770 likes | 1.17k Views
SNMP Network Management (I) *. * Mani Subramanian “Network Management: Principles and practice†, Addison-Wesley, 2000. Organization Model Communication Model Information Model Structure of Management Information (SMI) Managed Objects Management Information Base (MIB)
E N D
SNMP Network Management (I)* *Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.
Organization Model Communication Model Information Model Structure of Management Information (SMI) Managed Objects Management Information Base (MIB) SNMP Administrative Model SNMP Protocol Specs SNMP Network Management
Describes components of a network management system Focuses on functions and infrastructure Objects are network elements such as hubs, bridges, routers, etc. Managed elements have a process running them called an agent Manager queries the agent, gets information, processes it and stores it in the MIB Organization Model MIB SNMP Manager agent agent Managed Objects Unmanaged Objects A simplified hierarchical (2-tier) setup
Multiple managers, 1 agent An agent responds to any management system that communicates with it using SNMP A NMS provided by a vendor is in a better position to manage, monitor and configure all NEs coming from that same vendor Organization Model MIB SNMP Manager SNMP Manager Managed Object agent Managed Objects Managers may have restricted access to managed objects
Limiting the data that a manager wishes to obtain! RMON (Remote Monitoring): acts as an agent and a manager RMON gathers data from MO, analyses the data, and stores the data Communicates the statistics to the manager Organization Model MIB SNMP Manager SNMP Manager Managed Object agent Managed Objects RMON Probe Managers may have restricted access to managed objects 3-tier architecture
Proxy server converts non-SNMP data from non-SNMP objects to SNMP compatible objects and messages Organization Model MIB SNMP Manager Proxy Server Managed Object agent Wireless LAN Managed Objects unmanaged Objects
Organization Model Communication Model Information Model Structure of Management Information (SMI) Managed Objects Management Information Base (MIB) SNMP Administrative Model SNMP Protocol Specs SNMP Network Management
MANAGER SNMP Polling Trap AGENTS MIB Communication Model
Communicate mgnt information between network mgnt stations and managed elements Goals: Management functions maintained by agents are kept simple Protocol flexibility (addition of new aspects of operation and management) Transparency (should not be affected by the architecture of particular hosts and gateways) Operation: 5 messages get-request, get-next request, set-request get-response, trap SNMP messages are exchanged using UDP (connection less) transport protocol Communication Model
SNMP Manager SNMP Agent Manage- SNMP Manager SNMP Agent ment Application Manages objects Application Application Data Trap Get-Request GetNext-Request Set-Request Get-Request GetNext-Request Set-Request Trap Get-Response Get-Response SNMP messages SNMP Manager SNMP agent UDP UDP IP IP DLC DLC PHY PHY Network or Internet Physical Medium Communication Model
Type Indication Cold-start of a system Agent is reinitializing itself since its configuration has changed Warm-start of a system Agent is reinitializing itself but its configuration has not changed Link down Link failure Link up Link restoral Failure of Authentication Request does not have proper authentication e.g., wrong SNMP community string EGP neighbor loss Exterior Gateway protocol neighbor gone Enterprise specific Specific to vendor implementing it Communication Model-SNMP Traps
Type Cold-start of a system Warm-start of a system Link down Link up Failure of Authentication EGP neighbor loss Enterprise specific Communication Model-SNMP Traps Format generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure (4), egpNeighborLoss (5), enterpriseSpecific (6) }
