Common Management Protocol W.lilakiatsakun. Topics SNMP (Widely used) SNMP (Widely used) Command Line Interface (CLI) Command Line Interface (CLI) Syslog.

Slides:



Advertisements
Similar presentations
Communication and Functional Models
Advertisements

SNMP Operations * * Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.
Chapter 19: Network Management Business Data Communications, 5e.
CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
Management Architecture and Standards II IACT 418 IACT 918 Corporate Network Planning Gene Awyzio Spring 2001.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
1 Pertemuan 07 Model Komunikasi Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.
1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.
SNMP PROTOCOL Copyright © 2001 by Aiko Pras These sheets may be used for educational purposes.
COMP4690, by Dr Xiaowen Chu, HKBU
SNMP PROTOCOL Copyright © 2001 by Aiko Pras These sheets may be used for educational purposes.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
SNMP Simple Network Management Protocol
Chapter 5 SNMPv1: Communication and Functional Models.
Network Management: SNMP
SNMPv1 Communication and Functional Models
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.
Simple Network Management Protocol Week 6.  MIB data is input in encoded form.  Information is then compiled into the central MIB in the NCS.
Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
SNMP Management. 2 Overview u Growth of network size led to need for management techniques u Five main areas u Configuration management u Deals with installing,
SNMP ( Simple Network Management Protocol ) based Network Management.
SNMP Communication and Functional Models
1.  TCP/IP network management model: 1. Management station 2. Management agent 3. „Management information base 4. Network management protocol 2.
SNMP (Simple Network Management Protocol)
Network Protocols UNIT IV – NETWORK MANAGEMENT FUNDAMENTALS.
SNMP ( Simple Network Management Protocol ) based Network Management.
Lec8: SNMP v1.
Communication and Functional Models
BAI513 - PROTOCOLS SNMP BAIST – Network Management.
1 Network Management Security Behzad Akbari Fall 2009 In the Name of the Most High.
SNMP Simple Network Management Protocol. SNMP and UDP Uses UDP as transport protocol Connectionless Connectionless Port 161 for sending and receiving.
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
SNMP n Where did it come from ? –Internet Engineering Task Force »Network Management Area –SNMP V1 –MIB definitions –SNMPV2.
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
1 Chapter 8 Network Management Security. 2 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
POSTECH DP&NM Lab 1 Simple Network Management Protocol (SNMP) Mi-Jung Choi Dept. of Computer Science KNU
Simple Network Management Protocol (SNMP) SNMP v1 (RFC 1157) UDP Port 161 Operation supported by SNMP – Get: retrieves a scalar object value – Set: updates.
SNMP 1. SNMP is an Internet protocol developed by the IETF. It is designed to facilitate the exchange of management information between network elements.
SNMP.
SNMP V2 & V3 W.lilakiatsakun. SNMP V2 Protocol RFC types of access to management information – Manager–agent request-response – Manager-Manager.
1 Kyung Hee University Prof. Choong Seon HONG SNMP Network Management Concepts.
Network Management  introduction  Internet SNMP: Simple Network Management Protocol  required reading: section 7.3 in text.
CITA 440 Week 6 SNMPv1. Internet SNMP Management Internet Engineering Task Force (IETF) –1990SNMPv1 –1996SNMPv2 –1998SNMPv3 Internet documents: –Request.
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
Extra Lecture and examples
Jaringan Telekomunikasi, Sukiswo ST, MT Sukiswo
Computer and Information Security
Network management Communication model
Simple Network Management Protocol (SNMP)
SNMP.
Simple Network Management Protocol (SNMP)
Karl Quinn 23rd November 2004 NDS M.Sc.
Network Management: SNMP
SNMPv1 Network Management: Communication and Functional Models
Lec 5: SNMP Network Management
SNMPv1 (cont’d) & SNMPv2 (II)*
SNMPv1 Network Management: Communication and Functional Models
Fundamentals of Network Management
Lec 5: SNMP Network Management
SNMP (Simple Network Management Protocol) based Network Management
SNMP (Simple Network Management Protocol) based Network Management
CT1305 Computer Network Management Dr. Mostafa H. Dahshan
Presentation transcript:

Common Management Protocol W.lilakiatsakun

Topics SNMP (Widely used) SNMP (Widely used) Command Line Interface (CLI) Command Line Interface (CLI) Syslog Syslog Netflow and IP Flow Information Export (IPFIX) Netflow and IP Flow Information Export (IPFIX) Netconf (Recently) Netconf (Recently)

Simple Network Management Protocol (SNMP) SNMP v1 (RFC 1157) SNMP v1 (RFC 1157) PDU size 4096Byes (4KB) PDU size 4096Byes (4KB) UDP Port 161 UDP Port 161 Operation supported by SNMP Operation supported by SNMP –Get: retrieves a scalar object value –Set: updates a scalar object value –Trap: sends an unsolicited scalar object value

Community (1) 3 aspects to control between SNMP managers and agents 3 aspects to control between SNMP managers and agents –Authentication – limit access to the MIB to the authorized managed stations –Access control – the managed station may wish to give different access privileges to different management stations –Proxy Service – a managed station may act as a proxy to other managed stations

Community (2) The community concept is a local one defined at the managed system (device) The community concept is a local one defined at the managed system (device) The agent may establish a number of communities with overlapping management station membership The agent may establish a number of communities with overlapping management station membership Each community is given a unique community name Each community is given a unique community name –The management station must employ the community name in all get/set operation

Authentication Service RFC 1157 SNMP provides for only a trivial scheme for authentication RFC 1157 SNMP provides for only a trivial scheme for authentication Use community name as a password for get/set operation Use community name as a password for get/set operation SET operation is sensitive area SET operation is sensitive area Improved in SNMP v3 Improved in SNMP v3

Access Policy (1) The agent can provide different categories of MIB access to different management stations. The agent can provide different categories of MIB access to different management stations. –SNMP MIB view – a subset of the objects within a MIB,different MIB views may be defined for each community –SNMP access mode – an element of the set { READ-ONLY,READ-WRITE} Community profile is the combination of a MIB view and access mode Community profile is the combination of a MIB view and access mode

Access Policy (2)

Proxy service SNMP agent can act as on behalf of other devices SNMP agent can act as on behalf of other devices –Typically, other devices are foreign (do not support TCP/IP and SNMP) –In some case, the proxied system may support SNMP but the proxy is used to minimize the interaction between the proxied device and network management system

Administrative concepts

Lexicographical Ordering (1) The management station can access objects without specifying them by name The management station can access objects without specifying them by name –It can supply object instance identifier and ask for the next object in the ordering Preorder traversal Preorder traversal –Visit the root –Traverse the subtrees from left to right

Fig7-8 Fig7-8

Lexicographical Ordering (2) Fig 7-2

Table 7.5 Table 7.5

Protocol specification – SNMP format Fig7-3 Fig7-3

Table 7.6 Table 7.6

Transmission of SNMP Message (1) 1 PDU is constructed using ASN.1 structure defined in RFC This PDU is then passed to an authentication service together with the source and destination transport address and a community name –Perform any required transformations (encryption or inclusion of an authentication code and returns the result)

Transmission of SNMP Message (2) 3 Construct the message consisting of a version field and community name and the result from step2 4 This object is then encoded using basic encoding rule (BER) and passed to the transport service

Receipt of an SNMP message 1 Basic syntax-check of the message and discards the message if fails 2 Verify the version number, discard if mismatch 3 authentication check –If fails generate a trap and discard the message 4 syntax-check of PDU –If mismatch, discard the PDU –If match, SNMP access policy is selected and process accordingly

Variable Binding (1) To group same type of operation in a single message To group same type of operation in a single message –Get more than one instance of objects within a single response SNMP PDU include a “variablebindings“ field SNMP PDU include a “variablebindings“ field This field consists of a sequence of references to object instances together with the value of those objects. This field consists of a sequence of references to object instances together with the value of those objects.

