDU : : = SEQUENCE { request-id INTEGER, error-status INTEGER { no. Error (0), too. Big (1), no. Such. Name(2), bad. Value (3), read. Only (4), gen. Err (5) }, error-index INTEGER, variable-bindings Var. Bind. List } variable-bindings request-id: track a message and indicate loss of a message (e. g. , timeout, etc. ) error-status: indicate the occurrence of error-index: indicate the occurrence of error (position in the list of variables) variable-bindings: grouping of number of operations in a single message: e. g. , one request to get all values and one response

Message Format-variable bindings var-bind 1 name value Var. Bind. List var-bind 2 name value . . . : : = SEQUENCE OF Var. Bind : : = SEQUENCE { name Object. Name, value Object. Syntax } Object. Name : : = OBJECT IDENTIFIER Object. Syntax : : = CHOICE { simple Simple. Syntax, application-wide Application. Syntax } var-bind n name value

Message Format-variable bindings Simple. Syntax : : = CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL } Application. Syntax: : = CHOICE { address Network. Address, counter Counter, gauge Gauge, ticks Time. Ticks, arbitrary Opaque } Network. Address: : = CHOICE { internet Ip. Address }

Message Format-Trap PDUAgent Generic Specific Time Entreprise type Address Trap Type Stamp variable-bindings Trap-PDU : : = SEQUENCE { -Pertain to the system generating enterprise OBJECT IDENTIFIER, the trap (sys. Object. ID) agent-addr Network. Address, -IP address of the objetc generic-trap INTEGER { cold. Start (0), warm. Start (1), link. Down (2), link. Up (3), authentication. Failure(4), egp. Neighbor. Loss (5), enterprise. Specific (6) }, Specific code to identify the specific-trap INTEGER, trap cause… time-stamp Time. Ticks, Elapsed time since last re-initialization variable-bindings Var. Bind. List }

SNMP Operations An SNMP entity performs the following to transmit a PDU q q Construct a PDU using ASN. 1 Pass PDU to Authentication Service (AS) along with s-d transport addresses and community name o q q AS returns a PDU that is encrypted (if encryption is supported) The Protocol entity then constructs an SNMP message by adding the version field and the community name to the PDU Message is encoded using BER and it is passed to the transport service An SNMP entity performs the following upon reception of an SNMP message q Basic syntax check, message is discarded in case of error q Verifies the version number-message discarded if there is mismatch o Authentication (if supported): if message does not authenticate, generate trap and discard message. q Finally, using the community name, the access policy is selected and PDU is processed

Get. Request PDU system (mib-2 1) q Sender includes the following fields: q q q PDU Type request-id Variable-bindings q q A list of object instances whose values are requested SNMP dictates that a scalar object is identified by its OBJECT -IDENTIFIER concatenated with 0 q e. g. , sys. Descr. 0: distinguishes between the object type and an instance of the object sys. Descr (1) sys. Object. Id (2) sys. Up. Time (3) sys. Services (7) sys. Location (6) sys. Name (5) sys. Contact (4)

Get. Request PDU. 0 indicates that the scalar value should be retrieved (scalar objects only) Agent Process Manager Process Get. Request (sys. Descr. 0) Get. Response (sys. Descr. 0= "Sun. OS" ) Get. Request (sys. Object. ID. 0) Get. Response ( sys. Object. ID. 0=enterprises. 11. 2. 3. 10. 1. 2 ) Get. Request (sys. Up. Time. 0) Get. Response (sys. Up. Time. 0=2247349530) Get. Request (sys. Contact. 0) Get. Response (sys. Contact. 0=" ") Get. Request (sys. Name. 0) Get. Response (sys. Name. 0="noc 1 ") Get. Request (sys. Location. 0) Get. Response (sys. Location. 0=" ") Get. Request (sys. Services. 0) Get. Response (sys. Services. 0=72) The manager could have used only one message to obtain the values of all objects under system group: using “variable binding list”

Get. Request PDU q Get Request is atomic q q error message is generated if at least one of the variables could not be found/returned; errorstatus: q q Either all values (of all variables provided in the binding list) retrieved or none no. Such. Name too. Big gen. Err error-index: indicate the problem object (i. e. , variable in binding list that caused the problem) q With SNMP, only leaf objects in the MIB can be retrieved q q e. g. it is not possible to retrieve an entire row of a table by simply accessing the Entry Object (e. g. , ip. Route. Entry) the management stations has to include each object instance (in the row) in the binding list o By including the complete object identifier and respecting the rule of indexing!

