simple network management protocol (snmp)
DESCRIPTION
Simple Network Management Protocol (SNMP). Contents. Define and describe the functions of managed devices, agents, and NMSs in an SNMP managed network Describe the four key SNMP commands Read, Write, Trap, and Traversal operations - PowerPoint PPT PresentationTRANSCRIPT
1
Simple Network Management Protocol (SNMP)
2
ContentsDefine and describe the functions of managed devices, agents, and NMSs in an SNMP managed networkDescribe the four key SNMP commands
Read, Write, Trap, and Traversal operations
Define and describe the functions of the MIB, managed objects, and object identifiersAbstract Syntax Notation One (ASN.1)
Discuss ASN.1 and its function in network management Identify the function of ASN.1 in relation to SNMP
Identify the key differences between SNMPv1, SNMPv2 and SNMPv3 in the area of protocol operations
3
SNMP OverviewAn application layer protocol that facilitates the exchange of management information between network devices.Part of the Transmission Control Protocol/ Internet Protocol (TCP/IP) protocol suite.Allows network administrators to manage network performance, find and solve network problems, and plan for network growth.In 1988, the Internet Activities Board (IAB) committee proposed the SNMP as the short-term solution for network management. Since then, the simple structure and good performance of SNMP has make it popular around the world. It is likely that SNMP will be a long-term solution.
4
Popularity of SNMPSimplicity: easy to learn and inexpensive to implement, no rigid administrative structureWide industry Support: support network using TCP/IP, because of popularity of Internet, hundreds of vendors supports SNMPEfficient use of resource: requires low memory and CPU cyclesStandardization and stability: a standard supported by IAB and is a relatively stable protocolCentralized administration: based on query-response mechanism, allow administrator to manage a large network from one locationPortability: enables transparent management on devices which can be hardware and software.
5
SNMP Basic ComponentsKey components of a SNMP managed network are: Management
Entity (manager)
Managed Device Agent Management
database
6
Network Management EntityAn network management entity (manager) executes SNMP client applications that monitor and control managed devices. They provide the bulk of the processing and memory
resources required for network management. One or more NMSs must exist on any managed
network. Many NMS are available in the market
usually support both Unix and Windows support both command line and GUI
Command line interface: Microsoft SNMPUTIL GUI: SunNet Manager, HP OpenView
support FCAPS model
7
Common NMS applicationsPopular NMS supporting SNMP
WhatsUp Gold: pupular, low cost, simple. Buddle with Cisco NMS
Scotty: popular in Unix/Linux. Written in TCL/TK. Support both SNMPv1, SNMPv2 and SNMPv3
HP OpenView: industrial standard. Enterprise grade NMS, support 3rd party tools. e.g. Synoptics Optivity Tools to improve NM functionality of Synoptics devices
IBM Netview: developed in 1986. mainly to support IBM mainframes
SunNet Manager: use proxy agent to gather information about non-Sun machines.
8
Managed Devicea network node that contains an agent that run SNMP server program. collects and stores management
information and make this information available to network management systems (NMSs) using SNMP.
