Chapter 4 SNMPv1: Organization and Information Models

1
Chapter 4SNMPv1 Organization and Information
Models
2
Internet SNMP Management

• Internet Engineering Task Force (IETF)
• 1990 SNMPv1
• 1995 SNMPv2
• 1998 SNMPv3
• Internet documents
• Request for Comments (RFC)
• IETF STD Internet Standard
• FYI For your information

http//www.ietf.org/
http//www.ietf.org/rfc.html http//www.ietf.org/r
fc/rfcNNNN.txt
3

SMIv2 RFC 2578
SMIv2 Conventions RFC 2579
SMIv2 Conformances RFC 2580
SNMPv2 Protocol Ops RFC 3416
SNMP MIB RFC 3418
SNMP MIB RFC 3418
SNMP MIB RFC 3418
4
SNMP Model

• Organization Model
• Relationship between network element, agent, and
  manager
• Hierarchical architecture
• Information Model
• Uses ASN.1 syntax
• SMI (Structure of Management Information
• MIB (Management Information Base)
• Communication Model
• Transfer syntax
• SNMP over TCP/IP
• Communication services addressed by messages
• Security framework community-based model

5
Two-Tier Organization Model
6
Three-Tier Organization Model RMON

• RMON
• Remote Monitoring
• RMON I
• RMON II

7
Three-Tier Organization Model Proxy
8
SNMP System Architecture
Management Station
Network Elements (NEs)
Host
Router
Manager
Agent
Agent
SNMP
SNMP
SNMP
Network Management Protocol
. . .
UDP
UDP
UDP
IP
IP
IP
????
????
????
SNMP
Network
9
SNMP Services
Manager
Agent(s)

• Four Services
• Get, Set, GetNext, Trap
• Five SNMP Messages
• GetRequest, SetRequest, GetNextRequest,
  GetResponse, Trap

10
SNMP Services
Get Request
Get GetNext Set Trap
Get Response
GetNext Request
Get Response
Set Request
Get Response
Trap Request
11
SNMP Services (cont.)

• Get Request
• Retrieve the values of objects in the MIB of an
  agent.
• Get-Next Request
• Retrieve the values of the next objects in the
  MIB of an agent.
• Set Request
• Update the values of objects in the MIB of an
  agent.
• Trap Request
• Report extraordinary events to the manager.

12
4.7 Information Model

• Structure of Management Information (SMI) (RFC
  1155, RFC 1212)
• Managed Object
• Scalar
• Aggregate or tabular object
• Management Information Base (RFC 1213)

13
Managed Object
Object Type
Object Instance
14
Managed Object Multiple Instances
Object Type
Object Instance
15
Object Name

• Object is uniquely defined by
• DESCRIPTOR
• OBJECT IDENTIFIER

16
Internet Subnodes
directory OBJECT IDENTIFIER internet 1
mgmt OBJECT IDENTIFIER internet 2
experimental OBJECT IDENTIFIER internet 3
private OBJECT IDENTIFIER internet 4
17
root
0
2
1
iso
ccitt
joint-iso-ccitt
3
0
2
1
org
1.3.6.1.2.1
reg authority
std
member body
6
dod
1
1.3.6.1.2.1.2
1.3.6.1.4.1
internet
1
4
3
2
mgmt
directory
private
experimental
1
1
MIB II
enterprises
MIB II
enterprises
interface
system 1
interface 2
at 3
IP 4
ICMP 5
TCP 6
UDP 7
EGP 8
Trans. 10
SNMP 11
18
Private MIB Example
http//www.iana.org/
Enterprise Number
http//www.iana.org/assignments/enterprise-numbers
19
SNMP ASN.1 Data Type
20
Primitive Data Types

• subtype
• INTEGER (0..255)
• OCTET STRING (SIZE 0..255)
• OCTET STRING (SIZE 8)