Get. Request PDU ip. Route. Dest 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 ip. Route. Metric 1 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 Index of table q Get. Request (ip. Route. Dest. 9. 1. 2. 3, ip. Route. Metric 1. 9. 1. 2. 3, ip. Route. Next. Hop. 9. 1. 2. 3 )

Get. Next. Request PDU q q same as Get. Reqest Difference: q q system (mib-2 1) PDU format: each variable in the binding list refers to an object instance next in the lexicographic order sys. Descr (1) Get. Next. Request (sys. Descr. 0) return the value of the object instance of sys. Object. Id Advantages: q q Allows a network manager to discover a MIB structure dynamically Efficient way for searching through tables whose entries are unknown sys. Object. Id (2) sys. Up. Time (3) sys. Services (7) sys. Location (6) sys. Name (5) sys. Contact (4)

Get. Next. Request PDU Agent Process Manager Process Get. Request (sys. Descr. 0) Get. Response (sys. Descr. 0= "Sun. OS" ) Get. Next. Request (sys. Descr. 0) Get. Response ( sys. Object. ID. 0=enterprises. 11. 2. 3. 10. 1. 2 ) Get. Next. Request (sys. Object. ID. 0) Get. Response (sys. Up. Time. 0=2247349530) Get. Next. Request (sys. Up. Time. 0) Get. Response (sys. Contact. 0=" ") Get. Next. Request (sys. Contact. 0) Get. Response (sys. Name. 0="noc 1 ") Get. Next. Request (sys. Name. 0) Get. Response (sys. Location. 0=" ") Get. Next. Request (sys. Location. 0) Get. Response (sys. Services. 0=72) Get. Next. Request (sys. Services. 0) Get. Response (no. Such. Name) Error message: no object next to sys. Services Get-Next-Request Operation for System Group

Generalized Case q A sample MIB that contains both scalar values and aggregate objects q Retrieving scalar as well as aggregate objects using get-request and get-next-request A B T Z E 1. 1 2. 1 3. 1 1. 2 2. 2 3. 2

Generalized Case Manager Process A Agent Process B Get. Request ( A ) Get. Response ( A ) T Get. Request ( B ) Get. Response ( B ) Get. Request (T. E. 1. 1) E Get. Response ( T. E. 1. 1 ) Get. Request (T. E. 1. 2) Get. Response ( T. E. 1. 2 ) Get. Request (T. E. 2. 1) T. E. 1. 1 T. E. 2. 1 T. E. 3. 1 T. E. 1. 2 T. E. 2. 2 T. E. 3. 2 Get. Response ( T. E. 2. 1 ) Get. Request (T. E. 2. 2) Get. Response ( T. E. 2. 2 ) Get. Request (T. E. 3. 1 ) Get. Response ( T. E. 3. 1 ) Get. Request (T. E. 3. 2 ) Get. Response ( T. E. 3. 2 ) Get. Request (Z ) Get. Response ( Z ) Z

Generalized Case n Observations: n 1)- we need to know all the elements in the MIB, including the # of columns and rows in a table A n 2)- a MIB is traversed from top to bottom (i. e. , from left to right in the tree structure) B n 3)- data in tables is retrieved by traversing all instances of a columnar object T n NOTES: E n 1)- dynamic table: # rows may not be known to manager q A request to T. E. 1. 3 results in error message n 3)- Get. Next. Request could avoid this! n 4)- A convention is required for the definition of the next object in a MIB n SNMP uses lexicographic convention T. E. 1. 1 T. E. 2. 1 T. E. 3. 1 T. E. 1. 2 T. E. 2. 2 T. E. 3. 2 Z

Lexicographic Convention Procedure for ordering q q q q Start with leftmost digit as first position Before increasing the order in the first position, select the lowest digit in the second position Continue the process till the lowest digit in the last position is captured Increase the order in the last position until all the digits in the last position are captured Move back to the last but one position and repeat the process Continue advancing to the first position until all the numbers are ordered Tree structure for the above process

Lexicographic Ordring- example start end 1 2 2 1 5 2 18 3 10 6 MIB example of lexicographic ordering 9 4 9 21