a.k.a network elements, can be routers and access servers, switches and bridges, hubs, computer hosts, or printers
9
AgentAn agent is a network management software module that resides in a managed device. It is basically a SNMP server program keep network information in its database translates that information into a form
compatible with SNMP
send warning to NM manager if there is an unusual situation
10
Versions of SNMPSNMP Version 1 (SNMPv1) SNMP Version 2 (SNMPv2)Both versions have a number of features in common. SNMPv2 offers such enhancements as additional protocol operations
11
SNMP Basic Commands Managed devices are monitored
and controlled using 3 basic SNMP commands: Read
GetRequest Traversal
Operations GetNext GetBulk (in
SNMPv2) Write
SetRequest
12
SNMP ReadThe read command is used by a network management system (NMS) to monitor managed devices. For instance, application programs in Linux (e.g. net-SNMP) such as: Snmpget – specifies a single variable by
name, i.e. system.sysDescr Get at ip X, OID=1.3.6.1.2.1.1.1 Response return value “cisco 5505”
Snmpwalk – reads a portion of the MIB sub-tree from a device
13
SNMP WriteThe write command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices. Snmpset
$ /opt/OV/bin/snmpset -c private orarouter1 .1.3.6.1.2.1.1.4.0 \
octetstring "Meg A. Byte 555-1212" system.sysContact.0 : DISPLAY STRING- (ascii):
Meg A. Byte 555-1212
14
SNMP TrapsThe trap command is used by managed device to asynchronously report events to the NMS.When certain types of events occur, a managed device sends a trap to the NMS 7 Trap Types are defined coldStart (0) authenticationFailure
(4) warmStart (1) egpNeighborLoss (5) linkDown (2) enterpriseSpecific (6) linkUp (3)
15
SNMP Traps (2)
agent send the trap in the following situation coldStart (0)
Agent send the trap when initializing itself warmStart (1)
agent send the trap when re-initalizing itself linkDown (2)
specific link on the source device has failed linkUp (3)
specific link on the source device has come up
16
SNMP Traps (3) authenticationFailure (4)
agent determines that a request does not provide proper authentication (e.g. wrong SNMP community string)
egpNeighborLoss (5) agent report the loss of an EGP neighbor
enterpriseSpecific (6) implemented by a vendor to provide
additional functionality that complements the generic traps.
17
SNMP - Traversal OperationsTraversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables (such as a routing table). Snmpget-next – specifies OID, but value
returned is next lexicographic OID and its value Get-next sysDescr, and you get sysObjectId Get-next sysObjectId and you get sysUpTime
18
Structure of Management Information (SMI)
19
SMI overview
For manager / agent paradigm, managed network objects must be logically accessible
Management information must be stored in such a way it can be easily retrievable and modifiable
SNMP performs the retrieval and modification SMI determine the way information is organized
SMI is a master document explains how the name, structure, and encode SNMP management informationSMI states each managed object must satisfy the following requirements:
must have a name, syntax and encoding
20
SMI functionsto name objects
Name: MIB composes of a sequence of identifier which can uniquely identifies the object
to define the type of data that can be stored in an object
Syntax: defines the data type (or grammar) of a object, such as an integer, a string of a octets
to show how to encode data for transmission over the network
Encoding: describe how information associated with the managed objects is serialized for transmission between machines
21
SNMP and SMI
SMI’s implementation in SNMP The names used for called object identifier
(OID) – a human readable format The syntax used for SNMP is called ASN.1 The encoding used for SNMP is called BER
(Basic Encoding Rules)
22
Object Name: OID and OID treeAn object identifier (or object ID) uniquely identifies a managed object in the MIB hierarchy.
The MIB hierarchy can be depicted as a tree, with a nameless root, the levels of which are assigned
by different organizations. MIB is a collection of OID that is organized hierarchically.
define the properties of the managed object
iso.org.dod.internet.mgmt.mib <=>1.3.6.1.2.1
root (unamed)
iso1
ITU-iso2
ITU0
org3
dod6
internet1
directory1
mgmt2
experimental3
private4
mib1
enterprise1
cisco9
23
Data type - ASN.1The 2nd attribute of an object is the data type.SMI uses some fundamental of ASN.1 definitions but also adds some new definitions
Abstract Syntax Notation One (ASN.1) is a language that consistently represents the managed objects of a Management Information Base (MIB) in a machine-independent format.
ASN.1 uses variables and statement similar to that other programming language.
can be considered as a meta-language provide a vendor-neutral, cross-platform standard-based
languages that allows developers to describe the workings of protocols, systems and machines.
