1 / 47

SNMP in Patrol

SNMP in Patrol. Eugene Golovinsky BMC Software, SNMP technology group. SNMP. Simple Network Management Protocol. Why was SNMP invented ?. Designed to run on non-OS systems, later used in various ways for monitoring. Maybe no (Free) Cpu Maybe no (Free) Memory

tuvya
Download Presentation

SNMP in Patrol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SNMP in Patrol Eugene Golovinsky BMC Software, SNMP technology group

  2. SNMP Simple Network Management Protocol

  3. Why was SNMP invented ? Designed to run on non-OS systems, later used in various ways for monitoring • Maybe no (Free) Cpu • Maybe no (Free) Memory • Must be able to run everywhere No “BRAINS” SNMP Agent • Real OS • Contained all intelligence • Made all decisions THE “BRAINS” SNMP Manager

  4. Protocol, its versions and extentions • What is SNMP • About the protocol versions • SNMPv1, SNMPv2 ( c ) and SNMPv3 • Some other things: • RMON, RMON 2, SMI's and MIB's • SNMPv3 - as a future path for SNMP community ?

  5. SNMP implementations • Transport • Transport protocol (UDP/IP) • BER (iso 8825) - Basic Encoding Rules • TLV (Type, Length, Value) encoding • Versions • SNMPv1 • SNMPv2 • SNMPv3 • OSI network management implementation • CMIP - CMOT ( used primarily in telephony along with SNMP)

  6. SNMP Syntax - SMI • ASN.1 (iso 8824 - “abstract notation one”) • SMI uses a subset of ASN.1 • Well defined syntax for information exchange • comparable in functionality with XML

  7. SNMPv3 • New Draft Standard with enhanced Security • User Based security model (rfc 2574) • Administration • Security (authentication, privacy and message integrity) • View based access (VACM)

  8. RMON (Remote Network Monitoring) • IETF rfc 1271 / rfc 1757 / rfc 1513 • Physical Layer Management using probes (HW-SW) • Extend SNMP functionality • RMON MIB : contains RMON data • Preventive Management : threshold based notification • Statistics/History of data, Packet capturing, Host tables,… • Operation modes • Online • Offline • On Demand

  9. RMON2 • Continued on RMON (rfc 2021) • Statistics on network and upper layers • All of the leading probe vendors support it • NetScout, Technically Elite, Solcom, HP, 3Com, Bay, Cisco, Cabletron • Difficult to use all features because of vendor specific implementations

  10. SNMP v1 RFCs 1155 SMI 1157 protocol 1212 Concise MIB 1213 MIB2 1215 traps SNMP v2 RFCs historical See also : The Simple Web http://snmp.cs.utwente.nl/ SNMP v2C RFCs 1902-1907 SNMP v3 RFCs 1905-1907 2571-2575 2578-2580 http://www.ietf.org SNMP References

  11. RM UDP vs. TCP connection UDP • connectionless • scalable • not reliable TCP • connection oriented • used to be non-scalable • reliable Agents Agents Console Console

  12. UDP/IP implications unreliable no confirmation or guarantee order uncertain may duplicate unsecure No authentication on transport layer No verification of origin (message spoofing) No integrity (message can be tampered with) SNMP : Underlying Transport

  13. The SNMP Agent • What is an SNMP agent ? • Components : • MIB (the MIB in memory) • request handling • trap sending

  14. Application Application Sub agent Sub agent Sub agent Device Multiple SNMP Agents on 1 system • Conflict : only 1 process can listen on a port • Solutions : • SMUX (SNMP Multiplexer) • AgentX - Agent Extensibility (rfc 2741) • Emanate (proprietary SNMP Research) Master Agent 161

  15. MIB (Management Information Base) • The MIB definition • textual description of MIB layout • Written in SMI : Structure of Management Information • SMI (the MIB definition language) • Support for multiple datatypes • Support for data definitions : indexed tables, structures, values,...

  16. Naming hierarchy unique identifier, down to the instance of any object 1.3.6.1.4.1.1031 is the OID of the BMC Software subtree; Object identifier is the name NAMING in SNMP iso 1 org 3 6 dod 1 internet 2 private 4 mgmt 1 enterprises enterpriseID 442 peer 1031 Company X BMC Whatever you like

  17. Remote Management : From a geographically separate location configure monitor control a remote system application device OS SNMP Management Management console Mgmt protocol Mgmt info, i.e., interesting info “application” Managed system

  18. Management Operations,SNMP requests and responses • Get, Get Next, Set • SNMPv1 • responses are sent back • Get Bulk (SNMPv2) • Unsolicited Traps from Agent (v1) • Informs (v2 and v3) - confirmed traps

  19. Request handling • SNMP Agent gets request from mgr • listens on specific port : typically 161 • receives request : request ID + OID • Lookup of OID in memory • Performs operation if possible • SNMP Agent sends response • request ID • OID • value • error status + index • Similar for get-next operation • returns next OID in tree

  20. Trap sending • SNMP Agent sends • 7 predefined Generic trap types (0-6) • 0-5 = Standard traps • 6 = Enterprise Specific • Sends to port 162 (default) on trap receiving machine • Trap destinations has to be configured • Patrol : /snmp/piV1m_list

  21. The SNMP Manager • What is an SNMP manager ? • Components : • present MIB info (display MIB files) • send requests • listen for traps

  22. Sending Requests • Timebased polling • User based requests • Authentication : • SNMPv1 : community names for r/w (most of the times, just private/public) • SNMPv3 does it with MD5

  23. Listening for traps • Only one process can listen on a port • That means only one trap listener per system ! • Solution : • PATROL : trap demultiplexer (Dietmar Hildebrand) • No PATROL : (write your own)

  24. SNMP++ • Initial HP initiative, now Open Source • Object oriented development approach to SNMPv1,v2c,v3 • High level API • Primary focus on network management application developer • References : • http://rosegarden.external.hp.com/snmp++ • http://www.simple-times.org/pub/simple-times/issues/7-1.html

  25. ??? Questions ???

