Post on 19-Jan-2016
description
transcript
SNMP Network Management (I)*
*Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.
SNMP Network Management
Organization Model Communication Model Information Model
o Structure of Management Information (SMI)
o Managed Objectso Management Information Base
(MIB)
SNMP Administrative Model SNMP Protocol Specs
Organization Model
Describes components of a network management system
Focuses on functions and infrastructure
Objects are network elements such as hubs, bridges, routers, etc.
Managed elements have a process running them called an agent
Manager queries the agent, gets information, processes it and stores it in the MIB
MIB
agent agent
Managed Objects
Unmanaged Objects
SNMP Manager
A simplified hierarchical (2-tier) setup
Organization Model
Multiple managers, 1 agent
An agent responds to any management system that communicates with it using SNMP
A NMS provided by a vendor is in a better position to manage, monitor and configure all NEs coming from that same vendor
Managed
Object
MIB
Managed Objects
SNMP Manager
agent
SNMP Manager
Managers may have restrictedaccess to managed objects
Organization Model
Limiting the data that a manager wishes to obtain!
RMON (Remote Monitoring): acts as an agent and a manager RMON gathers data
from MO, analyses the data, and stores the data
Communicates the statistics to the manager
Managed
Object
MIB
Managed Objects
SNMP Manager
agent
SNMP Manager
Managers may have restrictedaccess to managed objects
RMON Probe
3-tier architecture
Organization Model
Proxy server converts non-SNMP data from non-SNMP objects to SNMP compatible objects and messages
Managed
Object
MIB
Managed Objects
SNMP Manager
agent
Proxy Server
Wireless LAN
unmanaged Objects
SNMP Network Management
Organization Model Communication Model Information Model
o Structure of Management Information (SMI)
o Managed Objectso Management Information Base
(MIB)
SNMP Administrative Model SNMP Protocol Specs
Communication Model
MANAGER
AGENTS
SNMP Polling
MIB
Trap
Communication Model
Communicate mgnt information between network mgnt stations and managed elements
Goals:o Management functions maintained by agents are
kept simpleo Protocol flexibility (addition of new aspects of
operation and management)o Transparency (should not be affected by the
architecture of particular hosts and gateways) Operation: 5 messages
o get-request, get-next request, set-requesto get-response, trap
SNMP messages are exchanged using UDP (connection less) transport protocol
Communication Model
SNMP ManagerApplication
Get
-Res
po
nse
Get
-Req
ue
st
Get
Ne
xt-R
equ
est
Set
-Re
que
st
Tra
p
SNMP Manager
SNMP Manager
UDP
IP
DLC
PHY
SNMP AgentApplication
Get
-Res
po
nse
Tra
p
SNMP Agent
SNMP agent
UDP
IP
DLC
PHY
Physical Medium
Manage-mentData
Get
-Req
ue
st
Get
Ne
xt-R
equ
est
Set
-Re
que
st
Network or Internet
ApplicationManages objects
SNMP messages
Communication Model-SNMP Traps
Type Indication
Cold-start of a system Agent is reinitializing itself since its configuration has changed
Warm-start of a system Agent is reinitializing itself but its configuration has not changed
Link down Link failure
Link up Link restoral
Failure of Authentication Request does not have proper authentication
e.g., wrong SNMP community string
EGP neighbor loss Exterior Gateway protocol neighbor gone
Enterprise specific Specific to vendor implementing it
Communication Model-SNMP Traps
Type
Cold-start of a system
Warm-start of a systemLink down
Link up
Failure of Authentication
EGP neighbor lossEnterprise specific
Format
generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure (4), egpNeighborLoss (5),
enterpriseSpecific (6) }
SNMP Network Management
Organization Model Communication Model Information Model
o Structure of Management Information (SMI)
o Managed Objectso Management Information Base
(MIB)
SNMP Administrative Model SNMP Protocol Specs
Structure of Management Information RFC 1155: Structure of Management
Information A common representation for data between
both manager and agent Defines the syntax (using ASN.1) to describe
management informationo Data types ando Rules used to define managed objects in a MIB
Generic objects and private (vendor specific) objects conforming to SMI rules (RFC 1155) can be managed by SNMP
SMI, Objects and Instances
Objects have: object types and object instances
