Fundamentals%20of%20SNMP - PowerPoint PPT Presentation

View by Category
About This Presentation
Title:

Fundamentals%20of%20SNMP

Description:

MA and managed device times may not be synchronised ... managers in terms of authentication, access control and proxy characteristics ... – PowerPoint PPT presentation

Number of Views:172
Avg rating:3.0/5.0
Slides: 79
Provided by: nirmala8
Learn more at: http://www.ist.rit.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Fundamentals%20of%20SNMP


1
Fundamentals of SNMP
2
Simple Network Management Protocol
  • Three Essentials
  • Structure for Management Information (SMI)
  • Set of rules for specifying management
    information
  • Management Information Base
  • Structured collection of all the managed objects
    and data
  • The protocol

3
Structure for Management Information
  • How to define management Information?
  • What is the architecture to be used?
  • How to define an object?
  • Specify a language to define an object

4
Object Type and Object
  • What is an Object Type?
  • Abstract definition for a managed object
  • What is a managed object?
  • An entity in a managed system (node), about which
    we want information, to manage the node
  • E.g. system up time, packets sent, packets
    received, number of interfaces

5
Structuring managed objects
  • SMI specifies a hierarchical tree structure for
    naming and managing objects

6
Contd..
  • dod object is identified as iso org(3) dod(6)
    or simply 1.3.6
  • mgmt object is identified as iso org(3) dod(6)
    internet (1) mgmt (2) or simply 1.3.6.1.2
  • 1.3.6, 1.3.6.1.2 are authoritative
    identification for the two objects.
  • They also specify how to access the object

7
Mgmt sub tree
8
Contd..
  • sysDescr and sysName are managed objects
  • There could be more than one instance of a
    managed object

9
Object Definitions
  • Specify the name, its properties, how to identify
    it etc.
  • Example
  • (Name of the Object) OBJECT-TYPE
  • Property 1
  • Property 2
  • ..............
  •  
  • OBJECT IDENTIFIER

10
Contd..
  • OBJECT IDENTIFIER
  • Machine recognizable
  • Name of the Object
  • Human readable

11
Contd..example
  • SnmpInPackets OBJECT-TYPE
  • SYNTAX Counter32
  • MAX_ACCESS read-only
  • STATUS current
  • DESCRIPTION the total number of packets
  • received by the SNMP entity
  • from the transport service
  • REFERENCE from the RFC1213-

  • MIB.snmpInPkts
  •   snmp 1

12
Contd..
  • Instead of
  • snmp 1 could have been
  • 1.3.6.1.2.1.11.1
  • Interpretation
  • SnmpInPkts is an object delimitation for an
    object that requires a counter of 32 bits to
    store, is currently active and is used to
    identify the number of packets received by the
    SNMP entity from the transport service and
    reference to this can be found in
    RFC1213-MIB.snmpInPkts

13
Contd.
14
Contd..
  • SYNTAX, MAX ACCESS etc are properties of the
    object

15
Object type and instances
  • Objects can be scalar or tabular
  • Scalar objects
  • One instance for that object
  • E.g. SnmpInPkts
  • To access the object instance use
    1.3.6.1.2.1.11.1.0

16
Aggregate Objects
  • Tabular or aggregate objects
  • ipAddrTable OBJECT-TYPE
  • SYNTAX SEQUENCE OF IpAddrEntry
  • ACCESS not-accessible
  • STATUS mandatory
  • DESCRIPTION the table of addressing
  • information relevant to this entitys
    IP
  • addresses
  • ip 20

17
Contd..
  • ipAddrTable is made up of a sequence of
    IpAddrEntry objects (rows of the table)
  • ipAddrEntry OBJECT-TYPE
  • SYNTAX IpAddrEntry
  • ACCESS not-accessible
  • DESCRIPTION ..
  • INDEX ipAdEntAddr
  • IpAddrTable 1

18
Contd..
  • IpAddrEntry
  • SEQUENCE
  • ipAdEntrAddr IpAddress
  • ipAdEntIfIndex INTEGER
  • ipAdEntNetMASK IpAddress
  • ipAdEntBCastAddr INTEGER
  • ipAdEntReasmMaxSize INTEGER
  • (0..65535)

