Transcript Internet Standard Management Framework

Internet Standard
Management Framework
w.lilakiatakun
Internet Standard Management
Framework
• Definitions of network management objects,
•
known as MIB objects
A data definition language, known as SMI
(structure of Management Information)
– Define data types, an object model and rules for
writing and revising management information
• A protocol, SNMP (Simple Network Management
Protocol)
– For conveying information between a manager and
agent
• Security and administration capabilities
– Major enhancement in SNMPv3 over SNMPv2
SMI
(Structure of Management Information)
SMI (Structure of Management
Information)
• SMI is the language used to define the
management information residing in a
managed entity
• SMI(v2) for SNMPv3 are RFC
2578,RFC2579, RFC2580
• SMI is based on the ASN.1 (Abstract
Syntax Notation One, ISO1987)
SMI base data types
Object types
• Scalar – object types that will be
instantiated only once in an agent
• Columnar – object types that can be
instantiated multiple times
– It impose a tabular structure on an ordered
collection of MIB objects using the SEQUENCE
OF construct
SMI higher-level Constructs
• SMI provides higher-level language constructs
• The OBJECT-TYPE construct is used to specify
•
•
the data type, status and semantics of a
managed object
The MODULE-IDENTITY construct allows related
objects to be grouped together within a module
The NOTIFICATION-TYPE construct is used to
specify information regarding SNMPv2-Trap and
InformationRequest messages generated by an
agent or a managing entity
The OBJECT-TYPE construct
• SYNTAX – specify the basic data type associated
•
•
•
with the object
MAX-ACCESS – specify whether the managed
object can be read, be written, be created.
STATUS – indicate whether the object definition
is current and valid, obsolete or deprecated
(obsolete but implement for backward
compatibility)
DESCRIPTION – textual definition of the object
OBJECT-TYPE construct
• Page 796
MODULEIDENTITY
construct
Management Information
Base
Categories of management
information
• State information
• Physical configuration information
• Logical configuration information
• Historical information
State information
• It is about the current state of physical and
logical resources along with any operational data
– Whether the device is functioning properly
– What current alarm conditions
– How long the system has been up
• It is most relevant for monitoring a network
• Frequent and rapid change characteristics
• It can be retrieved but cannot be modified
•
(owned by the devices)
Not to cache in a management app.
Physical configuration
information
• It is about how the managed devices is
physically configured
– The device type
– MAC address
– Serial number of devices
• It can be retrieved but cannot be
modified (owned by the devices)
• Not change frequently, management
app. might cache in its database
Logical configuration
information
• It is about the parameter setting and
configured logical resources on the device
– IP addresses
– Protocols
• It is controlled and can be changed by the
•
•
management app.
It might be cached in a management app. but
need to be aware of many app. usage
It can be divided
– Start up configuration information
– Transient (running) configuration information
Historical information
• It includes snapshots of performance-related
state information for a long period of time
– Packet counts for each 15 minute interval over
24 hours
• It also includes logs of various types of
events
– Firewall log of recent remote connection
MIB (Management Information
Base)
• It represents as a collections of managed
objects that form a virtual information
store
• MIB is not the same as database
– MIB actually connects to the real world and
simply offers a view of it
What is contained in MIB
• Many individual pieces of management
information about the managed entity
• Individual pieces of management
information are referred as “managed
objects”
– Physical
• Ports/ interfaces / line card
– Logical
• Version of installed software
• Protocols
• Features of communication services
MIB and Managed Objects
Arrangement of MIB
• It is arranged into a conceptual tree
• Every definition in a MIB module is
represented by a node in that tree
• Each node is named as the
“ object identifier (OID)”
• OID consists of a sequence of integer
– OID (internet ) = 1.3.6.1
MIB-2 Object Identifier Tree
• Fig 9.3
An Example: MIB-2
RFC1213-MIB DEFINITIONS::= BEGIN
mib-2 OBJECT IDENTIFIER ::= {mgmt 1}
- Establish mib-2 as a new node underneath
a supernode called mgmt inside the
Internet object identifier tree
- OID is 1.3.6.1.2.1
Groups in MIB-2
• Fig – page 193
MIB-2 naming structure
• Fig 6-13
Example of modules
• Fig page 194-195
Definition of object type
• SYNTAX – using the universal and application
-wide type such as
– DisplayString with a maximum length 255 chars.
– TimeTicks
• ACCESS – specify whether the object is a
parameter that can be set (read-write) or
only read
– Read-only/read-write/write-only/Not-accessible
• Status – definition life cycle
– Mandatory/optional (SMI v1)
– Current/deprecated/obsolete (SMI v2)
• Description – explanation of the object type
• OID relative to containing node
Definition of a table (columnar)
object
Definition of the rows of the
table
TcpConnEntry data type
• Fig 197
Sequence of Vs Sequence
• The overall table consists of a SEQUENCE OF
TcpConnEntry
– One or more elements, all of the same type
• Each row consists of a SEQUENCE that
include 5 scalar elements
– Fixed number of elements, possibly more than one
type
– Ex. Contains element of type INTEGER, IpAddress,
INTEGER(..65535),IpAddress,INTEGER(..65535)
tcpConnState
tcpConnLocalAddress
tcpConnLocalPort
• Fig 198
tcpConnRemAddress
tcpConnRemPort
• Fig 199
Structure of SNMP MIB OID
• Fig 6-14
Object identifier tree for MIB
tables
• Fig 6-15
Identification of instances
• Scalar – To access instance of scalar object
– add .0 to the OID
– Instance of sysUPtime is 1.3.6.1.2.1.1.3.0
• Columnar – To access instance of columnar object
– add index to the OID
Ex. Instance of TcpConnState (row1) is
1.3.6.1.2.6.13.1.1.167.8.15.92.227.176.15.53.216.228
Index of TcpConnEntry
– Local address – 167.8.15.92
– Local port – 227
– Remote address – 176.15.53.216
– Remote address – 228
Subtree under MIB-II (RFC1213)
(1)
• system(1) : overall information about the
system
• interfaces(2) : information about the
interfaces
• at(3) : (Address translation)
• ip(4) : information related to the
implementation of IP
Subtree under MIB-II (2)
• tcp(5) : information related to the
implementation of TCP
• udp(6) : information related to the
implementation of UDP
• egp(7) : information related to the
implementation of EGP
• dot3(8) : information related to
Ethernet protocol at each interface
• snmp(9) : information related to the
implementation of SNMP
System group
(1)
System group (2)
• Table 6-1
System Group (3)
• sysServices(7) – has a value that is
interpreted as a 7-bit code
– Each bit corresponds to a layer in TCP/IP or
OSI architecture
– Ex. Host offering app. services would have
binary of 1001000
– It means services are provided for layer 4
(transport layer) and layer 7 (application
layer)
System Group (4)
• sysUptime (3) indicate amount of time
since the network management portion of
the system was last reinitiated.
