SNMP Management: Organization and Information Model by Behzad Akbari Fall 2008 In the Name of the Most High
Overview SNMP is the most widely used network management protocol When we say SNMP management, we are really referring to Internet management. (SNMP itself is a com protocol). SNMP management model: Organization Model Relationship between network element, agent, and manager Hierarchical architecture Information Model Uses ASN.1 syntax SMI (Structure of Management Information MIB ( Management Information Base) Communication Model Transfer syntax SNMP over TCP/IP Communication services addressed by messages Security framework community-based model
Managed LAN NMS on subnet manages the router and the hubs on subnet across the backbone network Figure 4.1 A Managed LAN Network
Managed Hubs: System Information Information obtained querying the hubs Data truly reflects what is stored in the hub Title: System Information: Name or IP Address: System Name: System Description: 3Com LinkBuilder FMS, SW version:3.02 System Contact: System Location: System Object ID:.iso.org.dod.internet.private.enterprises System Up Time: ( ) 286 days, 12:03:24.37 Title: System Information: Name or IP Address: System Name: System Description: 3Com LinkBuilder FMS, SW version:3.12 System Contact: System Location: System Object ID:.iso.org.dod.internet.private.enterprises System Up Time: ( ) 364 days, 12:55:51.82
Managed Router: System Information Title: System Information: router1.gatech.edu Name or IP Address: System Name: router1.gatech.edu System Description: Cisco Internetwork Operating System Software : IOS (tm) 7000 Software (C7000-JS-M), Version : 11.2(6),RELEASE SOFTWARE (ge1) : Copyright (c) by Cisco Systems, Inc. : Compiled Tue 06-May-97 19:11 by kuong System Contact: System Location: System Object ID: iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.cisco 7000 System Up Time: ( ) 36 days, 11:21:57.95
Managed Hub: Port Addresses Information acquired by the NMS on hub interfaces Index refers to the interface on the hub Link address is the MAC address The second row data is a serial link
Managed Router: Port Addresses Information acquired by NMS on the router interfaces Index refers to the interface on the router LEC is the LAN emulation card Ethernet 2/0 interface refers to the interface card 2 and port 0 in that card
Internet Management History 1970s: Advanced Research Project Agency Network (ARPANET) comes up with Internet control Message Protocol (ICMP) Internet Engineering Task Force (IETF) 1990 SNMPv1 1995 SNMPv2 1998 SNMPv3 Internet documents: Request for Comments (RFC) IETF STD Internet Standard FYI For your information
SNMP Related RFCs Figure 4.4 SNMP Document Evolution
SNMP Organization Model
System Overview Physical Medium Figure 4.9 SNMP Network Management Architecture
SNMP System Architecture Network DL SNMP UDP IP SNMP UDP IP SNMP UDP IP ManagerAgent... Management Station HostRouter Network Elements (NEs) Network Management Protocol SNMP DL
SNMP Services Four Services Get, Set, GetNext, Trap Five SNMP Messages GetRequest, SetRequest, GetNextRequest, GetResponse, Trap ManagerAgent(s) Get, Set, GetNext Request Get Response Trap
SNMP Services Get Request Get Response ManagerAgent GetNext Request Get Response Manager Agent Set Request Get Response ManagerAgent Trap Request ManagerAgent GetGetNextSetTrapGetGetNextSetTrap
SNMP Services (cont.) Get Request: Retrieve the values of objects in the MIB of an agent. Get-Next Request: Retrieve the values of the next objects in the MIB of an agent. Set Request: Update the values of objects in the MIB of an agent. Trap Request Report extraordinary events to the manager.