Get. Next. Request PDU Agent Process Manager Process A Get. Request ( A ) Get. Response ( A ) B Get. Next. Request ( A ) Get. Response ( B ) Get. Next. Request ( B ) T. E. 1. 1 is next object to scalar B T Get. Response ( T. E. 1. 1 ) Get. Next. Request (T. E. 1. 1 ) Get. Response ( T. E. 1. 2 ) E Get. Next. Request (T. E. 1. 2 ) Get. Response ( T. E. 2. 1 ) Get. Next. Request (T. E. 2. 1 ) Get. Response ( T. E. 2. 2 ) T. E. 1. 1 T. E. 2. 1 T. E. 3. 1 T. E. 1. 2 T. E. 2. 2 T. E. 3. 2 Get. Next. Request (T. E. 2. 2 ) Get. Response ( T. E. 3. 1 ) Get. Next. Request (T. E. 3. 1 ) Get. Response ( T. E. 3. 2 ) Get. Next. Request (T. E. 3. 2 ) Z Get. Response ( Z ) Get. Next. Request ( Z ) Get. Response ( no. Such. Name )

Get. Next. Request PDU Agent Process Manager Process Advantages of Get-Next. Request Get. Request ( A ) Get. Response ( A ) Get. Next. Request ( A ) 1)- no need to know the object ID of the next entity to retrieve its value 2)- issues with dynamic table resolved n n 3)- allows NMS to discover the structure of a MIB view dynamically 4)- provides an efficient mechanism for searching a table whose entries are unknown Get. Response ( B ) Get. Next. Request ( B ) Get. Response ( T. E. 1. 1 ) Get. Next. Request (T. E. 1. 1 ) Get. Response ( T. E. 1. 2 ) Get. Next. Request (T. E. 1. 2 ) Get. Response ( T. E. 2. 1 ) Get. Next. Request (T. E. 2. 1 ) Get. Response ( T. E. 2. 2 ) Get. Next. Request (T. E. 2. 2 ) Get. Response ( T. E. 3. 1 ) Get. Next. Request (T. E. 3. 1 ) Get. Response ( T. E. 3. 2 ) Get. Next. Request (T. E. 3. 2 ) Get. Response ( Z ) Get. Next. Request ( Z ) Get. Response ( no. Such. Name )

Lexicographic Ordring- example ip. Route. Dest ip. Route. Metric 1 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 Index of table ip. Route. Table 1. 3. 6. 1. 2. 1. 4. 21 ip. Route. Entry 1. 3. 6. 1. 2. 1. 4. 21. 1 = x ip. Route. Dest x. 1 ip. Route. Metric 1 x. 3 ip. Route. Next. Hop x. 7 ip. Route. Dest. 9. 1. 2. 3 x. 1. 9. 1. 2. 3 ip. Route. Metric 1. 9. 1. 2. 3 x. 3. 9. 1. 2. 3 ip. Route. Dest. 10. 0. 0. 51 x. 1. 10. 0. 0. 51 ip. Route. Metric 1. 10. 0. 0. 51 x. 3. 10. 0. 0. 51 ip. Route. Next. Hop. 10. 0. 0. 51 x. 7. 10. 0. 0. 51 ip. Route. Metric 1. 10. 0. 0. 99 x. 3. 10. 0. 0. 99 ip. Route. Next. Hop. 10. 0. 0. 99 x. 7. 10. 0. 0. 99 ip. Route. Dest. 10. 0. 0. 99 x. 1. 10. 0. 0. 99 ip. Route. Next. Hop. 9. 1. 2. 3 x. 7. 9. 1. 2. 3

Accessing Table Values ip. Route. Dest 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 ip. Route. Metric 1 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 Retrieving the entire table w/out knowing its contents or number of rows: Get. Next. Request (ip. Route. Dest, ip. Route. Metric 1, ip. Route. Next. Hop) The agent will respond with the values from the first row Get. Response ((ip. Route. Dest. 9. 1. 2. 3 = 9. 1. 2. 3), (ip. Route. Metric 1. 9. 1. 2. 3 = 3), (ip. Route. Next. Hop. 9. 1. 2. 3 = 99. 0. 0. 3)) The MS stores this info and retrieves the second row

Accessing Table Values ip. Route. Dest 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 ip. Route. Metric 1 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 Get. Next. Request (ip. Route. Dest. 9. 1. 2. 3, ip. Route. Metric 1. 9. 1. 2. 3, ip. Route. Next. Hop. 9. 1. 2. 3) ---------------------Get. Response ((ip. Route. Dest. 10. 0. 0. 51 = 10. 0. 0. 51), (ip. Route. Metric 1. 10. 0. 0. 51 = 5), (ip. Route. Next. Hop. 10. 0. 0. 51 = 89. 1. 1. 42)) ----------------------------------Get. Next. Request (ip. Route. Dest. 10. 0. 0. 51, ip. Route. Metric 1. 10. 0. 0. 51, ip. Route. Next. Hop. 10. 0. 0. 51) ---------------------Get. Response ((ip. Route. Dest. 10. 0. 0. 99 = 10. 0. 0. 99), (ip. Route. Metric 1. 10. 0. 0. 99 = 5), (ip. Route. Next. Hop. 10. 0. 0. 99 = 89. 1. 1. 42))

