SNMP Network Management I Mani Subramanian Network Management
SNMP Network Management (I)* *Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.
SNMP Network Management q Organization Model q Communication Model q Information Model o Structure of Management Information (SMI) o Managed Objects o Management Information Base (MIB) q SNMP Administrative Model q SNMP Protocol Specs
Organization Model q Describes components of a q q network management system Focuses on functions and infrastructure Objects are network elements such as hubs, bridges, routers, etc. Managed elements have a process running them called an agent Manager queries the agent, gets information, processes it and stores it in the MIB SNMP Manager agent Managed Objects Unmanaged Objects A simplified hierarchical (2 -tier) setup
Organization Model Multiple managers, 1 agent r An agent responds to any management system that communicates with it using SNMP r A NMS provided by a vendor is in a better position to manage, monitor and configure all NEs coming from that same vendor MIB SNMP Manager Managed agent Object Managed Objects Managers may have restricted access to managed objects
Organization Model r Limiting the data that a manager wishes to obtain! r RMON (Remote Monitoring): acts as an agent and a manager m m RMON gathers data from MO, analyses the data, and stores the data Communicates the statistics to the manager MIB SNMP Manager Managed agent Object Managed Objects RMON Probe Managers may have restricted access to managed objects 3 -tier architecture
Organization Model r Proxy server converts non-SNMP data from non -SNMP objects to SNMP compatible objects and messages MIB SNMP Manager Proxy Server Managed agent Object Wireless LAN Managed Objects unmanaged Objects
SNMP Network Management q Organization Model q Communication Model q Information Model o Structure of Management Information (SMI) o Managed Objects o Management Information Base (MIB) q SNMP Administrative Model q SNMP Protocol Specs
Communication Model MANAGER g in oll P P M SN ap r T AGENTS MIB
Communication Model q Communicate mgnt information between network mgnt stations and managed elements q Goals: o o o Management functions maintained by agents are kept simple Protocol flexibility (addition of new aspects of operation and management) Transparency (should not be affected by the architecture of particular hosts and gateways) q Operation: 5 messages o o get-request, get-next request, set-request get-response, trap q SNMP messages are exchanged using UDP (connection less) transport protocol
Communication Model SNMP Manager SNMP messages SNMP agent UDP IP IP DLC PHY Network or Internet Physical Medium Trap Get-Response SNMP Agent Application Set-Request Application Manages objects Trap Get-Response Set-Request Get. Next-Request Get-Request SNMP Manager Application Get. Next-Request Management Data SNMP Agent Get-Request SNMP Manager
Communication Model-SNMP Traps Type Indication Cold-start of a system Agent is reinitializing itself since its configuration has changed Warm-start of a system Agent is reinitializing itself but its configuration has not changed Link down Link failure Link up Link restoral Failure of Authentication Request does not have proper authentication e. g. , wrong SNMP community string EGP neighbor loss Exterior Gateway protocol neighbor gone Enterprise specific Specific to vendor implementing it
Communication Model-SNMP Traps Type Format Cold-start of a system Warm-start of a system Link down Link up Failure of Authentication EGP neighbor loss Enterprise specific generic-trap INTEGER { cold. Start warm. Start link. Down link. Up authentication. Failure egp. Neighbor. Loss enterprise. Specific } (0), (1), (2), (3), (4), (5), (6)