21
Enumerated

• Special case of INTEGER data type

22
Defined or Application Data Type
23
Constructor or Structured Data TypeSEQUENCE

• List Marker

SEQUENCE lttype1gt, lttype2gt,, lttypeNgt
IpAddrEntry SEQUENCE ipAdEntAddr Ip
Address, ipAdEntIfIndex INTEGER, ipAdEntNe
tMask IpAddress, ipAdEntBcastAddr INTEGER,
ipAdEntReasmMaxSize INTEGER (0..65535)
24
Constructor or Structured Data TypeSEQUENCE OF

• SEQUENCE OF ltentrygt
• where ltentrygt is a list constructor

ipAddrTable OBJECT-TYPE SYNTAX
SEQUENCE OF IpAddrEntry ACCESS
not-accessible STATUS mandatory
DESCRIPTION "The
table of addressing information relevant to
this entity's IP addresses."
ip 20
25
Example IP Address Table

• Each row (table entry) is a sequence
  IpAddrEntry.
• The ipAddrTable table is a sequence of rows
  (entries), i.e. a sequence of ipAddrEntry.

26
Encoding

• Basic Encoding Rules (BER)
• - Type, Length, and Value (TLV)

27
SNMP Data Types and Tags
28
4.7.3 Managed Object Structure
29
SMIv1, SMIv2

• SMIv1
• SMI (RFC 1155)
• Concise MIB (RFC 1212)
• Trap-Type (RFC 1215)
• SMIv2
• SMIv2 (RFC 2578)
• Textual Conventions (RFC 2579)
• Conformance Statements (RFC 2580)

30
Object-Type Macro (RFC 1155)
OBJECT-TYPE MACRO BEGIN TYPE NOTATION
"SYNTAX" type (TYPE ObjectSyntax)
"ACCESS" Access
"STATUS" Status VALUE NOTATION value
(VALUE ObjectName) Access "read-only"
"read-write" "write-only
"not-accessible" Status "mandatory"
"optional" "obsolete" END
31
OBJECT-TYPE MACRO (RFC1212)
OBJECT-TYPE MACRO BEGIN TYPE
NOTATION "SYNTAX" type(ObjectSyntax)
"ACCESS" Access
"STATUS" Status DescrPart ReferPart I
ndexPart DefValPart VALUE
NOTATION value (VALUE ObjectName)
?
?
?
?
?
?
?
ObjectName OBJECT IDENTIFIER
32
OBJECT-TYPE Example

• sysLocation OBJECT-TYPE
• SYNTAX DisplayString (SIZE
  (0..255))
• ACCESS read-write
• STATUS mandatory
• DESCRIPTION
• "The physical location of
  this node (e.g.,
• telephone closet, 3rd
  floor')."
• system 6

DisplayString OCTET STRING (SIZE (0..255))
Go to Next Example
33
"SYNTAX" type(ObjectSyntax)
ObjectSyntax CHOICE simple
SimpleSyntax, application-wide
ApplicationSyntax
SimpleSyntax CHOICE number INTEGER, str
ing OCTET STRING, object OBJECT
IDENTIFIER, empty NULL
ApplicationSyntax
CHOICE address NetworkAddress, counter Coun
ter, gauge Gauge, ticks TimeTicks,
arbitrary Opaque
Back to OBJECT TYPE
34
ApplicationSyntax
0 .. 232-1
NetworkAddress CHOICE internet IpAddress
IpAddress APPLICATION
0 IMPLICIT OCTET STRING (SIZE (4)) Counter
APPLICATION 1 IMPLICIT INTEGER
(0..4294967295) Gauge APPLICATION 2
IMPLICIT INTEGER (0..4294967295) TimeTicks
APPLICATION 3 IMPLICIT INTEGER
(0..4294967295) Opaque
APPLICATION 4 IMPLICIT OCTET STRING
Back to OBJECT TYPE
35
"ACCESS" Access "STATUS" Status
Access "read-only" "read-write"
"write-only" "not-accessible
Status "mandatory" "optional"
"obsolete" "deprecated"
Back to OBJECT TYPE
36
DescrPart