19
Object instances of ipAddrTable
Row ipAdEntAddr ioAdEntIfIndex ipAdEntBcastAddr
1 123.45.2.1 1 255.255.0.0
2 123.45.3.4 3 255.255.0.0
3 165.8.9.25 2 255.255.0.0
4 9.96.8.138 4 255.0.0.0
20
Accessing instances of the table objects
Columnar object Row no Object id
ipAdEntAddr 1.3.6.1.21.4.20.1.1 2 1.3.6.1.2.1.4.20.1.1.3
IpAdEntIfIndex 1.3.6.1.2.1.4.20.1.2 3 1.3.6.1.2.1.4.20.1.2. 2
IpAdEntBcastAddr 1.3.6.1.2.1.4.20.1.4 1 1.3.6.1.2.1.4.20.1.4. 1
IpAdEntReasmMaxSize 1.3.6.1.2.1.4.20.1.5 4 1.3.6.1.2.1.4.20.1.5. 4
  • ipAdEntAddr is index

21
MIBS
  • MIB modules define a collection of related
    managed objects
  • A large module has groups
  • MIB II has the following groups
  • System, interfaces, ip, tcp, snmp, udp etc.

22
SNMP the protocols
  • Request Operations
  • Get, getnext, getbulk, set
  • Request id helps manager application to
    distinguish between outstanding requests
  • Get, getnext, getbulk collets values
  • Set sets the specified value for the object
  • Variable-bindings list of variables, containing
    a name and value
  • MIB view

23
Contd..
  • Response
  • Returned by the Agent
  • Request id repeated
  • Error status - non-zero indicates error
    occurrence ignore the information in the
    variable bindings field
  • Error index - index tells which variable is in
    error

24
Get Operation general example
25
Getnext
26
Getnext contd..
  • Makes use of the ordering of the variable
  • Returns name and value of next instance in MIB
  • If no next instance endOfMibView
  • Try getnext (ver) (host) 0.0

27
Getnext with indices
AtIfIndex AtPhyAddress AtNetAddress
23 0000000C3920B4 192.168.3.1
13 0000000C3920AC 172.16.46.1
16 0000000C3920AF 172.16.49.1
28
Contd.. Indices retrieved automatically
29
getbulk
  • Executes getnext repeatedly
  • E.g getbulk non-repeaters max-repetitions
  • Getbulk (2, 3, A, B, C, D)
  • On A and B getnext executed only once
  • On C, D getnext executed 3 times

30
others
  • Set agent will update the value of the variable
    and return a response
  • Notification unsolicited interaction from Agent
    on detecting an abnormal condition
  • Trap similar to notification expects no
    response from manager

31
Trap
  • Request id included
  • Sent to UDP port 162
  • Includes
  • Timestamp indicating when the trap was
    generated
  • Identity of the trap
  • Some traps are generic
  • Cold start, warm start, link down

32
Manager Application
  • A browser,
  • which polls Agents to retrieve values
  • Modest processing on values
  • Display information to user
  • Sophisticated Applications
  • Interpret variables to system behavior

33
Agent features
  • Timestamps
  • Counters
  • Error codes
  • Other capabilities

34
Timestamp
  • MA uses this information to determine when the
    agent observed something
  •  Agent knowledge of time is not absolute
  •  Agent may not know the time when the device is
    off
  •  MA and managed device times may not be
    synchronised
  •  TimeStamp is a snapshot of the TimeTick value
  •  TimeTick is in hundredths of a second 

35
Time stamp example
  • Snmpget v 2c localhost system.sysUpTime.0
  • Response
  • system.sysUpTime.0 Timeticks (5996352)
    163923.52

36
Counters
  • Can be used to calculate rates
  • Observe difference between 2 consecutive measures
  • Beware of wrap around
  • More than once
  • Restarting device may reset the counter to 0

37
Counters example
  • Snmpget v 2c localhost system.sysUpTime.0
    ip.ipInreceives.0
  • Response
  • system.sysUpTime.0 Timeticks (6017853)
    164258.53 ip.ipInReceives.0 1637824
  • Repeat after some time
  • IP datagram incoming rate
  • ip.ipInReceives.0 (2) - ip.ipInReceives.0 (1)
  • Timeticks (2) Timeticks (1)

