25
Chapter 5 SNMPv1: Communication and Functional Models Chapter 5
Chapter 5SNMPv1:
Communication and Functional Models
Chapter 5
Network Management• Organization Model (ch. 4)
– 2 tier– 3 tier
• Information Model (ch. 4)– SMI– MIB
• Communication Model (ch. 5)• Functional Model (ch. 5)
SNMP Architecture
SNMP ManagerApplication
Ge
t-R
esp
on
se
Ge
t-R
eq
ue
st
GetN
ext-
Request
Se
t-R
eq
ue
st
Tra
p
SNMP Manager
SNMP
UDP
IP
DLC
PHY
SNMP AgentApplication
Ge
t-R
esp
on
se
Tra
p
SNMP Agent
SNMP
UDP
IP
DLC
PHY
Physical Medium
Figure 4.9 SNMP Network Management Architecture
Manage-mentData
Ge
t-R
eq
ue
st
GetN
ext-
Request
Se
t-R
eq
ue
st
Chapter 5
SNMP Messages
• Get-Request• Get-Next-Request• Set-Request• Get-Response• Trap
• Generic trap• Specific trap• Time stamp
Chapter 5
Administrative Model
• Based on community profile and policy
• SNMP Entities: • SNMP application entities
- Reside in management stations and network elements
- Manager and agent
• SNMP protocol entities- Communication processes (PDU handlers)- Peer processes that support application entities
Chapter 5
SNMP Community
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Agent
Authentication Scheme
Authentic Messages
Figure 5.1 SNMP Community
Chapter 5
Community Profile
Figure 5.2 SNMP Community Profile
SNMP Agent
Object 2
read-only
READ-ONLY
READ-WRITE SNMP Access Mode
SNMP MIB View
MIB Access
Object 3
write-only
Object 1
not-accessible
Object 4
read-write
Chapter 5
Administration Model
• Administration model is SNMP access policy• SNMP community paired with SNMP community profile is SNMP access policy
Chapter 5
Access Policy
Community
Community Profile 1
Community Profile 2 Agent 2
Agent 1
Manager
Chapter 5
Generalized Administration Model
Community 1
Community Profile 1
Community Profile 2
Manager 3(Community 1, Community 2)
Agent 2
Agent 1
Community 2
Community Profile 3
Community Profile 4 Agent 4Agent 3
Manager 2(Community 2)
Manager 1(Community 1)
Figure 5.3 SNMP Access Policy
Chapter 5
Proxy Access Policy
SNMP Community non-SNMPCommunity
Proxy AgentSNMPAgent
SNMP Manager(Community 1)
Figure 5.4 SNMP Proxy Access Policy
Chapter 5
Protocol Entities
ApplicationHeader
IPHeader
UDPHeader
Version Community SNMP PDU
Application PDU
DLCHeader
Transport PDU
Network PDU
ApplicationPDU
TransportPDU
NetworkPDU
Data LinkPDU
Figure 5.5 Encapsulated SNMP Message
DataSNMPPDU
Chapter 5
Get and Set PDUPDUType RequestID Error
StatusErrorIndex
Figure 5.8 Get and Set Type PDUs
VarBind 1name
VarBind 1value ... VarBind n
nameVarBind n
value
P D U s : : =C H O I C E {
g e t - r e q u e s t G e t R e q u e s t - P D U ,g e t - n e x t - r e q u e s t G e t N e x t R e q u e s t - P D U ,g e t - r e s p o n s e G e t R e s p o n s e - P D U ,s e t - r e q u e s t S e t R e q u e s t - P D U ,t r a p T r a p - P D U}
g e t - r e q u e s t [ 0 ]g e t - n e x t - r e q u e s t [ 1 ]s e t - r e q u e s t [ 2 ]g e t - r e s p o n s e [ 3 ]t r a p [ 4 ]
PDU Types: enumerated INTEGER
• VarBindList: multiple instances of VarBind pairs
Chapter 5
Error in ResponseE r r o r S t a t u s : : =
I N T E G E R {n o E r r o r ( 0 )t o o B i g ( 1 )n o S u c h N a m e ( 2 )b a d v a l u e ( 3 )r e a d O n l y ( 4 )g e n E r r ( 5 )
}