Variable Binding (2)

SNMP PDU Sequences Fig 7.5 Fig 7.5

GetRequest (1) The response is either all values are retrieved or none The response is either all values are retrieved or none –If the responding entity can provide for all values, they are included in variablebinding field in GetResponse PDU –If not, no value are returned –Change to be not atomic operation in SNMPv2 The following error conditions can occur The following error conditions can occur –1 if object named in the variablebinding not match, return error-status of noSuchName and a value in the error-index

GetRequest (2) 2 the resulting PDU exceed a local limitation (484 octets), return error-status of tooBig 2 the resulting PDU exceed a local limitation (484 octets), return error-status of tooBig 3 if cannot supply at least one of the objects,return error-status of genErr and a value in the error-index 3 if cannot supply at least one of the objects,return error-status of genErr and a value in the error-index

GetRequest (3) Basically, SNMP does not allow to retrieve entire row of the entry by referencing the entry object Basically, SNMP does not allow to retrieve entire row of the entry by referencing the entry object It can be done by using variablebindings list. It can be done by using variablebindings list. –GetRequest (IpRouteDest , IpRouteMetric , IpRouteNexthop )

GetNextRequest (1) Same PDU exchange pattern and same format as GetRequest PDU Same PDU exchange pattern and same format as GetRequest PDU Only difference is the returned value is the value of the next object in lexicographical order Only difference is the returned value is the value of the next object in lexicographical order

GetNextRequest (2) Fig 8-1 Fig 8-1 Navigation (walk) of a MIB in GetNextRequest)

GetNextRequest (3)

GetNextRequest (4) Example - to retrieve data from instance of scalar objects in udp group Example - to retrieve data from instance of scalar objects in udp group GetRequest(udpInDatagrams.0,udpNoPort s.0,udpInerrors.0,udpOutDatagrams.0) GetRequest(udpInDatagrams.0,udpNoPort s.0,udpInerrors.0,udpOutDatagrams.0) GetResponse((udpInDatagrams.0=100),(u dpNoPorts.0=1),(udpInerrors.0=2),(udpO utDatagrams.0=200)) GetResponse((udpInDatagrams.0=100),(u dpNoPorts.0=1),(udpInerrors.0=2),(udpO utDatagrams.0=200))

GetNextRequest (5) GetNextRequest(udpInDatagrams,udpNoP orts,udpInerrors,udpOutDatagrams) GetNextRequest(udpInDatagrams,udpNoP orts,udpInerrors,udpOutDatagrams) The next instance of udpInDatagrams is udpDatagrams.0,so The next instance of udpInDatagrams is udpDatagrams.0,so GetResponse((udpInDatagrams.0=100),(u dpNoPorts.0=1),(udpInerrors.0=2),(udpO utDatagrams.0=200)) GetResponse((udpInDatagrams.0=100),(u dpNoPorts.0=1),(udpInerrors.0=2),(udpO utDatagrams.0=200))

GetNextRequest (6) - Accessing Table Values GetNextRequest (ipRouteDest,ipRouteMetric1,ipRouteNextHop) GetNextRequest (ipRouteDest,ipRouteMetric1,ipRouteNextHop) GetResponse ((ipRouteDest = ),(ipRouteMetric =3),(ipRouteNextHop = )) GetResponse ((ipRouteDest = ),(ipRouteMetric =3),(ipRouteNextHop = ))

GetNextRequest (7) Retrieve the second row Retrieve the second row GetNextRequest (ipRouteDest ,ipRouteMetric ,ipRouteNextHop ) GetNextRequest (ipRouteDest ,ipRouteMetric ,ipRouteNextHop ) GetResponse ((ipRouteDest = ),(ipRout eMetric =5),(ipRouteNextHop = )) GetResponse ((ipRouteDest = ),(ipRout eMetric =5),(ipRouteNextHop = ))

Row-by row navigation of a MIB with GET-NEXT Fig 8-2 Fig 8-2

SetRequest (1) Agent responds to SetRequest PDU with a GetResponse PDU containing the same request-id Agent responds to SetRequest PDU with a GetResponse PDU containing the same request-id Atomic operation as same as GetRequest Atomic operation as same as GetRequest –Do all or none –Change to be not atomic operation in SNMPv2

SetRequest (2) Updating table Updating table –For the existing table SetRequest (ipRouteMetric = 9) SetRequest (ipRouteMetric = 9) GetResponse (ipRouteMetric =9) GetResponse (ipRouteMetric =9) –Add new row SetRequest (ipRouteDest = ,ipRouteMetric =9,ipRouteNextHop = ) SetRequest (ipRouteDest = ,ipRouteMetric =9,ipRouteNextHop = )

