Transcript Internet Standard Management Framework

Internet Standard
Management Framework
w.lilakiatakun
Internet Standard Management
Framework
• Definitions of network management objects,
•
known as MIB objects
A data definition language, known as SMI
(structure of Management Information)
– Define data types, an object model and rules for
writing and revising management information
• A protocol, SNMP (Simple Network Management
Protocol)
– For conveying information between a manager and
agent
• Security and administration capabilities
– Major enhancement in SNMPv3 over SNMPv2
SMI
(Structure of Management Information)
SMI (Structure of Management
Information)
• SMI is the language used to define the
management information residing in a
managed entity
• SMI(v2) for SNMPv3 are RFC
2578,RFC2579, RFC2580
• SMI is based on the ASN.1 (Abstract
Syntax Notation One, ISO1987)
SMI base data types
Object types
• Scalar – object types that will be
instantiated only once in an agent
• Columnar – object types that can be
instantiated multiple times
– It impose a tabular structure on an ordered
collection of MIB objects using the SEQUENCE
OF construct
SMI higher-level Constructs (1)
• SMI provides higher-level language constructs
• The OBJECT-TYPE construct is used to specify
•
•
the data type, status and semantics of a
managed object
The MODULE-IDENTITY construct allows related
objects to be grouped together within a module
The NOTIFICATION-TYPE construct is used to
specify information regarding SNMPv2-Trap and
InformationRequest messages generated by an
agent or a managing entity
SMI higher-level Constructs (2)
• The MODULE-COMPLIANCE construct
defines the set of managed objects within
a module that an agent must implement
• The AGENT-CAPABILITIES construct
specifies the capabilities of agents with
respect to object ad event notification
definitions
The OBJECT-TYPE construct
• SYNTAX – specify the basic data type associated
•
•
•
with the object
MAX-ACCESS – specify whether the managed
object can be read, be written, be created.
STATUS – indicate whether the object definition
is current and valid, obsolete or deprecated
(obsolete but implement for backward
compatibility)
DESCRIPTION – textual definition of the object
OBJECT-TYPE construct
• Page 796
MODULEIDENTITY
construct
Management Information
Base
Categories of management
information
• State information
• Physical configuration information
• Logical configuration information
• Historical information
State information
• It is about the current state of physical and
logical resources along with any operational data
– Whether the device is functioning properly
– What current alarm conditions
– How long the system has been up
• It is most relevant for monitoring a network
• Frequent and rapid change characteristics
• It can be retrieved but cannot be modified
•
(owned by the devices)
Not to cache in a management app.
Physical configuration
information
• It is about how the managed devices is
physically configured
– The device type
– MAC address
– Serial number of devices
• Also, it can be retrieved but cannot be
modified (owned by the devices)
• Not change frequently, management
app. might cache in its database
Logical configuration
information
• It is about the parameter setting and
configured logical resources on the device
– IP addresses
– Protocols
• It is controlled and can be changed by the
•
•
management app.
It might be cached in a management app. but
need to be aware of many app. usage
It can be divided
– Start up configuration information
– Transient (running) configuration information
Historical information
• It includes snapshots of performance-related
state information
– Packet counts for each 15 minute interval over
24 hours
• It also includes logs of various types of
events
– Firewall log of recent remote connection
• It is different from other types of
management information because it does
not reflect actual managed resources
MIB (Management Information
Base)
• It represents as a collections of managed
objects that form a virtual information
store
• MIB is not the same as database
– Does not store information about the real
world in a file system
– It actually connected to the real world and
simply offers a view of it
What is contained in MIB
• Many individual pieces of management
information about the managed entity
• Individual pieces of management
information are referred as “managed
objects”
– Physical
• Ports/ interfaces / line card
– Logical
• Version of installed software
• Protocols
• Features of communication services
MIB and Managed Objects
Arrangement of MIB
• It is arranged into a conceptual tree
• Every definition in a MIB module is
represented by a node in that tree
• Each node is named as the “ object
identifier (OID)”
• OID consists of a sequence of integer
– OID (internet ) = 1.3.6.1
MIB-2 Object Identifier Tree
• Fig 9.3
An Example: MIB-2
RFC1213-MIB DEFINITIONS::= BEGIN
mib-2 OBJECT IDENTIFIER ::= {mgmt 1}
- Establish mib-2 as a new node underneath
a supernode called mgmt inside the
Internet object identifier tree
- OID is 1.3.6.1.2.1
Groups in MIB-2
• Fig – page 193
MIB-2 naming structure
• Fig 6-13
Example of modules
• Fig page 194-195
Definition of object type
• SYNTAX – using the universal and application
-wide type such as
– DisplayString with a maximum length 255 chars.
