1 © 1999 BMC SOFTWARE, INC. 2/10/00 SNMP in Patrol Eugene Golovinsky BMC Software, SNMP technology group
2 © 1999 BMC SOFTWARE, INC. 2/10/00 SNMP Simple Network Management Protocol
3 © 1999 BMC SOFTWARE, INC. 2/11/00 Why was SNMP invented ? Designed to run on non-OS systems, later used in various ways for monitoring No “BRAINS” SNMP Agent THE “BRAINS” SNMP Manager u Maybe no (Free) Cpu u Maybe no (Free) Memory u Must be able to run everywhere u Real OS u Contained all intelligence u Made all decisions
4 © 1999 BMC SOFTWARE, INC. 2/11/00 Protocol, its versions and extentions What is SNMP About the protocol versions SNMPv1, SNMPv2 ( c ) and SNMPv3 Some other things : RMON, RMON 2, SMI's and MIB's SNMPv3 - as a future path for SNMP community ?
5 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP implementations Transport Transport protocol (UDP/IP) BER (iso 8825) - Basic Encoding Rules TLV (Type, Length, Value) encoding Versions SNMPv1 SNMPv2 SNMPv3 OSI network management implementation CMIP - CMOT ( used primarily in telephony along with SNMP)
6 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP Syntax - SMI ASN.1 (iso “abstract notation one”) SMI uses a subset of ASN.1 Well defined syntax for information exchange comparable in functionality with XML
7 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMPv3 New Draft Standard with enhanced Security User Based security model (rfc 2574) Administration Security (authentication, privacy and message integrity) View based access (VACM)
8 © 1999 BMC SOFTWARE, INC. 2/11/00 RMON (Remote Network Monitoring) IETF rfc 1271 / rfc 1757 / rfc 1513 Physical Layer Management using probes (HW-SW) Extend SNMP functionality RMON MIB : contains RMON data Preventive Management : threshold based notification Statistics/History of data, Packet capturing, Host tables,… Operation modes Online Offline On Demand
9 © 1999 BMC SOFTWARE, INC. 2/11/00 RMON2 Continued on RMON (rfc 2021) Statistics on network and upper layers All of the leading probe vendors support it NetScout, Technically Elite, Solcom, HP, 3Com, Bay, Cisco, Cabletron Difficult to use all features because of vendor specific implementations
10 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP References SNMP v1 RFCs 1155SMI 1157protocol 1212Concise MIB 1213MIB2 1215traps SNMP v2 RFCs historical See also : The Simple Web SNMP v2C RFCs SNMP v3 RFCs
11 © 1999 BMC SOFTWARE, INC. 2/11/00 UDP vs. TCP connection UDP RM Agents Console Agents TCP connectionless scalable not reliable connection oriented used to be non-scalable reliable
12 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP : Underlying Transport UDP/IP implications unreliable no confirmation or guarantee order uncertain may duplicate unsecure No authentication on transport layer No verification of origin (message spoofing) No integrity (message can be tampered with)
13 © 1999 BMC SOFTWARE, INC. 2/11/00 The SNMP Agent What is an SNMP agent ? Components : MIB (the MIB in memory) request handling trap sending
14 © 1999 BMC SOFTWARE, INC. 2/11/00 Multiple SNMP Agents on 1 system Conflict : only 1 process can listen on a port Solutions : SMUX (SNMP Multiplexer) AgentX - Agent Extensibility (rfc 2741) Emanate (proprietary SNMP Research) 161 Master Agent Sub agent Application Device
15 © 1999 BMC SOFTWARE, INC. 2/11/00 MIB (Management Information Base) The MIB definition textual description of MIB layout Written in SMI : Structure of Management Information SMI (the MIB definition language) Support for multiple datatypes Support for data definitions : indexed tables, structures, values,...