ASN.1 is the basis for a human-readable syntax of MIB tree The use of a consistent language like ASN.1 allows different
types of computers to successfully share information between computers more efficient
24
ASN.1 (2)ASN.1 is a data representation format used by SNMP to create actual MIB objectASN.1 existed long before SNMP, MIB of SNMP was developed to make the full advantages of ASN.1ASN.1 is defined as part of the Open Systems Interconnection (OSI) specification described in the ISO 8824 standard.Management protocols, such as the SNMP, use ASN.1 to define both the packets exchanged by the management protocol and the objects that are to be managed.
25
Types of Managed Objects
simple type scalar object define a single object
instance. 1st three taken directly
from ASN.1, the four other added by SMI
Integer (4 bytes) String (variable) ObjectIdentifier (variable) IPAddress (4 bytes) Counter (4 bytes) Gauge (4 bytes) TimeTicks (4 bytes)
structured type combine simple and
structured data types SMI define TWO
structured data types: sequence and sequence of
Sequence: A sequence data type is a combination of simple data types. (c.f. a record used in C)
Sequence of: A sequence of data type is a combination of simple type (of the same types). (c.f. array in C)
26
Simple data type
Simple Data Type : three simple data types defined in the ASN.1, all of which are unique values, the other four defined by SMI:
Integers – These values are signed integers in the range of -2,147,483,648 to 2,147,483,647.
Octet strings – These strings are an ordered sequence of zero to 65,535 octets.
Object IDs – These values are from the set of all object identifiers allocated according to the rules specified in ASN.1.
Network addresses - A Network addresses represent an address from a particular protocol family. SNMPv1 supports only 32-bit IP addresses.
Counters - Counters are nonnegative integers that increase until they reach a maximum value, and then return to zero. In SNMPv1, a 32-bit counter size is specified.
Gauges - Gauges are nonnegative integers that can increase or decrease, but retain the maximum value reached.
Time ticks - A time tick represents a hundredth of a second since some event.
27
Encoding method
SMI user Basic Encoding Rules (BER), to encode data to be transmitted over the network.Data encoded into 3 parts Tag (1 byte) - 3 sub-field
class (2 bit), format (1 bit), and number (5 bit) Length
one or more bytes Value
code the value of data according to rules defined in BER
28
Encoding Tag
Data type class format Number Tag (bin) Tag(Hex)Integer 00 0 00010 00000010 02String 00 0 00100 00000100 04OID 00 0 00110 00000110 06Sequence, 00 1 10000 00110000 30 sequence ofIPAddress 01 0 00000 01000000 40Counter01 0 00001 01000001 41Gauge 01 0 00010 01000010 42TimeTics 01 0 00011 01000011 43
Tag: 1 byte Class (2bit) + format (1bit) + Number (5
bit)
29
SMI encoding method for Tag
based on Basic Encoding Rule (BER), to encode data to be transmitted over the networkformat tag: 1 byte. Class (2bit) + format (1bit) +
Number (5 bit) length: 1 or more byte. value: depends of the object
30
Encoding length
The length field is one or more bytes. If it is one byte, the most significant bit must be 0. The
other 7 bits define the length of the data If it is more than one byte, the MSB of the first byte must
be 1. The other 7 bits of the first byte define the number of bytes needed to be define the length. sequence of
31
Encoding Value
The value field codes the value of the data according to the rules defined in BERThe followings are examples that show how these 3 fields: tag, length and value are encoded
32
SMI encoding method : examples
