1 / 99

Introduction to SNMP

Introduction to SNMP. Yen-Cheng Chen http://ycchen.im.ncnu.edu.tw/ ycchen@ncnu.edu.tw. Contents. 1. Basic Concepts 2. Management Information Base 3. Simple Network Management Protocol 4. SNMP Application Examples 5. Reference Appendix: ASN.1 Concept. FDDI. PC. PC. PC. UNIX. UNIX.

adang
Télécharger la présentation

Introduction to SNMP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to SNMP Yen-Cheng Chen http://ycchen.im.ncnu.edu.tw/ ycchen@ncnu.edu.tw

  2. Contents 1. Basic Concepts 2. Management Information Base 3. Simple Network Management Protocol 4. SNMP Application Examples 5. Reference Appendix: ASN.1 Concept

  3. FDDI .... .... .... PC PC PC UNIX UNIX UNIX 1. Basic Concepts Management Station NM ... RMON Device Notification Polling Firewall / Router ... Internet

  4. 網路管理標準化 • 如果每個廠商的網路設備均提供一套獨特專屬(Proprietary)的網管方法與介面,網路管理工作將很難執行。 • 網路管理標準化 • 每個網路設備必須提供一致的網路管理介面(亦即相同的網路管理通信協定)。

  5. 網路管理相關標準 • Internet • SNMPv1, SNMPv2, SNMPv3 • ISO/ITU-T X.700 Series: • CMIP/S (Common Management Information Protocol / Service) • ITU-T M.3000 Series: • TMN (Telecommunication Management Networks)

  6. SNMP Concepts • SNMP: • Simple Network Management Protocol • De facto standards of network management for TCP/IP networks (Internet) • IAB recommends all IP & TCP implementations should be network manageable. • That is, all TCP/IP network devices should support SNMP. IAB: Internet Activities Board

  7. SNMP Architectural Model • Key Components • One or more Management Stations • Perform management applications, i.e, Monitor & Control. • Multiple Network Elements • hosts, routers, gateways, ..., which each contain an Agent. • Network Management Protocol • Exchange network management information.

  8. SNMP SNMP SNMP UDP UDP UDP IP IP IP 網路介面 網路介面 網路介面 Network SNMP Architectural Model (cont.) Network Elements (NEs) Management Station Host Router Manager Agent Agent Network Management Protocol . . . SNMP

  9. Management Components • Manager • Agent • Network Management Protocol • Management Information Base (MIB)

  10. Management Components • Management Station (Manager) • Network management applications. • Provide an interface which the human network manager can monitor and control the network. • Agent • Network devices should be equipped with agent software so that they can be managed from a management station. • Responds to requests for information from managers. • Responds to requests for actions from managers. • May asynchronously provide managers with important but unsolicited information.

  11. Management Components (cont.) • Network Management Protocol • Communication protocol between managers and agents • NM protocol provides a standard way to exchange management information between managers and agents. • Management Information Base (MIB) • A collection of Managed Objects. • The resources to be managed are represented as objects, called Managed Objects (MOs).

  12. Management Information Base (MIB) Managed Resources • Each resource to be managed is represented by an object, called managed object (MO). • The MIB is a structured collection of MOs. • Essentially, each MO is a data variable. • Each agent in an NE maintains an MIB. • Monitor: by reading the values of MOs in the MIB. • Control: by modifying the values of MOs in the MIB. MIB Agent SNMP UDP IP 網路介面 NE: Network Element

  13. Get, Set, GetNext Request Get Response Trap SNMP Services • Four Services • Get, Set, GetNext, Trap • Five SNMP PDUs • GetRequest, SetRequest, GetNextRequest, GetResponse, Trap Manager Agent(s) PDU: Protocol Data Unit

  14. Get Request Set Request Get Response Get Response Manager Manager Manager Manager Agent Agent Agent Agent GetNext Request Get Response Trap Request SNMP Services Get GetNext Set Trap

  15. SNMP Services (cont.) • Get Request: • Retrieve the values of objects in the MIB of an agent. • Get-Next Request: • Retrieve the values of the next objects in the MIB of an agent. • Set Request: • Update the values of objects in the MIB of an agent. • Trap Request • Report extraordinary events to the manager.