• DescrPart
• "DESCRIPTION" value (description DisplayString)
• empty
• ReferPart
• "REFERENCE" value (reference DisplayString)
• empty

ReferPart
Back to OBJECT TYPE
37
DefValPart
DefValPart "DEFVAL" "" value (defvalue
ObjectSyntax) "" empty
Example

• ifNumber OBJECT-TYPE
• SYNTAX INTEGER
• ACCESS read-only
• STATUS mandatory
• DEFVAL 1
• DESCRIPTION
• "The number of network interfaces (regardless
  of
• their current state) present on this system.
• interfaces 1

Back to OBJECT TYPE
38
IndexPart
IndexPart "INDEX" "" IndexTypes ""

• IndexTypes
• IndexType
• IndexTypes "," IndexType
• IndexType
• value (indexobject ObjectName)
• type (indextype)

IndexSyntax CHOICE number
INTEGER (0..MAX), string
OCTET STRING, object
OBJECT IDENTIFIER, address
NetworkAddress, ipAddress
IpAddress
Back to OBJECT TYPE
39
instance-identifier (INDEX)

• integer-valued
• 3 ? 3
• string-valued, fixed-length strings
• 004096563c2eH ? 0.64.150.86.60.46
• string-valued, variable-length strings
• IIS Admin ? 9.73.73.83.32.65.100.109.105.110
• object identifier-valued
• 1.3.6.1.2 ? 5.1.3.6.1.2
• NetworkAddress-valued
• 163.22.20.16 ? 1.163.22.20.16
• IpAddress-valued
• 163.22.20.16 ? 163.22.20.16

40
Index - variable-length string
svSvcTable OBJECT-TYPE SYNTAX SEQUENCE
OF SvSvcEntry ACCESS not-accessible
STATUS mandatory DESCRIPTION "A
list of service entries describing
network services installed on this
server. server 3
svSvcEntry OBJECT-TYPE SYNTAX SvSvcEntry
ACCESS not-accessible STATUS mandatory
DESCRIPTION "The names of the
network services installed on this
server." INDEX svSvcName
svSvcTable 1
Back to OBJECT TYPE
41
OBJECT-TYPE Example

• dot1dBasePortEntry OBJECT-TYPE
• SYNTAX Dot1dBasePortEntry
• ACCESS not-accessible
• STATUS mandatory
• DESCRIPTION
• "A list of information for each port of the
  bridge."
• REFERENCE
• "IEEE 802.1D-1990 Section 6.4.2, 6.6.1"
• INDEX dot1dBasePort
• dot1dBasePortTable 1

42
Aggregate Object

• A group of objects
• Also called tabular objects
• Can be represented by a table with
• Columns of objects
• Rows of instances

43
Aggregate M.O. Macro Table Object
ipAddrTable OBJECT-TYPE SYNTAX SEQUENCE
OF IpAddrEntry ACCESS not-accessible STA
TUS mandatory DESCRIPTION "The
table of addressing information relevant to
this entity's IP addresses." ip 20
44
Aggregate M.O. Macro Entry Object
ipAddrEntry OBJECT-TYPE SYNTAX
IpAddrEntry ACCESS not-accessible STATUS
mandatory DESCRIPTION "The addressing
information for one of this entity's IP
addresses." INDEX ipAdEntAddr
ipAddrTable 1
ipAddrEntry OBJECT-TYPE IpaddrEntry SYNTAX
45
Aggregate M.O. Macro Entry Object
IpAddrEntry SEQUENCE
ipAdEntAddr IpAddress,
ipAdEntIfIndex INTEGER,
ipAdEntNetMask IpAddress,
ipAdEntBcastAddr INTEGER,
ipAdEntReasmMaxSize INTEGER (0..65535)
46
Aggregate M.O. Macro Columnar Objects
ipAdEntAddr OBJECT-TYPE SYNTAX
IpAddress ACCESS read-only STATUS
mandatory DESCRIPTION "The IP address to which
this entry's addressing information
pertains. ipAddrEntry 1
47
Tabular Representation of Aggregate Object
48
Tabular Representation of Aggregate Object
49
Multiple Instances of Aggregate Managed Object
50
Example
51
Identification of Managed Objects