Information Model Structure of Management Information (SMI) (RFC 1155, RFC 1212) Managed Object Scalar Aggregate or tabular object Management Information Base (RFC 1213)
Managed Object Object TypeObject Instance
Managed Object: Multiple Instances Object TypeObject Instance
Object Name Object is uniquely defined by DESCRIPTOR OBJECT IDENTIFIER
Internet Subnodes directoryOBJECT IDENTIFIER ::= {internet 1} mgmtOBJECT IDENTIFIER ::= {internet 2} experimentalOBJECT IDENTIFIER ::= {internet 3} privateOBJECT IDENTIFIER ::= {internet 4}
root ccitt iso joint-iso-ccitt directory std reg authority member body org dod internet mgmt experimental private MIB II system 1 interface 2 at 3 IP 4 ICMP 5 TCP 6 UDP 7 EGP 8 Trans. 10 SNMP enterprises MIB II interface enterprises
Private MIB Example Enterprise Number
SNMP ASN.1 Data Type
Primitive Data Types subtype: INTEGER (0..255) OCTET STRING (SIZE ) OCTET STRING (SIZE 8)
Enumerated Special case of INTEGER data type
Defined or Application Data Type
Constructor or Structured Data Type: SEQUENCE List Marker SEQUENCE {,,…, } IpAddrEntry ::= SEQUENCE{ ipAdEntAddrIpAddress, ipAdEntIfIndexINTEGER, ipAdEntNetMaskIpAddress, ipAdEntBcastAddrINTEGER, ipAdEntReasmMaxSizeINTEGER ( ) }
Constructor or Structured Data Type: SEQUENCE OF SEQUENCE OF where is a list constructor ipAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF IpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The table of addressing information relevant to this entity's IP addresses." ::= { ip 20 }
Example: IP Address Table Each row (table entry) is a sequence: IpAddrEntry. The ipAddrTable table is a sequence of rows (entries), i.e. a sequence of ipAddrEntry.
Encoding Basic Encoding Rules (BER) - Type, Length, and Value (TLV)
SNMP Data Types and Tags TypeTag OBJECT IDENTIFIERUNIVERSAL 6 SEQUENCEUNIVERSAL 16 IpAddressAPPLICATION 0 CounterAPPLICATION 1 Gauge APPLICATION 2 TimeTicksAPPLICATION 3 OpaqueAPPLICATION 4
Managed Object: Structure
SMIv1, SMIv2 SMIv1: SMI (RFC 1155)RFC 1155 Concise MIB (RFC 1212)RFC 1212 Trap-Type (RFC 1215)RFC 1215 SMIv2: SMIv2 (RFC 2578) Textual Conventions (RFC 2579) Conformance Statements (RFC 2580)
OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::="SYNTAX" type (TYPE ObjectSyntax) TYPE NOTATION ::="SYNTAX" type (TYPE ObjectSyntax) “ACCESS" Access “ACCESS" Access "STATUS" Status "STATUS" Status VALUE NOTATION ::= value (VALUE ObjectName) VALUE NOTATION ::= value (VALUE ObjectName) Access ::= "read-only" | "read-write“ | "write-only | "not-accessible" Access ::= "read-only" | "read-write“ | "write-only | "not-accessible" Status ::= "mandatory” | "optional“ | "obsolete" Status ::= "mandatory” | "optional“ | "obsolete"END Object-Type Macro (RFC 1155)
OBJECT-TYPE MACRO (RFC1212) OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= "SYNTAX" type(ObjectSyntax) "ACCESS" Access "STATUS" Status DescrPart ReferPart IndexPart DefValPart VALUE NOTATION ::= value (VALUE ObjectName) ObjectName ::= OBJECT IDENTIFIER
OBJECT-TYPE Example sysLocation OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-write STATUS mandatory DESCRIPTION "The physical location of this node (e.g., `telephone closet, 3rd floor')." ::= { system 6 } DisplayString ::= OCTET STRING (SIZE (0..255))
"SYNTAX" type(ObjectSyntax) ObjectSyntax ::= CHOICE { simple SimpleSyntax, application-wide ApplicationSyntax } SimpleSyntax ::= CHOICE { numberINTEGER, stringOCTET STRING, objectOBJECT IDENTIFIER, empty NULL } ApplicationSyntax ::= CHOICE { addressNetworkAddress, counterCounter, gaugeGauge, ticksTimeTicks, arbitraryOpaque }
ApplicationSyntax NetworkAddress ::= CHOICE { internetIpAddress } IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) Counter ::= [APPLICATION 1] IMPLICIT INTEGER ( ) Gauge ::= [APPLICATION 2] IMPLICIT INTEGER ( ) TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER ( ) Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING Back to OBJECT TYPE
"ACCESS" Access "STATUS" Status Access ::= "read-only" | "read-write" | "write-only" | "not-accessible Status ::= "mandatory" | "optional" | "obsolete" | "deprecated" Back to OBJECT TYPE
DescrPart DescrPart ::= "DESCRIPTION" value (description DisplayString) | empty ReferPart ::= "REFERENCE" value (reference DisplayString) | empty ReferPart Back to OBJECT TYPE
