250 likes | 262 Views
SNMP Management Information. Prof. Choong Seon HONG. Basic Concepts of SNMP. RFC 1157 General purpose operations supported by SNMP get : retrieving the value of objects at the agent set : setting the value of objects at the agent
E N D
SNMP Management Information Prof. Choong Seon HONG
Basic Concepts of SNMP • RFC 1157 • General purpose operations supported by SNMP • get : retrieving the value of objects at the agent • set : setting the value of objects at the agent • trap : notifying the management station of significant events • Control about the use of MIB • Authentication service : the managed station may wish to limit access to the MIB to authorized managed stations • Access policy : Managed station may wish to give different access privileges to management stations • SNMP access mode : {READ_ONLY, READ-WRITE} • Proxy service :A managed station may act as a proxy to other managed stations. Involving implementing the authentication service and access policy service as a proxy to other managed stations
Instance Identification • Object instance is identified by columnar object and row in the table • Two techniques for identifying a specific object instance • serial-access technique based on a lexicographic ordering of objects in the MIB (in section 7.2) • random access technique • See Fig. 5.7 • Three instances of tcpConnState have same object identifier : 1.3.6.1.2.1.6.13.1.1 • the value of INDEX objects of a table are used to distinguish one row from another • combination of the object identifier for a columnar object and one set of values of the INDEX objects : specifying a particular scalar object in a particular row of the table
Instance Identification (2) • Convention used in SNMP : concatenating the scalar object identifier with the values of the INDEX objects • A simple example, • Object ID of ifType : 1.3.6.1.2.1.2.2.1.3 (see Fig. 5.1, 6.2) • Accordingly, instance ID for the ifType corresponding to the row containing a value of ifIndex of 2 : 1.3.6.1.2.1.2.2.1.3.2 • More complicated example • considertcpConnTable having 4 INDEX objects(See Fig. 5.6, Fig. 6.10) • instance IDs for all of the columnar objects from Fig. 5.7 (see Table 7.2) • See page 168
Instance Identification (3) • Conceptual Table and Row Objects • no instance ID for table and row objects • for example, tcpConnTable and tcpConnEntry are not leaf objects • not accessible by SNMP • ACCESS characteristic : “not accessible” • Scalar Objects • Instance ID of nontabular scalar object : Object ID + 0 • example, see Table 7.4
Lexicographical Ordering • Object ID : exhibiting a lexicographical ordering • generated by traversing the tree of object ID in the MIB • See Appendix 7A • extending to object instance ID (sequence of integers) • For example, • ipRouteTable ( See Figure 7.2 and Table 7.5)
Protocol Specification • Protocol Data Unit Version Community SNMP PDU (a) SNMP message PDU type Request-id 0 0 Variablebindings (b) GetRequest PDU, GetNextRequest PDU, and SetRequest PDU Error index Error status PDU type Request-id Variablebindings (c) Get Response PDU Time stamp Generic- trap Specific- trap Agent addr PDU type enterprise Variablebindings (d) Trap PDU name1 value 1 valuen namen value2 - - - name2 (e) variablebindings Generic trap : - A warmStart trap signifies that the sending protocol entity is reinitializing itself such that neither the agent configuration nor the protocol entity implementation is altered. - A coldStart trap signifies that the sending protocol entity is reinitializing itself such that the agent's configuration or the protocol entity implementation may be altered
Action of SNMP Entity upon Reception of an SNMP Message 1) basic syntax check of message 2) verifying version number 3) passing user name, PDU portion of message, and the source and destination transport address to authentication service (a) if authentication fails, generating trap (b) if authentication succeeds, authentication service returns a PDU 4) protocol entity does basic syntax check of PDU
Variable Bindings • Grouping a number of operations of the same type (get, set, trap) into single message • Getting the values of all the scalar objects in a particular group at a particular agent
GetRequest PDU • Issued by SNMP entity • Including following fields in the PDU: • PDU type : GetRequest PDU • request-id : for correlating incoming response • variablebindings : lists of object instances • automic operation • if not match to object ID : noSuchName as error-status • Receipt of SNMP PDUs ( see Fig7.6)