• Use Object Identifier (OID)
• OID Object Type OID . Instance Identifier
• Object Type OID
• Each Object type has a unique OID
• Instance Identifier
• Identify instances of object type
• E.g .mib-2.interface.ifTable.ifEntry.ifDescr.2

52
Two Kinds of Managed Objects

• Type-Specific Objects
• sysDescr OBJECT-TYPE
• SYNTAX DisplayString (SIZE(0..255))
• system 1
• OID mib-2.system.1.0
• Columnar Objects
• OID

mib-2.interface.ifTable.ifEntry.ifDescr.2 mib-2.in
terface.ifTable.ifEntry.ifDescr.6
mib-2.interface.ifTable.ifEntry.ifType.2 mib-2.in
terface.ifTable.ifEntry.ifType.6
53
Columnar Objects
IfEntry SEQUENCE ifIndex INTEGER,
ifDescr DisplayString, ifType INTEGER,
ifTable OBJECT-TYPE SYNTAX SEQUENCE OF
IfEntry interface 2
ifEntry OBJECT-TYPE SYNTAX IfEntry
INDEX ifIndex ifTable 1
ifDescr OBJECT-TYPE SYNTAX DisplayString
(SIZE(0..255)) ACCESS read-only STATUS
madatory ... ifEntry 2
54
Columnar Objects
.ifTable.ifEntry.1 (1.3.6.1.2.1.2.2.1.1)
.ifTable.ifEntry.2 (1.3.6.1.2.1.2.2.1.2)
.ifTable.ifEntry.3 (1.3.6.1.2.1.2.2.1.3)
ifIndex ifDescr ifType . . . 1
le0 6 . . . 6
llc0 1 . . . 7
lo0 24 . . . 9
le1 6 . . .
1.3.6.1.2.1.2.2.1.3.7
1.3.6.1.2.1.2.2.1.2.6
55
Index in MIB II

• ifEntry ifIndex
• atEntry atNetIfIndex, atNetAddress
• ipAddrEntry ipAdEntAddr
• ipRouteEntry ipRouteDest
• ipNetToMediaEntry ipNetToMediaIfIndex,
• ipNetToMediaNetAddress
• tcpConnEntry
• tcpConnLocalAddress, tcpConnLocalPort,
• tcpConnRemoteAddress,
  tcpConnRemotePort
• udpEntry udpLocalAddress, udpLocalPort
• egpNeighEntry egpNeighAddr

56
Index Example

• To get the state of the TCP connection
• 10.10.13.137 3125 gt 61.30.91.235 80
• Use snmp_get_req. to get the tcpConnState of
  the tcpConnTable in MIB II.
• tcpConnState gt 1.3.6.1.2.1.6.13.1.1

1.3.6.1.2.1.6.13.1.1.10.10.13.137.3125.61.30.91.23
5.80
57
tcpConnTable
58
4.7.4 MIB-II

• MIB-II (RFC 1213) is superset of MIB-I
• Objects that are related grouped into object
  groups
• MIB module comprises module name, imports from
  other modules, and definitions of current module
• RFC 1213 defines eleven groups

59
MIB II (RFC 1213)

• System Group
• Provide general information about the managed
  system.
• Interfaces Group
• Contains generic information about the physical
  interfaces.
• Address-Translation Group
• Contains information about the mapping between
  network addresses and physical addresses for
  each physical interface.
• IP Group
• Contains information about the implementation and
  operation of IP at the managed system.
• ICMP Group
• Contains information about the implementation and
  operation of ICMP at the managed system.