SNMP Network Management q Organization Model q Communication Model q Information Model o Structure of Management Information (SMI) o Managed Objects o Management Information Base (MIB) q SNMP Administrative Model q SNMP Protocol Specs
Structure of Management Information q RFC 1155: Structure of Management Information q A common representation for data between both manager and agent q Defines the syntax (using ASN. 1) to describe management information o o Data types and Rules used to define managed objects in a MIB q Generic objects and private (vendor specific) objects conforming to SMI rules (RFC 1155) can be managed by SNMP
SMI, Objects and Instances q Objects have: object types and object instances q SMI is concerned with types and not instances q Object type q q q Name (unique descriptor and object identifier) Syntax (ASN. 1) Encoding (BER) Object Type Name: OBJECT IDENTIFIER Syntax: ASN. 1 Object Instance Encoding: BER Managed Object : Type and Instance
SMI, Objects and Instances Object NMS 192. 168. 252. 110 Object Type 172. 17. 252. 1 Name: OBJECT IDENTIFIER Router 2 Backbone Network Syntax: ASN. 1 Object Instance Encoding: BER Managed Object : Type and Instance Router 1 172. 16. 46. 1 Hub 1 172. 16. 46. 2 Hub 2 172. 16. 46. 3 A Managed LAN Network A hub is an object type A hub with IP 172. 16. 46. 3 is an instance of the object
SMI, Objects and Instances Object Type Name: OBJECT IDENTIFIER Syntax: ASN. 1 Encoding: BER Object Instance 3 Object Instance 2 Object Instance 1 Managed Object : Type with Multiple Instances
SMI, Names root r Each managed object is associated with an identifier (OBJECT IDENTIFIER) m m Identifiers are used to name objects and they are unique for managed objects identifier is a sequence of integers ccitt(0) iso(1) joint-iso-ccitt(2) org(3) internet(1) mgmt(2) mib-2(1) dod(6) private(4) experimental(3) enterprise(1) internet OBJECT IDENTIFIER : : = { iso(1) org(3) dod(6) 1 } : : = {1 3 6 1 } Name of managed object : : = {iso standard dod internet}
SMI, Names Internet {1 3 6 1} directory (1) Reserved for future use mgmt (2) experimental (3) private (4) To identify objects used in Internet experiments Used for objects defined in IAB-approved documents Used heavily by commercial vendors Sub-nodes under Internet
SMI, Names Internet {1 3 6 1} directory (1) mgmt (2) experimental (3) mib-2 (1) system (1) interfaces (2) at (3) ip (4) icmp (5) snmp (11) transmission (10) cmot (9) egp (8) udp (7) tcp (6) private (4)
SMI, Names Internet {1 3 6 1} directory (1) mgmt (2) experimental (3) private (4) enterprises (1) cisco (9) hp (11) 3 Com (43) Cabletron (52)
SMI, SNMP Syntax SNMP ASN. 1 Data Type Tag Structure Number Class Simple or Primitive Defined or Application Constructor or Structured Universal Application Contextspecific Private
SNMP Primitive Data Types Data Type INTEGER OCTET STRING OBJECT IDENTIFIER NULL Comments Subtype INTEGER (n 1. . n. N) Special case: Enumerated INTEGER type 8 -bit bytes binary and textual data Subtypes can be specified by either range or fixed Object position in MIB Placeholder r Subtype: m m m INTEGER (0. . 255) OCTET STRING (SIZE 8) r Special case of INTEGER data type (enumeration):
![Application-Wide SNMP Types Ip. Address : : = [APPLICATION 0] IMPLICIT 160. 85. 128.](http://slidetodoc.com/presentation_image_h/124909b76b282f2010c038d950806b97/image-24.jpg "Application-Wide SNMP Types Ip. Address : : = [APPLICATION 0] IMPLICIT 160. 85. 128.")
Application-Wide SNMP Types Ip. Address : : = [APPLICATION 0] IMPLICIT 160. 85. 128. 1 OCTET STRING (SIZE (4)) A 0 55 80 01 Counter : : = [APPLICATION 1] IMPLICIT INTEGER (0. . 4294967295) 0 231 Gauge : : = [APPLICATION 2] IMPLICIT INTEGER (0. . 4294967295) 0 231 0 1 2 Time. Ticks : : = [APPLICATION 3] IMPLICIT INTEGER (0. . 4294967295) 0 10 20 [ms] Opaque : : = [APPLICATION 4] IMPLICIT OCTET STRING
