Transcript SNMP

SNMP
(Simple Network Management Protocol)
Jon Sevy
Geometric and Intelligent Computing Laboratory
Department of Mathematics and Computer Science
Drexel University
http://gicl.mcs.drexel.edu
SNMP Overview
• Define mechanism for remote management of
network devices (routers, bridges, etc.)
• Fundamental principle: all device management done
by simple variable value manipulation
• Approach:
– standard means for specifying quantities recognized by
devices
– protocol for requesting, returning, notifying of changes of
values
SNMP Message Protocol
• Messages use UDP, ports 161 (requests/responses)
and 162 (notifications)
• Message types:
– GetRequest: request values of variables from device
– GetNextRequest: request value of variable following the one
supplied
– GetResponse: return values
– SetRequest: instruct device to set values of variables
– Trap: from device - notify monitor / manager of value change
SNMP Communities
• Define “communities” specifying access to specific
variable sets (read-write, read only, none)
• Supply community name as “password” in each
message
– unencrypted in version of SNMP still widely used!!
SNMP Message Encoding
• Encode message as byte stream using ASN.1 BER
(Abstract Syntax Notation 1 Basic Encoding Rules)
• Quantites encoded as Type,Length,Value triples
• Types
– Subset of basic ASN.1 types used in SNMP: integer, octet
string, object identifier (“variable name”), sequence
– SNMP-defined types: gauge, counter, IP address, etc.
• Values
– weirdly encoded!! (see ASN.1 specs)
SNMP SMI
(Structure of Management Information)
• Variables recognized by device supplied in MIB
(Management Information Base)
– text file giving variables and data structures defined using
ASN.1
– standard variable sets often provided as RFC’s
– device-specific sets provided by vendors
• Management stations parse MIB’s to determine
variables available for management
– obtain both data structure and management information
Example portion of MIB (from RFC 1213)
-- the Interfaces group
-- Implementation of the Interfaces group is mandatory for
-- all systems.
ifNumber OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of network interfaces (regardless of
their current state) present on this system."
::= { interfaces 1 }
ASN.1 Object Identifiers
• Variables identified by globally unique strings of digits
– ex: 1.3.6.1.4.1.3.5.1.1
– name space is hierarchical; tree on next slide
• in above, 1 stands for iso, 3 stands for org, 6 stands for dod,
1 stands for internet, 4 stands for private, etc.
• Variable names are aliases for digit strings (within
MIB)
– From previous page: ifNumber ::= { interfaces 1 }
– interfaces was previously defined in MIB as 1.3.6.1.2.1.2, so
ifNumber = 1.3.6.1.2.1.2.1
Partial ASN.1 Object Identifier Tree
(from: ASN.1 Complete, J. Larmouth, Open Systems Solutions, 1999)
Application: GICL SNMP Monitor
• Java-based SNMP application
– Query devices for available MIB variables
– Set desired variable values
• Current status
– retrieve and display all values from device
– automatically build data structures to hold retrieved values
• Future work
– incorporate MIB information via MIB parser
– auto-generate GUI display
– implement device discovery
References
• Internet Standards 15, 16 and 17
• ASN.1 Complete, J. Larmouth, Open Systems
Solutions, 1999 (available online)
• SNMP : a guide to network management, S. Feit,
McGraw-Hill, 1995