  16. MIB Tree : 4 5 6 :Non-Leaf Object 1 2 3 :Leaf Object Get-Next Request In SNMP, Only leaf objects have values. *

  17. Any 161 Any 162 Default UDP Ports for SNMP Management Station Network Elements (NEs) Manager Agent SNMP SNMP UDP UDP IP IP 網路介面 網路介面

  18. SNMP Standards • SNMP Protocol (Std 15) • RFC1157: Simple Network Management Protocol. • Structure of Management Information (SMI) (Std 16) • RFC1155: Structure and Identification of Management Information for TCP/IP-based Internets. • RFC1212: Concise MIB Definitions. • MIB-II (Std 17) • RFC1213: Management Information Base for Network Management of TCP/IP-based Internets: MIB-II. http://www.isi.edu/rfc-editor/rfc.html

  19. 2. Management Information Base • Structure of Management Information (SMI) • Set of rules on how managed objects should be defined. • Objects are defined using Abstract Syntax Notation One ASN.1 (ITU-T X.208 / ISO 8824) • MIB • The collection of all defined objects • Contains hierarchically organized variables corresponding to managed objects. • MIB-II, RMON MIB, Bridge MIB, Repeater MIB, X.25 MIB, FDDI MIB, Token Ring MIB, ...

  20. Object Identifier • Object Identifier (OID): • Global identifier for a particular object type. • An OID consists of a sequence of integers, which specify the position of the object in the global object identifier tree. root 0 2 1 iso ccitt joint-iso-ccitt 3 0 2 1 1.3.6.1.2.1 org reg authority std member body 6 dod 1 1.3.6.1.2.1.2 1.3.6.1.4.1 internet 1 4 3 2 mgmt directory private experimental 1 1 MIB II MIB II enterprises enterprises interface system 1 interface 2 at 3 Trans. 10 SNMP 11 IP 4 ICMP 5 TCP 6 UDP 7 EGP 8

  21. Private MIB Registration • Companies can register their private MIB extensions in the global MIB tree by contacting the Internet Assigned Numbers Authority (IANA). • http://www.iana.org/ • Currently assigned enterprise subtrees ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers

  22. SMI (RFC1155) RFC1155-SMI DEFINITIONS ::= BEGIN EXPORTS -- EVERYTHING internet, directory, mgmt, experimental, private, enterprises, OBJECT-TYPE, ObjectName, ObjectSyntax, SimpleSyntax, ApplicationSyntax, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks, Opaque; internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 } directory OBJECT IDENTIFIER ::= { internet 1 } mgmt OBJECT IDENTIFIER ::= { internet 2 } experimental OBJECT IDENTIFIER ::= { internet 3 } private OBJECT IDENTIFIER ::= { internet 4 } enterprises OBJECT IDENTIFIER ::= { private 1 }

  23. SMI (cont.) ASN.1 Macro OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= "SYNTAX" type (TYPE ObjectSyntax) "ACCESS" Access "STATUS" Status VALUE NOTATION ::= value (VALUE ObjectName) Access ::= "read-only" | "read-write" | "write-only" | "not-accessible" Status ::= "mandatory" | "optional" | "obsolete" END ObjectName ::= OBJECT IDENTIFIER

  24. OBJECT-TYPE Example sysDesc OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandary ::= { system 1}

  25. SMI (cont.) NetworkAddress ::= CHOICE { internet IpAddress} IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) Counter ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) Gauge ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295) Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING END ObjectName ::= OBJECT IDENTIFIER ObjectSyntax ::= CHOICE { simple SimpleSyntax, application-wide ApplicationSyntax} SimpleSyntax ::= CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL} } ApplicationSyntax ::= CHOICE { address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque }

  26. Object Syntax Summary • Simple Syntax • Integer • Octet String • Object Identifier • Null • Application Syntax • Network Address • Counter • Gauge • Time Ticks • Opaque