SNMP Structured Types q SEQUENCE, SEQUENCE OF q SET and SET OF of ASN. 1 are not included in SNMP-based management q Used to build lists and tables SEQUENCE {<type 1>, <type 2>, …. . , <type. N>} Managed objects Their location in Their data types the MIB
SNMP Structured Types ip. Addr. Table is made up of instances of id. Addr. Entry object
SMI, Encoding q Basic Encoding Rules, BER q Data Types and Tags Type Tag OBJECT IDENTIFIER UNIVERSAL 6 SEQUENCE UNIVERSAL 16 Ip. Address APPLICATION 0 Counter APPLICATION 1 Gauge APPLICATION 2 Time. Ticks APPLICATION 3 Opaque APPLICATION 4 q Encoding of Object Identifiers: Packs the first two integers into a single sub-identifier
SMI, Encoding enterprise OBJECT IDENTIFIER : : = {iso(1) org(3) dod(6) internet(1) private(4) 1} X Y Z = 40·X + Y 43 0 06 6 1 0 05 2 B 0 06 4 0 01 04 1 0 01
Managed Objects system(1) sys. Descr(1) sys. Object. ID(2) sys. Up. Time(3) sys. Contact(4) q Textual name: mnemonic; always begins with lower case o OBJECT IDENTIFIER: unique position of the managed object in the MIB q Syntax: the ASN. 1 definition of the object type q Access: read-only, read-write, not-accessible (e. g. , tables) q Status: mandatory, optional, obsolete q Definition: textual description of the object type
Managed Objects system(1) sys. Descr(1) sys. Object. ID(2) sys. Up. Time(3) sys. Contact(4)
Macros for Managed Objects q A formal definition for managed objects
SMI Definitions
Macros for Managed Objects q Using OBJECT-TYPE MACRO to define a managed object of the system group in the MIB sys. Descr OBJECT-TYPE SYNTAX Display. String (SIZE(0. . 255)) ACCESS read-only STATUS mandatory DESCRIPTION “A textual description of the entity. This value should include the full name and version identification of the system’s hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters. ” : : = { system 1 }
Macros for Managed Objects system(1) sys. Descr(1) sys. Object. ID(2) sys. Up. Time(3) sys. Contact(4) sys. Up. Time OBJECT-TYPE SYNTAX Time. Ticks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized. " : : = { system 3 }
Aggregate Objects q A group of related objects (also called tabular objects) q Represented by a table with o o Columns of objects Rows of instances r Example: IP address table r Consists of objects: m IP address m m Interface Subnet mask (which subnet this address belongs to) Broadcast address (value of l. s. b. in IP broadcast address) Largest IP datagram that can be assembled r Multiple instances of these objects associated with the node
Aggregate Object Macro-ip. Addr. Table (RFC 1155) ip. Addr. Table OBJECT-TYPE Syntax SEQUENCE OF Ip. Addr. Entry Access not-accessible STATUS mandatory Definition "The table of addressing information relevant to this entity's IP addresses. " : : ={ip 20} ip. Addr. Entry OBJECT-TYPE Syntax Ip. Addr. Entry Access not-accessible STATUS mandatory Definition "The addressing information for one of this entity's IP addresses. . „ INDEX {ip. Ad. Ent. Addr} : : ={ip. Addr. Table 1} Ip. Addr. Entry : : = SEQUENCE { ip. Ad. Ent. Addr ip. Ad. Ent. If. Index ip. Ad. Ent. Net. Mask ip. Ad. Ent. Bcast. Addr ip. Ad. Ent. Reasm. Max. Size Ip. Address, INTEGER, INTEGER (0. . 65535)}
Aggregate Object Macro-ip. Addr. Table (RFC 1155) ip. Ad. Ent. Addr OBJECT-TYPE Syntax Ip. Address Access read-only STATUS mandatory Definition "The IP address to which this entry's addressing information pertains. " : : ={ip. Addr. Entry 1} ip. Ad. Ent. If. Index OBJECT-TYPE Syntax INTEGER Access read-only STATUS mandatory Definition "The index value that uniquely identifies the interface to which this entry is applicable. The interface identified by a particular value of this index is the same interface as identified by the same value of If. Index. " INDEX {ip. Ad. Ent. Addr} : : ={ip. Addr. Entry 2}. .
