snmp network management (i) * * mani subramanian “network management: principles and practice”,...

SNMP Network Management (I)*

*Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.

SNMP Network Management

Organization Model Communication Model Information Model

o Structure of Management Information (SMI)

o Managed Objectso Management Information Base

(MIB)

SNMP Administrative Model SNMP Protocol Specs

Organization Model

Describes components of a network management system

Focuses on functions and infrastructure

Objects are network elements such as hubs, bridges, routers, etc.

Managed elements have a process running them called an agent

Manager queries the agent, gets information, processes it and stores it in the MIB

MIB

agent agent

Managed Objects

Unmanaged Objects

SNMP Manager

A simplified hierarchical (2-tier) setup

Organization Model

Multiple managers, 1 agent

An agent responds to any management system that communicates with it using SNMP

A NMS provided by a vendor is in a better position to manage, monitor and configure all NEs coming from that same vendor

Managed

Object

MIB

Managed Objects

SNMP Manager

agent

SNMP Manager

Managers may have restrictedaccess to managed objects

Organization Model

Limiting the data that a manager wishes to obtain!

RMON (Remote Monitoring): acts as an agent and a manager RMON gathers data

from MO, analyses the data, and stores the data

Communicates the statistics to the manager

Managed

Object

MIB

Managed Objects

SNMP Manager

agent

SNMP Manager

Managers may have restrictedaccess to managed objects

RMON Probe

3-tier architecture

Organization Model

Proxy server converts non-SNMP data from non-SNMP objects to SNMP compatible objects and messages

Managed

Object

MIB

Managed Objects

SNMP Manager

agent

Proxy Server

Wireless LAN

unmanaged Objects





(MIB)


Communication Model

MANAGER

AGENTS

SNMP Polling

MIB

Trap

Communication Model

Communicate mgnt information between network mgnt stations and managed elements

Goals:o Management functions maintained by agents are

kept simpleo Protocol flexibility (addition of new aspects of

operation and management)o Transparency (should not be affected by the

architecture of particular hosts and gateways) Operation: 5 messages

o get-request, get-next request, set-requesto get-response, trap

SNMP messages are exchanged using UDP (connection less) transport protocol

Communication Model

SNMP ManagerApplication

Get

-Res

po

nse

Get

-Req

ue

st

Get

Ne

xt-R

equ

est

Set

-Re

que

st

Tra

p

SNMP Manager

SNMP Manager

UDP

IP

DLC

PHY

SNMP AgentApplication

Get

-Res

po

nse

Tra

p

SNMP Agent

SNMP agent

UDP

IP

DLC

PHY

Physical Medium

Manage-mentData

Get

-Req

ue

st

Get

Ne

xt-R

equ

est

Set

-Re

que

st

Network or Internet

ApplicationManages objects

SNMP messages

Communication Model-SNMP Traps

Type Indication

Cold-start of a system Agent is reinitializing itself since its configuration has changed

Warm-start of a system Agent is reinitializing itself but its configuration has not changed

Link down Link failure

Link up Link restoral

Failure of Authentication Request does not have proper authentication

e.g., wrong SNMP community string

EGP neighbor loss Exterior Gateway protocol neighbor gone

Enterprise specific Specific to vendor implementing it

Communication Model-SNMP Traps

Type

Cold-start of a system

Warm-start of a systemLink down

Link up

Failure of Authentication

EGP neighbor lossEnterprise specific

Format

generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure (4), egpNeighborLoss (5),

enterpriseSpecific (6) }





(MIB)


Structure of Management Information RFC 1155: Structure of Management

Information A common representation for data between

both manager and agent Defines the syntax (using ASN.1) to describe

management informationo Data types ando Rules used to define managed objects in a MIB

Generic objects and private (vendor specific) objects conforming to SMI rules (RFC 1155) can be managed by SNMP

SMI, Objects and Instances

Objects have: object types and object instances

SMI is concerned with types and not instances

Object type Name (unique

descriptor and object identifier)

Syntax (ASN.1) Encoding (BER)