DefValPart ifNumber OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DEFVAL 1 DESCRIPTION "The number of network interfaces (regardless of their current state) present on this system.“ ::= { interfaces 1 } DefValPart ::= "DEFVAL" "{" value (defvalue ObjectSyntax) "}" | empty Example: Back to OBJECT TYPE
IndexPart IndexTypes ::= IndexType | IndexTypes "," IndexType IndexType ::= value (indexobject ObjectName) | type (indextype) IndexSyntax ::= CHOICE { number INTEGER (0..MAX), string OCTET STRING, object OBJECT IDENTIFIER, address NetworkAddress, ipAddress IpAddress } IndexPart ::= "INDEX" "{" IndexTypes "}"
instance-identifier ( INDEX) integer-valued 3 3 string-valued, fixed-length strings ‘ c2e’H string-valued, variable-length strings “IIS Admin” object identifier-valued NetworkAddress-valued IpAddress-valued
Index - variable-length string svSvcTable OBJECT-TYPE SYNTAX SEQUENCE OF SvSvcEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of service entries describing network services installed on this server.“ ::= { server 3 } svSvcEntry OBJECT-TYPE SYNTAX SvSvcEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The names of the network services installed on this server." INDEX { svSvcName } ::= { svSvcTable 1 } Back to OBJECT TYPE
OBJECT-TYPE Example dot1dBasePortEntry OBJECT-TYPE SYNTAX Dot1dBasePortEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of information for each port of the bridge." REFERENCE "IEEE 802.1D-1990: Section 6.4.2, 6.6.1" INDEX { dot1dBasePort } ::= { dot1dBasePortTable 1 }
Aggregate Object A group of objects tabular objectsAlso called tabular objects Can be represented by a table with Columns of objects Rows of instances Table of Objects List of Objects Objects
Aggregate M.O. Macro: Table Object ipAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF IpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The table of addressing information relevant to this entity's IP addresses." ::= {ip 20}
Aggregate M.O. Macro: Entry Object ipAddrEntry OBJECT-TYPE SYNTAX IpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The addressing information for one of this entity's IP addresses." INDEX { ipAdEntAddr } ::= { ipAddrTable 1 } ipAddrEntry: OBJECT-TYPE IpaddrEntry: SYNTAX
Aggregate M.O. Macro: Entry Object IpAddrEntry ::= SEQUENCE { ipAdEntAddrIpAddress, ipAdEntIfIndexINTEGER, ipAdEntNetMaskIpAddress, ipAdEntBcastAddrINTEGER, ipAdEntReasmMaxSizeINTEGER ( ) }
Aggregate M.O. Macro: Columnar Objects ipAdEntAddr OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION "The IP address to which this entry's addressing information pertains.” ::= { ipAddrEntry 1 }
Tabular Representation of Aggregate Object
Multiple Instances of Aggregate Managed Object
Example
Identification of Managed Objects Use Object Identifier (OID) OID = Object Type OID. Instance Identifier Object Type OID: Each Object type has a unique OID Instance Identifier: Identify instances of object type E.g.mib-2.interface.ifTable.ifEntry.ifDescr. 2
Two Kinds of Managed Objects Type-Specific Objects: sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ::= {system 1} OID: mib-2.system.1. 0 Columnar Objects OID: mib-2.interface.ifTable.ifEntry.ifDescr.2 mib-2.interface.ifTable.ifEntry.ifDescr.6 mib-2.interface.ifTable.ifEntry.ifType.2 mib-2.interface.ifTable.ifEntry.ifType.6
Columnar Objects ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry … ::= { interface 2 } IfEntry ::= SEQUENCE { ifIndexINTEGER, ifDescrDisplayString, ifTypeINTEGER, … } ifEntry OBJECT-TYPE SYNTAX IfEntry … INDEX {ifIndex } ::= { ifTable 1} ifDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS madatory... ::= {ifEntry 2}
Columnar Objects ifIndex ifDescr ifType... 1 le llc lo le ifTable.ifEntry.1 ( ).ifTable.ifEntry.2 ( ).ifTable.ifEntry.3 ( )
Index in MIB II ifEntry{ifIndex} atEntry{atNetIfIndex, atNetAddress} ipAddrEntry{ipAdEntAddr } ipRouteEntry{ipRouteDest} ipNetToMediaEntry{ipNetToMediaIfIndex, ipNetToMediaNetAddress} tcpConnEntry {tcpConnLocalAddress, tcpConnLocalPort, tcpConnRemoteAddress, tcpConnRemotePort} udpEntry{udpLocalAddress, udpLocalPort} egpNeighEntry{egpNeighAddr}
Index Example To get the state of the TCP connection: : 3125 ===> : 80 Use snmp_get_req. to get the “tcpConnState” of the tcpConnTable in MIB II. tcpConnState ==>
tcpConnTable