16 © 1999 BMC SOFTWARE, INC. 2/11/00 NAMING in SNMP Naming hierarchy unique identifier, down to the instance of any object is the OID of the BMC Software subtree; Object identifier is the name iso 1 3 org 6dod 1 internet 2 mgmt 4 private 1enterprises enterpriseID peer BMC Company X Whatever you like
17 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP Management Remote Management : From a geographically separate location configure monitor control a remote system application device OS Management console Mgmt info, i.e., interesting info “application” Managed system Mgmt protocol
18 © 1999 BMC SOFTWARE, INC. 2/11/00 Management Operations, SNMP requests and responses Get, Get Next, Set SNMPv1 responses are sent back Get Bulk (SNMPv2) Unsolicited Traps from Agent (v1) Informs (v2 and v3) - confirmed traps
19 © 1999 BMC SOFTWARE, INC. 2/11/00 Request handling SNMP Agent gets request from mgr listens on specific port : typically 161 receives request : request ID + OID Lookup of OID in memory Performs operation if possible SNMP Agent sends response request ID OID value error status + index Similar for get-next operation returns next OID in tree
20 © 1999 BMC SOFTWARE, INC. 2/11/00 Trap sending SNMP Agent sends 7 predefined Generic trap types (0-6) 0-5 = Standard traps 6 = Enterprise Specific Sends to port 162 (default) on trap receiving machine Trap destinations has to be configured Patrol : /snmp/piV1m_list
21 © 1999 BMC SOFTWARE, INC. 2/11/00 The SNMP Manager What is an SNMP manager ? Components : present MIB info (display MIB files) send requests listen for traps
22 © 1999 BMC SOFTWARE, INC. 2/11/00 Sending Requests Timebased polling User based requests Authentication : SNMPv1 : community names for r/w (most of the times, just private/public) SNMPv3 does it with MD5
23 © 1999 BMC SOFTWARE, INC. 2/11/00 Listening for traps Only one process can listen on a port That means only one trap listener per system ! Solution : PATROL : trap demultiplexer (Dietmar Hildebrand) No PATROL : (write your own)
24 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP++ Initial HP initiative, now Open Source Object oriented development approach to SNMPv1,v2c,v3 High level API Primary focus on network management application developer References :
25 © 1999 BMC SOFTWARE, INC. 2/10/00 ??? Questions ???
26 © 1999 BMC SOFTWARE, INC. 2/10/00 PATROL SNMP Functionality
27 © 1999 BMC SOFTWARE, INC. 2/11/00 Patrol SNMP Master and Sub Agent Only needed when accessing PATROL MIB data !! Patrol MIB data is KM data Not needed for : receiving traps sending traps get/set/walk/... operations
28 © 1999 BMC SOFTWARE, INC. 2/11/00 Patrol SNMP Master agent configuration See file./lib/snmpmagt.cfg default port used to be 1161, community public No need for BMC master agent if SMUX compatible Master Agent available (eg. AIX) What about HP ? They use emanate master agent (proprietary from SNMP Research) Run 2 master agents, one on 161 (default) and one on 1161 (Patrol)
29 © 1999 BMC SOFTWARE, INC. 2/11/00 Starting Patrol SNMP sub-agent PATROL SNMP sub-agent can be manually started and stopped from PSL snmp_agent_start() starts SNMP sub-agent snmp_agent_stop() stops SNMP sub-agent snmp_agent_config() tells if SNMP agent functionality is active
30 © 1999 BMC SOFTWARE, INC. 2/11/00 PATROL Agent as SNMP sub agent Ability to send traps Has an accessible MIB To access MIB, the master agent must be set up correctly
31 © 1999 BMC SOFTWARE, INC. 2/11/00 SNMP Traps in Patrol Automatically : When Patrol event occurs Trap destinations : piV1m_List ( + /snmp/trapMibTable=yes) Filter possibility (see config.default for filter options) Through Master Agent or without Master Agent trapMibTable(yes), trapConfTable (no) - default From PSL snmp_trap_send : full control snmp_trap_raise_std_trap : uses piV1m_List
32 © 1999 BMC SOFTWARE, INC. 2/11/00 PATROL Agent MIB
33 © 1999 BMC SOFTWARE, INC. 2/11/00 Objects Table Contains all the “nodes” from the PATROL namespace, starting from the PATH defined in objectsCwd (=objects Current Working Dir)
34 © 1999 BMC SOFTWARE, INC. 2/11/00 variablesTable Contains all the “leaves” from the PATROL namespace, starting from the PATH defined in objectsCwd (=objects Current Working Dir)
35 © 1999 BMC SOFTWARE, INC. 2/11/00 Browsing PATROL namespace Set objectCwd to the tree you want to inspect for example “/” Go to the desired “node” get the “objectsTable”, you see NT_CPU set objectCwd to “/NT_CPU” … pick inst from objectsTable set objectCwd to “/NT_CPU/CPU_0”… pick param from objectsTable set objectCwd to “/NT_CPU/CPU_0/CPUCpuUtil” Read the wanted values get the “variablesTable” to find all the attributes including its value Problem : No way to protect objectsCwd : other PSL script can change its value in the same time !