Object

ObjectInstance

ObjectType

Encoding:BER

Syntax:ASN.1

Name:OBJECT

IDENTIFIER

Managed Object : Type and Instance

A hub with IP 172.16.46.3 is an instance of the objectA hub is an object type


172.16.46.1

Backbone Network

Hub 1172.16.46.2

Hub 2172.16.46.3

Router 1

172.17.252.1

Router 2

NMS192.168.252.110

A Managed LAN Network

Object

ObjectInstance

ObjectType

Encoding:BER

Syntax:ASN.1

Name:OBJECT

IDENTIFIER

Managed Object : Type and Instance


Object

ObjectInstance 3

ObjectType

Encoding:BER

Syntax:ASN.1

Name:OBJECT

IDENTIFIER

Managed Object : Type with Multiple Instances

ObjectInstance 2

ObjectInstance 1

Title: System Information: 172.16.46.2 Name or IP Address: 172.16.46.2 System Name : System Description : 3Com LinkBuilder FMS, SW version:3.02 System Contact : System Location : System Object ID : .iso.org.dod.internet.private.enterprises.43.1.8.5 System Up Time : (2475380437) 286 days, 12:03:24.37 System Information on 172.16.46.2 Hub

Title: System Information: 172.16.46.3 Name or IP Address: 172.16.46.3 System Name : System Description : 3Com LinkBuilder FMS, SW version:3.12 System Contact : System Location : System Object ID : .iso.org.dod.internet.private.enterprises.43.1.8.5 System Up Time : (3146735182) 364 days,4:55:51.82 System Information on 172.16.46.3 Hub

SMI, Names

Each managed object is associated with an identifier (OBJECT IDENTIFIER) Identifiers are used to

name objects and they are unique for managed objects

identifier is a sequence of integers

root

ccitt(0) iso(1) joint-iso-ccitt(2)

org(3)

dod(6)internet(1)

private(4)mgmt(2)experimental(3)

enterprise(1)mib-2(1)

internet OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) 1 }

::= {1 3 6 1 }

::= {iso standard dod internet}Name of managed object

SMI, Names

mgmt(2)

directory(1)

experimental(3)

private(4)

Internet{1 3 6 1}

Reserved for future use

Used for objects defined in IAB-approved documents

To identify objects used in Internet experiments

Used heavily by commercial vendors

Sub-nodes under Internet

SMI, Names

mgmt(2)

directory(1)

experimental(3)

private(4)

Internet{1 3 6 1}

mib-2(1)

system (1)

interfaces (2)

at (3)

ip (4)

icmp (5)

snmp (11)

transmission (10)

cmot (9)

egp (8)

udp (7)

tcp (6)

SMI, Names

mgmt(2)

directory(1)

experimental(3)

private(4)

Internet{1 3 6 1}

enterprises(1)

hp(11)

cisco(9)

3Com(43)

Cabletron(52)

SMI, SNMP Syntax

SNMP ASN.1Data Type

Definedor

Application

Constructor or

Structured

Simpleor

Primitive

Number

Tag

Structure

Class

Universal ApplicationContext-specific

Private

SNMP Primitive Data Types

Subtype: INTEGER (0..255) OCTET STRING (SIZE 0..255) OCTET STRING (SIZE 8)

error-status INTEGER { noError(0) tooBig(1) genErr(5) authorizationError(16)

}

Special case of INTEGER data type (enumeration):

Data Type CommentsINTEGER Subtype INTEGER (n1..nN) Special case: Enumerated INTEGER typeOCTET STRING 8-bit bytes binary and textual data

Subtypes can be specified by either range or fixedOBJECT IDENTIFIER Object position in MIBNULL Placeholder

Application-Wide SNMP Types

0 231

IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4))

Counter ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295)

Gauge ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295)

TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295)

Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING

160.85.128.1

0 231

[ms]0

0

10

1

20

2

A0 55 80 01

SNMP Structured Types

SEQUENCE,SEQUENCE OF SET and SET OF of ASN.1 are not

included in SNMP-based management Used to build lists and tables

SEQUENCE {<type1>, <type2>,….., <typeN>}

Object OBJECT IDENTIFIER ObjectSyntax1 ipAdEntAddr {ipAddrEntry 1} IpAddress2 ipAdEntIfIndex {ipAddrEntry 2} INTEGER3 ipAdEntNetMask {ipAddrEntry 3} IpAddress4 ipAdEntBcastAddr {ipAddrEntry 4} INTEGER5 ipAdEntReasmMaxSize {ipAddrEntry 5} INTEGER6 ipAddrEntry {ipAddrTable 1} SEQUENCE

Managed objects Their location in the MIB

Their data types

SNMP Structured Types

List: IpAddrEntry ::= SEQUENCE {

ipAdEntAddr IpAddressipAdEntIfIndex INTEGERipAdEntNetMask IpAddressipAdEntBcastAddr INTEGERipAdEntReasmMaxSize INTEGER (0..65535)