Columnar Objects q Aggregate objects type contains one or more subtypes each could have multiple instances, with a value associated with each instance q It is convenient to conceptually define a tabular structure for objects with multiple values o e. g. , IP address table o q The objects TABLE T and ENTRY E are logical objects o TABLE T ENTRY E define grouping, are not accessible q Columnar objects are objects that represent the attributes o hence are accessible q Each instance of E is a row of columnar COLUMNAR COLUMNAR OBJECT 1 OBJECT 4 OBJECT 5 OBJECT 2 OBJECT 3 objects 1 through 5 q Multiple instances of E are represented by multiple rows Multiple Instance Managed Object
Columnar Objects T Object ID Not accessible {Table, Entry, Object, Index} Row 3: the third instance of the object T. E. 1. 1 T. E. 2. 1 T. E. 3. 1 T. E. 4. 1 T. E. 5. 1 T. E. 1. 2 T. E. 2. 2 T. E. 3. 2 T. E. 4. 2 T. E. 5. 2 T. E. 1. 3 T. E. 2. 3 T. E. 3. 3 T. E. 4. 3 T. E. 5. 3 T. E. 1. 4 T. E. 2. 4 T. E. 3. 4 T. E. 4. 4 T. E. 5. 4 Example of 5 Columnar Object with 4 Instances (rows) Notice that the column-row numeric designation is reverse of that used in matrix representation (row-column)
Columnar Objects - Example ip. Addr. Table {1. 3. 6. 1. 2. 1. 4. 20} ip. Addr. Entry (1) ip. Ad. Ent. Addr (1) ip. Ad. Ent. If. Index (2) ip. Ad. Ent. Net. Mask (3) ip. Ad. Ent. Bcast. Addr (4) ip. Ad. Ent. Reasm. Max. Size (5) Columnar object ID of ip. Ad. Ent. Bcast. Addr is (1. 3. 6. 1. 2. 1. 4. 20. 1. 4): iso org dod internet mgmt mib ip ip. Addr. Table ip. Addr. Entry ip. Ad. Ent. Bcast. Addr 1 3 6 1 2 1 4 20 1 4 Columnar objects under ip. Addr. Entry Row ip. Ad. Ent. Addr ip. Ad. Ent. If. Index Ip. Ad. Ent. Net. Mask Ip. Ad. Ent. Bcast. Addr Ip. Ad. Ent. Reasm. Max. Size 1 123. 45. 2. 1 1 255. 0 0 12000 2 123. 45. 3. 4 3 255. 0. 0 1 12000 3 165. 8. 9. 25 2 255. 0 0 10000 4 9. 96. 8. 138 4 255. 0 0 15000 4 instances of the Columnar object Index of table Object instances of ip. Addr. Table (1. 3. 6. 1. 2. 1. 4. 20)
Columnar Objects - Example Row ip. Ad. Ent. Addr ip. Ad. Ent. If. Index Ip. Ad. Ent. Net. Mask Ip. Ad. Ent. Bcast. Addr Ip. Ad. Ent. Reasm. Max. Size 1 123. 45. 2. 1 1 255. 0 0 12000 2 123. 45. 3. 4 3 255. 0. 0 1 12000 3 165. 8. 9. 25 2 255. 0 0 10000 4 9. 96. 8. 138 4 255. 0 0 15000 Node 1 under ip. Addr. Entry Object instances of ip. Addr. Table (1. 3. 6. 1. 2. 1. 4. 20) Columnar Object ID for ip. Addr. Entry Row # Object Identifier ip. Ad. Ent. Addr 1. 3. 6. 1. 2. 1. 4. 20. 1. 1 2 {1. 3. 6. 1. 2. 1. 4. 20. 1. 1. 123. 45. 3. 4} ip. Ad. Ent. If. Index 1. 3. 6. 1. 2. 1. 4. 20. 1. 2 3 {1. 3. 6. 1. 2. 1. 4. 20. 1. 2. 165. 8. 9. 25} ip. Ad. Ent. Bcast. Addr 1. 3. 6. 1. 2. 1. 4. 20. 1. 4 1 {1. 3. 6. 1. 2. 1. 4. 20. 1. 4. 123. 45. 2. 1} Ip. Ad. Ent. Reasm. Max. Size 1. 3. 6. 1. 2. 1. 4. 20. 1. 5 4 {1. 3. 6. 1. 2. 1. 4. 20. 1. 5. 9. 96. 8. 138} Object Id for specific instances Index of the object instance
Management Information Base (MIB) q RFC 1213 q MIB is a database containing information about q q elements to be managed For SNMP, the MIB is a structured database (tree) Each resource to be managed is represented by an object Each system (e. g. , a router) maintains a MIB that reflects the status of its managed resources A NMS monitors/controls the resources by reading/modifying the values of objects in the MIB
MIB, RFC 1213 Internet {1 3 6 1} q Implementation can be done as needed (e. g. , objects essential for fault or configuration management are added) q If a group is implemented by a vendor, all its components are implemented (e. g. OSPF and all its group objects) directory (1) mgmt (2) experimental (3) mib-2 (1) system (1) interfaces (2) at (3) ip (4) icmp (5) snmp (11) transmission (10) cmot (9) egp (8) udp (7) tcp (6) <module name> <imports> <definitions> END private (4) DEFINITIONS : : = BEGIN Internet MIB-II Group