SetRequest (3) - Problems The value of ipRouteDest is the index value still unknown to the agent The value of ipRouteDest is the index value still unknown to the agent RFC1212 indicate 3 ways to handle RFC1212 indicate 3 ways to handle 1 the agent could reject operation and return error-status of noSuchName 2 the agent could accept operation but return error-status of badValue 3 the agent could accept the operation and create a new row

SetRequest (3) Row deletion Row deletion –SetRequest (ipRouteType = invalid) –GetResponse (ipRouteDest = invalid) Performing an Action – an object can be used to represent a command so that a specific action is taken if the object is set to a specific value Performing an Action – an object can be used to represent a command so that a specific action is taken if the object is set to a specific value –Example : a reBoot obect – initial value is 0 if a management station set the object value to 1 the agent system reboots and resets th object value to 0 –Ping/Trace Route/Look up Operation MIB (RFC2925)

SetRequest (4) -Deleting/Nullifying Row in MIB-2 Tables table7.8 table7.8

SetRequest (5) Fig 8-3 Fig 8-3 Ping MIB operation

SetRequest (5) Ping object in MIB

TRAP (1) It is used to provide management station with notification of some significant events It is used to provide management station with notification of some significant events PDU fields PDU fields –PDU Type : Trap PDU –Enterprise: identifiy the system that generated the trap (sysObjectID) –Agent-addr: IP address of the object generating the trap

TRAP (2) –Generic-trap: predefined trap types –Specific-trap: more specifically the nature of the trap –Time-stamp: the time that issued the trap (sysUptime when the trap is generated) –Variablebindings : addition information relating to the trap (implementation-specific)

TRAP (3) Who is emitting the trap Who is emitting the trap –enterprise field: value is taken from sysObjectID –address field: IP address What occurred What occurred –Generic–trap field/Specific-trap field: When it occurred When it occurred –time-stamp field: time between the last initialization and he generation of the trap Additional information Additional information –variablebindings field:

Trap (4) Generic-trap Generic-trap –coldStart (0): unexpected restart due to a crash or major fault –warmStart(1): routine restart –linkDown(2): signal failure in one of communication links of the agent (the first element in the variablebindings field is the name and value of the ifIndex instance for the referenced interface)

Trap (5) Generic-trap (cont’) Generic-trap (cont’) –linkUp(3): signal that one of the communication links of the agent has come up (the first element in the variablebindings field is the name and value of the ifIndex instance for the referenced interface) –authenticationFailure (4): receive a protocol message that has failed authentication –egpNeighborLoss(5): EGP neighbor has been mark downed and the peer relationship no longer exists –enterpriseSpecific(6): specific for enterprise

Transport level support Connectionless Transport Service Connectionless Transport Service –UDP(TCP/IP) Port 161 –CLTS (OSI) The management application has to deal with the loss of message The management application has to deal with the loss of message –Time out –Periodic query * Loss of Trap message is difficult to detect

Polling Frequency N <= T/∆ N <= T/∆ N = number of agents N = number of agents T = desired polling interval T = desired polling interval ∆ = average time to perform a single poll ∆ = average time to perform a single poll –Network delay –Processing time

Limitation of SNMP(1) SNMP may not be suitable for the truly large network SNMP may not be suitable for the truly large network –Results in large volumes of routine messages SNMP is not well suited for retrieving large volume of data (limited by size of PDU) SNMP is not well suited for retrieving large volume of data (limited by size of PDU) SNMP traps are unacknowledged, so the critical message can not be sure that it arrive SNMP traps are unacknowledged, so the critical message can not be sure that it arrive SNMP provide only trivial authentication, better for monitoring than control SNMP provide only trivial authentication, better for monitoring than control

Limitation of SNMP(2) SNMP does not support imperative command, indirect way to command the agent through SET operation SNMP does not support imperative command, indirect way to command the agent through SET operation SNMP does not readily support application to query based on object values or types SNMP does not readily support application to query based on object values or types SNMP does not support manager-to manager communication SNMP does not support manager-to manager communication * Many of these deficiencies are addressed in SNMP v2

SNMP Group (1) Under MIB-II Node Under MIB-II Node

SNMP Group (2)

SNMP Group (3)