}Managed Object IpAddrEntry as a list

Object Name OBJECT IDENTIFIER Syntax 7 ipAddrTable {ip 20} SEQUENCE OF

Table: ipAddrTable ::= SEQUENCE OF IpAddrEntry

Managed Object ipAddrTable as a table

ipAddrTable is made up of instances of idAddrEntry object

SMI, Encoding

Basic Encoding Rules, BER Data Types and Tags

Type Tag

OBJECT IDENTIFIER UNIVERSAL 6

SEQUENCE UNIVERSAL 16

IpAddress APPLICATION 0

Counter APPLICATION 1

Gauge APPLICATION 2

TimeTicks APPLICATION 3

Opaque APPLICATION 4

Encoding of Object Identifiers: Packs the first two integers into a single sub-identifier

SMI, Encoding

0

Z = 40·X + Y

X Y

43

0

6

0

1

0

4

0

1

06 05 2B 06 01 04 01

enterprise OBJECT IDENTIFIER ::={iso(1) org(3) dod(6) internet(1) private(4) 1}

Managed Objects

Textual name: mnemonic; always begins with lower caseo OBJECT IDENTIFIER: unique position of the managed object in

the MIB Syntax: the ASN.1 definition of the object type Access: read-only, read-write, not-accessible (e.g., tables) Status: mandatory, optional, obsolete Definition: textual description of the object type

sysDescr(1) sysObjectID(2) sysContact(4)sysUpTime(3)

system(1)

Managed Objects


system(1)

OBJECT: sysDescr: { system 1 } Syntax: OCTET STRING Definition: "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters." Access: read-only Status: mandatory

Specifications for System Description

Macros for Managed Objects

A formal definition for managed objects

IMPORTS ObjectName, ObjectSyntax FROM RFC-1155-SMI OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= “SYNTAX” type(TYPE ObjectSyntax) “ACCESS” Access “STATUS” Status VALUE NOTATION ::= value(VALUE ObjectName) Access ::= “read-only” | “write-only” | “not- accessible” Status ::= “mandatory” | “optional” | “obsolete” END

OBJECT-TYPE Macro

RFC1155-SMI DEFINITIONS ::= BEGIN EXPORTS --EVERYTHING

internet, directory, mgmt, … OBJECT-TYPE, ObjectName, ObjectSyntax,… -- the path to the root internet OBJECT IDENTIFIER ::= {iso org(3) dod(6) 1} directory … … -- definition of object types OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= “SYNTAX” type(TYPE ObjectSyntax) “ACCESS” Access “STATUS” Status VALUE NOTATION ::= value(VALUE ObjectName) Access ::= “read-only” | “write-only” | “not-accessible” Status ::= “mandatory” | “optional” | “obsolete” END -- names of objects in the MIB ObjectName ::= OBJECT IDENTIFIER -- syntax of objects in the MIB ObjectSnytax ::= CHOICE{simple SimpleSyntax, application-wide ApplicationSyntax} SimpleSyntax :: CHOICE{number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL} ApplicationSyntax :: CHOICE{address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque} … … END

SMI Definitions


Using OBJECT-TYPE MACRO to define a managed object of the system group in the MIB

sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS mandatory DESCRIPTION “A textual description of the entity. This

value should include the full name and version identification of the system’s hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters.”

::= { system 1 }


sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second)

since the network management portion of the system was last re-initialized."::= { system 3 }


system(1)

Aggregate Objects

A group of related objects (also called tabular objects) Represented by a table with

o Columns of objectso Rows of instances

Example: IP address table Consists of objects:

IP address Interface Subnet mask (which subnet this address belongs to) Broadcast address (value of l.s.b. in IP broadcast address) Largest IP datagram that can be assembled

Multiple instances of these objects associated with the node

Aggregate Object Macro-ipAddrTable (RFC 1155)ipAddrTable OBJECT-TYPE Syntax SEQUENCE OF IpAddrEntry Access not-accessible STATUS mandatory Definition "The table of addressing information relevant to this entity's IP addresses."

::={ip 20}

ipAddrEntry OBJECT-TYPE Syntax IpAddrEntry Access not-accessible STATUS mandatory Definition "The addressing information for one of this

entity's IP addresses..„

INDEX {ipAdEntAddr}::={ipAddrTable 1}

IpAddrEntry ::= SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr INTEGER, ipAdEntReasmMaxSize INTEGER (0..65535)}

Aggregate Object Macro-ipAddrTable (RFC 1155)ipAdEntAddr OBJECT-TYPE Syntax IpAddress Access read-only STATUS mandatory Definition "The IP address to which this entry's addressing information pertains."