Organization Model Communication Model Information Model Structure of Management Information (SMI) Managed Objects Management Information Base (MIB) SNMP Administrative Model SNMP Protocol Specs SNMP Network Management
RFC 1155: Structure of Management Information A common representation for data between both manager and agent Defines the syntax (using ASN.1) to describe management information Data types and Rules used to define managed objects in a MIB Generic objects and private (vendor specific) objects conforming to SMI rules (RFC 1155) can be managed by SNMP Structure of Management Information
Objects have: object types and object instances SMI is concerned with types and not instances Object type Name (unique descriptor and object identifier) Syntax (ASN.1) Encoding (BER) Object Object Object Type Instance Name: Syntax: Encoding: OBJECT ASN.1 BER IDENTIFIER Managed Object : Type and Instance SMI, Objects and Instances
Object NMS 192.168.252.110 172.17.252.1 Object Object Type Instance Router 2 Name: Syntax: Encoding: Backbone Network OBJECT ASN.1 BER IDENTIFIER Managed Object : Type and Instance Router 1 172.16.46.1 Hub 1 Hub 2 172.16.46.2 172.16.46.3 A Managed LAN Network A hub with IP 172.16.46.3 is an instance of the object A hub is an object type SMI, Objects and Instances
Object Object Object Type Instance 3 Object Instance 2 Name: Syntax: Encoding: Object OBJECT ASN.1 BER Instance 1 IDENTIFIER Managed Object : Type with Multiple Instances SMI, Objects and Instances
Each managed object is associated with an identifier (OBJECT IDENTIFIER) Identifiers are used to name objects and they are unique for managed objects identifier is a sequence of integers root ccitt(0) iso(1) joint-iso-ccitt(2) org(3) dod(6) internet(1) mgmt(2) private(4) experimental(3) mib-2(1) enterprise(1) SMI, Names internet OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) 1 } ::= {1 3 6 1 } ::= {iso standard dod internet} Name of managed object
SMI, Names Internet {1 3 6 1} directory mgmt experimental private (1) (2) (3) (4) To identify objects used in Internet experiments Reserved for future use Used for objects defined in IAB-approved documents Used heavily by commercial vendors Sub-nodes under Internet
mib-2 (1) system (1) snmp (11) interfaces (2) transmission (10) at (3) cmot (9) ip (4) egp (8) icmp (5) udp (7) tcp (6) SMI, Names Internet {1 3 6 1} directory mgmt experimental private (1) (2) (3) (4)
enterprises (1) cisco hp 3Com Cabletron (9) (11) (43) (52) SMI, Names Internet {1 3 6 1} directory mgmt experimental private (1) (2) (3) (4)
SNMP ASN.1 Data Type Tag Structure Number Class Simple Defined Constructor or or or Primitive Application Structured Context- Universal Application Private specific SMI, SNMP Syntax
Subtype: INTEGER (0..255) OCTET STRING (SIZE 0..255) OCTET STRING (SIZE 8) SNMP Primitive Data Types Data Type Comments INTEGER Subtype INTEGER (n1..nN) Special case: Enumerated INTEGER type OCTET STRING 8-bit bytes binary and textual data Subtypes can be specified by either range or fixed OBJECT IDENTIFIER Object position in MIB NULL Placeholder • Special case of INTEGER data type (enumeration):
IpAddress::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) 160.85.128.1 A0 55 80 01 Counter::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) 0 0 231 231 Gauge::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) 0 1 2 TimeTicks::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295) 0 10 20 [ms] Opaque::= [APPLICATION 4] IMPLICIT OCTET STRING Application-Wide SNMP Types
SEQUENCE,SEQUENCE OF SET and SET OF of ASN.1 are not included in SNMP-based management Used to build lists and tables SEQUENCE {<type1>, <type2>,….., <typeN>} SNMP Structured Types Their location in the MIB Their data types Managed objects