Accessing Table Values ip. Route. Dest 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 ip. Route. Metric 1 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 What happens next!, When does the MS stop? Get. Next. Request (ip. Route. Dest. 10. 0. 0. 99, ip. Route. Metric 1. 10. 0. 0. 99, ip. Route. Next. Hop. 10. 0. 0. 99) ---------------------Get. Response ((ip. Route. Metric 1. 9. 1. 2. 3 = 3), (ip. Route. Next. Hop. 9. 1. 2. 3 = 99. 0. 0. 3), (ip. Net. To. Media. If. Index. 1. 3 = 1)) Object names in the list in the response does not match those in the request MS knows it has reached the end of the table

Set. Request-PDU q Write a value rather than reading a variable q The operation is atomic: o either all variables in binding list are updated or none Procedure receive-Set. Request: begin if object not available for set then issue getresponse (no. Such. Name, index) else if inconsistent object value then issue getresponse (bad. Value, index) else if generated PDU too big then issue getresponse (too. Big) else if value not settable for some other reason then issue getresponse (gen. Err, index) else issue getresponse (variable bindings) end;

Set. Request-PDU-example ip. Route. Dest 9. 1. 2. 3 10. 0. 0. 51 10. 0. 0. 99 ip. Route. Metric 1 3 5 5 ip. Route. Next. Hop 99. 0. 0. 3 89. 1. 1. 42 Updating the value of ip. Route. Metric 1 metric of the first row: Set. Request (ip. Route. Metric 1. 9. 1. 2. 3 = 9) Get. Response (ip. Route. Metric 1. 9. 1. 2. 3 = 9) Index of the new object instance in the table Adding a row to the table -- a MS issues a command: Set. Request ((ip. Route. Dest. 11. 3. 3. 12 = 11. 3. 3. 12), (ip. Route. Metric 1. 11. 3. 3. 12 = 9), (ip. Route. Next. Hop. 11. 3. 3. 12 = 91. 0. 0. 5)) But this is currently unknown for the agent!

Set. Request-PDU-example Adding a row to the table -- a MS issues a command: Set. Request ((ip. Route. Dest. 11. 3. 3. 12 = 11. 3. 3. 12), (ip. Route. Metric 1. 11. 3. 3. 12 = 9), (ip. Route. Next. Hop. 11. 3. 3. 12 = 91. 0. 0. 5)) Three ways for the agent to handle the request: If only this argument is passed, the agent may accept or not; 1)- reject the operation with error-status =then no. Such. Name if it accepts to create the row, 2)- recognize the operation (as creation of a new and objects check are whether thenrow) the other assigned default values the operation can be accepted (i. e. , all values are correct, no syntax error, etc. . ) 2. 1)- if NO, then return error-status = bad. Value 2. 2)- if YES, then new row is created and Get. Response ((ip. Route. Dest. 11. 3. 3. 12 = 11. 3. 3. 12), (ip. Route. Metric 1. 11. 3. 3. 12 = 9), (ip. Route. Next. Hop. 11. 3. 3. 12 = 91. 0. 0. 5))

Set. Request-PDU-example Row Deletion: Set. Request (ip. Route. Metric 1. 7. 3. 5. 3 = invalid) Get. Response (ip. Route. Metric 1. 7. 3. 5. 3 = invalid) Some other tables may/may not allow any operation to be done on its columnar objects – check RFCs for more details Performing an action: SNMP can read and set values of objects. SNMP can also issue commands to perform certain actions: example, a device may have a flag “re. Boot”, if it is set by the manager, then the device will reboot.

Sniffer Data 13: 55: 47. 445936 noc 3. btc. gatech. edu. 164 > noc 1. btc. gatech. edu. snmp: Community = public Get. Request(111) Request ID = 1 system. sys. Object. ID. 0 system. sys. Up. Time. 0 system. sys. Contact. 0 system. sys. Name. 0 system. sys. Location. 0 system. sys. Services. 0 Get-Request Message from Manager-to-Agent 13: 55: 47. 455936 noc 1. btc. gatech. edu. snmp > noc 3. btc. gatech. edu. 164: Community = public Get. Response(172) Request ID = 4 system. sys. Descr. 0 = "Sun. OS noc 1 5. 5. 1 Generic_103640 -08 sun 4 u" system. sys. Object. ID. 0 = E: hp. 2. 3. 10. 1. 2 system. sys. Up. Time. 0 = 247349530 system. sys. Contact. 0 = "" system. sys. Name. 0 = "noc 1" system. sys. Location. 0 = "" system. sys. Services. 0 = 72 Get-Response Message from Agent-to-Manager