::={ipAddrEntry 1}

ipAdEntIfIndex OBJECT-TYPE Syntax INTEGER Access read-only STATUS mandatory Definition "The index value that uniquely identifies the

interface to which this entry is applicable. The interface identified by a particular value of this index is the same interface as identified by the same value of IfIndex." INDEX {ipAdEntAddr}::={ipAddrEntry 2}

.

.

.

.

Columnar Objects Aggregate objects type contains one or more subtypes

o each could have multiple instances, with a value associated with each instance

It is convenient to conceptually define a tabular structure for objects with multiple values

o e.g., IP address table

The objects TABLE T and ENTRY E are logical objects

o define grouping, are not accessible Columnar objects are objects that

represent the attributes o hence are accessible

Each instance of E is a row of columnar objects 1 through 5

Multiple instances of E are represented by multiple rows

TABLET

ENTRYE

COLUMNAROBJECT 5

Multiple Instance Managed Object

COLUMNAROBJECT 4

COLUMNAROBJECT 3

COLUMNAROBJECT 1

COLUMNAROBJECT 2

Columnar Objects

T

T.E

T.E.1.1 T.E.5.1T.E.2.1 T.E.3.1 T.E.4.1

T.E.1.2 T.E.5.2T.E.2.2 T.E.3.2 T.E.4.2

T.E.1.3 T.E.5.3T.E.2.3 T.E.3.3 T.E.4.3

T.E.1.4 T.E.5.4T.E.2.4 T.E.3.4 T.E.4.4

Example of 5 Columnar Object with 4 Instances (rows)

Notice that the column-row numeric designation is reverse of that used in matrix representation (row-column)

Row 3: the third instance ofthe object

Not accessibleObject ID

{Table, Entry, Object, Index}

Columnar Objects - Example

Row ipAdEntAddr ipAdEntIfIndex IpAdEntNetMask IpAdEntBcastAddr IpAdEntReasmMaxSize

1 123.45.2.1 1 255.255.255.0 0 12000

2 123.45.3.4 3 255.255.0.0 1 12000

3 165.8.9.25 2 255.255.255.0 0 10000

4 9.96.8.138 4 255.255.255.0 0 15000

Object instances of ipAddrTable (1.3.6.1.2.1.4.20)

ipAddrTable {1.3.6.1.2.1.4.20}ipAddrEntry (1)

ipAdEntAddr (1)ipAdEntIfIndex (2)ipAdEntNetMask (3)ipAdEntBcastAddr (4)ipAdEntReasmMaxSize (5)

Columnar object ID of ipAdEntBcastAddr is (1.3.6.1.2.1.4.20.1.4):

iso org dod internet mgmt mib ip ipAddrTable ipAddrEntry ipAdEntBcastAddr 1 3 6 1 2 1 4 20 1 4

Columnar objects under ipAddrEntry

Index of table

4 instances of the Columnar object

Columnar Objects - Example

Row ipAdEntAddr ipAdEntIfIndex IpAdEntNetMask IpAdEntBcastAddr IpAdEntReasmMaxSize

1 123.45.2.1 1 255.255.255.0 0 12000

2 123.45.3.4 3 255.255.0.0 1 12000

3 165.8.9.25 2 255.255.255.0 0 10000

4 9.96.8.138 4 255.255.255.0 0 15000

Object instances of ipAddrTable (1.3.6.1.2.1.4.20)

Columnar Object Row # Object Identifier

ipAdEntAddr1.3.6.1.2.1.4.20.1.1

2 {1.3.6.1.2.1.4.20.1.1.123.45.3.4}

ipAdEntIfIndex1.3.6.1.2.1.4.20.1.2

3 {1.3.6.1.2.1.4.20.1.2.165.8.9.25}

ipAdEntBcastAddr1.3.6.1.2.1.4.20.1.4

1 {1.3.6.1.2.1.4.20.1.4.123.45.2.1}

IpAdEntReasmMaxSize1.3.6.1.2.1.4.20.1.5

4 {1.3.6.1.2.1.4.20.1.5.9.96.8.138}

Object Id for specific instances

Index of the object instance

Object ID for ipAddrEntry

Node 1 under ipAddrEntry

Management Information Base (MIB) RFC 1213 MIB is a database containing information about

elements to be managed For SNMP, the MIB is a structured database

(tree) Each resource to be managed is represented

by an object Each system (e.g., a router) maintains a MIB

that reflects the status of its managed resources

A NMS monitors/controls the resources by reading/modifying the values of objects in the MIB

MIB, RFC1213

mgmt(2)

directory(1)

experimental(3)

private(4)