SNMP Structured Types ipAddrTable is made up of instances of idAddrEntry object
SMI, Encoding • Basic Encoding Rules, BER • Data Types and Tags Type Tag OBJECT IDENTIFIER UNIVERSAL 6 SEQUENCE UNIVERSAL 16 IpAddress APPLICATION 0 Counter APPLICATION 1 Gauge APPLICATION 2 TimeTicks APPLICATION 3 Opaque APPLICATION 4 • Encoding of Object Identifiers: Packs the first two integers into a single sub-identifier
X Y Z = 40·X + Y 43 6 1 4 1 0 0 0 0 0 06 05 2B 06 01 04 01 SMI, Encoding enterprise OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) internet(1) private(4) 1}
system(1) sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4) Managed Objects • Textual name: mnemonic; always begins with lower case • OBJECT IDENTIFIER: unique position of the managed object in the MIB • Syntax: the ASN.1 definition of the object type • Access: read-only, read-write, not-accessible (e.g., tables) • Status: mandatory, optional, obsolete • Definition: textual description of the object type
system(1) sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4) Managed Objects
Macros for Managed Objects • A formal definition for managed objects
Macros for Managed Objects • Using OBJECT-TYPE MACRO to define a managed object of the system group in the MIB sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS mandatory DESCRIPTION “A textual description of the entity. This value should include the full name and version identification of the system’s hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters.” ::= { system 1 }
system(1) sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4) Macros for Managed Objects sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized."::= { system 3 }
Aggregate Objects • A group of related objects (also called tabular objects) • Represented by a table with • Columns of objects • Rows of instances • Example: IP address table • Consists of objects: • IP address • Interface • Subnet mask (which subnet this address belongs to) • Broadcast address (value of l.s.b. in IP broadcast address) • Largest IP datagram that can be assembled • Multiple instances of these objects associated with the node
Aggregate Object Macro-ipAddrTable (RFC 1155) ipAddrTable OBJECT-TYPE Syntax SEQUENCE OF IpAddrEntry Access not-accessible STATUS mandatory Definition "The table of addressing information relevant to this entity's IP addresses." ::={ip 20} ipAddrEntry OBJECT-TYPE Syntax IpAddrEntry Access not-accessible STATUS mandatory Definition "The addressing information for one of this entity's IP addresses..„ INDEX {ipAdEntAddr} ::={ipAddrTable 1} IpAddrEntry ::= SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr INTEGER, ipAdEntReasmMaxSize INTEGER (0..65535)}
Aggregate Object Macro-ipAddrTable (RFC 1155) ipAdEntAddr OBJECT-TYPE Syntax IpAddress Access read-only STATUS mandatory Definition "The IP address to which this entry's addressing information pertains." ::={ipAddrEntry 1} ipAdEntIfIndex OBJECT-TYPE Syntax INTEGER Access read-only STATUS mandatory Definition"The index value that uniquely identifies the interface to which this entry is applicable. The interface identified by a particular value of this index is the same interface as identified by the same value of IfIndex." INDEX {ipAdEntAddr} ::={ipAddrEntry 2} . . . .
TABLE T ENTRY E COLUMNAR COLUMNAR COLUMNAR COLUMNAR COLUMNAR OBJECT 1 OBJECT 4 OBJECT 5 OBJECT 2 OBJECT 3 Multiple Instance Managed Object Columnar Objects • Aggregate objects type contains one or more subtypes • each could have multiple instances, with a value associated with each instance • It is convenient to conceptually define a tabular structure for objects with multiple values • e.g., IP address table • The objects TABLE T and ENTRY E are logical objects • define grouping, are not accessible • Columnar objects are objects that represent the attributes • hence are accessible • Each instance of E is a row of columnar objects 1 through 5 • Multiple instances of E are represented by multiple rows
