1.36k likes | 1.37k Views
This presentation covers the basic elements of network management, focusing on SNMPv1 and SNMPv2 protocols. Topics include SNMP organization and function model, information model, communication model, administration model, and security. The presentation also discusses the structure of Management Information (SMI), SNMP Management Information Base (MIB), and the SNMP communication protocol. Emphasis is placed on the importance of security in SNMPv3.
E N D
SNMPv1&2 Network Management Spring 2018 Bahador Bakhshi CE & IT Department, Amirkabir University of Technology This presentation is based on the slides listed in references.
The Basic Ingredients of Network Management How to communicate between Manager & Agent: SNMP Protocol What are inside of SNMP agents: SMI, MIB, Security, ….
Outline • Introduction • SNMP Organization & Function model • SNMP Information model • SNMP Communication model • SNMP Administration model & Security • Conclusion
Outline • Introduction • SNMP Organization & Function model • SNMP Information model • SNMP Communication model • SNMP Administration model & Security • Conclusion
Simple Network Management Protocol (SNMP) • SNMP is one of the most widely used network management protocols • In fact SNMP is a management standard not only a protocol • When we say SNMP management, we are really referring to Internet management standard • SNMP communication protocol is a part of the standard • SNMP Goals • Ubiquity • From PCs to Carrier networks • From small to large network elements • Inclusion of management functions should be inexpensive • Small code • Limited functionality • Management extensions should be possible • New MIBs
SNMP Versions • SNMPv1 • The initial version • Performance & Security limitations • SNMPv2 • Initially intended to resolve SNMPv1 issues, but • Performance improvement • More standard management information (MIB-II) • SNMPv3 • Major focus on security
SNMP Four Key Parts • Structure of Management Information (SMI): • Data definition language for MIB objects • Management Information Base (MIB): • View of agent, set of MOs, some standard MIBs • SNMP communication protocol • Manager Agent: object info, commands, … • Security and administration capabilities • Major addition in SNMPv3
SMI: Data Definition Language • We want to ensure that the syntax and semantics of management data are well-defined and unambiguous • SMI is the language in which that information is specified • It does not define what specific data is required for a particular managed network entity • To do this, SMI allows us to use base data types • Higher level constructs, including sequences, objects and modules.
Management Information Base (MIB) • The MIB can be thought of as a virtual information store, holding managed objects whose values collectively reflect the current state of the network • Managed objects are specified and gathered into MIB modules using SMI • There are now over ~ 200 standardized MIB modules and many, many more vendor-specific (private) MIB modules
SNMP Communication Protocol • Two ways to convey MIB information and commands • Manager initiated • A managing entity initiates a request to management agent • The agent receives the request, performs some action, and sends a reply to the request • Typically this is used to query or modify MIB object values within the managed device • Agent initiated • A management agent sends an unsolicited message, known as a trap message, to the managing entity • Usually used to notify a managing entity of an exceptional situation that has resulted in changes to MIB object values
SNMP Management Models • Organization Model • Relationship between network element, agent, and manager • Hierarchical architecture • Information Model • Uses ASN.1 syntax • SMI (Structure of Management Information • MIB (Management Information Base) • Communication Model • Communication services addressed by messages • Security Model • Security framework community-based model
Outline • Introduction • SNMP Organization & Function model • SNMP Information model • SNMP Communication model • SNMP Administration model & Security • Conclusion
Organization Model • Describes components of a network management system, focuses on • Infrastructure • Manager & Agent & Proxies & RMON • Two & Three Tier Architecture • Functions • SNMP Operations • Manager initiated: • Request • Response • Agent initiated: • Trap
Two-Tier Organization Model • Basic SNMP Organization & Function model is two-tier • Single & multiple managers are allowed • There is not any predefined manager for agents • Any manager can manage any agent • Security: Community (password) is needed