MIB, RFC 1213 -- groups in MIB-II RFC 1213 -MIB DEFINITIONS : : = BEGIN IMPORT mgmt, Network. Address, Ip. Address, Counter, Gauge, Time. Ticks FROM RFC 1155 -SMI OBJECT-TYPE FROM RFC-1212; -- This MIB module uses the extended -- OBJET-TYPE macro as defined in [14]; -- MIB-II (same prefix as MIB-I) mib-2 OBJECT IDENTIFIER : : = { mgmt 1 } -- textual conventions Display. String : : = OCTET STRING -- This data type is used to model textual -- information taken from the NVT ASCII character -- set. By convention, objects -- with this syntax are declared as having --SIZE (0. . 255) Phys. Address : : = OCTET STRING -- This data type is used to model media -- addresses. For many types of media, this will -- be in a binary representation. For example, -- an ethernet address would be represented as -- a string of 6 octets. system interfaces OBJECT IDENTIFIER : : = { mib-2 1} OBJECT IDENTIFIER : : = { mib-2 2 } at OBJECT IDENTIFIER : : = { mib-2 3 } ip OBJECT IDENTIFIER : : = { mib-2 4 } icmp OBJECT IDENTIFIER : : = { mib-2 5 } tcp OBJECT IDENTIFIER : : = { mib-2 6 } udp OBJECT IDENTIFIER : : = { mib-2 7 } egp OBJECT IDENTIFIER : : = { mib-2 8 } cmot OBJECT IDENTIFIER : : = { mib-2 9 } transmission OBJECT IDENTIFIER : : = {mib-2 10} snmp. . END OBJECT IDENTIFIER : : = { mib-2 11 }
MIB, System Group -- the System group ----- Implementation of the System group is mandatory for all systems. If an agent is not configured to have a value for any of these variables, a string of length 0 is returned. sys. Descr OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 255)) ACCESS read-only STATUS mandatory DESCRIPTION the entity. ……. " : : = { system 1 } "A textual description of system (mib-2 1) sys. Descr (1) sys. Object. Id (2) sys. Up. Time (3) sys. Services (7) sys. Location (6) sys. Name (5) sys. Contact (4) sys. Object. ID OBJECT-TYPE sys. Up. Time OBJECT-TYPE SYNTAX OBJECT IDENTIFIER SYNTAX Time. Ticks ACCESS read-only STATUS mandatory DESCRIPTION " The vendor's DESCRIPTION authoritative identification of the network "The time (in hundredths of management subsystem contained in the a second) since the network management entity. " portion of the system was last : : = { system 2 } reinitialized. " : : = { system 3 }
MIB, System Group Fault monitoring: By periodically polling each agent for this value; if the current value is less than the most recent value, then the agent has been restarted since last poll! Programmed by vendor of objects during manufacturing time
MIB, Interface Group interfaces (mib-2 2) r It specifies the number of interfaces in a network component and the managed objects associated with each interface m E. g. , Ethernet bridge with many network interface cards r Implementation: mandatory if. Number (1) if. Table (2) if. Entry (1) if. Index (1) if. Descr (2) if. Type (3) if. Mtu (4) if. Speed (5) if. Phys. Address (6) if. Adminstatus (7) if. Oper. Status (8) if. Last. Change (9) if. In. Octets (10) if. In. Ucast. Pkts (11) interfaces OBJECT IDENTIFIER : : = { mib-2 2 } if. Specific (22) if. Out. QLen (21) if. Out. Errors (20) if. Out. Discards (19) if. Out. NUcast. Pkts (18) if. Out. Ucast. Pkts (17) if. Out. Octets (16) if. Unknown. Protos (15) if. In. Errors (14) if. In. Discards (13) if. In. NUcast. Pkts (12)