  26. PATROL SNMP Functionality

  27. Patrol SNMP Master and Sub Agent • Only needed when accessing PATROL MIB data !! • Patrol MIB data is KM data • Not needed for : • receiving traps • sending traps • get/set/walk/... operations

  28. Patrol SNMP Master agent configuration • See file ./lib/snmpmagt.cfg • default port used to be 1161, community public • No need for BMC master agent if SMUX compatible Master Agent available (eg. AIX) • What about HP ? • They use emanate master agent (proprietary from SNMP Research) • Run 2 master agents, one on 161 (default) and one on 1161 (Patrol)

  29. Starting Patrol SNMP sub-agent • PATROL SNMP sub-agent can be manually started and stopped from PSL • snmp_agent_start() • starts SNMP sub-agent • snmp_agent_stop() • stops SNMP sub-agent • snmp_agent_config() • tells if SNMP agent functionality is active

  30. PATROL Agent as SNMP sub agent • Ability to send traps • Has an accessible MIB • To access MIB, the master agent must be set up correctly

  31. SNMP Traps in Patrol • Automatically : • When Patrol event occurs • Trap destinations : piV1m_List ( + /snmp/trapMibTable=yes) • Filter possibility (see config.default for filter options) • Through Master Agent or without Master Agent trapMibTable(yes), trapConfTable (no) - default • From PSL • snmp_trap_send : full control • snmp_trap_raise_std_trap : uses piV1m_List

  32. PATROL Agent MIB

  33. Objects Table Contains all the “nodes” from the PATROL namespace, starting from the PATH defined in objectsCwd (=objects Current Working Dir)

  34. variablesTable Contains all the “leaves” from the PATROL namespace, starting from the PATH defined in objectsCwd (=objects Current Working Dir)

  35. Browsing PATROL namespace • Set objectCwd to the tree you want to inspect • for example “/” • Go to the desired “node” • get the “objectsTable”, you see NT_CPU • set objectCwd to “/NT_CPU” … pick inst from objectsTable • set objectCwd to “/NT_CPU/CPU_0”… pick param from objectsTable • set objectCwd to “/NT_CPU/CPU_0/CPUCpuUtil” • Read the wanted values • get the “variablesTable” to find all the attributesincluding its value • Problem : No way to protect objectsCwd : other PSL script can change its value in the same time !

  36. applicationsTable Contains all the applications loaded in the agent and indexed by application ID

  37. applInstTable Contains all the instances discovered in the agent. Indexed application ID and instance ID

  38. parametersTable Contains all the parameters in the agent. Indexed by application ID, instance ID and parameter OID

  39. applicationsTable applInstTable parametersTable id name state …. id name status …. 0 SOLARIS 0 …. id name value …. 1 CPU 0 …. ... …. …. …. ... …. …. …. 2 DISK 0 1.50 …. CPU 0 …. 2.60.150 DSKTps 0 …. 3 KERNEL 0 2.60 …. sd5 0 …. 2.61.270 DSKTps 0 …. 4 NFS 0 …. 2.61 nfs1 0 …. 2.61.289 DSKBps 0 …. 2.70 idehd01 0 …. ... …. …. …. 2.70.300 DSKAvgS.. 0 …. ... …. …. …. ... …. …. …. Table relationships

  40. Accessing PATROL namespace • Look for the application in “applicationTable” • Use that index to get the instances from the application in “applInstTable” • Use both indexes to get the parameters from the “parametersTable” • Get the required attribute from your parameter • This method is “safe” but requires some processing

  41. Direct namespace access • “Hooked” on OID of : .variablesTable.variableEntry.variableValue • Need conversion of namespace variable • <length> = length of namespace variable • <conv> = ascii to value conversion of namespace variablefor example : /CPU = 47.67.80.85 • Simply get : bmc.1.1.1.5.1.4.<len>.<conv> • Result : • Fastest Namespace access • not useful for namespace “discovery” • Not “walk-able”

  42. Execute PSL through SNMP • Set variable “agentExecuteCommand” • Agent will execute immediately • Fail/Success from return value of snmp_set()

  43. PATROL Agent as SNMP Manager • Receiving traps • Getting information from SNMP agents • No Master Agent is needed for this !

  44. Using PSL to Receive traps • PSL functions : • snmp_trap_listen : start listening for traps (open socket) starts accumulating traps • snmp_trap_ignore : close all listeners (close socket) • snmp_trap_receive : process incoming traps (block/poll based) only 1 per agent

  45. Using PSL to Get info from SNMP Agents • What is an SNMP session in PATROL ? • snmp_open() : opens an SNMP session • snmp_close() : closes an SNMP session • snmp_config() : lists the SNMP sessions • No real session (like TCP session) because SNMP = connectionless / stateless • just a memory structure, so ... • Easier for the developer … open session once, reuse the session with the session attributes ! • Allows you to set timeouts/retries/port • Faster

  46. PSL functions for SNMP managers • SNMPv1 management functions • snmp_(h_)... • snmp_... • Plus • snmp_walk No support for v3 !! • Security and administration, get bulk, more datatypes

  47. Q & A • concerns and problems • future

More Related