Internet{1 3 6 1}

mib-2(1)

Internet MIB-II Group

system (1)

interfaces (2)

at (3)

ip (4)

icmp (5)

snmp (11)

transmission (10)

cmot (9)

egp (8)

udp (7)

tcp (6)

Implementation can be done as needed (e.g., objects essential for fault or configuration management are added)

If a group is implemented by a vendor, all its components are implemented (e.g. OSPF and all its group objects)

<module name> DEFINITIONS ::= BEGIN <imports><definitions>

END

MIB, RFC1213 RFC1213-MIB DEFINITIONS ::= BEGIN

IMPORT mgmt, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks FROM RFC1155-SMI

OBJECT-TYPE FROM RFC-1212; -- This MIB module uses the extended -- OBJET-TYPE macro as defined in [14];

-- MIB-II (same prefix as MIB-I) mib-2 OBJECT IDENTIFIER ::= { mgmt 1 } -- textual conventions DisplayString ::= OCTET STRING -- This data type is used to model textual

-- information taken from the NVT ASCII character -- set. By convention, objects

-- with this syntax are declared as having -- -- SIZE (0..255)

PhysAddress ::= OCTET STRING -- This data type is used to model media

-- addresses. For many types of media, this will -- be in a binary representation. For example, -- an ethernet address would be represented as -- a string of 6 octets.

-- groups in MIB-II

system OBJECT IDENTIFIER ::= { mib-2 1}

interfaces OBJECT IDENTIFIER ::= { mib-2 2 }

at OBJECT IDENTIFIER ::= { mib-2 3 }

ip OBJECT IDENTIFIER ::= { mib-2 4 }

icmp OBJECT IDENTIFIER ::= { mib-2 5 }

tcp OBJECT IDENTIFIER ::= { mib-2 6 }

udp OBJECT IDENTIFIER ::= { mib-2 7 }

egp OBJECT IDENTIFIER ::= { mib-2 8 }

cmot OBJECT IDENTIFIER ::= { mib-2 9 }

transmission OBJECT IDENTIFIER ::= {mib-2 10}

snmp OBJECT IDENTIFIER ::= { mib-2 11 }....END

MIB, System Group-- the System group

-- Implementation of the System group is -- mandatory for all systems. If an agent is not -- configured to have a value for any of these -- variables, a string of length 0 is returned.

sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandatory

DESCRIPTION "A textual description of the entity. ……."

::= { system 1 }

sysServices (7)

sysLocation (6)

sysDescr (1)

system(mib-2 1)

sysObjectId(2)

sysUpTime (3) sysName (5)

sysContact (4)

sysObjectID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER ACCESS read-only STATUS mandatory DESCRIPTION "The vendor's

authoritative identification of the network management subsystem contained in the entity."

::= { system 2 }

sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of

a second) since the network management portion of the system was last reinitialized."

::= { system 3 }

MIB, System Group

Fault monitoring:By periodically polling each agent for this value; if the current value is less than the most recent value, then the agent has been restarted since last poll!

Entity OID Description (brief)sysDescr system 1 Textual descriptionsysObjectID system 2 OBJECT IDENTIFIER of the entitysysUpTime system 3 Time (in hundredths of a second since last reset)sysContact system 4 Contact person for the nodesysName system 5 Administrative name of the systemsysLocation system 6 Physical location of the nodesysServices system 7 Value designating the layer services provided by the

entity

Programmed by vendor of objects during manufacturing time

MIB, Interface Group

ifTable(2)

ifNumber(1)

interfaces(mib-2 2)

ifEntry(1)

ifIndex (1)

ifDescr (2)

ifType (3)

ifMtu (4)

ifSpeed (5)

ifPhysAddress (6)

ifAdminstatus (7)

ifOperStatus (8)

ifLastChange (9)

ifInOctets (10)

ifInUcastPkts (11)

ifSpecific (22)

ifOutQLen (21)

ifOutErrors (20)

ifOutDiscards (19)

ifOutNUcastPkts (18)

ifOutUcastPkts (17)

ifOutOctets (16)

ifUnknownProtos (15)

ifInErrors (14)

ifInDiscards (13)

ifInNUcastPkts (12)

It specifies the number of interfaces in a network component and the managed objects associated with each interface E.g., Ethernet bridge

with many network interface cards

Implementation: mandatory

interfaces OBJECT IDENTIFIER ::= { mib-2 2 }


ifTable(2)

ifNumber(1)

interfaces(mib-2 2)

ifEntry(1)

ifNumber OBJECT-TYPE

SYNTAX INTEGER

ACCESS read-only

STATUS mandatory

DESCRIPTION "The number of network interfaces (regardless of their current state) present on this system."

