1 / 78

Fundamentals of SNMP

Fundamentals of SNMP. Simple Network Management Protocol. Three Essentials Structure for Management Information (SMI) Set of rules for specifying management information Management Information Base Structured collection of all the managed objects and data The protocol.

gerodi
Download Presentation

Fundamentals of SNMP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fundamentals of SNMP

  2. Simple Network Management Protocol • Three Essentials • Structure for Management Information (SMI) • Set of rules for specifying management information • Management Information Base • Structured collection of all the managed objects and data • The protocol

  3. Structure for Management Information • How to define management Information? • What is the architecture to be used? • How to define an object? • Specify a language to define an object

  4. Object Type and Object • What is an Object Type? • Abstract definition for a managed object • What is a managed object? • An entity in a managed system (node), about which we want information, to manage the node • E.g. system up time, packets sent, packets received, number of interfaces

  5. Structuring managed objects • SMI specifies a hierarchical tree structure for naming and managing objects

  6. Contd.. • dod object is identified as {iso org(3) dod(6)} or simply {1.3.6} • mgmt object is identified as {iso org(3) dod(6) internet (1) mgmt (2) } or simply {1.3.6.1.2} • {1.3.6}, {1.3.6.1.2} are authoritative identification for the two objects. • They also specify how to access the object

  7. Mgmt sub tree

  8. Contd.. • sysDescr and sysName are managed objects • There could be more than one instance of a managed object

  9. Object Definitions • Specify the name, its properties, how to identify it etc. • Example (Name of the Object) OBJECT-TYPE Property 1 Property 2 .............. ::= OBJECT IDENTIFIER

  10. Contd.. • OBJECT IDENTIFIER • Machine recognizable • Name of the Object • Human readable

  11. Contd..example SnmpInPackets OBJECT-TYPE SYNTAX Counter32 MAX_ACCESS read-only STATUS current DESCRIPTION “the total number of packets received by the SNMP entity from the transport service” REFERENCE “from the RFC1213- • MIB.snmpInPkts” •  ::= {snmp 1}

  12. Contd.. • Instead of • {snmp 1} – could have been • {1.3.6.1.2.1.11.1} • Interpretation • SnmpInPkts is an object delimitation for an object that requires a counter of 32 bits to store, is currently active and is used to identify the number of packets received by the SNMP entity from the transport service and reference to this can be found in “RFC1213-MIB.snmpInPkts”

  13. Contd.

  14. Contd.. • SYNTAX, MAX ACCESS etc are properties of the object

  15. Object type and instances • Objects can be scalar or tabular • Scalar objects • One instance for that object • E.g. SnmpInPkts • To access the object instance use 1.3.6.1.2.1.11.1.0

  16. Aggregate Objects • Tabular or aggregate objects ipAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF IpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION “the table of addressing information relevant to this entity’s IP addresses” ::= {ip 20}

  17. Contd.. • ipAddrTable is made up of a sequence of IpAddrEntry objects (rows of the table) ipAddrEntry OBJECT-TYPE SYNTAX IpAddrEntry ACCESS not-accessible DESCRIPTION ….. INDEX {ipAdEntAddr} ::={IpAddrTable 1}

  18. Contd.. • IpAddrEntry :: = SEQUENCE { ipAdEntrAddr IpAddress ipAdEntIfIndex INTEGER ipAdEntNetMASK IpAddress ipAdEntBCastAddr INTEGER ipAdEntReasmMaxSize INTEGER (0..65535) }

  19. Object instances of ipAddrTable

  20. Accessing instances of the table objects • ipAdEntAddr is index

  21. MIBS • MIB modules define a collection of related managed objects • A large module has groups • MIB II has the following groups • System, interfaces, ip, tcp, snmp, udp etc.