Three-Tier Organization Model: RMON • RMON (Remote Monitoring) acts as an agent and a manager • RMON gathers data from MO, analyses the data, and stores the data • Communicates the statistics to the manager
Three-Tier Organization Model: Proxy • Proxy server converts non-SNMP data from non-SNMP objects to SNMP compatible objects and messages Proxy agent Management station Proxied device Mapping function Management process Manager process Agent process SNMP SNMP Protocol architecture used by proxied device Protocol architecture used by proxied device UDP UDP IP IP Network-dependent protocols Network-dependent protocols Network-dependent protocols Network-dependent protocols
Get, Set, GetNext Request Response Trap SNMPv1 Operations (Functions) • Operations supported in SNMP are the inspection and modification of variables & notification • Four Services • Get, Set, GetNext, Trap • Five SNMP Messages • GetRequest, SetRequest, GetNextRequest, GetResponse, Trap Manager Agent(s)
Get Request GetResponse Manager Manager Manager Manager Agent Agent Agent Agent GetNextRequest GetResponse SetRequest GetResponse Trap SNMPv1 Operations Get GetNext Set Trap
SNMPv2 Messages • inform-request (new) • manager-to-manager with acknowledgement • get-bulk-request (new) • Transfer of large data (e.g., multiple rows of a table) • report (new) • Not used currently • response is the get-response • SNMPv2-Trap is the trap with modified PDU • get-request, get-next-request, and set-request are the same as SNMPv1
Outline • Introduction • SNMP Organization & Function model • SNMP Information model • ASN.1 review • SMI • Standard MIBs • MIB development • SNMP Communication model • SNMP Administration model & Security
Presentation Problem in NM • Networks are heterogeneous systems • How data are represented? • E.g. Integer in little-endian or big-endian ordering? • We need standard ways of communicating the same information to/from all devices • ASN.1 from ISO provides this kind of translation in a more generic form • ASN.1 is very general & complex • SMI also provides this kind of translation for SNMP network management • Subset of ASN.1 which is customized for network mgmt
ASN.1 • Definition: <name> ::= <definition> • <entity> denotes “entity” and the symbol “::=“ represents “defined as” • Primitive definitions: • <digit> ::= 0|1|2|3|4|5|6|7|8|9 • <op> ::= +|-|x|/ • An entity number can be constructed from primitives: • <number> ::= <digit> | <digit> <number> • Example: • 1 is primitive 1 • 21 is construct of 2 and 1 • 321 is construct of 3 and 21
ASN.1: Modules • Group of assignments: Modules • Start with capital letters • Usually modules are built from primitive (atomic) data types (e.g., INTEGER, REAL, etc..) • May use ASN.1 constructs (e.g., SET, SEQUENCE, etc.)
Constructs: “list makers” Construct: alternatives ASN.1: Modules A module PersonnelRecord (a set of data types) Primitives data types Three construction mechanisms (develop structured data types): Alternatives: CHOICE List: SET and SEQUENCE Repetition: SETOF and SEQUENCE OF
Abstract & Transfer Syntaxes User User The user of data transfer comp. e.g., SNMP, FTP, TELNET for TCP/IP User Presentation Mapping Concerned with syntax of data Application Component Application Component Local Abstract Local Mapping Mapping Syntax ASN.1 LocalStorage LocalStorage Encoding Rules (BER) Encoding Rules Data Transfer Component Data Transfer Component Transfer Mechanisms for transfer of data between end systems (e.g., TCP or UDP) Syntax Binary representation of data
Birthday ::= SEQUENCE { name VisibleString, day DayOfYear} Type Definition using ASN.1 myBirthday Birthday ::= { name "Jane", day 129} Value Assignment ASN.1 vs. BER Example Birthday Length Contents 30?? VisibleString Length Contents 1A 04 "Jane" DayOfYear Length Contents 51 02 00 81 BER Encoding 0A
Outline • Introduction • SNMP Organization & Function model • SNMP Information model • ASN.1 review • SMI • Standard MIBs • MIB development • SNMP Communication model • SNMP Administration model & Security
MIT: Management Information Tree • SNMP MIB has a hierarchal structure • It is called Management Information Tree (MIT) • To group related information • e.g., all information about NIC is grouped as a sub-tree of node corresponding to the NIC • There are two (in fact three including traps) types of node • Leaf node management parameter & value • Some leaf nodes define traps • Middle node to group other nodes • Each node has a unique ID in the tree (known as OID): • 1) By concatenation the name of (grand) parent nodes & this node • 2) By concatenation of the child # of (grand) parent nodes & this node
MIB Structure • Object identification? • How to construct the MIT • Parent & Child relations