::= { interfaces 1 }

ifTable OBJECT-TYPE

SYNTAX SEQUENCE OF IfEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION "A list of interface entries. The number of entries is given by the value of ifNumber."

::= { interfaces 2 }

ifEntry OBJECT-TYPE

SYNTAX IfEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION "An interface entry containing objects at the sub-network layer and below for a particular interface."

INDEX { ifIndex }

::= { ifTable 1 }

IfEntry ::= SEQUENCE {ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER,

ifMtu INTEGER, ifSpeed Gauge, ifPhysAddress PhysAddress, ifAdminStatus INTEGER,

ifOperStatus INTEGER, ifLastChange TimeTicks, ifInOctets Counter, ……}


ifTable(2)

ifNumber(1)

interfaces(mib-2 2)

ifEntry(1)

ifIndex (1)

ifDescr (2)

ifType (3)

ifMtu (4)

ifSpeed (5)

ifPhysAddress (6)

ifAdminstatus (7)

ifOperStatus (8)

ifLastChange (9)

ifInOctets (10)

ifInUcastPkts (11)

ifSpecific (22)

ifOutQLen (21)

ifOutErrors (20)

ifOutDiscards (19)

ifOutNUcastPkts (18)

ifOutUcastPkts (17)

ifOutOctets (16)

ifUnknownProtos (15)

ifInErrors (14)

ifInDiscards (13)

ifInNUcastPkts (12)

Basic information useful for network management such as performance monitoring and fault control

Examples 1)-measuring the queue

length or the total number of octets into/out of the system--

indicators for detecting congestion

2)- measuring the traffic rate on a given interface!

ifInUcastPkts/second, ifOutUcastPkts/second

Counter data types, always incrementing!

MIB, IP Group

ipRoutingDiscards (23)

ip(mib-2 4)

ipForwarding (1)

ipDefaultTTL (2)

ipInReceives (3)

ipInHdrErrors (4)

ipInAddrErrors (5)

ipForwDatagrams (6)

ipInUnknownProtos (7)

ipInDiscards (8)

ipInDelivers (9)

ipOutRequests(10)

ipNetToMediaTable (22)

ipRouteTable (21)

ipAddrTable (20)

ipFragCreates (19)

ipFragFails (18)

ipFragOKs (17)

ipReasmFails (16)

ipReasmOKs (15)

ipReasmReqds (14)

ipOutDiscards (11) ipReasmTimeout (13)

ipOutNoRoutes (12)

Contains information relevant to the implementation and operation of IP at a node

Routers periodically execute routing algorithms and update routing tables IP Address Table contains

table of IP addresses IP Route Table contains

an entry for each route IP Network-to-Media

Table is address translation table mapping IP addresses to physical addresses

MIB, IP Group

ipRoutingDiscards (23)

ip(mib-2 4)

ipForwarding (1)

ipDefaultTTL (2)

ipInReceives (3)

ipInHdrErrors (4)

ipInAddrErrors (5)

ipForwDatagrams (6)

ipInUnknownProtos (7)

ipInDiscards (8)

ipInDelivers (9)

ipOutRequests(10)

ipNetToMediaTable (22)

ipRouteTable (21)

ipAddrTable (20)

ipFragCreates (19)

ipFragFails (18)

ipFragOKs (17)

ipReasmFails (16)

ipReasmOKs (15)

ipReasmReqds (14)

ipOutDiscards (11) ipReasmTimeout (13)

ipOutNoRoutes (12)

Gateway or router

TTL in IP header

Total # packets received from interfaces

# of discarded datagrams due to header errors

MIB, IP Group

ipAdEntAddr (1)

ipAddrEntry(ipAddrTable 1)

ipAdEntReasmMaxSize (5)

ipAdEntBcastAddr (4)

ipAddrTable(ip 20)

ipAdEntIfIndex (2)

ipAdEntNetMask(3)