SMI is concerned with types and not instances
Object type Name (unique
descriptor and object identifier)
Syntax (ASN.1) Encoding (BER)
Object
ObjectInstance
ObjectType
Encoding:BER
Syntax:ASN.1
Name:OBJECT
IDENTIFIER
Managed Object : Type and Instance
A hub with IP 172.16.46.3 is an instance of the objectA hub is an object type
SMI, Objects and Instances
172.16.46.1
Backbone Network
Hub 1172.16.46.2
Hub 2172.16.46.3
Router 1
172.17.252.1
Router 2
NMS192.168.252.110
A Managed LAN Network
Object
ObjectInstance
ObjectType
Encoding:BER
Syntax:ASN.1
Name:OBJECT
IDENTIFIER
Managed Object : Type and Instance
SMI, Objects and Instances
Object
ObjectInstance 3
ObjectType
Encoding:BER
Syntax:ASN.1
Name:OBJECT
IDENTIFIER
Managed Object : Type with Multiple Instances
ObjectInstance 2
ObjectInstance 1
Title: System Information: 172.16.46.2 Name or IP Address: 172.16.46.2 System Name : System Description : 3Com LinkBuilder FMS, SW version:3.02 System Contact : System Location : System Object ID : .iso.org.dod.internet.private.enterprises.43.1.8.5 System Up Time : (2475380437) 286 days, 12:03:24.37 System Information on 172.16.46.2 Hub
Title: System Information: 172.16.46.3 Name or IP Address: 172.16.46.3 System Name : System Description : 3Com LinkBuilder FMS, SW version:3.12 System Contact : System Location : System Object ID : .iso.org.dod.internet.private.enterprises.43.1.8.5 System Up Time : (3146735182) 364 days,4:55:51.82 System Information on 172.16.46.3 Hub
SMI, Names
Each managed object is associated with an identifier (OBJECT IDENTIFIER) Identifiers are used to
name objects and they are unique for managed objects
identifier is a sequence of integers
root
ccitt(0) iso(1) joint-iso-ccitt(2)
org(3)
dod(6)internet(1)
private(4)mgmt(2)experimental(3)
enterprise(1)mib-2(1)
internet OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) 1 }
::= {1 3 6 1 }
::= {iso standard dod internet}Name of managed object
SMI, Names
mgmt(2)
directory(1)
experimental(3)
private(4)
Internet{1 3 6 1}
Reserved for future use
Used for objects defined in IAB-approved documents
To identify objects used in Internet experiments
Used heavily by commercial vendors
Sub-nodes under Internet
SMI, Names
mgmt(2)
directory(1)
experimental(3)
private(4)
Internet{1 3 6 1}
mib-2(1)
system (1)
interfaces (2)
at (3)
ip (4)
icmp (5)
snmp (11)
transmission (10)
cmot (9)
egp (8)
udp (7)
tcp (6)
SMI, Names
mgmt(2)
directory(1)
experimental(3)
private(4)
Internet{1 3 6 1}
enterprises(1)
hp(11)
cisco(9)
3Com(43)
Cabletron(52)
SMI, SNMP Syntax
SNMP ASN.1Data Type
Definedor
Application
Constructor or
Structured
Simpleor
Primitive
Number
Tag
Structure
Class
Universal ApplicationContext-specific
Private
SNMP Primitive Data Types
Subtype: INTEGER (0..255) OCTET STRING (SIZE 0..255) OCTET STRING (SIZE 8)
error-status INTEGER { noError(0) tooBig(1) genErr(5) authorizationError(16)
}
Special case of INTEGER data type (enumeration):
Data Type CommentsINTEGER Subtype INTEGER (n1..nN) Special case: Enumerated INTEGER typeOCTET STRING 8-bit bytes binary and textual data
Subtypes can be specified by either range or fixedOBJECT IDENTIFIER Object position in MIBNULL Placeholder
Application-Wide SNMP Types
0 231
IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4))
Counter ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295)
Gauge ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295)
TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295)
Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING
160.85.128.1
0 231
[ms]0
0
10
1
20
2
A0 55 80 01
SNMP Structured Types
SEQUENCE,SEQUENCE OF SET and SET OF of ASN.1 are not
included in SNMP-based management Used to build lists and tables
SEQUENCE {<type1>, <type2>,….., <typeN>}
Object OBJECT IDENTIFIER ObjectSyntax1 ipAdEntAddr {ipAddrEntry 1} IpAddress2 ipAdEntIfIndex {ipAddrEntry 2} INTEGER3 ipAdEntNetMask {ipAddrEntry 3} IpAddress4 ipAdEntBcastAddr {ipAddrEntry 4} INTEGER5 ipAdEntReasmMaxSize {ipAddrEntry 5} INTEGER6 ipAddrEntry {ipAddrTable 1} SEQUENCE
Managed objects Their location in the MIB
Their data types
SNMP Structured Types
List: IpAddrEntry ::= SEQUENCE {
ipAdEntAddr IpAddressipAdEntIfIndex INTEGERipAdEntNetMask IpAddressipAdEntBcastAddr INTEGERipAdEntReasmMaxSize INTEGER (0..65535)
}Managed Object IpAddrEntry as a list
Object Name OBJECT IDENTIFIER Syntax 7 ipAddrTable {ip 20} SEQUENCE OF
Table: ipAddrTable ::= SEQUENCE OF IpAddrEntry
