SNMP Version 2 SNMPv 2 Sukiswo sukiswokyahoo com
- Slides: 26
SNMP Version 2 (SNMPv 2) Sukiswo sukiswok@yahoo. com Manajemen Jaringan, Sukiswo ST, MT 1
Table of Contents 4 The Birth of SNMPv 2 4 SNMPv 2 RFCs 4 SNMPv 2 Enhancements 4 SNMPv 2 Protocol Operations 4 SNMPv 2 Coexistence with SNMPv 1 Manajemen Jaringan, Sukiswo ST, MT 2
The Birth of SNMPv 2 4 a major problem with SNMP is the lack of security 4 secure SNMP was proposed (July 1992) to solve this problem in SNMP 4 Simple Management Protocol (SMP) was also proposed (July 1992) to extend the SNMP functionality 4 secure SNMP + SMP = SNMPv 2 (March 1993) 4 a major security flaw was detected in this proposal and the security aspects were dropped and the result is community-based SNMPv 2 (Jan. 1996) Manajemen Jaringan, Sukiswo ST, MT 3
SNMPv 2 RFCs 4 RFC 1901 (experimental) – Introduction to Community-based SNMPv 2 4 RFC 1902 (draft) -> RFC 2578 (standard) – Structure of Management Information for SNMPv 2 (SMIv 2) 4 RFC 1903 (draft) -> RFC 2579 (standard) – Textual Conventions for SMIv 2 4 RFC 1904 (draft) -> RFC 2580 (standard) – Conformance Statements for SMIv 2 Manajemen Jaringan, Sukiswo ST, MT 4
SNMPv 2 RFCs (cont’d) 4 RFC 1905 (draft) – Protocol Operations for SNMPv 2 4 RFC 1906 (draft) – Transport Mappings for SNMPv 2 4 RFC 1907 (draft) – Management Information Base for SNMPv 2 4 RFC 1908 (draft) – Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework Manajemen Jaringan, Sukiswo ST, MT 5
SNMPv 2 Key Enhancements 4 SMIv 2 (a superset of SMIv 1) – provides more elaborate specification and documentation of managed objects and MIB modules • object type macros expanded (see Fig. 11. 1, 11. 2 & Table 11. 2) • creating and deleting conceptual rows in a table (as used in RMON) • notification definitions • information modules – new SNMP MIB definitions are defined using SMIv 2 4 Manager-to-Manager Capability – for managing large, distributed networks 4 Protocol Operations – bulk management information retrieval – manager-to-manager communication Manajemen Jaringan, Sukiswo ST, MT 6
Comparison of Data Types Manajemen Jaringan, Sukiswo ST, MT 7
Notification Type MACRO NOTIFICATION-TYPE MACRO : : = BEGIN TYPE NOTATION : : = Objects. Part “STATUS” Status “DESCRIPTION” Text Refer. Part VALUE NOTATION : : = value (VALUE Notification. Name) Objects. Part : : = “OBJECTS” “{“ Objects “}” | empty Objects : : = Object | Objects “, ” Object : : = value (Name Object. Name) Status : : = “current” | “deprecated” | “obsolete” Refer. Part : : = “REFERENCE” Text | empty Text : : = “““ string “““ END Manajemen Jaringan, Sukiswo ST, MT 8
Notification Type Example cold. Start NOTIFICATION-TYPE STATUS current DESCRIPTION "A cold. Start trap signifies that the SNMPv 2 entity, acting in an agent role, is reinitializing itself and that its configuration may have been altered. " : : = { snmp. Traps 1 } -- From RFC 1907 Manajemen Jaringan, Sukiswo ST, MT 9
Module Identity MACRO MODULE-IDENTITY MACRO : : = BEGIN TYPE NOTATION : : = “LAST-UPDATED” value (Update UTCTime) “ORGANIZATION” Text “CONTACT-INFO” Text “DESCRIPTION” Text Revision. Part VALUE NOTATION : : = value (VALUE OBJECT IDENTIFIER) Revision. Part : : = Revisions | empty Revisions : : = Revision | Revisions Revision : : = “REVISION” value (Update UTCTime) “DESCRIPTION” Text : : = “““ string “““ END Manajemen Jaringan, Sukiswo ST, MT 10