Object Name & MIT Structure • Each object is uniquely identified through hierarchical naming in MIT • SMI uses two mechanisms altogether • A descriptive name • Example: sysName, uptime, ospfVersion, … • Location of the object in MIT • Each object has a unique parent node • Each node has a unique childe # in the children of its parent • Example: ospfVersion is the first child of ospf
MIB Structure: Parent Nodes • Does not contain any data • No data type is needed • Used only for grouping related objects • Only to construct the MIT • Name • Location in MIT
SMI Type for Parent Nodes • OBJECT IDENTIFIER • Is a primitive type • Commonly used syntax internet OBJECT IDENTIFIER ::= { dod 1 } • Alternative syntax internet OBJECT IDENTIFIER STATUS Current Description "The Internet Sub-node" ::= { dod 1 } Descriptive name MIT Location
MIB Structure: Leaf Nodes • Leaf nodes contain data • Data can be • Simple scalar • Complex structure • The type of the data must be specified • In addition to • Name • MIT Location
Object Scalar Data Type • Although SMI is based on ASN.1, it has its own types, examples: • INTEGER, Integer32, Unsigned32, OCTETSTRING, OBJECTIDENTIFIER, IPaddress, Counter32, Counter64, SEQUENCE,… • Subtype: • INTEGER (0..255), OCTET STRING (SIZE 0..255) • Enumeration error-status INTEGER { noError(0) tooBig(1)}
SMIv2: Textual Convention • Enables defining new data types • Creates new data types using existing ones and applies restrictions to them • Makes semantics of data types consistent and human readable • Using the TEXTUAL-CONVENTION macro • Some textual conventions in SNMPv2 • MacAddress, TimeStamp, DateandTime, and RowStatus
SMI Type for Leaf Nodes • OBJECT-TYPE: Used to specify managed objects • Includes the data type, status, and semantics • The OBJECT-TYPE construct has four parts: • SYNTAX: The basic data type associated with the object (Only one data type per object in SMI!) • MAX-ACCESS: Whether the object can be read, written, created, or used in a notification • STATUS: Whether the object definition is current, obsolete (for historical purposes), or deprecated • DESCRIPTION: A human-readable definition of the object, giving all necessary semantic information
SMI: OBJECT-TYPE Example ipInDelivers OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of input datagrams successfully delivered to IP user- protocols (including ICMP)" ::= { ip 9}
MIB Structure: Notifications • Notifications are sent by agent to inform manager • Usually contains some objects to be send by the notification • In addition to • Name • MIT Location
SMI Types for Notifications • NOTIFICATION-TYPE macro is used to define traps • Trap name, OID, Objects, and descriptions TemperatureAlarm NOTIFICATION-TYPE OBJECTS {lowThreshold, highThreshold, currentTemperature} STATUS current DESCRIPTION "This alarm indicates that system temperature violates configured thresholds" ::= { environmentTraps 4}
MIB Structure: Modules • Modules are high-level optionalabstraction layer to group related management objects • Provide some information about the objects • Usually, each HW/SW component is treated as a module, e.g., • Protocols: IP, TCP, UDP, … • Line Card • Modem • …
SMI Type for Modules • MODULE-IDENTITY • Allows related objects to be grouped together within a MIB module • It specifies the location of module in the MIT • More over, the MODULE-IDENTITY construct contains clauses that document the module • This includes the author of the module, the data of the last update, a revision history, and a textual description of the module.
SMI: MODULE-IDENTITY Example ipMIB MODULE-IDENTITY LAST-UPDATED “941101000Z” ORGANZATION “IETF SNMPv2 Working Group” CONTACT-INFO “Keith McCloghrie ……” DESCRIPTION “The MIB module for managing IP and ICMP implementations, but excluding their management of IP routes.” REVISION “019331000Z” ……… ::= {mib-2 48}
MIB Structure: MIB • Coarse grain grouping of objects • Related modules are grouped in a MIB, e.g., • Cisco has it own MIB file(s) containing the modules of Cisco routers • Standard MIBs (e.g., RFC1213) are defined in separated MIB files
SMI Type for MIB Definition <mib name> DEFINITIONS ::= BEGIN <imports> <definitions> END • Import is similar to #include in C • IMPORTS MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI • Definitions include • OBJECT-TYPE, OBJECT IDENTIFIER, MODULE-IDENTITY
Real MIB Example • RFC 1213
SMI for Organization of a MIB Defined by DEFINITION Defined by MODULE-IDENTITY Defined by OBJECT-TYPE Defined by OBJECT IDENTIFIER Defined by NOTIFICATION-TYPE Note: These are currently in used SNMPv1 & SNMPv2 macros (SNMPv2 replaced some SNMPv1 macros)
Managed Object: Single Instance • Two aspects of objects • Definition: By SMI in MIB file • Instantiation: By agent that implements the MIB