280 likes | 304 Views
SNMP ( Simple Network Management Protocol ) based Network Management. Network Management: What is it?. Network management includes deployment,integration and coordination of the hardware, software, and human elements
E N D
SNMP(Simple Network Management Protocol) based Network Management
NetworkManagement: What is it? • Network management includes • deployment,integration and coordination of the hardware, software, and human elements • to monitor, test, poll, configure, analyze, evaluate and control the network and element resources • to meet the real-time, operational performance, and Quality of service requirements at a reasonable cost.
Network Management: Why is it needed? • Lowers costs by eliminating the need for many administrators at multiple locations performing the same function • Makes network administration and monitoring easier and more convenient • Coherent presentation of data
Functional Areas of Network Management(According to OSI Network Management Model) Performance Management– how smoothly is the network running Fault Management- reactive and proactive network fault management (deals with problems and emergencies in the network) Configuration Management– keeping track of device settings and how they function Accounting Management- cost management and charge back assessment Security Management- SNMP (Version 1 and 2) doesn’t provide much here
Network Management Architectures 1) Management Entity job is to provide access to management data, controls, and behaviors: • Regular polling or sampling of management data • the management entity requests updates from managed devices to reflect recent status of the network being managed. • When alerts are received, appropriate responses must be generated
Network Management Architectures (contd.) 2) Managed Device • At each managed device, a special piece of software(process) called a management agent responds to polls for collected data, • The management agent itself has custody of a management database (MDB) of information that it collects and maintains over time
Network Management Architectures (contd.) 3) N/w Management Protocol • The protocol runs between managing entity and the managed device. • Allows the managing entity to query the status of the managed devices . • Agents can use the network management protocol to inform the managing entity of exceptional events.
Versions • Two major versions SNMPv1, SNMPv2 • SNMPv1 is the recommended standard • SNMPv2 has become split into: • SNMPv2u - SNMPv2 with user-based security • SNMPv2* - SNMPv2 with user-based security and additional features • SNMPv2c - SNMPv2 without security • SNMPv3 - Security
Client Pull & Server Push • SNMP is a “client pull” model The management system (client) “pulls” data from the agent (server). • SNMP is a “server push” model The agent (server) “pushes” out a trap message to a (client) management system
The Internet- Standard Management Framework • SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices. • Comprised of agents and managers • Agent - process running on each managed node collecting information about the device it is running on. • Manager - process running on a management workstation that requests information about devices on the network.
The Internet- Standard Management Framework (contd.) SNMP network management consists of four parts: • Management Information Base (MIB) • A map of the hierarchical order of all managed objects and how they are accessed • Structure of Management Information (SMI) • Rules specifying the format used to define objects managed on the network that the SNMP protocol accesses • SNMP Protocol • Defines format of messages exchanged by management systems and agents. • Specifies the Get, GetNext, Set, and Trap operations • Security and administration capabilities • The addition of these capabilities represents the major enhancement in SNMPv3 over SNMPv2
MIB-2 MIB-II Standard Internet MIB • Definition follows structure given in SMI • MIB-II (RFC 1213) is current standard definition of the virtual file store for SNMP manageable objects • Has 10 basic groups • system • interfaces • at • ip • icmp • tcp • udp • egp • transmission • snmp • If agent implements any group then is has to implement all of the managed objects within that group
Ports & UDP • SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages EthernetFrame IP Packet SNMP Message CRC UDP Datagram • Like FTP, SNMP uses two well-known ports to operate: • UDP Port 161 - SNMP Messages • UDP Port 162 - SNMP Trap Messages
Four Basic Operations • Get Retrieves the value of a MIB variable stored on the agent machine (integer, string, or address of another MIB variable) • GetNext Retrieves the next value of the next lexical MIB variable • Set Changes the value of a MIB variable • Trap An unsolicited notification sent by an agent to a management application (typically a notification of something unexpected, like an error)
Basic operations contd.. get_request get_response port 161 get_next_request port 161 get_response Manager Agent set_request port 161 set_response trap port 162 port 161
Traps • Traps are unrequested event reports that are sent to a management system by an SNMP agent process • When a trappable event occurs, a trap message is generated by the agent and is sent to a trap destination (a specific, configured network address) • Many events can be configured to signal a trap, like a network cable fault, failing NIC or Hard Drive, a “General Protection Fault”, or a power supply failure • Traps can also be throttled -- You can limit the number of traps sent per second from the agent • Traps have a priority associated with them -- Critical, Major, Minor, Warning, Marginal, Informational, Normal, Unknown
Trap Receivers • Management applications can handle the trap in a few ways: • Poll the agent that sent the trap for more information about the event, and the status of the rest of the machine. • Log the reception of the trap. • Completely ignore the trap.
Languages of SNMP • Structure of Management Information (SMI) specifies the format used for defining managed objects that are accessed via the SNMP protocol • Abstract Syntax Notation One (ASN.1) used to define the format of SNMP messages and managed objects (MIB modules) using an unambiguous data description format • Basic Encoding Rules (BER) used to encode the SNMP messages into a format suitable for transmission across a network
SNMP MESSAGE ENCODING • The description of MIBs and message formats is based on the ASN.1 syntax. • The mapping from an abstract syntax upon a transfer syntax is defined by BER.
Basic Message Format Message Length Message Version Message Preamble Community String PDU Header SNMP Protocol Data Unit PDU Body
Monolithic Agents • not extendible • optimized for specific hardware platform and OS SNMP Agents Two basic designs of agents • Extendible Agents • Open, modular design allows for adaptations to new management data and operational requirements
Community Names • A community string is a password that allows access to a network device. It defines what "community of people" can access the SNMP information that is on the device. • Community names are used to define where an SNMP message is destined for. • Set up your agents to belong to certain communities. • Set up your management applications to monitor and receive traps from certain community names. • There are actually three community strings for SNMP-speaking devices: • The SNMP Read-only community string • The SNMP Read-Write community string • The SNMP Trap community string
Proxy Management • A node may not support SNMP, but may be manageable by SNMP through a proxy agent running on another machine. • Nowadays the term proxy denotes a device that forwards SNMP messages, but doesn’t look at the individual objects.
Advantages of using SNMP • Standardized • universally supported • extendible • portable • allows distributed management access • lightweight protocol