Module Identity Example rmon MODULE-IDENTITY LAST-UPDATED "9605270000 Z" ORGANIZATION "IETF RMON MIB Working Group" CONTACT-INFO "Steve Waldbusser (WG Editor) Postal: International Network Services 650 Castro Street, Suite 260 Mountain View, CA 94041 Phone: +1 415 254 4251 Email: waldbusser@ins. com DESCRIPTION "The MIB module for managing remote monitoring device implementations. This MIB module augments the original RMON MIB as specified in RFC 1757. " : : = { mib-2 16 } Manajemen Jaringan, Sukiswo ST, MT 11
Object Identity MACRO OBJECT-IDENTITY MACRO : : = BEGIN TYPE NOTATION : : = “STATUS” Status “DESCRIPTION” Text Refer. Part VALUE NOTATION : : = value (VALUE OBJECT IDENTIFIER) Status : : = “current” | “deprecated” | “obsolete” Refer. Part : : = “REFERENCE” Text | empty Text : : = “““ string “““ END Manajemen Jaringan, Sukiswo ST, MT 12
Object Identity Example snmp. UDPDomain OBJECT-IDENTITY STATUS current DESCRIPTION "The SNMPv 2 over UDP transport domain. The corresponding transport address is of type Snmp. UDPAddress. " : : = { snmp. Domains 1 } -- from RFC 1906 Manajemen Jaringan, Sukiswo ST, MT 13
SNMPv 2 MIB Access Manajemen Jaringan, Sukiswo ST, MT 14
SNMPv 2 Operations 4 Get. Request - get the value for each listed object 4 Get. Next. Request - get next value for each listed object 4 Get. Bulk. Request - get multiple values 4 Response - respond to manager request 4 Set. Request - set value for each listed object 4 Inform. Request - send unsolicited information from a manager to another 4 SNMPv 2 -Trap - send unsolicited information from an agent to a manager Manajemen Jaringan, Sukiswo ST, MT 15
SNMPv 2 PDU Formats version (1) community PDU SNMPv 2 Message request PDU 0 0 variable-bindings type id (a) Get. Request-PDU, Get. Next. Request-PDU, Set. Request-PDU, SNMPv 2 -Trap-PDU, Inform. Request-PDU error PDU request variable-bindings type id status index (b) Response-PDU nonmax. PDU request type id repeaters repetitions (c) Get. Bulk. Request-PDU name 1 value 1 name 2 value 2 . . . variable-bindings name. N value. N (d) variable-bindings Manajemen Jaringan, Sukiswo ST, MT 16
Get. Bulk. Request 4 used to minimize the exchanges required to retrieve a large amount of information 4 selection principle is the same as Get. Next. Request – the next object instance in lexicographic order 4 includes a list of (N + R) variable names in the variable-bindings list – the first N variables for retrieving single values – the next R variables for retrieving multiple values 4 non-repeaters and max-repetition fields are used to indicate the number of N and R variables Manajemen Jaringan, Sukiswo ST, MT 17
Interpretation of Get. Bulk. Request Fields name 1 name 2 . . name. N+1 . . name. N+R For first N variables: For last R variables: provide one value each provide M values each (first lexicographic successor)(first M lexicographic successors) L = number of names in variable-bindings field N = MAX [ MIN (non-repeaters, L), 0 ] M = MAX [ max-repetitions, 0 ] R=L-N Manajemen Jaringan, Sukiswo ST, MT 18
