Communication and Functional Models

Slides:



Advertisements
Similar presentations
Chapter 6 SNMPv2 6-1 Network Management: Principles and Practice
Advertisements

Communication and Functional Models
Chapter 19: Network Management Business Data Communications, 5e.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
1 Pertemuan 07 Model Komunikasi Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.
MJ04/07041 Session 04 Arsitektur SNMP Organization Model Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.
COMP4690, by Dr Xiaowen Chu, HKBU
SNMP PROTOCOL Copyright © 2001 by Aiko Pras These sheets may be used for educational purposes.
SNMP Simple Network Management Protocol
Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.
Network Management: SNMP
SNMPv1 Communication and Functional Models
Introduction to SNMP AfNOG 11, Kigali/Rwanda.
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.
ENS 1 SNMP M Clements. ENS 2 Simple Network Management Protocol Manages elements in networks – E.g. routers, switches, IP phones, printers etc. Uses manager.
1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.
Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
SNMP Management. 2 Overview u Growth of network size led to need for management techniques u Five main areas u Configuration management u Deals with installing,
SNMP Communication and Functional Models
SNMP (Simple Network Management Protocol)
Network Protocols UNIT IV – NETWORK MANAGEMENT FUNDAMENTALS.
SNMP ( Simple Network Management Protocol ) based Network Management.
Lec8: SNMP v1.
SNMP Simple Network Management Protocol Team: Matrix CMPE-208 Fall 2006.
ECE Prof. John A. Copeland Office: Klaus or call.
BAI513 - PROTOCOLS SNMP BAIST – Network Management.
1 Network Management Security Behzad Akbari Fall 2009 In the Name of the Most High.
SNMP Simple Network Management Protocol. SNMP and UDP Uses UDP as transport protocol Connectionless Connectionless Port 161 for sending and receiving.
CS 453 Computer Networks Lecture 22 Network Management.
Henric Johnson1 Chapter 12 Network Management Security Henric Johnson Blekinge Institute of Technology, Sweden
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
1 Chapter 8 Network Management Security. 2 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
Network Management Security
POSTECH DP&NM Lab 1 Simple Network Management Protocol (SNMP) Mi-Jung Choi Dept. of Computer Science KNU
Simple Network Management Protocol (SNMP) SNMP v1 (RFC 1157) UDP Port 161 Operation supported by SNMP – Get: retrieves a scalar object value – Set: updates.
1 Based on Behzad Akbari Fall 2011 Network Management lectures.
Network Management Security
CITA 440 Week 6 SNMPv1. Internet SNMP Management Internet Engineering Task Force (IETF) –1990SNMPv1 –1996SNMPv2 –1998SNMPv3 Internet documents: –Request.
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
Dept. of Computer Science and Engineering
Common Management Protocol W.lilakiatsakun. Topics SNMP (Widely used) SNMP (Widely used) Command Line Interface (CLI) Command Line Interface (CLI) Syslog.
Text Overview of SNMP, FTP, Telnet. Text Overview of SNMP.
Chapter 27 Network Management Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
Extra Lecture and examples
Network Management Security in distributed and remote network management protocols.
Jaringan Telekomunikasi, Sukiswo ST, MT Sukiswo
or call for office visit, or call Kathy Cheek,
Computer and Information Security
Network management Communication model
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP)
Network Management: SNMP
SNMPv1 Network Management: Communication and Functional Models
Network Management Computer Networks.
SNMPv1 Network Management: Communication and Functional Models
SNMP (Simple Network Management Protocol) based Network Management
Chapter 4 Network Management Standards and Models
Chapter 4 Network Management Standards and Models
Network Management Security
CT1305 Computer Network Management Dr. Mostafa H. Dahshan
Presentation transcript:

Communication and Functional Models Chapter 5 Chapter 5 SNMPv1: Communication and Functional Models Network Management: Principles and Practice © Mani Subramanian 2000 5-1

Communication Model Notes SNMP Architecture: management messages Chapter 5 Communication Model SNMP Architecture: management messages Administrative Model: community-based SNMP Protocol Specifications SNMP MIB Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-2