38
Utilization
  • rx.utilisationdelta(ifInOctets)8 100
  • ifSpeeddelta (timeticks)
  • tx.utilisation delta(ifOutOctets)8 100
  • ifSpeeddelta (timeticks)
  •  
  • utilization of an Ethernet segment
    tx.utilisation rx.utilisation

39
Broadcast storms
  • Percentage of overall broadcast packet?
  • High broadcast packet rate?
  • receive b/m pkt rate
  • delta(ifInNUcastPkts)
  • delta (seconds)
  • transmit b/m pkt rate
  • delta(ifOutNUcastPkts)
  • delta (seconds)

40
Agent Capabilities
  • MA uses this to customize its interaction with an
    agent
  • Agent implementing a MIB group should implement
    all objects in the MIB
  • Not all objects are present instrumentation
    limitations
  • MAX-ACCESS can be read-write, but underlying
    instrumentation may allow only read and no
    control

41
Contd..
  • SYNTAX range of values that an object may take
    only a subset may be possible
  • Table access
  • Agent should permit adding new rows
  • MA should know Agent capabilities to customize
    its interaction

42
Authentication
  • Managed Station may wish to limit access of their
    MIBs to authorized Management Stations
  • Community name is the password for authentication
    in snmpv1

43
Community
  • Defines a relationship between an SNMP agent and
    a set of SNMP managers in terms of
    authentication, access control and proxy
    characteristics
  • Managed System establishes one community for each
    desired combination
  • the community is a unique name within the agent,
    and management station pair
  • Management Station and agents in that community
    must employ the community name in all get and set
    operations

44
Contd..
  • An agent may establish a number of communities
  •  Pairing of a Management Station and a Managed
    Station is called an SNMP community

45
Access Policy
  • Managed stations wish to give different access
    privileges to different management stations
  • By using a different community name agent can
    provide different categories of access to
    different management stations

46
SNMP Access Policy
  • Network Elements comprise many managed objects
  • Standard
  • Private
  • An Agent can view a subset MIB view
  • MIB view and Access provide the community profile

47
(No Transcript)
48
(No Transcript)
49
SNMP versions version 1
  • Primitive types
  • Defined types
  • Derived types
  • Constructive types

50
SNMP versions Version 1
  • INTEGER
  • 32 bit value in 2s complement
  • -2147483648 to 2147483647
  • can be used to represent enumerated types
  • OCTET STRING zero or more octets
  • Each octet has a value 0-255
  • Text string Ex system description
  • OBJECT IDENTFIER
  • Sequence of integers
  • NULL -placeholder

51
Derived types
  • Network Address
  • Counter 32 bit nonnegative integer wraps around
    on reaching max value
  • Gauge - 32 bit non negative integer may
    increase or decrease capped
  • Timeticks time in hundredths of second 32 bit
    non-negative integer
  • Wraps around in 497 days

52
  • 32 bit counter wrap around time
  • Gigabit interface polling lt 0.57 min
  • Use two 32 bit counters

Interface speed Wrap around time
10 Mbps 57.26 min
100 Mbps 5.73 min
155 Mbps 3.69 min
1 Gbps 0.57 min
53
Constructor types
  • SEQUENCE list
  • SEQUENCE OF table

54
Key words
  • ACCESS
  • BEGIN macro definition
  • DESCRIPTION
  • Counter
  • Gauge
  • INTEGER

55
MIB groups
  • System
  • Interfaces
  • Address Translation
  • IP
  • ICMP
  • TCP
  • UDP
  • EGP
  • CMOT
  • transmission
  • SNMP

56
SNMP v1 operations
  • Get
  • Getnext
  • Set
  • trap

57
Traps in SNMPv1
  • Six generic traps have been defined
  • Encoded in the SNMP message field between 0-5
  • Other specific traps
  • Generic Trap field in message is 6
  • Vendor specific problems?