Managed Object ipAddrTable as a table
ipAddrTable is made up of instances of idAddrEntry object
SMI, Encoding
Basic Encoding Rules, BER Data Types and Tags
Type Tag
OBJECT IDENTIFIER UNIVERSAL 6
SEQUENCE UNIVERSAL 16
IpAddress APPLICATION 0
Counter APPLICATION 1
Gauge APPLICATION 2
TimeTicks APPLICATION 3
Opaque APPLICATION 4
Encoding of Object Identifiers: Packs the first two integers into a single sub-identifier
SMI, Encoding
0
Z = 40·X + Y
X Y
43
0
6
0
1
0
4
0
1
06 05 2B 06 01 04 01
enterprise OBJECT IDENTIFIER ::={iso(1) org(3) dod(6) internet(1) private(4) 1}
Managed Objects
Textual name: mnemonic; always begins with lower caseo OBJECT IDENTIFIER: unique position of the managed object in
the MIB Syntax: the ASN.1 definition of the object type Access: read-only, read-write, not-accessible (e.g., tables) Status: mandatory, optional, obsolete Definition: textual description of the object type
sysDescr(1) sysObjectID(2) sysContact(4)sysUpTime(3)
system(1)
Managed Objects
sysDescr(1) sysObjectID(2) sysContact(4)sysUpTime(3)
system(1)
OBJECT: sysDescr: { system 1 } Syntax: OCTET STRING Definition: "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters." Access: read-only Status: mandatory
Specifications for System Description
Macros for Managed Objects
A formal definition for managed objects
IMPORTS ObjectName, ObjectSyntax FROM RFC-1155-SMI OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= “SYNTAX” type(TYPE ObjectSyntax) “ACCESS” Access “STATUS” Status VALUE NOTATION ::= value(VALUE ObjectName) Access ::= “read-only” | “write-only” | “not- accessible” Status ::= “mandatory” | “optional” | “obsolete” END
OBJECT-TYPE Macro
RFC1155-SMI DEFINITIONS ::= BEGIN EXPORTS --EVERYTHING
internet, directory, mgmt, … OBJECT-TYPE, ObjectName, ObjectSyntax,… -- the path to the root internet OBJECT IDENTIFIER ::= {iso org(3) dod(6) 1} directory … … -- definition of object types OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= “SYNTAX” type(TYPE ObjectSyntax) “ACCESS” Access “STATUS” Status VALUE NOTATION ::= value(VALUE ObjectName) Access ::= “read-only” | “write-only” | “not-accessible” Status ::= “mandatory” | “optional” | “obsolete” END -- names of objects in the MIB ObjectName ::= OBJECT IDENTIFIER -- syntax of objects in the MIB ObjectSnytax ::= CHOICE{simple SimpleSyntax, application-wide ApplicationSyntax} SimpleSyntax :: CHOICE{number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL} ApplicationSyntax :: CHOICE{address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque} … … END
SMI Definitions
Macros for Managed Objects
Using OBJECT-TYPE MACRO to define a managed object of the system group in the MIB
sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS mandatory DESCRIPTION “A textual description of the entity. This
value should include the full name and version identification of the system’s hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters.”
::= { system 1 }
Macros for Managed Objects
sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second)
since the network management portion of the system was last re-initialized."::= { system 3 }
sysDescr(1) sysObjectID(2) sysContact(4)sysUpTime(3)
system(1)
Aggregate Objects
A group of related objects (also called tabular objects) Represented by a table with
o Columns of objectso Rows of instances
Example: IP address table Consists of objects:
IP address Interface Subnet mask (which subnet this address belongs to) Broadcast address (value of l.s.b. in IP broadcast address) Largest IP datagram that can be assembled
Multiple instances of these objects associated with the node
Aggregate Object Macro-ipAddrTable (RFC 1155)ipAddrTable OBJECT-TYPE Syntax SEQUENCE OF IpAddrEntry Access not-accessible STATUS mandatory Definition "The table of addressing information relevant to this entity's IP addresses."
::={ip 20}
ipAddrEntry OBJECT-TYPE Syntax IpAddrEntry Access not-accessible STATUS mandatory Definition "The addressing information for one of this
entity's IP addresses..„
INDEX {ipAdEntAddr}::={ipAddrTable 1}
IpAddrEntry ::= SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr INTEGER, ipAdEntReasmMaxSize INTEGER (0..65535)}
Aggregate Object Macro-ipAddrTable (RFC 1155)ipAdEntAddr OBJECT-TYPE Syntax IpAddress Access read-only STATUS mandatory Definition "The IP address to which this entry's addressing information pertains."