T T.E T.E.1.1 T.E.2.1 T.E.3.1 T.E.4.1 T.E.5.1 T.E.1.2 T.E.2.2 T.E.3.2 T.E.4.2 T.E.5.2 T.E.1.3 T.E.2.3 T.E.3.3 T.E.4.3 T.E.5.3 T.E.1.4 T.E.2.4 T.E.3.4 T.E.4.4 T.E.5.4 Example of 5 Columnar Object with 4 Instances (rows) Columnar Objects Not accessible Object ID {Table, Entry, Object, Index} Row 3: the third instance of the object Notice that the column-row numeric designation is reverse of that used in matrix representation (row-column)
ipAddrTable {1.3.6.1.2.1.4.20} ipAddrEntry (1) ipAdEntAddr (1) ipAdEntIfIndex (2) ipAdEntNetMask (3) ipAdEntBcastAddr (4) ipAdEntReasmMaxSize (5) Columnar object ID of ipAdEntBcastAddr is (1.3.6.1.2.1.4.20.1.4): iso org dod internet mgmt mib ip ipAddrTable ipAddrEntry ipAdEntBcastAddr 1 3 6 1 2 1 4 20 1 4 Columnar objects under ipAddrEntry Columnar Objects - Example 4 instances of the Columnar object Index of table Object instances of ipAddrTable (1.3.6.1.2.1.4.20)
Columnar Objects - Example Object instances of ipAddrTable (1.3.6.1.2.1.4.20) Node 1 under ipAddrEntry Index of the object instance Object ID for ipAddrEntry Object Id for specific instances
RFC 1213 MIB is a database containing information about elements to be managed For SNMP, the MIB is a structured database (tree) Each resource to be managed is represented by an object Each system (e.g., a router) maintains a MIB that reflects the status of its managed resources A NMS monitors/controls the resources by reading/modifying the values of objects in the MIB Management Information Base (MIB)
Implementation can be done as needed (e.g., objects essential for fault or configuration management are added) If a group is implemented by a vendor, all its components are implemented (e.g. OSPF and all its group objects) Internet {1 3 6 1} directory mgmt experimental private (1) (2) (3) (4) mib-2 (1) system (1) snmp (11) interfaces (2) transmission (10) at (3) cmot (9) ip (4) egp (8) icmp (5) udp (7) tcp (6) Internet MIB-II Group MIB, RFC1213 <module name> DEFINITIONS ::= BEGIN <imports> <definitions> END
RFC1213-MIB DEFINITIONS ::= BEGIN IMPORT mgmt, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks FROM RFC1155-SMI OBJECT-TYPE FROM RFC-1212; -- This MIB module uses the extended -- OBJET-TYPE macro as defined in [14]; -- MIB-II (same prefix as MIB-I) mib-2 OBJECT IDENTIFIER ::= { mgmt 1 } -- textual conventions DisplayString ::= OCTET STRING -- This data type is used to model textual -- information taken from the NVT ASCII character -- set. By convention, objects -- with this syntax are declared as having -- -- SIZE (0..255) PhysAddress ::= OCTET STRING -- This data type is used to model media -- addresses. For many types of media, this will -- be in a binary representation. For example, -- an ethernet address would be represented as -- a string of 6 octets. MIB, RFC1213 -- groups in MIB-II system OBJECT IDENTIFIER ::= { mib-2 1} interfaces OBJECT IDENTIFIER ::= { mib-2 2 } at OBJECT IDENTIFIER ::= { mib-2 3 } ip OBJECT IDENTIFIER ::= { mib-2 4 } icmp OBJECT IDENTIFIER ::= { mib-2 5 } tcp OBJECT IDENTIFIER ::= { mib-2 6 } udp OBJECT IDENTIFIER ::= { mib-2 7 } egp OBJECT IDENTIFIER ::= { mib-2 8 } cmot OBJECT IDENTIFIER ::= { mib-2 9 } transmission OBJECT IDENTIFIER ::= {mib-2 10} snmp OBJECT IDENTIFIER ::= { mib-2 11 } . . . . END
