Transcript Simple Network Management Protocol

SNMP Management Information
Prof. Choong Seon HONG
Kyung Hee
University
1
Basic Concepts of SNMP
 RFC 1157
 General purpose operations supported by SNMP
get : retrieving the value of objects at the agent
set : setting the value of objects at the agent
trap : notifying the management station of significant events
 Control about the use of MIB
Authentication service : the managed station may wish to limit access
to the MIB to authorized managed stations
Access policy : Managed station may wish to give different access
privileges to management stations

SNMP access mode : {READ_ONLY, READ-WRITE}
Proxy service :A managed station may act as a proxy to other
managed stations. Involving implementing the authentication service
and access policy service as a proxy to other managed stations
Kyung Hee
University
2
Instance Identification
 Object instance is identified by columnar object and row in the
table
 Two techniques for identifying a specific object instance
serial-access technique based on a lexicographic ordering of objects
in the MIB (in section 7.2)
random access technique
 See Fig. 5.7
Three instances of tcpConnState have same object identifier :
1.3.6.1.2.1.6.13.1.1
the value of INDEX objects of a table are used to distinguish one row from
another
combination of the object identifier for a columnar object and one set of
values of the INDEX objects : specifying a particular scalar object in a
particular row of the table
Kyung Hee
University
3
Instance Identification (2)
 Convention used in SNMP : concatenating the scalar object
identifier with the values of the INDEX objects
 A simple example,
Object ID of ifType : 1.3.6.1.2.1.2.2.1.3 (see Fig. 5.1, 6.2)
Accordingly, instance ID for the ifType corresponding to the row
containing a value of ifIndex of 2 : 1.3.6.1.2.1.2.2.1.3.2
 More complicated example
consider tcpConnTable having 4 INDEX objects(See Fig. 5.6, Fig.
6.10)
instance IDs for all of the columnar objects from Fig. 5.7 (see Table 7.2)
See page 168
Kyung Hee
University
4
Instance Identification (3)
Kyung Hee
University
5
Instance Identification (3)
 Conceptual Table and Row Objects
no instance ID for table and row objects
for example, tcpConnTable and tcpConnEntry are not leaf objects

not accessible by SNMP

ACCESS characteristic : “not accessible”
 Scalar Objects
Instance ID of nontabular scalar object : Object ID + 0
example, see Table 7.4
Kyung Hee
University
6
Lexicographical Ordering
 Object ID : exhibiting a lexicographical ordering
generated by traversing the tree of object ID in the MIB
See Appendix 7A
extending to object instance ID (sequence of integers)
 For example,
ipRouteTable ( See Figure 7.2 and Table 7.5)
Kyung Hee
University
7
Lexicographical Ordering
Kyung Hee
University
8
Lexicographical Ordering
Kyung Hee
University
9
Protocol Specification
 Protocol Data Unit
Version
Community
SNMP PDU
(a) SNMP message
PDU type Request-id
0
0
Variablebindings
(b) GetRequest PDU, GetNextRequest PDU, and SetRequest PDU
PDU type Request-id
Error
status
Error
index
Agent
addr
Generictrap
Specifictrap
Time
stamp
name2
value2
---
namen
Variablebindings
(c) Get Response PDU
PDU type enterprise
Variablebindings
(d) Trap PDU
name1
value 1
valuen
(e) variablebindings
Generic trap :
- A warmStart trap signifies that the sending protocol entity is reinitializing itself
such that neither the agent configuration nor the protocol entity implementation is altered.
- A coldStart trap signifies that the sending protocol entity is reinitializing itself
such that the agent's configuration or the protocol entity implementation may be
altered
Kyung Hee
University
10
Action of SNMP Entity upon Reception of an SNMP
Message
1) basic syntax check of message
2) verifying version number
3) passing user name, PDU portion of message, and the source and
destination transport address to authentication service
(a) if authentication fails, generating trap
(b) if authentication succeeds, authentication service returns a PDU
4) protocol entity does basic syntax check of PDU
Kyung Hee
University
11
Variable Bindings
 Grouping a number of operations of the same type (get, set, trap)
into single message
 Getting the values of all the scalar objects in a particular group at a
particular agent
Kyung Hee
University
12
GetRequest PDU
 Issued by SNMP entity
 Including following fields in the PDU:
PDU type : GetRequest PDU
request-id : for correlating incoming response
variablebindings : lists of object instances