For example: integer 14 02 04 0 0 0 0E Integer + 4 byte value + 0 0
0 14
For example : message “HI” 04 02 48 49 String + 2 byte value + “H”
+ “I”
format : OID 1.3.6.1 06 04 01 03 06 01
format : IPAddress 131.21.14.8 40 04 83 15 0E 08
tag length value
33
Encoding exercise
Show how the following array (sequence of) integer is encoded
234512361221236
See note page for answer
34
Encoding exercise #2
Show how following record (sequence) is encoded
Integer String IP Address2345 “COMPUTER” 185.32.1.5
See answer in note page
35
MIB
MIB is another key component used in network management Object Name / Descriptor objects in MIB are categorized under
11 different group (only 8 in SNMPv1)
36
MIB-IMIB-I developed in 1988 (RFC1156 and RFC1212). defined more than 100 configurable managed
objects 8 object groups
system object group (1.3.6.1.2.1.1) Interface object group (1.3.6.1.2.1.2) Address translation object group (1.3.6.1.2.1.3) IP object group (1.3.6.1.2.1.4) ICMP object group (1.3.6.1.2.1.5) TCP object group (1.3.6.1.2.1.6) UDP object group (1.3.6.1.2.1.7) EGP object group (1.3.6.1.2.1.8)
37
MIB-II
developed in 1990 (RFC 1158 and RFC 1213)A total of 11 object groups and contains 171 objects superset of MIB-I and provide additional
functionality required SNMPv2
New object group in MIB-II Transmission object group (1.3.6.1.2.1.10) SNMP object group (1.3.6.1.2.1.11)
38
MIB-II (2)
39
Details of MIB objectsHere are some example of key groups (5 other are not described here)
System Group 1.3.2.1.2.1.1 Give information about the whole system
sysDesc, SysObjectID, sysUpTime, sysContact, sysName, SysLocation, sysService Interface Group 1.3.2.1.2.1.2
Give infomration about the interface inNumber -> ifIndex, ifDescr … InOutLen, ifSpecific (total 22)
IP Group 1.3.2.1.2.1.4 Defines the pieces of information kept by the IP packet
ipForwarding, ipDefaultTTL, ipInReceive, ipInHdrErrors … ipFragCreates, ipRoutingDiscards (total 20) + ipAddrTable (5 sub varables)+ ipRouteTable (13 sub-variables)+ipNetMedia (3 sub variables)
ICMP Group 1.3.2.1.2.1.5 ICMP group stores information about the ICMP package
icmpInMsgs, icmpInErrors, … icmpOutAddrMaskReps (total 26) TCP Group 1.3.2.1.2.1.6
TCP group stores information about the TCP segments tcpRtoAlgroithm, tcpRtoMin, … tcpOutRsts (total 14)+ tcpConnState (5 sub-
variables) UDP Group 1.3.2.1.2.1.7
UDP group stores information about the UDP datagram udpInDatagram, UdpNoPorts, udpInErrors, udpOutDatagrams (total 4) +
udpTables (2 sub variables)
40
Access MIB variables from udp group
41
Access MIB variables from udp group (2)
Use UDP group (1.3.6.1.2.1.7) as an example 4 simple variables 1 sequence of (table) udpInDatagram 1.3.6.1.2.1.7.1 udpNoPort 1.3.6.1.2.1.7.2 udpInError 1.3.6.1.2.1.7.3 udpOutDatagram 1.3.6.1.2.1.7.4 udpTable 1.3.6.1.2.1.7.5
udpEntry 1.3.6.1.2.1.7.5.1 udpLocal Address 1.3.6.1.2.1.7.5.1.1 udpLocal Port 1.3.6.1.2.1.7.5.1.2
1.3.6.1.2.1.7.1
1.3.6.1.2.1.7.2
1.3.6.1.2.1.7.3
1.3.6.1.2.1.7.4
1.3.6.1.2.1.7.5
42
Access MIB instance
OID only define variable, not the instance (contents) to show the instance or the contents of each
variable add instance suffix for simple variable : add a zero
To access the instance (or the contents) of udp group, use the following: udpInDatagrams.0 => 1.3.6.1.2.1.7.1.0 udpNoPort.0 => 1.3.6.1.2.1.7.2.0 udpInError.0 => 1.3.6.1.2.1.7.3.0 udpOutDatagram.0 => 1.3.6.1.2.1.7.4.0
43
Access MIB instance (2) To identify a udp table
udpTable => 1.3.6.1.2.1.7.5 udpEntry => 1.3.6.1.2.1.7.5.1
udpLocalAddress => 1.3.6.1.2.1.7.5.1.1 udpLocalPoart => 1.3.6.1.2.1.7.5.1.2
There are many udp entries, to access to each of these entries, use the index.