::={ipAddrEntry 1}
ipAdEntIfIndex OBJECT-TYPE Syntax INTEGER Access read-only STATUS mandatory Definition "The index value that uniquely identifies the
interface to which this entry is applicable. The interface identified by a particular value of this index is the same interface as identified by the same value of IfIndex." INDEX {ipAdEntAddr}::={ipAddrEntry 2}
.
.
.
.
Columnar Objects Aggregate objects type contains one or more subtypes
o each could have multiple instances, with a value associated with each instance
It is convenient to conceptually define a tabular structure for objects with multiple values
o e.g., IP address table
The objects TABLE T and ENTRY E are logical objects
o define grouping, are not accessible Columnar objects are objects that
represent the attributes o hence are accessible
Each instance of E is a row of columnar objects 1 through 5
Multiple instances of E are represented by multiple rows
TABLET
ENTRYE
COLUMNAROBJECT 5
Multiple Instance Managed Object
COLUMNAROBJECT 4
COLUMNAROBJECT 3
COLUMNAROBJECT 1
COLUMNAROBJECT 2
Columnar Objects
T
T.E
T.E.1.1 T.E.5.1T.E.2.1 T.E.3.1 T.E.4.1
T.E.1.2 T.E.5.2T.E.2.2 T.E.3.2 T.E.4.2
T.E.1.3 T.E.5.3T.E.2.3 T.E.3.3 T.E.4.3
T.E.1.4 T.E.5.4T.E.2.4 T.E.3.4 T.E.4.4
Example of 5 Columnar Object with 4 Instances (rows)
Notice that the column-row numeric designation is reverse of that used in matrix representation (row-column)
Row 3: the third instance ofthe object
Not accessibleObject ID
{Table, Entry, Object, Index}
Columnar Objects - Example
Row ipAdEntAddr ipAdEntIfIndex IpAdEntNetMask IpAdEntBcastAddr IpAdEntReasmMaxSize
1 123.45.2.1 1 255.255.255.0 0 12000
2 123.45.3.4 3 255.255.0.0 1 12000
3 165.8.9.25 2 255.255.255.0 0 10000
4 9.96.8.138 4 255.255.255.0 0 15000
Object instances of ipAddrTable (1.3.6.1.2.1.4.20)
ipAddrTable {1.3.6.1.2.1.4.20}ipAddrEntry (1)
ipAdEntAddr (1)ipAdEntIfIndex (2)ipAdEntNetMask (3)ipAdEntBcastAddr (4)ipAdEntReasmMaxSize (5)
Columnar object ID of ipAdEntBcastAddr is (1.3.6.1.2.1.4.20.1.4):
iso org dod internet mgmt mib ip ipAddrTable ipAddrEntry ipAdEntBcastAddr 1 3 6 1 2 1 4 20 1 4
Columnar objects under ipAddrEntry
Index of table
4 instances of the Columnar object
Columnar Objects - Example
Row ipAdEntAddr ipAdEntIfIndex IpAdEntNetMask IpAdEntBcastAddr IpAdEntReasmMaxSize
1 123.45.2.1 1 255.255.255.0 0 12000
2 123.45.3.4 3 255.255.0.0 1 12000
3 165.8.9.25 2 255.255.255.0 0 10000
4 9.96.8.138 4 255.255.255.0 0 15000
Object instances of ipAddrTable (1.3.6.1.2.1.4.20)
Columnar Object Row # Object Identifier
ipAdEntAddr1.3.6.1.2.1.4.20.1.1
2 {1.3.6.1.2.1.4.20.1.1.123.45.3.4}
ipAdEntIfIndex1.3.6.1.2.1.4.20.1.2
3 {1.3.6.1.2.1.4.20.1.2.165.8.9.25}
ipAdEntBcastAddr1.3.6.1.2.1.4.20.1.4
1 {1.3.6.1.2.1.4.20.1.4.123.45.2.1}
IpAdEntReasmMaxSize1.3.6.1.2.1.4.20.1.5
4 {1.3.6.1.2.1.4.20.1.5.9.96.8.138}
Object Id for specific instances
Index of the object instance
Object ID for ipAddrEntry
Node 1 under ipAddrEntry
Management Information Base (MIB) RFC 1213 MIB is a database containing information about
elements to be managed For SNMP, the MIB is a structured database
(tree) Each resource to be managed is represented
by an object Each system (e.g., a router) maintains a MIB
that reflects the status of its managed resources
A NMS monitors/controls the resources by reading/modifying the values of objects in the MIB
MIB, RFC1213
mgmt(2)
directory(1)
experimental(3)
private(4)
Internet{1 3 6 1}
mib-2(1)
Internet MIB-II Group
system (1)
interfaces (2)
at (3)
ip (4)
icmp (5)
snmp (11)
transmission (10)
cmot (9)
egp (8)
udp (7)
tcp (6)
Implementation can be done as needed (e.g., objects essential for fault or configuration management are added)
If a group is implemented by a vendor, all its components are implemented (e.g. OSPF and all its group objects)