Sniffer Data 13: 56: 24. 894369 noc 3. btc. gatech. edu. 164 > noc 1. btc. gatech. edu. snmp: Community = netman Set. Request(41) Request ID = 2 system. sys. Contact. 0 = “Brandon Rhodes” Set-Request Message from Manager-to-Agent 13: 56: 24. 894369 noc 1. btc. gatech. edu. snmp > noc 3. btc. gatech. edu. 164: Community = netman Get. Response(41) Request ID = 2 system. sys. Contact. 0 = " Brandon Rhodes " Get-Response Message from Agent-to-Manager

Sniffer Data 14: 03: 36. 788270 noc 3. btc. gatech. edu. 164 > noc 1. btc. gatech. edu. snmp: Community = public Get. Request(111) Request ID = 4 system. sys. Descr. 0 system. sys. Object. ID. 0 system. sys. Up. Time. 0 system. sys. Contact. 0 system. sys. Name. 0 system. sys. Location. 0 system. sys. Services. 0 Get-Request Message from Manager-to-Agent 14: 03: 36. 798269 noc 1. btc. gatech. edu. snmp > noc 3. btc. gatech. edu. 164: Community = public Get. Response(196) Request ID = 4 system. sys. Descr. 0 = "Sun. OS noc 1 5. 5. 1 Generic_103640 -08 sun 4 u" system. sys. Object. ID. 0 = E: hp. 2. 3. 10. 1. 2 system. sys. Up. Time. 0 = 247396453 system. sys. Contact. 0 = "Brandon Rhodes" system. sys. Name. 0 = "noc 1" system. sys. Location. 0 = "BTC NM Lab" system. sys. Services. 0 = 72 Get-Response Message from Agent-to-Manager

Polling Frequency q Few traps exist in the standard! o Thus most of the management information is gathered by means of polls (Get. Request, Get. Next. Request) q If polling is done un-frequently o A MS may have outdated view of the network (e. g. , congestion might happen and the NM may not be alerted) q If polling is done frequently o The control messages overhead will be high and degrade the performance q Polling frequency requires some policy definition o e. g. , size of the network (i. e. , #agents a MS can handle)

Polling Frequency q q q Assumption: assume the MS can handle only one agent at a time (i. e. , when polling an agent, a MS does no other work until it is done) A poll may involve a single get/response transaction or multiple such transactions The maximum number of agents a MS can handle, considering that it is engaged full time in polling is: N (T/ ) Agent 1 Agent N Agent 2 N: number of agents T: desired polling interval : average time required to perform a single poll T Agent 1

Polling Frequency depends on multiple factors: o o o o Processing time to generate a request at the MS Network delay from MS to agent Processing time at the agent to interpret the received message Processing time at the agent to generate response Network delay from agent to manager Processing time at the manager to interpret the message Number of request/response transactions to obtain all desired info. Example o o o Devices on a LAN; each device is to be polled every 15 minutes Processing times = 50 ms; Network delay = 1 ms (no network congestion) N (15 60/ ) = 4, 500 Where = 50 + 1+ 50+ 1+ 50 = 202 ms

Polling Frequency q In WAN, network 0. 5 s) o o o q delays are significantly large (order of Data rates on WANs are less than LANs Distances are greater (delays are higher, e. g. 0. 5 seconds) Delays introduced by bridges and routers N (15 60/ ) = 750 Where = (4 0. 05) + (2 0. 5) Summary: 4 critical parameters o o # agents Processing time of a message Network delays Polling interval

Some Limitations of SNMPv 1 q SNMP may not be suitable for the mgmt of truly large networks because of the performance limitations of polling q SNMP is not well suited for retrieving large volumes of data, such as an entire routing table q SNMP traps are unacknowledged & may not be delivered q SNMP provides only trivial authentication o i. e. it is suitable for monitoring rather than control q SNMP does not support explicit actions o i. e. , an action is taken by changing a parameter or setting an object value (indirectly) q SNMP does not support manager-to-manager communications r Many of these problems are addressed in SNMPv 2!

Traffic Monitoring n n Get “if. In. Octets” and “if. Out. Octets” of MIB II Interface Group t 1: C 1 t 2: C 2 Utilization (%) = (C 2 - C 1 ) 8 (t 2 - t 1) Bandwidth 100% 41

Internet Traffic of Sharif University 42

SNMP MIB Group Page 223~224 43