In MIB, the index is not an integer. The indexes are based on the value of one or more fields in the entries.
Show figure To access the instance of the local address for the
1st row, use the OID udpLocalAddress.181.23.45.14.23
44
Index for updTableupdTable 1.3.6.1.2.1.7.5 udpEntry
1.3.6.1.2.1.7.5.1udpLocalAddressudplocalPort
Each of these are with same OIDHow to resolve which is which?
181.23.45.14
192.13.5.10
227.2.45.18
230.20.5.24
23
161
180
212
45
Index for updTable (2)To access the instance of the local address for the 1st row, we use the OID augmented with the instance index:udpLocalAddress.181.23.45.14.23That is 1.3.6.1.2.1.7.5.1.1.181.23.45.14.23Note that not all tables are indexed the same way. Some tables are indexed using the value of one field, some suing the value of two fields, and so on.
181.23.45.14
192.13.5.10
227.2.45.18
230.20.5.24
23
161
180
212
1.3.6.1.2.1.7.5.1.1.181.23.45.14.23
1.3.6.1.2.1.7.5.1.1.192.13.5.10.161
1.3.6.1.2.1.7.5.1.1.227.2.45.18.180
1.3.6.1.2.1.7.5.1.1.230.20.5.24.212
46
Index for updTable (3)Tables are ordered according to column-row rules, which means one should go column by column as shown in figure
181.23.45.14
192.13.5.10
227.2.45.18
230.20.5.24
23
161
180
212
1.3.6.1.2.1.7.5.1.1.181.23.45.14.23
1.3.6.1.2.1.7.5.1.1.192.13.5.10.161
1.3.6.1.2.1.7.5.1.1.227.2.45.18.180
1.3.6.1.2.1.7.5.1.1.230.20.5.24.212
47
SNMP ver 1
48
SNMP Version 1SNMPv1 is the initial implementation of the SNMP protocol. Based on 4 RFCs
RFC-1155: Structure of Management Information RFC-1157: Simple Network Management Protocol RFC-1212: Concise MIB Definitions RFC-1213: Management Information Base II
Operates over such protocols User datagram Protocol (UDP) Internet Protocol (IP) OSI Connectionless Network Service (CLNS) Apple Talk Datagram Delivery Protocol (DDP) Novell Internet Packet Exchange (IPX).
49
SNMPv1 Protocol OperationSNMP is a simple request-response protocol.
The network management system issues a request, and managed devices return responses.
This behavior is implemented using protocol operations.SNMP message has the format:
Version Number Community Name - kind of a password One or more SNMP PDUs - assuming trivial
authentication SNMPv1 defines five protocol operations:
Get (Request) GetNext (Request) Set (Request) Get (Response) Trap
50
SNMPv1 message
51
SNMPv1 Protocol Operation (2)Get (Request) This operation is used by the NMS to
retrieve the value of one or more object instances from an agent. If the agent responding to Get operation cannot
provide values for all of the object instances in a list, it does not provide any values.
GetNext (Request) This operation is used by the NMS to
retrieve the value of the next object instance in a table or list within an agent.
It is useful for NMS when it does not know the indexes of entries.
52
SNMPv1 Protocol Operation (3)
Set (Request) This operation is used by the NMS to set the values
of object instances within an agent.
Get (Response) This operation is also used by agents to response
to Get (Request) and GetNext (Request) from manager
Trap This operation is used by agents to asynchronously
inform the NMS of a significant event. For example, if the agent is rebooted, it informs
the manager and reports the time of rebooting.