MIB, Interface Group interfaces (mib-2 2) if. Number OBJECT-TYPE SYNTAX INTEGER if. Number if. Table ACCESS read-only (1) (2) STATUS mandatory DESCRIPTION "The number of network if. Entry interfaces (regardless of their current (1) state) present on this system. " if. Entry OBJECT-TYPE : : = { interfaces 1 } SYNTAX If. Entry if. Table OBJECT-TYPE ACCESS not-accessible SYNTAX SEQUENCE OF If. Entry STATUS mandatory ACCESS not-accessible DESCRIPTION "An interface entry STATUS mandatory containing objects at the sub-network layer and below for a particular DESCRIPTION "A list of interface. " entries. The number of entries is given by the value of if. Number. " INDEX { if. Index } : : = { interfaces 2 } : : = { if. Table 1 } If. Entry : : = SEQUENCE {if. Index INTEGER, if. Descr Display. String, if. Type INTEGER, if. Mtu INTEGER, if. Speed Gauge, if. Phys. Address, if. Admin. Status INTEGER, if. Oper. Status INTEGER, if. Last. Change Time. Ticks, if. In. Octets Counter, ……}
MIB, Interface Group interfaces (mib-2 2) r Basic information useful for network management such as performance monitoring and fault control Examples r 1)-measuring the queue length or the total number of octets into/out of the system-m indicators for detecting congestion r 2)- measuring the traffic rate on a given interface! m m if. In. Ucast. Pkts/second, if. Out. Ucast. Pkts/second Counter data types, always incrementing! if. Number (1) if. Table (2) if. Entry (1) if. Index (1) if. Descr (2) if. Type (3) if. Mtu (4) if. Speed (5) if. Phys. Address (6) if. Adminstatus (7) if. Oper. Status (8) if. Last. Change (9) if. In. Octets (10) if. In. Ucast. Pkts (11) if. Specific (22) if. Out. QLen (21) if. Out. Errors (20) if. Out. Discards (19) if. Out. NUcast. Pkts (18) if. Out. Ucast. Pkts (17) if. Out. Octets (16) if. Unknown. Protos (15) if. In. Errors (14) if. In. Discards (13) if. In. NUcast. Pkts (12)
MIB, IP Group ip (mib-2 4) q Contains information relevant to the implementation and operation of IP at a node ip. Forwarding (1) ip. Routing. Discards (23) ip. Default. TTL (2) q Routers periodically execute routing algorithms and update routing tables ip. Net. To. Media. Table (22) ip. In. Receives (3) ip. Route. Table (21) ip. In. Hdr. Errors (4) ip. Addr. Table (20) ip. In. Addr. Errors (5) ip. Frag. Creates (19) ip. Frag. Fails (18) ip. Forw. Datagrams (6) ip. In. Unknown. Protos (7) m m m IP Address Table contains table of IP addresses IP Route Table contains an entry for each route IP Network-to-Media Table is address translation table mapping IP addresses to physical addresses ip. Frag. OKs (17) ip. In. Discards (8) ip. Reasm. Fails (16) ip. In. Delivers (9) ip. Out. Requests(10) ip. Out. Discards (11) ip. Reasm. OKs (15) ip. Reasm. Reqds (14) ip. Reasm. Timeout (13) ip. Out. No. Routes (12)
MIB, IP Group ip (mib-2 4) Gateway or router TTL in IP header Total # packets received from interfaces # of discarded datagrams due to header errors ip. Forwarding (1) ip. Routing. Discards (23) ip. Default. TTL (2) ip. Net. To. Media. Table (22) ip. In. Receives (3) ip. Route. Table (21) ip. In. Hdr. Errors (4) ip. Addr. Table (20) ip. In. Addr. Errors (5) ip. Frag. Creates (19) ip. Frag. Fails (18) ip. Forw. Datagrams (6) ip. In. Unknown. Protos (7) ip. Frag. OKs (17) ip. In. Discards (8) ip. Reasm. Fails (16) ip. In. Delivers (9) ip. Out. Requests(10) ip. Out. Discards (11) ip. Reasm. OKs (15) ip. Reasm. Reqds (14) ip. Reasm. Timeout (13) ip. Out. No. Routes (12)
MIB, IP Group ip. Addr. Table (ip 20) ip. Addr. Entry (ip. Addr. Table 1) ip. Ad. Ent. Reasm. Max. Size (5) ip. Ad. Ent. Addr (1) ip. Ad. Ent. If. Index (2) ip. Ad. Ent. Bcast. Addr (4) ip. Ad. Ent. Net. Mask (3)
MIB, IP Group Contains information used for Internet routing q ip. Route. Table information is useful for: configuration monitoring, controlling the routing process as well as fault isolation ip. Route. Table (ip 21) ip. Route. Entry ip. Route. Table (1) q ip. Route. Dest (1) ip. Route. Info (13) ip. Route. Metric 5 ip. Route. If. Index (2) (12) ip. Route. Metric 1 (3) ip. Route. Mask 11) ip. Route. Metric 2 (4) ip. Route. Age (10) ip. Route. Metric 3 (5) ip. Route. Proto (9) ip. Route. Metric 4 (6) ip. Route. Type (8) ip. Route. Next. Hop (7)