60
MIB-II (cont.)

• TCP Group
• Contains information about the implementation and
  operation of TCP at the managed system.
• UDP Group
• Contains information about the implementation and
  operation of UDP at the managed system.
• EGP Group
• Contains information about the implementation and
  operation of EGP at the managed system.
• CMOT Group
• Placeholder for OSI (CMIP Over TCP/IP)
• Transmission Group
• Provides details about the underlying
  transmission media for each interface.
• SNMP Group
• Provides the statistics of SNMP operations at the
  managed system.

61
(No Transcript)
62
System Group
63
System Group
64
sysServices OBJECT-TYPE SYNTAX
INTEGER (0..127) ACCESS read-only
STATUS mandatory
DESCRIPTION "A value which
indicates the set of services that
this entity primarily offers.
The value is a sum. This sum initially
takes the value zero, Then,
for each layer, L, in the range
1 through 7, that this node performs
transactions for, 2 raised
to (L - 1) is added to the sum. For
example, a node which performs primarily
routing functions would
have a value of 4 (2(3-1)). In
contrast, a node which is a host offering
application services would
have a value of 72 (2(4-1)
2(7-1)). Note that in the context of
the Internet suite of protocols,
values should be calculated
accordingly layer
functionality 1
physical (e.g., repeaters)
2 datalink/subnetwork (e.g., bridges)
3 internet (e.g., IP
gateways) 4
end-to-end (e.g., IP hosts)
7 applications (e.g., mail relays)
For systems including OSI
protocols, layers 5 and 6
may also be counted." system
7
72 8 64
01000100
65
System Information
66
Interfaces Group
67
iFEntry
68
ifType
http//www.iana.org/assignments/smi-numbers
69
ifAdminStatus OBJECT-TYPE SYNTAX
INTEGER up(1),
-- ready to pass packets
down(2), testing(3)
-- in some test mode
ACCESS read-write STATUS
mandatory DESCRIPTION
"The desired state of the interface. The
testing(3) state indicates
that no operational packets can be passed."
ifEntry 7
ifOperStatus OBJECT-TYPE SYNTAX
INTEGER up(1),
-- ready to pass packets
down(2), testing(3)
-- in some test mode
ACCESS read-only STATUS
mandatory DESCRIPTION
"The current operational state of the
interface. The testing(3)
state indicates that no operational packets can
be passed." ifEntry 8
70
ifTable
71
ifTable (cont.)
72
(No Transcript)
73
IP Group
74
IP Group

• ipForwarding
• forwarding(1)
• not-forwarding(2)
• IP Address Table contains table of IP addresses
• IP Route Table contains an entry for each route
• IP Network-to-Media Table is address translation
  table mapping IP addresses to physical addresses

75
IP Address Table
76
ipAddrTable
77
IP Routing Table
78
IP Routing Table
79
ipRouteTable Example
Sec.
other(1), local(2), netmgmt(3), icmp(4),
egp(5), ggp(6), hello(7), rip(8), is-is(9), s-is(
10), ciscoIgrp(11), bbnSpfIgp(12), ospf(13), bgp(1
4)
other(1), invalid(2), direct(3), indirect(4)
80
IP Address Translation Table
81
IP Address Translation Table
82
IPNetToMediaTable
other(1), invalid(2), dynamic(3), static(4)
read-write
ARP Table
83
(No Transcript)
84
ICMP Group
85
ICMP

• Objects associated with ping
• icmpOutEchos
• - ICMP echo messages sent
• icmpInEchoReps
• ICMP echo reply messages received
• Objects associated with traceroute/tracert
• icmpInTimeExcs
• ICMP time exceeded messages received

86
TCP Group
87
TCP Connection Table
88
TCP Connection Table
89
tcpConnState OBJECT-TYPE SYNTAX
INTEGER closed(1),
listen(2),
synSent(3),
synReceived(4),
established(5),
finWait1(6),
finWait2(7),
closeWait(8),
lastAck(9),
closing(10),
timeWait(11),
deleteTCB(12)
ACCESS read-write STATUS
mandatory tcpConnEntry 1
TCP Connection State
90
tcpConnTable
91
(No Transcript)
92
UDP Group
93
UDP Group
94
udpTable
95
(No Transcript)