Error Index: No. of VarBind that the first error occurred (1 if error occurred in virst VarBind, …)
VarBind - pairing of the variable and it’s value
Chapter 5
Trap PDU
VarBind 1name
VarBind 1value
PDUType Enterprise Agent
Address ... VarBind nname
VarBind nvalue
GenericTrap Type
SpecificTrap Type Timestamp
G e n e r i c T r a p T y p e D e s c r i p t i o n ( b r i e f ) c o ld S t a r t ( 0 ) S e n d in g p r o t o c o l e n t i t y is r e in i t ia l iz in g i t s e l f ;
a g e n t 's c o n f ig u r a t io n o r p r o t o c o l e n t i t y im p le m e n t a t io n m a y b e a l t e r e d
w a r m S t a r t ( 1 ) S e n d in g p r o t o c o l e n t i t y is r e in i t ia l iz in g i t s e l f ; a g e n t c o n f ig u r a t io n o r p r o t o c o l e n t i t y im p le m e n t a t io n n o t a l t e r e d
l in k D o w n ( 2 ) F a i lu r e o f o n e o f t h e c o m m u n ic a t io n l in k s l in k U p ( 3 ) O n e o f t h e l in k s h a s c o m e u p a u t h e n t ic a t io n F a i lu r e ( 4 ) A u t h e n t ic a t io n f a i lu r e e g p N e ig h b o r L o s s ( 5 ) L o s s o f E G P n e ig h b o r e n t e r p r is e S p e c i f ic ( 6 ) E n t e r p r is e - s p e c i f ic t r a p
Chapter 5
SNMP Operations
Figure 5.10 Get-Request Operation for System Group
GetRequest (sysDescr.0)GetResponse (sysDescr .0= "SunOS" )
GetRequest (sysObjectID.0)GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )
GetRequest (sysUpTime.0)GetResponse (sysUpTime.0=2247349530)
GetRequest (sysContact.0)GetResponse (sysContact.0=" ")
GetRequest (sysName.0)GetResponse (sysName.0="noc1 ")
GetRequest (sysLocation.0)GetResponse (sysLocation.0=" ")
GetRequest (sysServices.0)GetResponse (sysServices.0=72)
ManagerProcess
AgentProcess
Chapter 5
MIB for Get-Next-Request
T ZA B
1.1
Figure 5.12 MIB for Operation Sequences in Figures 5.13 and 5.15
E
2.1 3.1
1.2 2.2 3.2
Chapter 5
Lexicographic OrderNumerical Order Lexicographic order1 12 11183 1159 12615 1522 234 22115 250126 2509250 3321 3211118 342509 9
• Procedure for ordering:• Start with leftmost digit as first position• Before increasing the order in the first position,select the lowest digit in the second position
• Continue the process till the lowest digit inthe last position is captured
• Increase the order in the last position until all the digits in the last position are captured
• Move back to the last but one position and repeat the process
• Continue advancing to the first position until all the numbers are ordered
• Tree structure for the above process
Chapter 5
MIB Lexicographic Order
T ZA B
1.1
E
2.1 3.1
1.2 2.2 3.2
A 3.1B 3.2T ZE1.11.22.12.2
Chapter 5
A More Complex MIB Example
3 91 2
18
1
5
2
6
2 10
9
214
Figure 5.14 MIB Example for Lexicographic Ordering
11.11.1.51.1.181.21.2.622.22.102.10.933.43.219
Chapter 5
Get-Next-Request Operation
T.E.1.1
Figure 5.15 Get-Next-Request Operation for MIB in Figure 5.12
T.E.2.1 T.E.3.1
T.E.1.2 T.E.2.2 T.E.3.2
E
T
Z
A
B
GetRequest ( A )GetResponse ( A )
GetNextRequest ( A )GetResponse ( B )
GetNextRequest ( B )GetResponse ( T.E.1.1 )
GetNextRequest (T.E.1.1 )GetResponse ( T.E.1.2 )
GetNextRequest (T.E.1.2 )GetResponse ( T.E.2.1 )
GetNextRequest (T.E.2.1 )GetResponse ( T.E.2.2 )
GetNextRequest (T.E.2.2 )GetResponse ( T.E.3.1 )