<module name> DEFINITIONS ::= BEGIN <imports><definitions>
END
MIB, RFC1213 RFC1213-MIB DEFINITIONS ::= BEGIN
IMPORT mgmt, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks FROM RFC1155-SMI
OBJECT-TYPE FROM RFC-1212; -- This MIB module uses the extended -- OBJET-TYPE macro as defined in [14];
-- MIB-II (same prefix as MIB-I) mib-2 OBJECT IDENTIFIER ::= { mgmt 1 } -- textual conventions DisplayString ::= OCTET STRING -- This data type is used to model textual
-- information taken from the NVT ASCII character -- set. By convention, objects
-- with this syntax are declared as having -- -- SIZE (0..255)
PhysAddress ::= OCTET STRING -- This data type is used to model media
-- addresses. For many types of media, this will -- be in a binary representation. For example, -- an ethernet address would be represented as -- a string of 6 octets.
-- groups in MIB-II
system OBJECT IDENTIFIER ::= { mib-2 1}
interfaces OBJECT IDENTIFIER ::= { mib-2 2 }
at OBJECT IDENTIFIER ::= { mib-2 3 }
ip OBJECT IDENTIFIER ::= { mib-2 4 }
icmp OBJECT IDENTIFIER ::= { mib-2 5 }
tcp OBJECT IDENTIFIER ::= { mib-2 6 }
udp OBJECT IDENTIFIER ::= { mib-2 7 }
egp OBJECT IDENTIFIER ::= { mib-2 8 }
cmot OBJECT IDENTIFIER ::= { mib-2 9 }
transmission OBJECT IDENTIFIER ::= {mib-2 10}
snmp OBJECT IDENTIFIER ::= { mib-2 11 }....END
MIB, System Group-- the System group
-- Implementation of the System group is -- mandatory for all systems. If an agent is not -- configured to have a value for any of these -- variables, a string of length 0 is returned.
sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandatory
DESCRIPTION "A textual description of the entity. ……."
::= { system 1 }
sysServices (7)
sysLocation (6)
sysDescr (1)
system(mib-2 1)
sysObjectId(2)
sysUpTime (3) sysName (5)
sysContact (4)
sysObjectID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER ACCESS read-only STATUS mandatory DESCRIPTION "The vendor's
authoritative identification of the network management subsystem contained in the entity."
::= { system 2 }
sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of
a second) since the network management portion of the system was last reinitialized."
::= { system 3 }
MIB, System Group
Fault monitoring:By periodically polling each agent for this value; if the current value is less than the most recent value, then the agent has been restarted since last poll!
Entity OID Description (brief)sysDescr system 1 Textual descriptionsysObjectID system 2 OBJECT IDENTIFIER of the entitysysUpTime system 3 Time (in hundredths of a second since last reset)sysContact system 4 Contact person for the nodesysName system 5 Administrative name of the systemsysLocation system 6 Physical location of the nodesysServices system 7 Value designating the layer services provided by the
entity
Programmed by vendor of objects during manufacturing time
MIB, Interface Group
ifTable(2)
ifNumber(1)
interfaces(mib-2 2)
ifEntry(1)
ifIndex (1)
ifDescr (2)
ifType (3)
ifMtu (4)
ifSpeed (5)
ifPhysAddress (6)
ifAdminstatus (7)
ifOperStatus (8)
ifLastChange (9)
ifInOctets (10)
ifInUcastPkts (11)
ifSpecific (22)
ifOutQLen (21)
ifOutErrors (20)
ifOutDiscards (19)
ifOutNUcastPkts (18)
ifOutUcastPkts (17)
ifOutOctets (16)
ifUnknownProtos (15)
ifInErrors (14)
ifInDiscards (13)
ifInNUcastPkts (12)
It specifies the number of interfaces in a network component and the managed objects associated with each interface E.g., Ethernet bridge
with many network interface cards
Implementation: mandatory
interfaces OBJECT IDENTIFIER ::= { mib-2 2 }
MIB, Interface Group
ifTable(2)
ifNumber(1)
interfaces(mib-2 2)
ifEntry(1)
ifNumber OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-only
STATUS mandatory
DESCRIPTION "The number of network interfaces (regardless of their current state) present on this system."