automic operation

if not match to object ID : noSuchName as error-status
 Receipt of SNMP PDUs ( see Fig7.6)
Kyung Hee
University
13
GetRequest PDU
 SNMP PDU Sequences
Kyung Hee
University
14
GetNextRequest PDU
 Returning the value of object instance that is next in
lexicographical order.
 Automic operation but, more flexible than GetRequest
 Allowing a network management station to discover the structure
of a MIB view dynamically
providing an efficient mechanism for searching a table whose entries
are unknown
 Retrieving a Simple Object Value (see sec. 7.2.3.1)
GetRequest (udpInDatagrams.0, udpNoPorts.0, udpInErrors.0,
udpOutDatagrams.0)
GetNextRequest (udpInDataGrams, udpNoPorts, udpInErrors,
udpOutDatagrams)
Kyung Hee
University
15
GetNextRequest PDU (2)
 Retrieving Unknown Objects
GetNextRequest (udpInDatagrams.2) --> GetResponse (udpNoPorts.0 =
value)
GetNextRequest (udp) ---> GetNextRequest(udpInDataGrams.0 = value)

to probe a MIB view and discover its structure
 Accessing Table Values
See page 184
Kyung Hee
University
16
SetRequest PDU
 Used to write an object value rather than read one
 Automic operation
 badValue for type, length, or actual value of the supplied value
 Updating a Table
SetRequest (ipRouteMetric1.9.1.2.3 = 9) --> GetResponse
(ipRouteMetric1.9.1.2.3 = 9)
Supporting a new row (see Page 186)
something depends on policy and implementation matter for the agent
 Row Deletion
SetRequest (ipRouteType.7.3.5.3 = invalid) --> GetResponse
(ipRouteDest.7.3.5.3 = invalid) : having the effect eliminating the row
See Table 7.8
Kyung Hee
University
17
SetRequest PDU (2)
 Performing an Action
an agent could include a proprietary object reBoot with an initial vaule;
if a management station sets the object’s value to 1, the agent system
reboots and resets the object vale to 0
Kyung Hee
University
18
Trap PDU
 PDU type : Trap PDU
 Enterprise : identifying the network management subsystem
 agent-addr
 generic-trap : having 7 values
 specific-trap
 time-stamp
 variablebindings
 Not soliciting a response from the other side
Kyung Hee
University
19
Transport-Level Support
 Connetionless Transport Service
Using the User Datagram Protocol (UDP)
Using connectionless transport support service (CLTS) of OSI
architecture
UDP details

UDP over IP

UDP header :
–
source and destination port fields
–
enabling application-level protocols such as SNMP to address each
other
–
optional checksum for UDP header and user data
CLTS details

Transport protocol data unit including source and destination transport
service access points (TSAPs)

Optional checksum

TSAP address : network-layer address + TSAP ID
Kyung Hee
University
20
Transport-Level Support (2)
Loss of PDU

UDP and CLTS are not reliable

Guaranteeing delivery application that is using SNMP
–
setting time-out of GetResponse
–
repeating the request one or more times
 Connection-Oriented Transport Service
SNMP intended for use over a connectionless transport service

Key reason : for robustness
RFC 1283 : prescribing conventions for the use of SNMP over the ISO
connection-oriented transport service (COTS)
At first, setting-up a transport connection to the agent, then sending
request
Kyung Hee
University
21
SNMP Group
 Snmp group as part of MIB-II including information relevant to the
implementation and operation of SNMP (see Figure and Table 7.9)
 all of the objects except object, snmpEnableAuthenTraps :
Read-only counters
Kyung Hee
University
22
List of features for network management station
 Extended MIB support
network management station that can load MIB definitions for extended MIBs
defined for agent products from other vendors
 Intuitive interface
easy and powerful user interface

separate window for each part of the network

capable of displaying topological and geographic maps of the network

capable to show the status of the devices
 Automatic discovery
At the installing time, able to discover agents to build maps and configure
icons
 Programmable events
allowing for user to define the actions for occurrence of the events

ex) changing states of icons, e-mail messages to manager, setting off beeper
Kyung Hee
University
23
List of features for network management station (2)
 Advanced network control
performing some predefined functions under certain conditions

ex) automatic shut-off for a bad or suspect hub or isolating an overactive
network segment so that the whole network does not suffer
 Object-oriented management
MIB and SMI specifications referring to “objects” , but SNMP not using
object-oriented technology
Object-oriented system that can support SNMP
 Custom iconsd
not just simple rectangular and circle to describe network topology ,
but descriptive icons
creating custom icons
Kyung Hee
University
24