Network management
Ohud92
IT340Chap52018.ppt
Chapter 5
SNMPv1 Network Management:
Communication and Functional Models
Last modified: 17/02/2018
Network Management: Principles and Practice
© Mani Subramanian 2010
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
*
Network Management: Principles and Practice
© Mani Subramanian 2010
Objectives
- Communication model: Administrative and messages
- Administrative structure
Community-based model
Access policy
MIB view
- Message PDU
- SNMP protocol specifications
- SNMP operations
- SNMP MIB
- SNMP functional model
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
SNMP Architecture
- Truly simple network management protocol
- Five messages, 3 from manager and 2 from agent
- Three goals of the architecture:
1- It should minimize the number and so complexity of management functions realized by the management agent
2- It should be flexible for future expansion (addition of new aspects of operation and management)
3- The architecture should be independent of architecture and mechanisms of particular hosts and gateways
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
SNMP Messages
- Get-Request
- Get-Next-Request
- Set-Request
- Get-Response
- Trap
- Generic trap
- Specific trap
- Time stamp
- Generic trap
- coldStart
- warmStart
- when reinitializing, no SNMP configuration change
- linkDown
- linkUp
- authenticationfailure
- egpNeighborLoss
- enterpriseSpecific
- Specific trap
- For special measurements such as statistics
- Time stamp: Time since last initialization
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
- The get-request will only match exactly the OID (ObjectIDentifier) specified in the request.
- It will fail if no such OID exists on the target.
- The get-next-request will return the OID that is the "next" OID in the "tree".
- The get-next-request can be used to "walk through" the OIDs in the MIB of a certain domain/system
Administrative Model
- Based on community profile and policy
- SNMP Entities:
- SNMP application entities
- Reside in management stations and network elements
- Manager and agent (Both entities are called an SNMP community.) - SNMP protocol entities
- Communication processes (PDU handlers)
- Peer processes that support application entities
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Peer processes, which implement SNMP, and thus support SNMP application entities, they are termed protocol entities
SNMP Community
- Multiple SNMP managers communicating with a single SNMP agent.
- While an SNMP manager is monitoring traffic on an element, another manager may be configuring some administrative information on it. A third manager can be monitoring it to perform some statistical study.
- Security in SNMPv1 is community based
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Authentication scheme, which is a filler module, in manager and agent
*
SNMP Community
- Community: Pairing of two application entities
- Community name: String of octets
- Two applications in the same community communicate with each other
- Application could have multiple community names
- Communication is not secured in SNMPv1– no encryption
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
A community name acts as a password that is shared, typically, by multiple SNMP agents and one or more SNMP managers. You configure the SNMP manager and the computers or devices that it manages as members of a single SNMP community. An SNMP agent only accepts requests from SNMP managers that are on the agent’s list of acceptable community names.
Community Profile
- MIB view
- An agent is programmed to view only a subset of managed objects of a network element
- Access mode
- Each community name is assigned an access mode: read-only, read-write, etc.
- Community profile: MIB view + SNMP access mode
- Operations on an object determined by community profile and the access mode of the object
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Community Profile
- Total of four access privileges
- An SNMP agent with READ-WRITE access mode can perform all operations (get, set, and trap) on Object 4. READ-ONLY access mode can only perform get and trap operations on Object 2.
- Object 1 has a "not-,accessible" access mode and hence no operation can be performed on it
- Some objects, such as table and table entry are non-accessible
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Notes
Administrative Model
- SNMP community paired with SNMP community profile is SNMP access policy
- Administrative model is SNMP access policy
Parameters:
- Community / communities
- Agent / Agents
- Manager / Managers
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Access Policy
- Manager manages Community 1 and 2 network components via Agents 1 and 2
- Agent 1 has only view of Community Profile 1,e.g., Cisco components
- Agent 2 has only view of Community Profile 2,e.g., 3Com components
- Manager has total view of both Cisco and 3Com components
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Generalized Administrative Model
- Manager 1 manages community 1, manager 2 manages community 2, and manager 3 (MoM) manages both communities 1 and 2
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Proxy Access Policy
- Proxy agent enables non-SNMP community
elements to be managed by an SNMP manager - An SNMP MIB is created to handle the non-SNMP objects
- For example, LAN could be a TCP network with SNMP agent
- WAN could be an X.25 network which is not an Internet model can be managed by a proxy agent
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Protocol Entities
- Protocol entities are peer processes that support application entities
- Communication among protocol entities is accomplished using messages encapsulated in a UDP datagram
- Message consists of:
- Version identifier
- Community name
- Protocol Data Unit (PDU)
- Message encapsulated and transmitted
- SNMP protocol entity is received on port 161
- Except trap received on 162
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Protocol Entities
- The version and community names are added to the data PDU and along with the application header is passed on to the transport layer as SNMP PDU.
- The UDP header is added at the transport layer, which then forms the transport PDU for the network layer.