::= { interfaces 1 }
ifTable OBJECT-TYPE
SYNTAX SEQUENCE OF IfEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION "A list of interface entries. The number of entries is given by the value of ifNumber."
::= { interfaces 2 }
ifEntry OBJECT-TYPE
SYNTAX IfEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION "An interface entry containing objects at the sub-network layer and below for a particular interface."
INDEX { ifIndex }
::= { ifTable 1 }
IfEntry ::= SEQUENCE {ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER,
ifMtu INTEGER, ifSpeed Gauge, ifPhysAddress PhysAddress, ifAdminStatus INTEGER,
ifOperStatus INTEGER, ifLastChange TimeTicks, ifInOctets Counter, ……}
MIB, Interface Group
ifTable(2)
ifNumber(1)
interfaces(mib-2 2)
ifEntry(1)
ifIndex (1)
ifDescr (2)
ifType (3)
ifMtu (4)
ifSpeed (5)
ifPhysAddress (6)
ifAdminstatus (7)
ifOperStatus (8)
ifLastChange (9)
ifInOctets (10)
ifInUcastPkts (11)
ifSpecific (22)
ifOutQLen (21)
ifOutErrors (20)
ifOutDiscards (19)
ifOutNUcastPkts (18)
ifOutUcastPkts (17)
ifOutOctets (16)
ifUnknownProtos (15)
ifInErrors (14)
ifInDiscards (13)
ifInNUcastPkts (12)
Basic information useful for network management such as performance monitoring and fault control
Examples 1)-measuring the queue
length or the total number of octets into/out of the system--
indicators for detecting congestion
2)- measuring the traffic rate on a given interface!
ifInUcastPkts/second, ifOutUcastPkts/second
Counter data types, always incrementing!
MIB, IP Group
ipRoutingDiscards (23)
ip(mib-2 4)
ipForwarding (1)
ipDefaultTTL (2)
ipInReceives (3)
ipInHdrErrors (4)
ipInAddrErrors (5)
ipForwDatagrams (6)
ipInUnknownProtos (7)
ipInDiscards (8)
ipInDelivers (9)
ipOutRequests(10)
ipNetToMediaTable (22)
ipRouteTable (21)
ipAddrTable (20)
ipFragCreates (19)
ipFragFails (18)
ipFragOKs (17)
ipReasmFails (16)
ipReasmOKs (15)
ipReasmReqds (14)
ipOutDiscards (11) ipReasmTimeout (13)
ipOutNoRoutes (12)
Contains information relevant to the implementation and operation of IP at a node
Routers periodically execute routing algorithms and update routing tables IP Address Table contains
table of IP addresses IP Route Table contains
an entry for each route IP Network-to-Media
Table is address translation table mapping IP addresses to physical addresses
MIB, IP Group
ipRoutingDiscards (23)
ip(mib-2 4)
ipForwarding (1)
ipDefaultTTL (2)
ipInReceives (3)
ipInHdrErrors (4)
ipInAddrErrors (5)
ipForwDatagrams (6)
ipInUnknownProtos (7)
ipInDiscards (8)
ipInDelivers (9)
ipOutRequests(10)
ipNetToMediaTable (22)
ipRouteTable (21)
ipAddrTable (20)
ipFragCreates (19)
ipFragFails (18)
ipFragOKs (17)
ipReasmFails (16)
ipReasmOKs (15)
ipReasmReqds (14)
ipOutDiscards (11) ipReasmTimeout (13)
ipOutNoRoutes (12)
Gateway or router
TTL in IP header
Total # packets received from interfaces
# of discarded datagrams due to header errors
MIB, IP Group
ipAdEntAddr (1)
ipAddrEntry(ipAddrTable 1)
ipAdEntReasmMaxSize (5)
ipAdEntBcastAddr (4)
ipAddrTable(ip 20)
ipAdEntIfIndex (2)
ipAdEntNetMask(3)
Entity OID Description (brief)ipAddrTable ip 20 Table of IP addressesipAddrEntry IpAddrTable 1 One of the entries in the IP address
tableipAdEntAddr IpAddrEntry 1 The IP address to which this entry's
addressing information pertainsipAdEntIfIndex IpAddrEntry 2 Index value of the entry, same as
ifIndexipAdEntNetMask IpAddrEntry 3 Subnet mask for the IP address of
the entryipAdEntBcastAddr IpAddrEntry 4 Broadcast address indicator bitipAdEntReasmMaxSize IpAddrEntry 5 Largest IP datagram that can be
reassembled on this interface
MIB, IP Group
ipRouteEntryipRouteTable (1)
ipRouteDest (1)
ipRouteIfIndex (2)
ipRouteMetric1 (3)
ipRouteMetric2 (4)
ipRouteMetric3 (5)
ipRouteInfo (13)ipRouteMetric5
(12)ipRouteMask 11)
ipRouteAge (10)
ipRouteProto (9)
ipRouteMetric4 (6) ipRouteType (8)
ipRouteNextHop (7)
