SNMP Management Information Prof Choong Seon HONG Kyung

SNMP Management Information Prof. Choong Seon HONG Kyung Hee University 1

Basic Concepts of SNMP q RFC 1157 q General purpose operations supported by SNMP get : retrieving the value of objects at the agent set : setting the value of objects at the agent trap : notifying the management station of significant events q Control about the use of MIB Authentication service : the managed station may wish to limit access to the MIB to authorized managed stations Access policy : Managed station may wish to give different access privileges to management stations l SNMP access mode : {READ_ONLY, READ-WRITE} Proxy service : A managed station may act as a proxy to other managed stations. Involving implementing the authentication service and access policy service as a proxy to other managed stations Kyung Hee University 2

Instance Identification q Object instance is identified by columnar object and row in the table q Two techniques for identifying a specific object instance serial-access technique based on a lexicographic ordering of objects in the MIB (in section 7. 2) random access technique q See Fig. 5. 7 Three instances of tcp. Conn. State have same object identifier : 1. 3. 6. 1. 2. 1. 6. 13. 1. 1 the value of INDEX objects of a table are used to distinguish one row from another combination of the object identifier for a columnar object and one set of values of the INDEX objects : specifying a particular scalar object in a particular row of the table Kyung Hee University 3

Instance Identification (2) q Convention used in SNMP : concatenating the scalar object identifier with the values of the INDEX objects q A simple example, Object ID of if. Type : 1. 3. 6. 1. 2. 2. 1. 3 (see Fig. 5. 1, 6. 2) Accordingly, instance ID for the if. Type corresponding to the row containing a value of if. Index of 2 : 1. 3. 6. 1. 2. 2. 1. 3. 2 q More complicated example consider tcp. Conn. Table having 4 INDEX objects(See Fig. 5. 6, Fig. 6. 10) instance IDs for all of the columnar objects from Fig. 5. 7 (see Table 7. 2) See page 168 Kyung Hee University 4

Instance Identification (3) Kyung Hee University 5

Instance Identification (3) q Conceptual Table and Row Objects no instance ID for table and row objects for example, tcp. Conn. Table and tcp. Conn. Entry are not leaf objects l not accessible by SNMP l ACCESS characteristic : “not accessible” q Scalar Objects Instance ID of nontabular scalar object : Object ID + 0 example, see Table 7. 4 Kyung Hee University 6

Lexicographical Ordering q Object ID : exhibiting a lexicographical ordering generated by traversing the tree of object ID in the MIB See Appendix 7 A extending to object instance ID (sequence of integers) q For example, ip. Route. Table ( See Figure 7. 2 and Table 7. 5) Kyung Hee University 7

Lexicographical Ordering Kyung Hee University 8

Lexicographical Ordering Kyung Hee University 9

Protocol Specification q Protocol Data Unit Version Community SNMP PDU (a) SNMP message PDU type Request-id 0 0 Variablebindings (b) Get. Request PDU, Get. Next. Request PDU, and Set. Request PDU type Request-id Error status Error index Agent addr Generictrap Specifictrap Time stamp name 2 value 2 --- namen Variablebindings (c) Get Response PDU type enterprise Variablebindings (d) Trap PDU name 1 valuen (e) variablebindings Generic trap : - A warm. Start trap signifies that the sending protocol entity is reinitializing itself such that neither the agent configuration nor the protocol entity implementation is altered. - A cold. Start trap signifies that the sending protocol entity is reinitializing itself such that the agent's configuration or the protocol entity implementation may be altered Kyung Hee University 10

Action of SNMP Entity upon Reception of an SNMP Message 1) basic syntax check of message 2) verifying version number 3) passing user name, PDU portion of message, and the source and destination transport address to authentication service (a) if authentication fails, generating trap (b) if authentication succeeds, authentication service returns a PDU 4) protocol entity does basic syntax check of PDU Kyung Hee University 11

Variable Bindings q Grouping a number of operations of the same type (get, set, trap) into single message q Getting the values of all the scalar objects in a particular group at a particular agent Kyung Hee University 12

Get. Request PDU q Issued by SNMP entity q Including following fields in the PDU: PDU type : Get. Request PDU request-id : for correlating incoming response variablebindings : lists of object instances l automic operation l if not match to object ID : no. Such. Name as error-status q Receipt of SNMP PDUs ( see Fig 7. 6) Kyung Hee University 13