MIB, TCP Group q Contains info. relevant to the implementation/operation of connection-oriented TCP Timeout algorithm for retransmission tcp (mib-2 6) tcp. Out. Rsts (15) tcp. Rto. Algorithm (1) tcp. In. Errors (14) tcp. Rto. Min (2) tcp. Conn. Table 13) tcp. Rto. Max (3) tcp. Retran. Segs (12) tcp. Max. Conn (4) tcp. Out. Segs (11) tcp. Active. Opens (5) tcp. Passive. Opens (6) tcp. In. Segs (10) Minimum value for tcp. Attempt. Fails (7) tcp. Curr. Estab (9) retransmission timer tcp. Estab. Resets (8) # segments retransmitted Maximum value for retransmission timer Maximum nb of TCP connections # segments received # segments sent
MIB, TCP Group tcp. Conn. Table (tcp 13) tcp. Conn. Entry (1) tcp. Conn. State (1) tcp. Conn. Local. Address (2) tcp. Comm. Rem. Port (5) tcp. Conn. Rem. Address(4) tcp. Conn. Local. Port (3)
SNMP Network Management q Organization Model q Communication Model q Information Model o Structure of Management Information (SMI) o Managed Objects o Management Information Base (MIB) q SNMP Administrative Model q SNMP Protocol Specs
SNMPv 1 Administrator Model SNMP Entities: q SNMP application entities o o o Reside in management stations and network elements Manager and agent Pairing of both entities forms SNMP community q Administrative model defines administrative relationship between communicating entities q Management stations, each manages all or a subset of the managed stations in the configuration o q SNMP protocol entities q q Communication processes (PDU handlers) Peer processes that support application entities Subsets may overlap q Each managed station controls its local MIB o control the use of MIB by a number of management stations
SNMPv 1 Administrator Model SNMP Community It is a relation: q between one SNMP agent and a set of managers q defines authentication, access control and proxy charct. SNMP Manager Authentication Scheme Authentic Messages Authentication Scheme SNMP Agent q Multiple pairs can belong to the same community q A community name is a string of octets q Two application entities in the same community can communicate with each other o This essentially defines a filter module or authentication scheme between manager and agent q Security in SNMPv 1 is therefore community-based o no encryption
SNMPv 1 Administrator Model SNMP Community Profile only get, and trap are performed on objects 2, 3, 4 READONLY READWRITE read-only write-only read-write Object 1 Object 2 Object 3 Object 4 SNMP access mode o SNMP Access Mode not-accessible q Community profile: MIB view + o Operations such as get, set and trap can be performed on objects 2, 3, 4 SNMP Agent MIB View: a subset of the managed objects an agent is permitted to manage/view A community name is also assigned an SNMP access mode v READ ONLY, READ-WRITE MIB Access SNMP MIB View q Operations on an object is determined by community profile and the access mode of the object o Total of four access privileges v Read-only, write-only, read-write, not-accessible q Some objects, such as table and table entry, are non-accessible
SNMPv 1 Administrator Model SNMP Access Policy Manager Community Agent 1 Community Profile 2 Agent 2 q Pair of “SNMP community” and “community profile” define SNMP access policy q Access policy allow a managed agent to give different access privileges to different managers q Manager manages network components of communities 1 and 2 via Agents 1 and 2 q q q Agent 1 has only view of Community Profile 1, e. g. Cisco components Agent 2 has only view of Community Profile 2, e. g. 3 Com components Manager has total view of both Cisco and 3 Com components