ipRouteTable(ip 21)
Entity OID Description (brief) ipRouteTable ip 21 IP routing table ipRouteEntry ipRouteTable 1 Route to a particular destination ipRouteDest ipRouteEntry 1 Destination IP address of this route ipRouteIfIndex ipRouteEntry 2 Index of interface, same as ifIndex ipRouteMetric1 ipRouteEntry 3 Primary routing metric for this route ipRouteMetric2 ipRouteEntry 4 An alternative routing metric for this route ipRouteMetric3 ipRouteEntry 5 An alternative routing metric for this route ipRouteMetric4 ipRouteEntry 6 An alternative routing metric for this route ipRouteNextHop ipRouteEntry 7 IP address of the next hop ipRouteType ipRouteEntry 8 Type of route ipRouteProto ipRouteEntry 9 Routing mechanism by which this route was
learned ipRouteAge ipRouteEntry 10 Number of seconds since routing was last updated ipRouteMask ipRouteEntry 11 Mask to be logically ANDed with the destination
address before comparing with the ipRouteDest field
ipRouteMetric5 ipRouteEntry 12 An alternative metric for this route ipRouteInfo ipRouteEntry 13 Reference to MIB definition specific to the routing
protocol
Contains information used for Internet routing
ipRouteTable information is useful for: configuration monitoring, controlling the routing process as well as fault isolation
MIB, TCP Group Contains info. relevant to the implementation/operation
of connection-oriented TCP
tcp(mib-2 6)
tcpRtoAlgorithm (1)
tcpRtoMin (2)
tcpRtoMax (3)tcpMaxConn (4)tcpActiveOpens (5)
tcpOutRsts (15)
tcpInErrors (14)
tcpConnTable 13)
tcpRetranSegs (12)
tcpOutSegs (11)
tcpPassiveOpens (6) tcpInSegs (10)
tcpCurrEstab (9)tcpAttemptFails (7)
tcpEstabResets (8)
Timeout algorithm for retransmission
Minimum value for retransmission timer
Maximum value for retransmission timer
Maximum nb of TCP connections
# segments retransmitted
# segments received
# segments sent
MIB, TCP Group
tcpConnEntry(1)
tcpConnState (1)
tcpConnLocalAddress (2)
tcpCommRemPort (5)
tcpConnRemAddress(4)
tcpConnLocalPort (3)
tcpConnTable(tcp 13)
Entity OID Description (brief) tcpConnTable tcp 13 TCP connection table tcpconnEntry TcpConnTable 1 Information about a particular TCP
connection tcpConnState TcpConnEntry 1 State of the TCP connection tcpConnLocalAddress TcpConnEntry 2 Local IP address tcpConnLocalPort TcpConnEntry 3 Local port number tcpConnRemAddress TcpConnEntry 4 Remote IP address tcpConnRemPort TcpConnEntry 5 Remote port number
SNMP Network Management
Organization Model Communication Model Information Model
o Structure of Management Information (SMI)
o Managed Objectso Management Information Base
(MIB)
SNMP Administrative Model SNMP Protocol Specs
SNMPv1 Administrator Model
SNMP Entities:
SNMP application entitieso Reside in management
stations and network elements
o Manager and agento Pairing of both entities
forms SNMP community
SNMP protocol entities Communication processes
(PDU handlers) Peer processes that
support application entities
Administrative model defines administrative relationship between communicating entities
Management stations, each manages all or a subset of the managed stations in the configuration
o Subsets may overlap
Each managed station controls its local MIB
o control the use of MIB by a number of management stations
SNMPv1 Administrator Model
Multiple pairs can belong to the same community A community name is a string of octets Two application entities in the same community can
communicate with each other o This essentially defines a filter module or
authentication scheme between manager and agent Security in SNMPv1 is therefore community-based
o no encryption
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Agent
Authentication Scheme
Authentic Messages
SNMP CommunityIt is a relation: between one SNMP
agent and a set of managers
defines authentication, access control and proxy charct.