GetRequest PDU • SNMP PDU Sequences
GetNextRequest PDU • Returning the value of object instance that is next in lexicographical order. • Automic operation but, more flexible than GetRequest • Allowing a network management station to discover the structure of a MIB view dynamically • providing an efficient mechanism for searching a table whose entries are unknown • Retrieving a Simple Object Value (see sec. 7.2.3.1) • GetRequest (udpInDatagrams.0, udpNoPorts.0, udpInErrors.0, udpOutDatagrams.0) • GetNextRequest (udpInDataGrams, udpNoPorts, udpInErrors, udpOutDatagrams)
GetNextRequest PDU (2) • Retrieving Unknown Objects • GetNextRequest (udpInDatagrams.2) --> GetResponse (udpNoPorts.0 = value) • GetNextRequest (udp) ---> GetNextRequest(udpInDataGrams.0 = value) • to probe a MIB view and discover its structure • Accessing Table Values • See page 184
SetRequest PDU • Used to write an object value rather than read one • Automic operation • badValue for type, length, or actual value of the supplied value • Updating a Table • SetRequest (ipRouteMetric1.9.1.2.3 = 9) --> GetResponse (ipRouteMetric1.9.1.2.3 = 9) • Supporting a new row (see Page 186) • something depends on policy and implementation matter for the agent • Row Deletion • SetRequest (ipRouteType.7.3.5.3 = invalid) --> GetResponse (ipRouteDest.7.3.5.3 = invalid) : having the effect eliminating the row • See Table 7.8
SetRequest PDU (2) • Performing an Action • an agent could include a proprietary object reBoot with an initial vaule; if a management station sets the object’s value to 1, the agent system reboots and resets the object vale to 0
Trap PDU • PDU type : Trap PDU • Enterprise : identifying the network management subsystem • agent-addr • generic-trap : having 7 values • specific-trap • time-stamp • variablebindings • Not soliciting a response from the other side
Transport-Level Support • Connetionless Transport Service • Using the User Datagram Protocol (UDP) • Using connectionless transport support service (CLTS) of OSI architecture • UDP details • UDP over IP • UDP header : • source and destination port fields • enabling application-level protocols such as SNMP to address each other • optional checksum for UDP header and user data • CLTS details • Transport protocol data unit including source and destination transport service access points (TSAPs) • Optional checksum • TSAP address : network-layer address + TSAP ID
Transport-Level Support (2) • Loss of PDU • UDP and CLTS are not reliable • Guaranteeing delivery application that is using SNMP • setting time-out of GetResponse • repeating the request one or more times • Connection-Oriented Transport Service • SNMP intended for use over a connectionless transport service • Key reason : for robustness • RFC 1283 : prescribing conventions for the use of SNMP over the ISO connection-oriented transport service (COTS) • At first, setting-up a transport connection to the agent, then sending request
SNMP Group • Snmp group as part of MIB-II including information relevant to the implementation and operation of SNMP (see Figure and Table 7.9) • all of the objects except object, snmpEnableAuthenTraps : Read-only counters
List of features for network management station • Extended MIB support • network management station that can load MIB definitions for extended MIBs defined for agent products from other vendors • Intuitive interface • easy and powerful user interface • separate window for each part of the network • capable of displaying topological and geographic maps of the network • capable to show the status of the devices • Automatic discovery • At the installing time, able to discover agents to build maps and configure icons • Programmable events • allowing for user to define the actions for occurrence of the events • ex) changing states of icons, e-mail messages to manager, setting off beeper
List of features for network management station (2) • Advanced network control • performing some predefined functions under certain conditions • ex) automatic shut-off for a bad or suspect hub or isolating an overactive network segment so that the whole network does not suffer • Object-oriented management • MIB and SMI specifications referring to “objects” , but SNMP not using object-oriented technology • Object-oriented system that can support SNMP • Custom iconsd • not just simple rectangular and circle to describe network topology , but descriptive icons • creating custom icons