SNMPv 1 Administrator Model SNMP Access Policy Manager 1 (Community 1) q Manager 1 manages community 1, manager 2 community 2, and manager 3 (Mo. M) both communities 1 and 2 Community 1 Agent 1 Community Profile 2 Agent 2 q Example: Enterprise management Manager 3 (Community 1, Community 2) Community 2 Agent 3 Community Profile 4 Manager 2 (Community 2) Agent 4
SNMPv 1 Administrator Model q Proxy agent enables non- SNMP Proxy Access Policy SNMP community elements to be managed by an SNMP manager q An SNMP MIB is created to handle the non-SNMP objects SNMP Manager (Community 1) SNMP Agent Proxy Agent SNMP Community non-SNMP Community
SNMP Network Management q Organization Model q Communication Model q Information Model o Structure of Management Information (SMI) o Managed Objects o Management Information Base (MIB) q SNMP Administrative Model q SNMP Protocol Specs
Message Format version community q Protocol entities support application entities q Communication between remote peer processes Message consists of : o o Version identifier Community name q Protocol Data Unit q Message encapsulated in UDP datagrams and transmitted data r Like FTP, SNMP uses two well- known ports to operate: m m UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap Messages
Message Format version community data q SNMP message format is defined using ASN. 1, encoded for transmission over UDP using BER Message : : = SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs } 3 different versions: SNMPv 1, SNMPv 2, SNMPv 3
Message Format-Set/Get PDU version community data Message : : = SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs } PDUs: : = CHOICE { get-request [0] IMPLICIT PDU, get-next-request [1] IMPLICIT PDU, get-response [2] IMPLICIT PDU, set-request [3] IMPLICIT PDU, trap [4] IMPLICIT Trap-PDU }
Message Format-Set/Get PDUtype requestid errorstatus errorindex PDU : : = SEQUENCE { request-id INTEGER, error-status INTEGER { no. Error (0), too. Big (1), no. Such. Name(2), bad. Value (3), read. Only (4), gen. Err (5) }, error-index INTEGER, variable-bindings Var. Bind. List } variable-bindings request-id: track a message and indicate loss of a message (e. g. , timeout, etc. ) error-status: indicate the occurrence of error-index: indicate the occurrence of error (position in the list of variables) variable-bindings: grouping of number of operations in a single message: e. g. , one request to get all values and one response listing all values
Message Format-variable bindings var-bind 1 name value Var. Bind. List var-bind 2 name value . . . : : = SEQUENCE OF Var. Bind : : = SEQUENCE { name Object. Name, value Object. Syntax } Object. Name : : = OBJECT IDENTIFIER Object. Syntax : : = CHOICE { simple Simple. Syntax, application-wide Application. Syntax } var-bind n name value
Message Format-variable bindings Simple. Syntax : : = CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL } Application. Syntax: : = CHOICE { address Network. Address, counter Counter, gauge Gauge, ticks Time. Ticks, arbitrary Opaque } Network. Address: : = CHOICE { internet Ip. Address }
Message Format-Trap PDUAgent Generic Specific Time Entreprise type Address Trap Type Stamp variable-bindings Trap-PDU : : = SEQUENCE { -Pertain to the system generating enterprise OBJECT IDENTIFIER, the trap (sys. Object. ID) agent-addr Network. Address, -IP address of the objetc generic-trap INTEGER { cold. Start (0), warm. Start (1), link. Down (2), link. Up (3), authentication. Failure(4), egp. Neighbor. Loss (5), enterprise. Specific (6) }, Specific code to identify the specific-trap INTEGER, trap cause… time-stamp Time. Ticks, Elapsed time since last re-initialization variable-bindings Var. Bind. List }
- Slides: 70