SNMPv1 Administrator Model
Community profile: MIB view + SNMP access mode
o MIB View: a subset of the managed objects an agent is permitted to manage/view
o A community name is also assigned an SNMP access mode
READ ONLY, READ-WRITE
SNMP Community ProfileSNMP Agent
Object 2
read-only
READ-ONLY
READ-WRITE SNMP Access Mode
SNMP MIB View
MIB Access
Object 3
write-only
Object 1
not-accessible
Object 4
read-write
Operations on an object is determined by community profile and the access mode of the object
o Total of four access privileges Read-only, write-only, read-
write, not-accessible
Some objects, such as table and table entry, are non-accessible
only get, and trap are performed on objects 2,3,4
Operations such as get, set and trapcan be performed on objects 2,3,4
SNMPv1 Administrator Model
Pair of “SNMP community” and “community profile” define SNMP access policy
Access policy allow a managed agent to give different access privileges to different managers
Manager manages network components of communities 1 and 2 via Agents 1 and 2
Agent 1 has only view of Community Profile 1, e.g. Cisco components Agent 2 has only view of Community Profile 2, e.g. 3Com components Manager has total view of both Cisco and 3Com components
SNMP Access Policy
Community
Community Profile 1
Community Profile 2 Agent 2
Agent 1
Manager
SNMPv1 Administrator Model
Manager 1 manages community 1, manager 2 community 2,and manager 3 (MoM) both communities 1 and 2
Example: Enterprise management
SNMP Access Policy
Community 1
Community Profile 1
Community Profile 2
Manager 3(Community 1, Community 2)
Agent 2
Agent 1
Community 2
Community Profile 3
Community Profile 4 Agent 4
Agent 3
Manager 2(Community 2)
Manager 1(Community 1)
SNMPv1 Administrator Model
Proxy agent enables non-SNMP community elements to be managed by an SNMP manager
An SNMP MIB is created to handle the non-SNMP objects
SNMP Proxy Access Policy
SNMP Communitynon-SNMPCommunity
Proxy AgentSNMPAgent
SNMP Manager(Community 1)
SNMP Network Management
Organization Model Communication Model Information Model
o Structure of Management Information (SMI)
o Managed Objectso Management Information Base
(MIB)
SNMP Administrative Model SNMP Protocol Specs
Message Format
Protocol entities support application entities
Communication between remote peer processes Message consists of :
o Version identifiero Community name
Protocol Data Unit Message encapsulated in
UDP datagrams and transmitted
version community data
Like FTP, SNMP uses two well-known ports to operate: UDP Port 161 - SNMP
Messages UDP Port 162 - SNMP Trap
Messages
3 different versions: SNMPv1, SNMPv2, SNMPv3
Message Format
SNMP message format is defined using ASN.1, encoded for transmission over UDP using BER
Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs}
version community data
Message Format-Set/Get PDU
version community data
Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs}PDUs::= CHOICE { get-request [0] IMPLICIT PDU, get-next-request [1] IMPLICIT PDU, get-response [2] IMPLICIT PDU, set-request [3] IMPLICIT PDU, trap [4] IMPLICIT Trap-PDU}
Message Format-Set/Get PDU
request-id
error-status
variable-bindingserror-index
PDU-type
PDU ::= SEQUENCE { request-id INTEGER, error-status INTEGER { noError (0), tooBig (1), noSuchName(2), badValue (3), readOnly (4), genErr (5) }, error-index INTEGER, variable-bindings VarBindList}
request-id: track a message and indicate loss of a message (e.g., timeout, etc.)
error-status: indicate the occurrence of error
error-index: indicate the occurrence of error (position in the list of variables)
variable-bindings: grouping of number of operations in a single message:
e.g., one request to get all values and one response listing all values
Message Format-variable bindings
name value
var-bind 1
name value
var-bind 2
name value
var-bind n
. . .
VarBindList ::= SEQUENCE OF VarBind
VarBind ::= SEQUENCE { name ObjectName, value ObjectSyntax}
ObjectName ::= OBJECT IDENTIFIER
ObjectSyntax ::= CHOICE { simple SimpleSyntax, application-wide ApplicationSyntax}
Message Format-variable bindings
SimpleSyntax ::= CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL}
ApplicationSyntax::= CHOICE { address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque}NetworkAddress::= CHOICE { internet IpAddress}
Message Format-Trap PDU
Trap-PDU ::= SEQUENCE { enterprise OBJECT IDENTIFIER, agent-addr NetworkAddress, generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure(4), egpNeighborLoss (5),
enterpriseSpecific (6) }, specific-trap INTEGER, time-stamp TimeTicks, variable-bindings VarBindList}
EntrepriseAgent
Address variable-bindingsGeneric
Trap TypePDU-type
SpecificTrap Type
TimeStamp
-Pertain to the system generating the trap (sysObjectID)-IP address of the objetc
Elapsed time since last re-initialization
Specific code to identify the trap cause…