Get. Bulk. Request Example Get. Bulk. Request (non-repeaters = 2, max-repeaters = 6, X, Y, TA, TB, TC) Manager issues request with six variable names; for the first two variable (non-repeaters=2), a single value is requested; for the remaining variables six successive values (max-repeaters=6) are requested. NMS Agent (e. g, router) x Y Table a TA TB TC Agent returns single value for X, Y, and six rows of table a Response [X, Y, TA(1), TB(1), TC(1), TA(2), TB(2), TC(2), TA(3), TB(3), TC(3), TA(4), TB(4), TC(4), TA(5), TB(5), TC(5), TA(6), TB(6), TC(6) ] Manajemen Jaringan, Sukiswo ST, MT 19
SNMPv 2 -Trap and Inform. Request 4 SNMPv 2 -Trap – is sent from an agent to a manager when an unusual event occurs – no response is required 4 Inform. Request – is sent from a manager for passing information to an application running in another manager – Response PDU is used to acknowledge the request – for hierarchical or distributed management where multiple managers are involved Manajemen Jaringan, Sukiswo ST, MT 20
SNMPv 2 PDU Sequences Manager Agent Get. Requ est PDU onse Resp Manager PDU Agent Set. Requ est PDU Resp o DU nse P Manager Agent Get. Next Reques t PDU U PD onse p s e R Manager Inform. R Manager Agent Get. Bulk Reques t PDU e PDU ons Resp Manager Agent equest P DU e PDU rap Pv 2 -T PDU SNM ons Resp Manajemen Jaringan, Sukiswo ST, MT 21
PDU Comparisons Manajemen Jaringan, Sukiswo ST, MT 22
Transport Mappings 4 RFC 1906 specifies the mapping of SNMPv 2 onto the following transport protocols – User Datagram Protocol (UDP) – OSI Connectionless-Mode Network Service (CLNS) – OSI Connection-Oriented Network Service (CONS) – Novell Internetwork Packet Exchange (IPX) – Appletalk 4 The SNMPv 2 document states that UDP is the preferred mapping Manajemen Jaringan, Sukiswo ST, MT 23
Coexistence by Means of Proxy Agent SNMPv 2 environment SNMPv 1 environment Get. Request Get. Next. Request Set. Request Get. Bulk. Request SNMPv 2 manager Get. Next. Request SNMPv 2 manager-to-agent PDUs SNMPv 2 agent-tomanager PDUs Response Proxy Agent SNMPv 1 manager-to-agent PDUs SNMPv 1 agent-tomanager PDUs Get. Response SNMPv 2 -Trap Manajemen Jaringan, Sukiswo ST, MT 24
Coexistence by Means of Bilingual Manager Info SNMPv 2 manager Inf rm Re orm que st, Re spo nse Re qu est , R esp on p, P ra v 2 -T SNMPv 2 agent se e ons p s Re Bilingual manager (v 1, v 2) Get. Request, Get. Next. Request, Set. Request SNMPv 1 agent Get. Response, Trap t ues q e ext. R quest N t e t, g , set. Re s e u t Req eques t e g ulk. R B t ge Manajemen Jaringan, Sukiswo ST, MT 25
Summary 4 SNMPv 2 is a natural extension of SNMPv 1 4 Key enhancements in SNMPv 2 are: – more elaborate MIB specification capability (SMIv 2) – Manager-to-Manager communication – Bulk information transfer 4 SNMPv 2 failed to improve on security 4 More powerful but more complex than SNMPv 1 4 SNMPv 3 focuses on improving the security aspect Manajemen Jaringan, Sukiswo ST, MT 26
Cơm
Bài thơ mẹ đi làm từ sáng sớm
Snmpv
Snmp couche osi
Snmpv
Snmpv
Snmpv
Statusnetworkmanagement
Cisco arp table
Snmp adalah
Snmpv
Snmpv
Powershell snmp get
Snmp traceroute
Snmp adalah
Snmp stands for
Ravneet johal
Snmp mib2
Polygon snmp manager
Dns application layer protocol
Snmp
Snmp organization model
Multi router traffic grapher
Snmp mrtg
Snmp-3-response_delayed
Snmp uses tcp or udp
Snmp-architektur