36 © 1999 BMC SOFTWARE, INC. 2/11/00 applicationsTable Contains all the applications loaded in the agent and indexed by application ID
37 © 1999 BMC SOFTWARE, INC. 2/11/00 applInstTable Contains all the instances discovered in the agent. Indexed application ID and instance ID
38 © 1999 BMC SOFTWARE, INC. 2/11/00 parametersTable Contains all the parameters in the agent. Indexed by application ID, instance ID and parameter OID
39 © 1999 BMC SOFTWARE, INC. 2/11/00 Table relationships applicationsTable idnamestate…. 0SOLARIS0…. 1CPU0…. 2DISK0…. 3KERNEL0…. 4NFS0…....…. applInstTable idnamestatus…....…. 1.50CPU0…. 2.60sd50…. 2.61nfs10…. 2.70idehd010…....…. parametersTable idnamevalue…....… DSKTps0… DSKTps0… DSKBps0… DSKAvgS..0…....….
40 © 1999 BMC SOFTWARE, INC. 2/11/00 Accessing PATROL namespace Look for the application in “applicationTable” Use that index to get the instances from the application in “applInstTable” Use both indexes to get the parameters from the “parametersTable” Get the required attribute from your parameter This method is “safe” but requires some processing
41 © 1999 BMC SOFTWARE, INC. 2/11/00 Direct namespace access “Hooked” on OID of :.variablesTable.variableEntry.variableValue Need conversion of namespace variable = length of namespace variable = ascii to value conversion of namespace variable for example : /CPU = Simply get : bmc Result : Fastest Namespace access not useful for namespace “discovery” Not “walk-able”
42 © 1999 BMC SOFTWARE, INC. 2/11/00 Execute PSL through SNMP Set variable “agentExecuteCommand” Agent will execute immediately Fail/Success from return value of snmp_set()
43 © 1999 BMC SOFTWARE, INC. 2/11/00 PATROL Agent as SNMP Manager Receiving traps Getting information from SNMP agents No Master Agent is needed for this !
44 © 1999 BMC SOFTWARE, INC. 2/11/00 Using PSL to Receive traps PSL functions : snmp_trap_listen : start listening for traps (open socket) starts accumulating traps snmp_trap_ignore : close all listeners (close socket) snmp_trap_receive : process incoming traps (block/poll based) only 1 per agent
45 © 1999 BMC SOFTWARE, INC. 2/11/00 Using PSL to Get info from SNMP Agents What is an SNMP session in PATROL ? snmp_open() : opens an SNMP session snmp_close() : closes an SNMP session snmp_config() : lists the SNMP sessions No real session (like TCP session) because SNMP = connectionless / stateless just a memory structure, so... Easier for the developer … open session once, reuse the session with the session attributes ! Allows you to set timeouts/retries/port Faster
46 © 1999 BMC SOFTWARE, INC. 2/11/00 PSL functions for SNMP managers SNMPv1 management functions snmp_(h_)... snmp_... Plus snmp_walk No support for v3 !! Security and administration, get bulk, more datatypes
47 © 1999 BMC SOFTWARE, INC. 2/11/00 Q & A concerns and problems future