– TimeTicks
• ACCESS – specify whether the object is a
parameter that can be set (read-write) or
only read
– Read-only/read-write/write-only/Not-accessible
• Status – definition life cycle
– Mandatory/optional
– Current/deprecated/obsolete
• Description – explanation of the object type
• OID relative to containing node
Definition of a table (columnar)
object
Definition of the rows of the
table
TcpConnEntry data type
• Fig 197
Sequence of Vs Sequence
• The overall table consists of a SEQUENCE OF
TcpConnEntry
– One or more elements, all of the same type
• Each row consists of a SEQUENCE that
include 5 scalar elements
– Fixed number of elements, possibly more than one
type
– Ex. Contains element of type INTEGER, IpAddress,
INTEGER(..65535),IpAddress,INTEGER(..65535)
tcpConnState
tcpConnLocalAddress
tcpConnLocalPort
• Fig 198
tcpConnRemAddress
tcpConnRemPort
• Fig 199
Structure of SNMP MIB OID
• Fig 6-14
Object identifier tree for MIB
tables
• Fig 6-15
Identification of instances
• Scalar – add .0 to the OID
– sysUPtime is 1.3.6.1.2.1.1.3.0
• Columnar – add index to the OID
–
–
–
–
–
Local address – 167.8.15.92
Local port – 227
Remote address – 176.15.53.216
Remote address – 228.
OID 1.3.6.1.2.6.13.1.1.167.8.15.92.227.176.15.53.216.228
Subtree under MIB-II (RFC1213)
(1)
• system(1): overall information about the
system
• interfaces(2); information about the
interfaces
• at(3) (Address translation)
• ip(4): information related to the
implementation of IP
Subtree under MIB-II (2)
• tcp(5): information related to the
implementation of TCP
• udp(6): information related to the
implementation of UDP
• egp(7): information related to the
implementation of EGP
• dot3(8): information related to Ethernet
protocol at each interface
• snmp(9): information related to the
implementation of SNMP
System Group (1)
• sysServices(7) – has a value that is
interpreted as a 7-bit code
– Each bit corresponds to a layer in TCP/IP or
OSI architecture
– Ex. Host offering app. services would have
binary of 1001000
– It means services are provided for layer 4
(transport layer) and layer 7 (application
layer)
System Group (2)
• sysUptime (3) indicate amount of time
since the network management portion of
the system was last reinitiated.
• Determine how much the counters have
changed over a specific time interval
• Fault monitoring : current value < most
recent value
System group
(3)
System group (4)
• Table 6-1
Interfaces Group
• ifPhysAddress(6) : physical address
– For all LAN, it contains MAC address
• ifOperStatus(8) : current operational status
– Up (1) /down (2)
• ifSpeed (5) : current capacity of interface in
•
bit per second
Used to detect congestion
– Measured total number of octets into or out of the
system o
– The queue length for output
Address Translation Group
• Consists of a single table
• Each row in the table corresponds to one
of the physical interface of the system
• The row provide a mapping from a
network address to a physical address
IP Group (MIB-II con’t)
• Contains some basic counters of traffic flow into
•
•
•
•
and out of IP layer
3 tables are included in the IP group
ipAddrTable - information relevant to the IP
address assigned to this entity
ipRouteTable – information used for Internet
routing
ipNetToMediaTable – an address translation table
that provides a correspondence between
physical address and IP address
ipAddrEntry
• Each entry consists of 5 columns
– ipAdEntAddr (RO) – IP address
– ipAdEntIfIndex (RO) – Index
– ipAdEntNetMask (RO) – Subnet Mask
– ipAdEntBcastAddr (RO) – Least significant
byte
– ipAdEntReasmMaxSize (RO) – size of largest
IP datagram that can reassemble
Other scalar objects in IP Group
• ipForwarding (RW) – acting as IP Gateway : 1
•
•
•
•
- yes , 2 -no
ipInReceives (RO) – total number of input
datagram received from interfaces
ipInHdrErrors (RO) – total number of input
datagram discarded due to error in IP header
ipIndiscards (RO) – number of discarded
datagram that are non-error packets (lack of
buffer)
ipOutNoRoutes (RO) - number of discarded
datagram that no route
ICMP Group
• ICMP provides feedback about problems in the
•
•
•
communication environment
icmpInMsgs (RO) – total number of ICMP
messages that the entity received
icmpInError (RO) – number of ICMP messages
received but determined to have ICMP-specific
error
icmpInDestUnreachs (RO) – number of ICMP
Destination Unreachable messages received
• icmpOutDestUnreachs (RO) – number of ICMP
•
•
•
destination Unreachable messages sent
icmpOutTimeExcds (RO) – number of ICMP Time
Exceeded messages sent
icmpOutEchos (RO) – number of ICMP Echo
(request) messages sent
icmpOutEchoReps (RO) – number of ICMP Echo
Reply messages sent
TCP Group
• Only one table – tcpConnTable sequence of
tcpConnEntry
–
–
–
–
tcpConnState (RW) – TCP connection state
tcpConnLocalAddress (RO) – Local IP address
tcpConnLocalPort (RO) – Local Port number
tcpConnRemoteAddress (RO) – Remote IP
address
– tcpConnRemotePort (RO) – Remote Port number
TCP scalar objects
• tcpActiveOpens (RO) – number of active open
•
•
•
•
connection
tcpCurrEstab (RO) – number of TCP connection in
ESTABLISH or CLOSE-WAIT state
tcpAttemptFails (RO) – number of failed connection
attempts
tcpInsegs (RO) – total number of segment received
including error segment
tcpOutSegs (RO) – total number of segment sent
UDP Group
• Only one table – udpTable sequence of
udpEntry
– udpLocalAddress (RO)
– udpLocalPort (RO)
• udpInDatagrams (RO) – total number of UDP
•
•
datagrams delivered to UDP users
udpInError (RO) – total number of UDP
datagram that could not be delivered
udpOutDatagrams (RO) – total number of UDP
datagram sent