  22. SNMP – the protocols • Request Operations • Get, getnext, getbulk, set • Request id – helps manager application to distinguish between outstanding requests • Get, getnext, getbulk – collets values • Set – sets the specified value for the object • Variable-bindings – list of variables, containing a name and value • MIB view

  23. Contd.. • Response • Returned by the Agent • Request id repeated • Error status - non-zero indicates error occurrence – ignore the information in the variable bindings field • Error index - index tells which variable is in error

  24. Get Operation – general example

  25. Getnext

  26. Getnext contd.. • Makes use of the ordering of the variable • Returns name and value of next instance in MIB • If no next instance – endOfMibView • Try: getnext (ver) (host) 0.0

  27. Getnext with indices

  28. Contd.. Indices retrieved automatically

  29. getbulk • Executes getnext repeatedly • E.g getbulk non-repeaters max-repetitions • Getbulk (2, 3, A, B, C, D) • On A and B getnext executed only once • On C, D getnext executed 3 times

  30. others • Set – agent will update the value of the variable and return a response • Notification – unsolicited interaction from Agent – on detecting an abnormal condition • Trap – similar to notification – expects no response from manager

  31. Trap • Request id included • Sent to UDP port 162 • Includes • Timestamp – indicating when the trap was generated • Identity of the trap • Some traps are generic • Cold start, warm start, link down

  32. Manager Application • A browser, • which polls Agents to retrieve values • Modest processing on values • Display information to user • Sophisticated Applications • Interpret variables to system behavior

  33. Agent features • Timestamps • Counters • Error codes • Other capabilities

  34. Timestamp • MA uses this information to determine when the agent observed something •  Agent knowledge of time is not absolute •  Agent may not know the time when the device is off •  MA and managed device times may not be synchronised •  TimeStamp is a snapshot of the TimeTick value •  TimeTick is in hundredths of a second 

  35. Time stamp example • Snmpget –v 2c localhost system.sysUpTime.0 Response • system.sysUpTime.0 =Timeticks (5996352) 16:39:23.52

  36. Counters • Can be used to calculate rates • Observe difference between 2 consecutive measures • Beware of wrap around • More than once • Restarting device may reset the counter to 0

  37. Counters example • Snmpget –v 2c localhost system.sysUpTime.0 ip.ipInreceives.0 • Response • system.sysUpTime.0 = Timeticks: (6017853) 16:42:58.53 ip.ipInReceives.0 = 1637824 • Repeat after some time • IP datagram incoming rate = • ip.ipInReceives.0 (2) - ip.ipInReceives.0 (1) Timeticks (2) – Timeticks (1)

  38. Utilization • rx.utilisation=delta(ifInOctets)*8 *100 ifSpeed*delta (timeticks) • tx.utilisation = delta(ifOutOctets)*8 * 100 ifSpeed*delta (timeticks) • utilization of an Ethernet segment = tx.utilisation + rx.utilisation

  39. Broadcast storms • Percentage of overall broadcast packet? • High broadcast packet rate? • receive b/m pkt rate = • delta(ifInNUcastPkts) delta (seconds) • transmit b/m pkt rate = • delta(ifOutNUcastPkts) delta (seconds)

  40. Agent Capabilities • MA uses this to customize its interaction with an agent • Agent implementing a MIB group should implement all objects in the MIB • Not all objects are present – instrumentation limitations • MAX-ACCESS – can be read-write, but underlying instrumentation may allow only read and no control

  41. Contd.. • SYNTAX – range of values that an object may take – only a subset may be possible • Table access • Agent should permit adding new rows • MA should know Agent capabilities to customize its interaction

  42. Authentication • Managed Station may wish to limit access of their MIBs to authorized Management Stations • Community name is the password for authentication – in snmpv1

  43. Community • Defines a relationship between an SNMP agent and a set of SNMP managers in terms of authentication, access control and proxy characteristics • Managed System establishes one community for each desired combination • the community is a unique name within the agent, and management station pair • Management Station and agents in that community must employ the community name in all get and set operations

  44. Contd.. • An agent may establish a number of communities •  Pairing of a Management Station and a Managed Station is called an SNMP community

  45. Access Policy • Managed stations wish to give different access privileges to different management stations • By using a different community name – agent can provide different categories of access to different management stations

  46. SNMP Access Policy • Network Elements comprise many managed objects • Standard • Private • An Agent can view a subset – MIB view • MIB view and Access provide the community profile

  47. SNMP versions – version 1 • Primitive types • Defined types • Derived types • Constructive types

  48. SNMP versions – Version 1 • INTEGER • 32 bit value in 2’s complement • -2147483648 to 2147483647 • can be used to represent enumerated types • OCTET STRING zero or more octets • Each octet has a value 0-255 • Text string Ex: system description • OBJECT IDENTFIER • Sequence of integers • NULL -placeholder

More Related