Get. Request PDU q SNMP PDU Sequences Kyung Hee University 14

Get. Next. Request PDU q Returning the value of object instance that is next in lexicographical order. q Automic operation but, more flexible than Get. Request q Allowing a network management station to discover the structure of a MIB view dynamically providing an efficient mechanism for searching a table whose entries are unknown q Retrieving a Simple Object Value (see sec. 7. 2. 3. 1) Get. Request (udp. In. Datagrams. 0, udp. No. Ports. 0, udp. In. Errors. 0, udp. Out. Datagrams. 0) Get. Next. Request (udp. In. Data. Grams, udp. No. Ports, udp. In. Errors, udp. Out. Datagrams) Kyung Hee University 15

Get. Next. Request PDU (2) q Retrieving Unknown Objects Get. Next. Request (udp. In. Datagrams. 2) --> Get. Response (udp. No. Ports. 0 = value) Get. Next. Request (udp) ---> Get. Next. Request(udp. In. Data. Grams. 0 = value) l to probe a MIB view and discover its structure q Accessing Table Values See page 184 Kyung Hee University 16

Set. Request PDU q Used to write an object value rather than read one q Automic operation q bad. Value for type, length, or actual value of the supplied value q Updating a Table Set. Request (ip. Route. Metric 1. 9. 1. 2. 3 = 9) --> Get. Response (ip. Route. Metric 1. 9. 1. 2. 3 = 9) Supporting a new row (see Page 186) something depends on policy and implementation matter for the agent q Row Deletion Set. Request (ip. Route. Type. 7. 3. 5. 3 = invalid) --> Get. Response (ip. Route. Dest. 7. 3. 5. 3 = invalid) : having the effect eliminating the row See Table 7. 8 Kyung Hee University 17

Set. Request PDU (2) q Performing an Action an agent could include a proprietary object re. Boot with an initial vaule; if a management station sets the object’s value to 1, the agent system reboots and resets the object vale to 0 Kyung Hee University 18

Trap PDU q PDU type : Trap PDU q Enterprise : identifying the network management subsystem q agent-addr q generic-trap : having 7 values q specific-trap q time-stamp q variablebindings q Not soliciting a response from the other side Kyung Hee University 19

Transport-Level Support q Connetionless Transport Service Using the User Datagram Protocol (UDP) Using connectionless transport support service (CLTS) of OSI architecture UDP details l UDP over IP l UDP header : – – – source and destination port fields enabling application-level protocols such as SNMP to address each other optional checksum for UDP header and user data CLTS details l Transport protocol data unit including source and destination transport service access points (TSAPs) l Optional checksum l TSAP address : network-layer address + TSAP ID Kyung Hee University 20

Transport-Level Support (2) Loss of PDU l UDP and CLTS are not reliable l Guaranteeing delivery application that is using SNMP – setting time-out of Get. Response – repeating the request one or more times q Connection-Oriented Transport Service SNMP intended for use over a connectionless transport service l Key reason : for robustness RFC 1283 : prescribing conventions for the use of SNMP over the ISO connection-oriented transport service (COTS) At first, setting-up a transport connection to the agent, then sending request Kyung Hee University 21

SNMP Group q Snmp group as part of MIB-II including information relevant to the implementation and operation of SNMP (see Figure and Table 7. 9) q all of the objects except object, snmp. Enable. Authen. Traps : Read -only counters Kyung Hee University 22

List of features for network management station q Extended MIB support network management station that can load MIB definitions for extended MIBs defined for agent products from other vendors q Intuitive interface easy and powerful user interface l separate window for each part of the network l capable of displaying topological and geographic maps of the network l capable to show the status of the devices q Automatic discovery At the installing time, able to discover agents to build maps and configure icons q Programmable events allowing for user to define the actions for occurrence of the events l ex) changing states of icons, e-mail messages to manager, setting off beeper Kyung Hee University 23

List of features for network management station (2) q Advanced network control performing some predefined functions under certain conditions l ex) automatic shut-off for a bad or suspect hub or isolating an overactive network segment so that the whole network does not suffer q Object-oriented management MIB and SMI specifications referring to “objects” , but SNMP not using object-oriented technology Object-oriented system that can support SNMP q Custom iconsd not just simple rectangular and circle to describe network topology , but descriptive icons creating custom icons Kyung Hee University 24