• Determine how much the counters have
changed over a specific time interval
• Fault monitoring : current value < most
recent value
Interface Group (1)
Interfaces Group (2)
• ifPhysAddress(6) : physical address
– For all LAN, it contains MAC address
• ifOperStatus(8) : current operational status
– Up (1) /down (2)
• ifSpeed (5) : current capacity of interface in
•
bit per second
To detect congestion
– Measure total number of octets into or out of the
interface
– The queue length for output of the interface
Address Translation Group (1)
Address Translation Group (2)
• Consists of a single table
• Each row in the table corresponds to one
of the physical interface of the system
• The row provide a mapping from a
network address to a physical address
Address Translation Group (3)
IP Group
• Contains some basic counters of traffic flow into
•
•
•
•
and out of IP layer
3 tables are included in the IP group
ipAddrTable - information relevant to the IP
address assigned to this entity
ipRouteTable – information used for Internet
routing
ipNetToMediaTable – an address translation table
that provides a correspondence between
physical address and IP address
IP Group (1)
IP Group (2)
• It consists of 4 columnar objects (tables)
– ipAddrTable
– ipRouteTable / ipForwardTable (RFC1354)
replace ipRouteTable
– ipNetToMediaTable
IP Group (3)
• ipAddrEntry entry consists of 5 columns
– ipAdEntAddr (RO) – IP address
– ipAdEntIfIndex (RO) – Index
– ipAdEntNetMask (RO) – Subnet Mask
– ipAdEntBcastAddr (RO) – Least significant
byte
– ipAdEntReasmMaxSize (RO) – size of largest
IP datagram that can reassemble
IP Group (4)
• Other scalar objects in IP Group
– ipForwarding (RW) – acting as IP Gateway : 1 yes , 2 -no
– ipInReceives (RO) – total number of input
datagram received from interfaces
– ipInHdrErrors (RO) – total number of input
datagram discarded due to error in IP header
– ipIndiscards (RO) – number of discarded datagram
that are non-error packets (lack of buffer)
– ipOutNoRoutes (RO) - number of discarded
datagram that no route
icmp Group (1)
ICMP Group (2)
• ICMP provides feedback about problems in
the communication environment
– icmpInMsgs (RO) – total number of ICMP
messages that the entity received
– icmpInError (RO) – number of ICMP
messages received but determined to have
ICMP-specific error
– icmpInDestUnreachs (RO) – number of ICMP
Destination Unreachable messages received
ICMP Group (3)
– icmpOutDestUnreachs (RO) – number of ICMP
destination Unreachable messages sent
– icmpOutTimeExcds (RO) – number of ICMP
Time Exceeded messages sent
– icmpOutEchos (RO) – number of ICMP Echo
(request) messages sent
– icmpOutEchoReps (RO) – number of ICMP
Echo Reply messages sent
tcp Group (1)
tcp Group (2)
• Only one table – tcpConnTable sequence of
tcpConnEntry
–
–
–
–
tcpConnState (RW) – TCP connection state
tcpConnLocalAddress (RO) – Local IP address
tcpConnLocalPort (RO) – Local Port number
tcpConnRemoteAddress (RO) – Remote IP
address
– tcpConnRemotePort (RO) – Remote Port number
tcp Group (3)
• Example of Scalar objects
– tcpActiveOpens (RO) – number of active open
connection
– tcpCurrEstab (RO) – number of TCP connection
in ESTABLISH or CLOSE-WAIT state
– tcpAttemptFails (RO) – number of failed
connection attempts
– tcpInsegs (RO) – total number of segment
received including error segment
– tcpOutSegs (RO) – total number of segment sent
udp Group (1)
udp Group (2)
udp Group (3)
• Only one table – udpTable sequence of
udpEntry
– udpLocalAddress (RO)
– udpLocalPort (RO)
• udpInDatagrams (RO) – total number of UDP
•
•
datagrams delivered to UDP users
udpInError (RO) – total number of UDP
datagram that could not be delivered
udpOutDatagrams (RO) – total number of UDP
datagram sent
egp Group (1)
• Information relevant
to the implementation
and operation of the
External Gateway
Protocol (EGP) at a
node
egp Group (2)
Transmission Group (1)
• It provides details about underlying
transmission medium for each interface on
a system
• EtherLike MIB (RFC1643) is one of a
number of MIBs defined under
transmission node of the MIB-II hierarchy.
Transmission
Group (2)
• Dot3 – EtherLike
• dot3StatsTable
records statistics on
the traffic on the
interface
• Dot3CollTable records
statistics on collision
activity on the
interface
dot3 (1)
dot3 (2)