Entity OID Description (brief)ipAddrTable ip 20 Table of IP addressesipAddrEntry IpAddrTable 1 One of the entries in the IP address

tableipAdEntAddr IpAddrEntry 1 The IP address to which this entry's

addressing information pertainsipAdEntIfIndex IpAddrEntry 2 Index value of the entry, same as

ifIndexipAdEntNetMask IpAddrEntry 3 Subnet mask for the IP address of

the entryipAdEntBcastAddr IpAddrEntry 4 Broadcast address indicator bitipAdEntReasmMaxSize IpAddrEntry 5 Largest IP datagram that can be

reassembled on this interface

MIB, IP Group

ipRouteEntryipRouteTable (1)

ipRouteDest (1)

ipRouteIfIndex (2)

ipRouteMetric1 (3)

ipRouteMetric2 (4)

ipRouteMetric3 (5)

ipRouteInfo (13)ipRouteMetric5

(12)ipRouteMask 11)

ipRouteAge (10)

ipRouteProto (9)

ipRouteMetric4 (6) ipRouteType (8)

ipRouteNextHop (7)

ipRouteTable(ip 21)

Entity OID Description (brief) ipRouteTable ip 21 IP routing table ipRouteEntry ipRouteTable 1 Route to a particular destination ipRouteDest ipRouteEntry 1 Destination IP address of this route ipRouteIfIndex ipRouteEntry 2 Index of interface, same as ifIndex ipRouteMetric1 ipRouteEntry 3 Primary routing metric for this route ipRouteMetric2 ipRouteEntry 4 An alternative routing metric for this route ipRouteMetric3 ipRouteEntry 5 An alternative routing metric for this route ipRouteMetric4 ipRouteEntry 6 An alternative routing metric for this route ipRouteNextHop ipRouteEntry 7 IP address of the next hop ipRouteType ipRouteEntry 8 Type of route ipRouteProto ipRouteEntry 9 Routing mechanism by which this route was

learned ipRouteAge ipRouteEntry 10 Number of seconds since routing was last updated ipRouteMask ipRouteEntry 11 Mask to be logically ANDed with the destination

address before comparing with the ipRouteDest field

ipRouteMetric5 ipRouteEntry 12 An alternative metric for this route ipRouteInfo ipRouteEntry 13 Reference to MIB definition specific to the routing

protocol

Contains information used for Internet routing

ipRouteTable information is useful for: configuration monitoring, controlling the routing process as well as fault isolation

MIB, TCP Group Contains info. relevant to the implementation/operation

of connection-oriented TCP

tcp(mib-2 6)

tcpRtoAlgorithm (1)

tcpRtoMin (2)

tcpRtoMax (3)tcpMaxConn (4)tcpActiveOpens (5)

tcpOutRsts (15)

tcpInErrors (14)

tcpConnTable 13)

tcpRetranSegs (12)

tcpOutSegs (11)

tcpPassiveOpens (6) tcpInSegs (10)

tcpCurrEstab (9)tcpAttemptFails (7)

tcpEstabResets (8)

Timeout algorithm for retransmission

Minimum value for retransmission timer

Maximum value for retransmission timer

Maximum nb of TCP connections

# segments retransmitted

# segments received

# segments sent

MIB, TCP Group

tcpConnEntry(1)

tcpConnState (1)

tcpConnLocalAddress (2)

tcpCommRemPort (5)

tcpConnRemAddress(4)

tcpConnLocalPort (3)

tcpConnTable(tcp 13)

Entity OID Description (brief) tcpConnTable tcp 13 TCP connection table tcpconnEntry TcpConnTable 1 Information about a particular TCP

connection tcpConnState TcpConnEntry 1 State of the TCP connection tcpConnLocalAddress TcpConnEntry 2 Local IP address tcpConnLocalPort TcpConnEntry 3 Local port number tcpConnRemAddress TcpConnEntry 4 Remote IP address tcpConnRemPort TcpConnEntry 5 Remote port number





(MIB)


SNMPv1 Administrator Model

SNMP Entities:

SNMP application entitieso Reside in management

stations and network elements

o Manager and agento Pairing of both entities

forms SNMP community

SNMP protocol entities Communication processes

(PDU handlers) Peer processes that

support application entities

Administrative model defines administrative relationship between communicating entities

Management stations, each manages all or a subset of the managed stations in the configuration

o Subsets may overlap

Each managed station controls its local MIB

o control the use of MIB by a number of management stations


Multiple pairs can belong to the same community A community name is a string of octets Two application entities in the same community can

communicate with each other o This essentially defines a filter module or

authentication scheme between manager and agent Security in SNMPv1 is therefore community-based

o no encryption

SNMP Manager

Authentication Scheme

SNMP Manager


SNMP Manager


SNMP Agent


Authentic Messages

SNMP CommunityIt is a relation: between one SNMP

agent and a set of managers

defines authentication, access control and proxy charct.