Three Goals of the Architecture Chapter 5 Three Goals of the Architecture [RFC 1157] The SNMP explicitly minimizes the number and complexity of management functions realized by the management agent itself. This goal is attractive in at least four respects: (1) Development cost for agent software is reduced. (2) & (3) Degree of management function that is remotely supported is increased, thereby: - admitting fullest use of internet resources in the management task. - imposing the fewest possible restrictions on the form and sophistication of management tools. (4) Simplified sets of management functions are easily understood and used by developers of network management tools. The functional paradigm for monitoring and control must be sufficiently extensible to accommodate additional, possibly unanticipated aspects of network operation and management. The architecture must be, as much as possible, independent of the architecture and mechanisms of particular hosts or particular gateways. 5-3

SNMP Architecture Notes Truly simple network management protocol Chapter 5 SNMP Architecture Notes Truly simple network management protocol Five messages, three from manager and two from agent Network Management: Principles and Practice © Mani Subramanian 2000 5-4

Chapter 5 Data Transfer Only non-aggregate objects are communicated using SNMP Aggregate objects are communicated as instances of objects. This was enhanced in SNMPv2 ASN.1 and BER are used for data transfer in SNMP Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-5

SNMP Messages Notes Get-Request Get-Next-Request Set-Request Chapter 5 SNMP Messages Get-Request Get-Next-Request Set-Request Get-Response Trap Generic trap Specific trap Time stamp Notes Generic trap coldStart warmStart linkDown linkUp authenticationfailure egpNeighborLoss enterpriseSpecific Specific trap for special measurements such as statistics Time stamp: Time since last initialization Network Management: Principles and Practice © Mani Subramanian 2000 5-6

Administrative Model Notes Based on community profile and policy Chapter 5 Administrative Model Based on community profile and policy SNMP Entities: SNMP application entities - Reside in management stations and network elements - Manager and agent SNMP protocol entities - Communication processes (PDU handlers) - Peer processes that support application entities Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-7

SNMP Community Notes Security in SNMPv1 is community-based Chapter 5 SNMP Community Notes Security in SNMPv1 is community-based Authentication scheme in manager and agent Community: Pairing of two application entities Multiple pairs can belong to the same community Community name: String of octets Two applications in the same community communicate with each other Application could have multiple community names Communication is not secured in SNMPv1 - no encryption Network Management: Principles and Practice © Mani Subramanian 2000 5-8

Community Profile Notes MIB view Chapter 5 Community Profile Notes MIB view An agent is programmed to view only a subset of managed objects of a network element Access mode Each community name is assigned an access mode: read-only and read-write Community profile= MIB view + Access mode Operations on an object determined by community profile and the access mode of the object Total of four access privileges Some objects, such as table and table entry are non-accessible Network Management: Principles and Practice © Mani Subramanian 2000 5-9

Administrative Model Notes Administrative model is SNMP access policy Chapter 5 Administrative Model Administrative model is SNMP access policy SNMP community paired with SNMP community profile is SNMP access policy Notes Parameters: Community / communities Agent / Agents Manager / managers Network Management: Principles and Practice © Mani Subramanian 2000 5-10

Administrative Model Summary & Example Chapter 5 Administrative Model Summary & Example Access policy = Community + Community profile Community profile = Access mode + MIB view Example: SNMP community is “public” SNMP access mode is “READ-ONLY” MIB view is the “system” MIB sub-tree SNMP community profile = (“system”, “READ-ONLY”) SNMP access policy = (“public”, (“system”, “READ-ONLY”)) The sysLocation MIB object has read-write access. With this SNMP access policy, the manager can only get information from the sysLocation object, and can not set it. Notes 5-11

Chapter 5 Access Policy Notes Manager manages Community 1 and 2 network components via Agents 1 and 2 Agent 1 has only view of Community Profile 1, e.g. Cisco components Agent 2 has only view of Community Profile 2, e.g. 3Com components Manager has total view of both Cisco and 3Com components Network Management: Principles and Practice © Mani Subramanian 2000 5-12

Generalized Administration Model Chapter 5 Generalized Administration Model Notes Manager 1 manages community 1, manager 2 community 2, and manager 3 (MoM) both communities 1 and 2 Network Management: Principles and Practice © Mani Subramanian 2000 5-13

Proxy Access Policy Notes Chapter 5 Proxy Access Policy Notes Access policy can be extended to managing non-SNMP community Proxy agent enables non-SNMP community elements to be managed by an SNMP manager. Proxy agent monitors non-SNMP community, and converts objects and data to SNMP compatible objects. An SNMP MIB is created to handle the non-SNMP objects Network Management: Principles and Practice © Mani Subramanian 2000 5-14