  27. Concise MIB Definition (RFC 1212) DescrPart ::= "DESCRIPTION" value (description DisplayString) | empty ReferPart ::= "REFERENCE" value (reference DisplayString) | empty IndexPart ::= "INDEX" "{" IndexTypes "}" | empty IndexTypes ::= IndexType | IndexTypes "," IndexType IndexType ::= value (indexobject ObjectName) | type (indextype) DefValPart ::= "DEFVAL" "{" value (defvalue ObjectSyntax) "}" | empty END OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= "SYNTAX" type(ObjectSyntax) "ACCESS" Access "STATUS" Status DescrPart ReferPart IndexPart DefValPart VALUE NOTATION ::= value (VALUE ObjectName)

  28. mib-2 OBJECT IDENTIFIER ::= { mgmt 1 } system OBJECT IDENTIFIER ::= { mib-2 1 } interfaces OBJECT IDENTIFIER ::= { mib-2 2 } at OBJECT IDENTIFIER ::= { mib-2 3 } ip OBJECT IDENTIFIER ::= { mib-2 4 } icmp OBJECT IDENTIFIER ::= { mib-2 5 } tcp OBJECT IDENTIFIER ::= { mib-2 6 } udp OBJECT IDENTIFIER ::= { mib-2 7 } egp OBJECT IDENTIFIER ::= { mib-2 8 } -- cmot OBJECT IDENTIFIER ::= { mib-2 9 } transmission OBJECT IDENTIFIER ::= { mib-2 10 } snmp OBJECT IDENTIFIER ::= { mib-2 11 } Examples: MIB II (RFC 1213) ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of interface entries. The number of entries is given by the value of ifNumber." ::= { interfaces 2 } ifEntry OBJECT-TYPE SYNTAX IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An interface entry containing objects at the subnetwork layer and below for a particular interface." INDEX { ifIndex } ::= { ifTable 1 }

  29. Identification of Managed Objects • Use Object Identifier (OID) • OID = Object Type OID . Instance Identifier • Object Type OID: • Each Object type has a unique OID • Instance Identifier: • Identify instances of object type • E.g .mib-2.interface.ifTable.ifEntry.ifDescr.2

  30. Two Kinds of Managed Objects • Type-Specific Objects: • sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ::= {system 1} • OID: mib-2.system.1.0 • Columnar Objects • OID: mib-2.interface.ifTable.ifEntry.ifDescr.2 mib-2.interface.ifTable.ifEntry.ifDescr.6 mib-2.interface.ifTable.ifEntry.ifType.2 mib-2.interface.ifTable.ifEntry.ifType.6

  31. Columnar Objects IfEntry ::= SEQUENCE { ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER, … } ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry … ::= { interface 2 } ifEntry OBJECT-TYPE SYNTAX IfEntry … INDEX {ifIndex } ::= { ifTable 1} ifDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS madatory ... ::= {ifEntry 2}

  32. Columnar Objects .ifTable.ifEntry.1 (1.3.6.1.2.1.2.2.1.1) .ifTable.ifEntry.2 (1.3.6.1.2.1.2.2.1.2) .ifTable.ifEntry.3 (1.3.6.1.2.1.2.2.1.3) ifIndex ifDescr ifType . . . 1 le0 6 . . . 6 llc0 1 . . . 7 lo0 24 . . . 9 le1 6 . . . 1.3.6.1.2.1.2.2.1.2.6 1.3.6.1.2.1.2.2.1.3.7

  33. Index in MIB II • ifEntry {ifIndex} • atEntry {atNetIfIndex, atNetAddress} • ipAddrEntry {ipAdEntAddr } • ipRouteEntry {ipRouteDest} • ipNetToMediaEntry {ipNetToMediaIfIndex, ipNetToMediaNetAddress} • tcpConnEntry {tcpConnLocalAddress, tcpConnLocalPort, tcpConnRemoteAddress, tcpConnRemotePort} • udpEntry {udpLocalAddress, udpLocalPort} • egpNeighEntry {egpNeighAddr}