GetNextRequest (T.E.3.1 )GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 )GetResponse ( Z )
GetNextRequest ( Z )GetResponse ( noSuchName )
ManagerProcess
AgentProcess
Chapter 5
Get-Next-Request Operation
atIfIndex231316
atPhysAddress0000000C3920B40000000C3920AC0000000C3920AF
atNetAddress192.168.3.1172.16.46.1172.16.49.1
GetNextRequest (sysUpTime,atPhysAddress)
GetResponse( (sysUpTime.0 = "315131795"), (atPhysAddress.13.172.16.46.1 = "0000000C3920AC"))
GetNextRequest (sysUpTime,atPhysAddress.13.172.16.46.1)
GetResponse( (sysUpTime.0 = "315131800"), (atPhysAddress.16.172.16.49.1 = "0000000C3920AF") )
GetNextRequest (sysUpTime,atPhysAddress.16.172.16.49.1)
GetResponse( (sysUpTime.0 = "315131805"), (atPhysAddress.23.192.168.3.1 = "0000000C3920B4") )
GetNextRequest (sysUpTime,atPhysAddress.23.192.168.3.1)
GetResponse( (sysUpTime.0 = "315131810"), (ipForwarding.0 = "1") )
Figure 5.16 GetNextRequest Example with Indices
AgentProcess
ManagerProcess
Chapter 5
Sniffer Data1 4 : 0 3 : 3 6 . 7 8 8 2 7 0 n o c 3 . b t c . g a t e c h . e d u . 1 6 4 >n o c 1 . b t c . g a t e c h . e d u . s n m p :C o m m u n i t y = p u b l i cG e t R e q u e s t ( 1 1 1 )R e q u e s t I D = 4s y s t e m . s y s D e s c r . 0s y s t e m . s y s O b j e c t I D . 0s y s t e m . s y s U p T i m e . 0s y s t e m . s y s C o n t a c t . 0s y s t e m . s y s N a m e . 0s y s t e m . s y s L o c a t i o n . 0s y s t e m . s y s S e r v i c e s . 0
F i g u r e 5 . 1 7 ( a ) G e t - R e q u e s t M e s s a g e f r o m M a n a g e r - t o - A g e n t
1 4 : 0 3 : 3 6 . 7 9 8 2 6 9 n o c 1 . b t c . g a t e c h . e d u . s n m p >n o c 3 . b t c . g a t e c h . e d u . 1 6 4 :C o m m u n i t y = p u b l i cG e t R e s p o n s e ( 1 9 6 )R e q u e s t I D = 4s y s t e m . s y s D e s c r . 0 = " S u n O S n o c 1 5 . 5 . 1 G e n e r i c _ 1 0 3 6 4 0 - 0 8s u n 4 u "s y s t e m . s y s O b j e c t I D . 0 = E : h p . 2 . 3 . 1 0 . 1 . 2s y s t e m . s y s U p T i m e . 0 = 2 4 7 3 9 6 4 5 3s y s t e m . s y s C o n t a c t . 0 = " B r a n d o n R h o d e s "s y s t e m . s y s N a m e . 0 = " n o c 1 "s y s t e m . s y s L o c a t i o n . 0 = " B T C N M L a b "s y s t e m . s y s S e r v i c e s . 0 = 7 2
F i g u r e 5 . 1 7 ( b ) G e t - R e s p o n s e M e s s a g e f r o m A g e n t - t o -M a n a g e r ( A f t e r )
Chapter 5
SNMP MIB
snmp(mib-2 11)
snmpInPkts(1)snmpOutPkts (2)
snmpInBadVersions (3)snmpInCommunityNames (4)
snmpInBadCommunityUses (5)snmpInASNParseErrors (6)
-- not used (7)snmpInTooBigs (8)
snmpInNoSuchNames (9)snmpInBadValues (10)
snmpInReadOnlys (11)
snmpEnableAuthenTraps (30)snmpOutTraps (29)
snmpOutGetResponses (28)snmpOutSetRequests (27)
snmpOutGetNexts (26)snmpOutGetRequests (25)
snmpOutGenErrs (24)-- not used (23)
snmpOutBadValues (22)snmpOutNoSuchNames (21)snmpOutTooBigs (20)
snmpInGenErrs (12)snmpInTotalReqVars (13)
snmpInTotalSetVars (14)snmpInGetRequests (15)
snmpInTraps (19)snmpInGetResponses
(18)snmpInSetRequests (17)
snmpInGetNexts (16)
Figure 5.21 SNMP Group
Note: Most of the MIB objects were not used and hence deprecated in SNMPv2
Chapter 5
5.2 Functional Model
• No formal specs of functions in SNMPv1• OSI mode addresses
– configuration– fault– performance– security– accounting