-- the System group -- Implementation of the System group is -- mandatory for all systems. If an agent is not -- configured to have a value for any of these -- variables, a string of length 0 is returned. sysDescrOBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandatory DESCRIPTION "A textual description of the entity. ……." ::= { system 1 } system (mib-2 1) sysDescr (1) sysServices (7) sysObjectId sysLocation (6) (2) sysUpTime (3) sysName (5) sysContact (4) MIB, System Group sysObjectID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER ACCESS read-only STATUS mandatory DESCRIPTION "The vendor's authoritative identification of the network management subsystem contained in the entity." ::= { system 2 } sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last reinitialized." ::= { system 3 }
Fault monitoring: By periodically polling each agent for this value; if the current value is less than the most recent value, then the agent has been restarted since last poll! MIB, System Group Programmed by vendor of objects during manufacturing time
It specifies the number of interfaces in a network component and the managed objects associated with each interface E.g., Ethernet bridge with many network interface cards Implementation: mandatory interfaces (mib-2 2) ifNumber ifTable (1) (2) ifEntry (1) ifIndex (1) ifSpecific (22) ifDescr (2) ifOutQLen (21) ifType (3) ifOutErrors (20) ifMtu (4) ifOutDiscards (19) ifSpeed (5) ifOutNUcastPkts (18) ifPhysAddress (6) ifOutUcastPkts (17) ifAdminstatus (7) ifOutOctets (16) ifOperStatus (8) ifUnknownProtos (15) ifLastChange (9) ifInErrors (14) ifInOctets (10) ifInDiscards (13) ifInUcastPkts (11) ifInNUcastPkts (12) MIB, Interface Group interfaces OBJECT IDENTIFIER ::= { mib-2 2 }
ifNumber OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The number of network interfaces (regardless of their current state) present on this system." ::= { interfaces 1 } interfaces (mib-2 2) ifNumber ifTable (1) (2) ifEntry (1) MIB, Interface Group ifEntry OBJECT-TYPE SYNTAX IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An interface entry containing objects at the sub-network layer and below for a particular interface." INDEX { ifIndex } ::= { ifTable 1 } ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of interface entries. The number of entries is given by the value of ifNumber." ::= { interfaces 2 } IfEntry ::= SEQUENCE {ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER, ifMtu INTEGER, ifSpeed Gauge, ifPhysAddress PhysAddress, ifAdminStatus INTEGER, ifOperStatus INTEGER, ifLastChange TimeTicks, ifInOctets Counter, ……}
Basic information useful for network management such as performance monitoring and fault control Examples 1)-measuring the queue length or the total number of octets into/out of the system-- indicators for detecting congestion 2)- measuring the traffic rate on a given interface! ifInUcastPkts/second, ifOutUcastPkts/second Counter data types, always incrementing! interfaces (mib-2 2) ifNumber ifTable (1) (2) ifEntry (1) ifIndex (1) ifSpecific (22) ifDescr (2) ifOutQLen (21) ifType (3) ifOutErrors (20) ifMtu (4) ifOutDiscards (19) ifSpeed (5) ifOutNUcastPkts (18) ifPhysAddress (6) ifOutUcastPkts (17) ifAdminstatus (7) ifOutOctets (16) ifOperStatus (8) ifUnknownProtos (15) ifLastChange (9) ifInErrors (14) ifInOctets (10) ifInDiscards (13) ifInUcastPkts (11) ifInNUcastPkts (12) MIB, Interface Group
ip (mib-2 4) ipForwarding (1) ipRoutingDiscards (23) ipDefaultTTL (2) ipNetToMediaTable (22) ipInReceives (3) ipRouteTable (21) ipInHdrErrors (4) ipAddrTable (20) ipInAddrErrors (5) ipFragCreates (19) ipFragFails (18) ipForwDatagrams (6) ipInUnknownProtos (7) ipFragOKs (17) ipInDiscards (8) ipReasmFails (16) ipInDelivers (9) ipReasmOKs (15) ipOutRequests(10) ipReasmReqds (14) ipOutDiscards (11) ipReasmTimeout (13) ipOutNoRoutes (12) MIB, IP Group • Contains information relevant to the implementation and operation of IP at a node • Routers periodically execute routing algorithms and update routing tables • IP Address Table contains table of IP addresses • IP Route Table contains an entry for each route • IP Network-to-Media Table is address translation table mapping IP addresses to physical addresses