Community profile: MIB view + SNMP access mode

o MIB View: a subset of the managed objects an agent is permitted to manage/view

o A community name is also assigned an SNMP access mode

READ ONLY, READ-WRITE

SNMP Community ProfileSNMP Agent

Object 2

read-only

READ-ONLY

READ-WRITE SNMP Access Mode

SNMP MIB View

MIB Access

Object 3

write-only

Object 1

not-accessible

Object 4

read-write

Operations on an object is determined by community profile and the access mode of the object

o Total of four access privileges Read-only, write-only, read-

write, not-accessible

Some objects, such as table and table entry, are non-accessible

only get, and trap are performed on objects 2,3,4

Operations such as get, set and trapcan be performed on objects 2,3,4


Pair of “SNMP community” and “community profile” define SNMP access policy

Access policy allow a managed agent to give different access privileges to different managers

Manager manages network components of communities 1 and 2 via Agents 1 and 2

Agent 1 has only view of Community Profile 1, e.g. Cisco components Agent 2 has only view of Community Profile 2, e.g. 3Com components Manager has total view of both Cisco and 3Com components

SNMP Access Policy

Community

Community Profile 1

Community Profile 2 Agent 2

Agent 1

Manager


Manager 1 manages community 1, manager 2 community 2,and manager 3 (MoM) both communities 1 and 2

Example: Enterprise management

SNMP Access Policy

Community 1

Community Profile 1

Community Profile 2

Manager 3(Community 1, Community 2)

Agent 2

Agent 1

Community 2

Community Profile 3

Community Profile 4 Agent 4

Agent 3

Manager 2(Community 2)

Manager 1(Community 1)


Proxy agent enables non-SNMP community elements to be managed by an SNMP manager

An SNMP MIB is created to handle the non-SNMP objects

SNMP Proxy Access Policy

SNMP Communitynon-SNMPCommunity

Proxy AgentSNMPAgent

SNMP Manager(Community 1)





(MIB)


Message Format

Protocol entities support application entities

Communication between remote peer processes Message consists of :

o Version identifiero Community name

Protocol Data Unit Message encapsulated in

UDP datagrams and transmitted

version community data

Like FTP, SNMP uses two well-known ports to operate: UDP Port 161 - SNMP

Messages UDP Port 162 - SNMP Trap

Messages

3 different versions: SNMPv1, SNMPv2, SNMPv3

Message Format

SNMP message format is defined using ASN.1, encoded for transmission over UDP using BER

Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs}


Message Format-Set/Get PDU


Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs}PDUs::= CHOICE { get-request [0] IMPLICIT PDU, get-next-request [1] IMPLICIT PDU, get-response [2] IMPLICIT PDU, set-request [3] IMPLICIT PDU, trap [4] IMPLICIT Trap-PDU}

Message Format-Set/Get PDU

request-id

error-status

variable-bindingserror-index

PDU-type

PDU ::= SEQUENCE { request-id INTEGER, error-status INTEGER { noError (0), tooBig (1), noSuchName(2), badValue (3), readOnly (4), genErr (5) }, error-index INTEGER, variable-bindings VarBindList}

request-id: track a message and indicate loss of a message (e.g., timeout, etc.)

error-status: indicate the occurrence of error

error-index: indicate the occurrence of error (position in the list of variables)

variable-bindings: grouping of number of operations in a single message:

e.g., one request to get all values and one response listing all values

Message Format-variable bindings

name value

var-bind 1

name value

var-bind 2

name value

var-bind n

. . .

VarBindList ::= SEQUENCE OF VarBind

VarBind ::= SEQUENCE { name ObjectName, value ObjectSyntax}

ObjectName ::= OBJECT IDENTIFIER

ObjectSyntax ::= CHOICE { simple SimpleSyntax, application-wide ApplicationSyntax}

Message Format-variable bindings

SimpleSyntax ::= CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL}

ApplicationSyntax::= CHOICE { address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque}NetworkAddress::= CHOICE { internet IpAddress}

Message Format-Trap PDU

Trap-PDU ::= SEQUENCE { enterprise OBJECT IDENTIFIER, agent-addr NetworkAddress, generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure(4), egpNeighborLoss (5),

enterpriseSpecific (6) }, specific-trap INTEGER, time-stamp TimeTicks, variable-bindings VarBindList}

EntrepriseAgent

Address variable-bindingsGeneric

Trap TypePDU-type

SpecificTrap Type

TimeStamp

-Pertain to the system generating the trap (sysObjectID)-IP address of the objetc

Elapsed time since last re-initialization

Specific code to identify the trap cause…

snmp network management (i) * * mani subramanian “network management: principles and practice”,...

Documents