53
SNMP message format
SNMP message divided into four parts: version, header, security parameter and dataSNMP version
version number (SNMPv1, SNMPv2 or SNMPv3)
SNMP Header community string
SNMP security parameterSNMP Data
Context Engine ID Context Name PDU (see next page)
54
SNMP PDU
Each SNMP PDU (except trap) has the following format: PDU type request id - request sequence
number error status - zero if no error
otherwise one of a small set error index - if non zero indicates
which of the OIDs in the PDU caused the error2
variable bind-list variable name - OIDs values - values are null for get and get
next
55
SNMP PDU (trap)
SNMP Trap PDUs have the following format: enterprise - identifies the type of object
causing the trap agent address - IP address of agent which sent
the trap generic trap id - the common standard traps specific trap id - proprietary or enterprise trap time stamp - when trap occurred in time ticks variable bind-list
variable name - OIDs values - values are null for get and get next
56
Encoding SNMP message
To encode a message, SNMP also uses the BER standardMessage are defined using tags
class format number => for different type of message
Data class format Number Tag (bin) Tag(Hex)
GetRequest 10 1 00000 10100000 A0GetNextRequest 10 1 00001 10100001 A1GetResponse 10 1 00010 10100010 A2SetRequest 10 1 00011 10100011 A3Trap 10 1 00111 10100111 A7
57
Examples for GetRequest Message
a manager station (snmp client) uses the GetRequest message to retrieve the number of UDP datagrams that a router has received.The agent (SNMP server) of the router responses with a GetResponse message
58
Example: encoding GetRequest
GetRequest (from NM station to router) 30 33 sequence of length 51=33
(30 is tag for sequence of) 02 04 00 00 00 00 integer of length 4, ver 0
(02 is tag for integer) 04 06 70 75 62 6C 69 63 string of length 6, “public”
(04 is tag for string) A0 23 GetRequest (A0), length 35=23
02 04 00 01 06 11 integer of length 4, request 00010611
02 04 00 00 00 00 integer of length 4, error status=0 02 04 00 00 00 00 integer of length 4, error index=0 30 0F sequence of length 15
30 0D sequence of length 13 06 09 010306010201070100 objectID of length 9,
udpInDatagram (1.3.6.1.2.1.7.1.0)
05 00 null entity of length 0
59
Example: encoding GetResponse
GetResponse (from router to NM Station) 30 37 sequence of length 37(hex), 55(dec) 02 04 00 00 00 00 integer of length 4, ver 0 04 06 70 75 62 6C 69 63 string of length 6, “public” A2 27 GetResponse (A2), length 39=27h
02 04 00 01 06 11 integer of length 4, request 00010611 02 04 00 00 00 00 integer of length 4, error status=0 02 04 00 00 00 00 integer of length 4, error index=0 30 13 sequence of length 19=13(hex)
30 11 sequence of length 17=11(hex) 06 09 010306010201070100 objectID of length 9, udpInDatagram
(1.3.6.1.2.1.7.1.0) 41 04 00 00 12 11 counter of length 04 with value 12 11
60
Encoding message exercise
Decode the following:02 04 01 02 14 3230 0C 02 04 00 00 00 11 02 04 00 00 00 1430 0B 04 03 41 43 42 02 04 00 00 14 1430 0C 40 04 23 51 62 71 02 04 00 00 14 12
See answer in note page
61
SNMP Version 2An evolution of the initial version of SNMPv1.SNMPv2 functions within the specifications of the Structure of Management Information (SMI). In theory, SNMPv2 offers a number of improvements to SNMPv1, including additional protocol operations. SNMPv2 never become a standard because vendors could not agree on “security”Different version of SNMPv2 are in use SNMPv2c <= most popular SNMPv2u SNMP2*
62
SNMPv2 and SMI
SMI defines the rules for describing management information, using ASN.1. Bit strings
Bit strings are defined only in SNMPv2. They comprise zero or more named bits that specify a value.
Network addresses represent an address from a particular protocol family.
SNMPv1 supports only 32-bit IP addresses. SNMPv2 can support other types of addresses as well.
Counters nonnegative integers that increase until they reach a
maximum value, and then return to zero. In SNMPv1, a 32-bit counter size is specified. In SNMPv2, 32-bit and 64-bit counters are defined.