  34. Index Example • To get the state of the TCP connection: 10.144.18.118:1200 ===> 10.144.14.40:1600  Use snmp_get_req. to get the “tcpConnState” of the tcpConnTable in MIB II. tcpConnState ==> .1.3.6.1.2.1.6.13.1.1 .1.3.6.1.2.1.6.13.1.1.10.144.18.118.1200.10.144.14.40.1600

  35. MIB II • System Group • Provide general information about the managed system. • InterfacesGroup • Contains generic information about the physical interfaces. • Address-TranslationGroup • Contains information about the mapping between network addresses and physical addresses for each physical interface. • IPGroup • Contains information about the implementation and operation of IP at the managed system. • ICMPGroup • Contains information about the implementation and operation of ICMP at the managed system.

  36. MIB-II (cont.) • TCPGroup • Contains information about the implementation and operation of TCP at the managed system. • UDPGroup • Contains information about the implementation and operation of UDP at the managed system. • EGPGroup • Contains information about the implementation and operation of EGP at the managed system. • TransmissionGroup • Provides details about the underlying transmission media for each interface. • SNMPGroup • Provides the statistics of SNMP operations at the managed system.

  37. MIB-II • MIB-II (RFC 1213) is superset of MIB-I • Objects that are related grouped into object groups • MIB module comprises module name, imports from other modules, and definitions of current module • RFC 1213 defines eleven groups

  38. MIB II (RFC 1213) • System Group • Provide general information about the managed system. • InterfacesGroup • Contains generic information about the physical interfaces. • Address-TranslationGroup • Contains information about the mapping between network addresses and physical addresses for each physical interface. • IPGroup • Contains information about the implementation and operation of IP at the managed system. • ICMPGroup • Contains information about the implementation and operation of ICMP at the managed system.

  39. MIB-II (cont.) • TCPGroup • Contains information about the implementation and operation of TCP at the managed system. • UDPGroup • Contains information about the implementation and operation of UDP at the managed system. • EGPGroup • Contains information about the implementation and operation of EGP at the managed system. • CMOT Group • Placeholder for OSI (CMIP Over TCP/IP) • TransmissionGroup • Provides details about the underlying transmission media for each interface. • SNMPGroup • Provides the statistics of SNMP operations at the managed system.

  40. System Group

  41. System Group

  42. sysServices OBJECT-TYPE SYNTAX INTEGER (0..127) ACCESS read-only STATUS mandatory DESCRIPTION "A value which indicates the set of services that this entity primarily offers. The value is a sum. This sum initially takes the value zero, Then, for each layer, L, in the range 1 through 7, that this node performs transactions for, 2 raised to (L - 1) is added to the sum. For example, a node which performs primarily routing functions would have a value of 4 (2^(3-1)). In contrast, a node which is a host offering application services would have a value of 72 (2^(4-1) + 2^(7-1)). Note that in the context of the Internet suite of protocols, values should be calculated accordingly: layer functionality 1 physical (e.g., repeaters) 2 datalink/subnetwork (e.g., bridges) 3 internet (e.g., IP gateways) 4 end-to-end (e.g., IP hosts) 7 applications (e.g., mail relays) For systems including OSI protocols, layers 5 and 6 may also be counted." ::= { system 7 } 72= 8 + 64 01000100

  43. System Information

  44. Interfaces Group

  45. iFEntry

  46. ifType http://www.iana.org/assignments/smi-numbers

  47. ifAdminStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- ready to pass packets down(2), testing(3) -- in some test mode } ACCESS read-write STATUS mandatory DESCRIPTION "The desired state of the interface. The testing(3) state indicates that no operational packets can be passed." ::= { ifEntry 7 } ifOperStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- ready to pass packets down(2), testing(3) -- in some test mode } ACCESS read-only STATUS mandatory DESCRIPTION "The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed." ::= { ifEntry 8 }

  48. ifTable

  49. ifTable (cont.)

More Related