test case generation for testing snmp agents diana serbanescu (fraunhofer fokus) & theofanis...

Test Case Generation for testing SNMP agents

Diana Serbanescu (Fraunhofer FOKUS) & Theofanis Vassiliou-Gioles (Testing Technologies)

Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©

Contact

2

Diana SerbanescuFraunhofer FOKUS

[email protected]

Theo VassiliouTesting Technologies

[email protected]


Agenda

Why SNMP?

An Introduction to SNMP

Technical Solution

3


Why bother for SNMP at all?

First version has been defined in the late 1980sRFC 1067, 1098, 1157

A protocol to monitor and manage network elements

Defines a message structure and communication flows

Widely deployed and heavily used in the IT datacom industry

Router, switches, servers, network printers, ...

One would think that SNMP isWell establishedWell deployed and thereWell tested!

4


New Domains – New Applications

5


Summary – Why SNMP

SNMP is well established in the IT community

Application to new domains require thorough testing

of existing functionalityin sometimes hazard environmentsby not native IT/datacom experts

6


Introduction to SNMP (I)

SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices

Comprised of agents and managers

SNMP is a “client pull” model

The management system (client) “pulls” data from the agent (server)

SNMP is a “server push” model

The agent (server) “pushes” out a trap message to a (client) management system

7


Introduction to SNMP (II)

SNMP managementSNMP Protocol

Definition of message formatOperation specification

Structure of Management Information (SMI)

Rules specifying the format used to define objects managed

Management Information Base (MIB)

A map all managed objects

Languages of SNMPStructure of Management Information (SMI)ASN.1

Used to define the MIBsBasic Encoding Rules (BER)

For SNMP message encoding

Three different versions of SNMP defined over the years

v1, v2 and v3V3 adds authorization and encryption

8


MIBs : Management Information Base MIB-I

9

Root Node

CCITT(0) ISO(1) Joint(2)

org(3)

dod(6)

Internet(1)

directory(1) mgmt(2)experimental

(3)private(4)

mib(1)

system(1)

Interface(2)

at(3) IP(4) icmp(5) tcp(6) udp(7) egp(8) oim(9)

Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.© 10

The Object Identifier (OID)

A scheme that allows two vendors or products within a vendor to compare like items

Object identifiers (OID) as the identification schemeAn OID is an ordered sequence of non-negative integers written left to right, containing at least two elements

Once a MIB module is published, OIDs are bound for all time to the objects defined

Objects cannot be deletedCan only be made obsoleteEven minor changes to an object are discouraged

Root Node

CCITT(0) ISO(1) Joint(2)

org(3)

dod(6)

Internet(1)

directory(1) mgmt(2)experimental

(3)private(4)

mib(1)

system(1)

Interface(2)

at(3) IP(4) icmp(5) tcp(6) udp(7) egp(8) oim(9)


SNMP Operations (v1, v2 & v3)

Get

Get-next

Get-bulk (SNMPv2 and SNMPv3)

Set

Get-response

Trap

Inform (SNMPv2 and SNMPv3)

Report (SNMP2 and SNMPv3)

11


SNMP PDU Sequences

12

Manager Agent

GetRequest PDU

GetResponse PDU

Manager Agent

SetRequest PDU

GetResponse PDU

Manager Agent

GetNextRequest PDU

GetResponse PDU

Manager Agent

Trap PDU

(a) Get values (b) Get next values

(c) Set values (d) Send trap


SNMP Security Mechanisms - Summary


Summary – What is SNMP?

A protocol to manage network agents

Communication is ASN.1/BER based

MIBs define the managed objects

Different versions of SNMP are available

Security plays a major role in v3 but it is considered difficult to handle by users.

14


Test Aspects

Single and multiple (table) values for the objects defined in the given MIB file(s) should be verified for type and value conformance

Test the main operations for each version of the SNMP protocol that is being used

GET/GET-NEXT/GET-BULK/SETNegative and positive tests

Positive: e.g. GET a read-write objectNegative: e.g. SET a read-only object

Test the main operations within different security levels

15


Abstract Test Architecture for SNMP

16

TTCN-3Test System

SNMP Transmission

SNMP Entity

Act as a SMP Manager

SNMP AgentMIB document

SNMPv3 Testing: Basic Test Concept Configuration

Convert MIB definitions to TTCN-3and import them in TTCN-3 modules

Compile MIB definitionsSUT


Abstract Architecture for Testing SNMP jointly with other Protocols/Test Access

17

SNMP TTCN-3Test System

SNMP Testing Module

SNMP Testing Module

Generic Test Access

Generic Test Access

SUT

SNMPSNMPGET RESPONSE / TRAP

SET (USM)

GET / GETNEXTGET BULK

WebServiceIP LPT


Abstract Workflow

18


TTplugin-SNMP Generated Artefacts

19

MIBMIBMIBMIB

MIBMIBMIBMIB

TypeSystem

TypeSystem

Pattern 1

Pattern 1

Pattern 2

Pattern 2

Pattern 3

Pattern 3

Pattern 4

Pattern 4

Pattern 5

Pattern 5

Pattern 6

Pattern 6

Pattern 7

Pattern 7

SUT


The Patterns

Testing for type conformanceT1, T3

Testing for valuesT5, T6, T7

Testing for access rightsT2, T4

Testing for values can be enhanced by value enforcement via additional test access

Web Service, IP Packets,

20


The Complete Test System

21

TypeSystem

TypeSystem

SUT

TTworkbench


Summary & Outlook

Summary A test architecture as TTplugin-SNMP for testing SNMPv1,2,3 was developedFocus was on the seamless management of the different SNMP version and security mechanismsTest case templates that cover the main groups of tests for SNMP are defined and implemented in the frameworkA very powerful framework to quickly define test cases to SNMP agents and/or SNMP mastersTTplugin –SNMP can also be used to manipulate SNMP manged system in non-SNMP testing context

OutlookTo generate more test cases based on generic patterns


Further information

Fraunhofer FOKUS – MOTIONwww.fokus.fraunhofer.de/de/motion/index.html

Testing Technologiestestingtech.comfacebook.com -> Testing-Technologies

TTplugin-SNMPtestingtech.com/products/ttplugins_snmp.phptestingtech.com/download/datasheets/PlugSNMP.pdf

23

test case generation for testing snmp agents diana serbanescu (fraunhofer fokus) & theofanis...

Documents

confidential information

snmp snmp

copyright testing technologies

snmp i snmp

managers snmp

snmp pdu sequences

agent server snmp

trap slide