Protocol Entities Notes Protocol entities support application entities Chapter 5 Protocol Entities Notes Protocol entities support application entities Communication between remote peer processes SNMP Message consists of Version identifier Community name Protocol Data Unit Message encapsulated and transmitted In SNMPv1, it is mandatory to support all 5 PDUs SNMP uses UDP port 161 for get & set, and UDP port 162 for traps. Network Management: Principles and Practice © Mani Subramanian 2000 5-15

Top-level SNMP Message Chapter 5 Top-level SNMP Message [RFC 1157] Message ::= SEQUENCE { version -- version-1 for this RFC INTEGER { version-1(0) }, community -- community name OCTET STRING, data -- e.g., PDUs if trivial ANY -- authentication is being used } Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-16

Get and Set PDU Notes VarBindList: multiple instances of VarBind pairs Chapter 5 Get and Set PDU Notes VarBindList: multiple instances of VarBind pairs PDU Types: Application data types Network Management: Principles and Practice © Mani Subramanian 2000 5-17

Error in Response Notes Chapter 5 Error in Response Error Index: No. of VarBind where the first error occurred Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-18

Chapter 5 Trap PDU Notes Enterprise and agent address pertain to the system generating the trap Seven generic traps specified by enumerated INTEGER enterpriseSpecific(6) trap signifies that an enterprise-specific event has occurred. The specific-trap field identifies the particular trap which occurred. Timestamp indicates elapsed time since last re- initialization Network Management: Principles and Practice © Mani Subramanian 2000 5-19

SNMP Operations Notes Requires seven get-request messages. Chapter 5 SNMP Operations Notes Requires seven get-request messages. Same information could be obtained in one message with multiple varbinds. Requires knowledge of all elements to be requested by name or OID. Network Management: Principles and Practice © Mani Subramanian 2000 5-20

MIB for Get-Next-Request Chapter 5 MIB for Get-Next-Request Notes For aggregate objects, we need to know the number of rows and columns if we use GetRequest messages to get all the instances of a table  Use of GetNextRequest Network Management: Principles and Practice © Mani Subramanian 2000 5-21

Lexicographic Order Notes Procedure for ordering: Chapter 5 Lexicographic Order Notes Procedure for ordering: Start with leftmost digit as first position Before increasing the order in the first position, select the lowest digit in the second position Continue the process till the lowest digit in the last position is captured Increase the order in the last position until all the digits in the last position are captured Move back to the last but one position and repeat the process Continue advancing to the first position until all the numbers are ordered Tree structure for the above process Network Management: Principles and Practice © Mani Subramanian 2000 5-22

MIB Lexicographic Order Chapter 5 MIB Lexicographic Order Notes A 3.1 B 3.2 T Z E 1.1 1.2 2.1 2.2 Network Management: Principles and Practice © Mani Subramanian 2000 5-23

A More Complex MIB Example Chapter 5 A More Complex MIB Example Notes Network Management: Principles and Practice © Mani Subramanian 2000 5-24

Get-Next-Request Operation Chapter 5 Get-Next-Request Operation Notes No need to know next OID Table instances are retrieved without knowledge of number of rows Can be used to browse a MIB tree (e.g., MIB walk, MIB browsers) Network Management: Principles and Practice © Mani Subramanian 2000 5-25

Get-Next-Request Operation Chapter 5 Get-Next-Request Operation Notes Use of basic GetNextRequest  10 Request messages. Varbind could be expanded and more values about the same row could be obtained in one request  4 Request messages. Network Management: Principles and Practice © Mani Subramanian 2000 5-26

Chapter 5 Sniffer Data Network Management: Principles and Practice © Mani Subramanian 2000 5-27

Chapter 5 SNMP MIB Note: Most of the MIB objects were not used and hence deprecated in SNMPv2 Network Management: Principles and Practice © Mani Subramanian 2000 5-28

Chapter 5 Functional Model No formal specifications of functions in SNMPv1 management. Application functions limited to network management and not to services provided. Configuration management: Some configuration functions are addressed in SNMP protocol entity specifications. Example: Set configurable parameters (requires write access) Fault management: Addressed by error counters built into agents. Traps used to monitor network elements and interfaces going up and down. Performance management: Performance counters. SNMP manager does the performance analysis. Security management: Some security/privacy-related issues addressed in SNMP protocol entity specifications. Security functions partially addressed by community specifications and authentication scheme. Accounting management: Not addressed by SNMP model Network Management: Principles and Practice © Mani Subramanian 2000 5-29