58
SNMPv2 additions and changes
  • Bulk data transfer
  • request and receive bulk data
  • manager-to-manager message
  • interoperability of two Network Management
    Systems
  • Module definitions, Object definitions, trap
    definitions
  • RFC1155, 1212, 1215, 1902, 1904

59
Contd..
  • Textual conventions
  • To help define new data types
  • Conformance statements
  • Vendors claim to product capability
  • Table enhancements
  • Expand a table by augmenting another table
    helps add columnar objects

60
Data Types in SNMPv2
  • Integer32 same as INTEGER
  • Counter32 same as Counter
  • Gauge32 same as Gauge
  • Unsigned32 similar to Gauge32
  • Counter64

61
Contd.. Tables
  • RowPointer
  • Row status useful in changing rows
  • active
  • notInService
  • notReady
  • createAndGo
  • createAndWait
  • destroy

62
SMIv2
  • OBJECT-IDENTITY macro introduced
  • Defines information about an OBJECT_IDENTIFIER
  • Routers can be defined in general using
    OBJECT-IDENTITY
  • A specific router is defined using an
    OBJECT_IDENTIFIER

63
Table Augmentation
  • Extending aggregate objects from single to
    multiple tables
  • Helps expand managed objects when the columnar
    objects needs to be increased
  • Base table and augmented table
  • Index in base table is also the index in the
    augmented table

64
Contd..
  • ipAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF
    IpAddrEntry
  • MAX-ACCESS not-accessible
  • STATUS current
  • DESCRIPTION .......
  • ip 20

65
Contd.
  • ipAddrEntry OBJECT-TYPE
  • SYNTAX IpAddrEntry
  • MAX-ACCESS not-accessible
  • STATUS current
  • DESCRIPTION .......
  • INDEX ipAdEntAddr
  • ipAddrTable 1

66
  • ipAugAddrTable OBJECT-TYPE
  • SYNTAX SEQUENCE OF IpAugAddrEntry
  • MAX-ACCESS not-accessible
  • STATUS current
  • DESCRIPTION .......
  • ipAug 1

67
  • ipAugAddrEntry OBJECT-TYPE
  • SYNTAX IpAugAddrEntry
  • MAX-ACCESS not-accessible
  • STATUS current
  • DESCRIPTION .......
  • AUGMENT ipAddrEntry
  • ipAugAddrTable 1

68
  • Internet MIB Groups in SNMPv2

69
Traps in SNMPv2
  • Traps are defined using
  • NOTIFICATION-TYPE
  • Generic traps of snmpv1 have an object id under
    snmpTraps (a new object in SMIv2)
  • Each trap has a unique id

70
Others
  • Getbulk
  • Get and getnext may recover only variables that
    are available
  • SNMPv2 can be run over various other transport
    protocols
  • IPX/SPX, Appletalk
  • SNMPv1 and SNMPv2 can coexist
  • Proxy server essential

71
SNMPv3
  • Addresses three issues
  • Better administration
  • Security
  • Modular architecture easy extendability
  • SNMP Agent and Manager are considered as SNMP
    entity
  • An SNMP entity consists of
  • SNMP Engine
  • SNMP applications

72
Modular architecture
73
SNMP engine
  • Dispatcher
  • Message Processing Subsystem
  • Security Subsystem
  • Access Control Subsystem

74
Dispatcher
  • Responsible for sending and receiving messages
  • Determines version number and sends to
    appropriate message processing model
  • Action taken if message can not be understood

75
Message Processing Subsystem
  • Prepares messages to be sent
  • Extracts data from received messages

76
Security
  • Decrypts the data portion
  • Checks for proper authentication
  • Forwards to proper SNMP application
  • Security Model defines
  • Security threats against which to protect
  • Services provided
  • Security protocols

77
Access Control Subsystem
  • is called by Applications that need to access
    managed objects

78
Applications
  • Internal applications
  • generate messages, respond to received messages,
    generate/rx notifications, forward messages
    between SNMP entities
  •  Command Generator (SNMP mgr?)
  • Command responder (SNMP agent?)
  • Notification originator (SNMP agent?)
  • Notification receiver (SNMP mgr?)
  • Proxy forwarder
About PowerShow.com