- The addition of the IP header to the Transport PDU forms the Network PDU for the data link layer (DLC).
- The network or DLC header is added before the frame is transmitted on to the physical medium.
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Get and Set PDU
PDU Types: enumerated INTEGER
- VarBindList: multiple instances of VarBind pairs
- RequesID: is used to track a message with the expected response or for loss of a message.
- VarBind: the pairing of the variable (MO) and its value
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
- A managed object is represented in SNMP by a scalar variable and is simply called a variable.
- Associated with the variable is its value. The pairing of the variable and value is called variable binding or VarBind.
- The data PDU in the message contains a VarBind pair. For efficiency sake, a list of VarBind pairs can be sent in a message.
PDUs ::=
CHOICE {
get-request GetRequest-PDU,
get-next-request GetNextRequest-PDU,
get-response GetResponse-PDU,
set-request SetRequest-PDU,
trap Trap-PDU
}
get-request [0]
get-next-request [1]
set-request [2]
get-response [3]
trap [4]
Notes
Error in Response
- Error Index: No. of VarBind that the first error occurred
- Ex: 1 if the error occurred in the first varBind, 5 if the fifth varBind had an error and so on.
Network Management: Principles and Practice
© Mani Subramanian 2010
*
- A non zero ErrorStatus is used to indicate that an error occurred
- Errorlndex is used to provide additional information on the error
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
ErrorStatus ::=
INTEGER {
noError(0)
tooBig(1)
noSuchName(2)
bad value(3)
readOnly(4)
genErr(5)
}
Trap PDU
- Enterprise and agent address pertain to the system generating the trap
- Seven generic traps specified by enumerated INTEGER
- Specific trap is a trap not covered by enterprise specific trap
- Timestamp indicates elapsed time since last re-initialization
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Figure 5.9 Trap PDUs
Table 5.1 Generic Traps
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
The agent is reporting that the peer relationship between an External Gateway Protocol (EGP) neighbor and an EGP peer no longer exists.
|
Generic Trap Type |
Description (brief) |
|
coldStart(0) |
Sending protocol entity is reinitializing itself; agent's configuration or protocol entity implementation may be altered |
|
warmStart(1) |
Sending protocol entity is reinitializing itself; agent configuration or protocol entity implementation not altered |
|
linkDown(2) |
Failure of one of the communication links |
|
linkUp(3) |
One of the links has come up |
|
authenticationFailure(4) |
Authentication failure |
|
egpNeighborLoss(5) |
Loss of EGP neighbor |
|
enterpriseSpecific(6) |
Enterprise-specific trap |
SNMP Operations
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
The agent here is integrated in the NE since in the GetRequest, no MO is specified.
Figure 5.10 shows a sequence of operations in retrieving the values
of objects in a System group. It starts with the get-request operation using a GetRequest PDU from a
manager process to an agent process and the get-response from the agent with a GetResponse PDU.
| SNMP operations | messages |
| Manager to Agent | Get-request, get-next-request, and set-request messages |
| Agent to Manager | Get-response and trap messages |
.0= indicqtes q scqlqr vqlure ?
*
MIB for Get-Next-Request
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
MIB for Get-Next-Request
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
- The first two objects A and B are single-valued scalar objects. They are followed by an aggregate object represented by the table T with an entry E and two rows of three columnar objects, T.E.1.1. through T.E.3.2. The MIB group ends with a scalar object Z.
- GetRequest(A), GetResponse(A), B, T.E.1.1, T.E.1.2, …, T.E.3.1, T.E.3.2, Z
- GetRequest(T.E.1.3) receive error message
- It is useful to use get-next-request
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Notes
Lexicographic Order
- Procedure for ordering:
- Start with leftmost digit as first position
- Before increasing the order in the first position, select the lowest digit in the second position
- Continue the process till the lowest digit in the last position is captured
- Increase the order in the last position until all the digits in the last position are captured
- Move back to the last but one position and repeat the process
- Continue advancing to the first position until all the numbers are ordered
- Tree structure for the above process
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Table 5.2 Lexicographic-Order Number Example
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
13 numbers ordered according to their numerical values then ordered according to lexicographic order
*
Numerical Order
Lexicographic order
1
1
2
1118
3
115
9
126
15
15
22
2
34
22
115
250
126
2509
250
3
321
321
1118
34
2509
9
MIB Lexicographic Order
A 3.1
B 3.2
T Z
E
1.1
1.2
2.1
2.2
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Figure 5.12 MIB for Operation Examples in Figures 5.13 and 5.15
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
The nodes can be ordered Lexicographically
Figure 5.12 shows an MIB group. It is a generalized case of a conceptual MIB comprising three scalar objects and a table is shown in Figure 5.12. contains two objects A and B which arc single- valued scalar objects. They are followed by an aggregate object represented by the table T with an entry E and two rows of three columnar objects. Objects of the table go from T.E.1.l. through T.E.3.2.