63
SMI Information ModelsSNMPv2 SMI also specifies information modules. SMI information modules specify a group of related definitions. There are three types of SMI information modules: MIB modules Compliance statements for MIB
modules Capability statements for agents
64
SMI Information Models (II)MIB modules contain definitions of interrelated managed objects.
Compliance statements for MIB modules provide a systematic way to describe a group of
managed objects that must be implemented for conformance to a standard.
Capability statements for agents indicate the precise level of support that an agent
claims with respect to a MIB group. An NMS can adjust its behavior toward agents according to the capabilities statements associated with each agent
65
SNMPv2 Protocol OperationThe Get, GetNext, and Set operations used in SNMPv1 are exactly the same as those used in SNMPv2. SNMPv2 Trap operation serves the same function as that used in SNMPv1. However, it uses a different message format and is designed to replace the SNMPv1 Trap.
66
New Protocol Operations in SNMPv2GetBulk (Request) This operation is used by the NMS to
efficiently retrieve large blocks of data, such as multiple rows in a table. GetBulk fills a response message with as much of the requested data as will fit.
Inform This operation allows one NMS to send
Trap information to another NMS and receive a response.
67
SNMPv3SNMPv1 and SNMPv2c do not have any security (that is, authentication or privacy) mechanisms to keep SNMP packet traffic on the wire confidential. As a result, packets on the wire can be detected and SNMP community strings compromised. Development of SNMPv3 began in late 1997, first draft was completed in 1998Important features of SNMPv3 Address the need for security Inexpensive to deploy a minimal conforming
implementation new architecture to extend the useful life of SNMP
68
SNMPv3 (II)The following security features are provided in SNMPv3: Message integrity
Ensures that nothing has interfered with a packet during transmission.
Authentication Determines that the message is from a valid
source.
Encryption Scrambles the contents of a packet to prevent
it from being seen by an unauthorized source.
69
SNMPv3 (III)The SNMPv3 agent can be used in the following modes: noAuthNoPriv mode
no security mechanisms turned on for packets, same as SNMPv1 and SNMPv2c
AuthNoPriv mode for packets that do not need to be encrypted using
the privacy algorithm [DES 56] AuthPriv mode
for packets that must be encrypted; privacy requires that authentication be performed on the packet
70
SummaryComponents of network management: NMS, managed devices (agent, MIB) Client: NMS (or manager) Managed device (agent: program executed (server),
and database (MIB)
SNMP: features, versions and basic command Features: protocol specifics the process of
management in TCP/IP Versions: SNMPpv1, SNMPv2, SNMPv3 SNMPv1 command: GetRequest, GetNextRequest.
GetResponse, SetReponse, Trap SNMPv2 command: GetBulk, Inform
71
Summary (2)NMS (manager) sends Request message: GetRequest, GetNextRequest and SetRequest
to retrieve single or multiple object variables to establish the value of a single variable
managed agent (server) sends a Response message to complete the request: GetResponse
managed agent sends an event notification, called a trap to the NMS to identify the
occurrence of conditions Network Management application using SNMP
Provide FCAPS functionsMIB: MIB-1, MIB-II
MIB-1: 8 types sys, if, at, ip, icmp, tcp, udp, egp
MIB-2: 11 types (in total) Trans, snmp
72
Further exercise
A manager wants to know the value of icmpInParmProbs (OID is 1.3.6.1.2.1.5.5) in a router. Show the encoding of GetRequest and GetResponse message if the value is 167(dec). Note icmpInParmProbs define numbers of parameter
problem messages received (with Counter type: 41) snmp version 1 Community String is public Assume the request ID is 67092(dec)
73
Quiz
An OID define variable. Add a zero suffix is to define _________
Ans: variable contents
74
Quiz
What are the roles of the following fields?CommunityRequest IDError StatusError IndexVarBindlist
See answer in note page