The MIB group ends with a scalar object Z.
A More Complex MIB Example
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
1
1.1
1.1.5
1.1.18
1.2
1.2.6
2
2.2
2.10
2.10.9
3
3.4
3.21
9
Get-Next-Request Operation
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
*
- Advantages of using get-next-request:
- We do not need to know the object identifier for the next entity
- In the case of an aggregate object, the number of rows is dynamically changing. Thus, we do not know how many rows exist in the table. The get-next-request resolves this problem.
- We can use this to build a MIB tree by repeating the request from any node to any node. This is called MIB walk, and is used by a MIB browser in NMS implementation.
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Get-Next-Request Operation
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
- The objects AtIfIndex and AtNetAddress are the indices that uniquely identify a row
- In this method, the manager has to know the columnar objects of the table
- The first get-next-request does not contain any operand value
- IpForwarding is the next group in the Internet MIB the manager has to recognize this and terminate the process
- In this example, instead of issuing ten get-next-requests with a single VarBind in the message, the manager generates four GetNextRequest PDUs with a list of two VarBind fields.
Sniffer Data
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
14:03:36.788270 noc3.btc.gatech.edu.164 > noc1.btc.gatech.edu.snmp:
Community = public
GetRequest(111)
Request ID = 4
system.sysDescr.0
system.sysObjectID.0
system.sysUpTime.0
system.sysContact.0
system.sysName.0
system.sysLocation.0
system.sysServices.0
Figure 5.17(a) Get-Request Message from Manager-to-Agent
14:03:36.798269 noc1.btc.gatech.edu.snmp > noc3.btc.gatech.edu.164:
Community = public
GetResponse(196)
Request ID = 4
system.sysDescr.0 = "SunOS noc1 5.5.1 Generic_103640-08 sun4u"
system.sysObjectID.0 = E:hp.2.3.10.1.2
system.sysUpTime.0 = 247396453
system.sysContact.0 = "Brandon Rhodes"
system.sysName.0 = "noc1"
system.sysLocation.0 = "BTC NM Lab"
system.sysServices.0 = 72
Figure 5.17(b) Get-Response Message from Agent-to-Manager (After)
Sniffer Data
Network Management: Principles and Practice
© Mani Subramanian 2010
*
- Sniffer tool is a management tool that can capture packets going across a transmission medium.
- The seven object IDs from System.sysDescr.0 to System.sysServices.0 all end with zero to indicate that they are single-valued scalar objects.
- The community name is public
- The request number identified in the GetResponse PDU is the same as the one in the GetRequest PDU.
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
SNMP MIB
Note: Most of the MIB objects were not used and hence deprecated in SNMPv2
Network Management: Principles and Practice
© Mani Subramanian 2010
Notes
- SNMPv1 MIB has too many objects that are not used
- SNMPv2 obsoleted a large number of them
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
( Application functions)
- Fault management
- Configuration management
- Accounting management
- Performance management
- Security management
Network Management: Principles and Practice
© Mani Subramanian 2010
*
Chapter 5 SNMPv1 Network Management: Communication and Functional Models
Functional Model
SNMP Manager
Application
Get-Response
Get-Request
GetNext-Request
Set-Request
Trap
SNMP Manager
SNMP
UDP
IP
DLC
PHY
SNMP Agent
Application
Get-Response
Trap
SNMP Agent
SNMP
UDP
IP
DLC
PHY
Physical Medium
Figure 4.9 SNMP Network Management Architecture
Manage-
ment
Data
Get-Request
GetNext-Request
Set-Request
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Manager
Authentication Scheme
SNMP Agent
Authentication Scheme
Authentic Messages
Figure 5.1 SNMP Community
Figure 5.2 SNMP Community Profile
SNMP Agent
Object 2
read-only
READ-
ONLY
READ-
WRITE
SNMP Access Mode
SNMP MIB View
MIB Access
Object 3
write-only
Object 1
not-accessible
Object 4
read-write
Community
Community Profile 1
Community Profile 2
Agent 2
Agent 1
Manager
Community 1
Community Profile 1
Community Profile 2
Manager 3
(Community 1, Community 2)
Agent 2
Agent 1
Community 2
Community Profile 3
Community Profile 4
Agent 4
Agent 3
Manager 2
(Community 2)
Manager 1
(Community 1)
Figure 5.3 SNMP Access Policy
SNMP Community
non-SNMP
Community
Proxy Agent
SNMP
Agent
SNMP Manager
(Community 1)
Figure 5.4 SNMP Proxy Access Policy
Application
Header
IP
Header
UDP
Header
Version Community SNMP PDU
Application PDU
DLC
Header
Transport
PDU
Network PDU
Application
PDU
Transport
PDU
Network
PDU
Data Link
PDU
Figure 5.5 Encapsulated SNMP Message
Data
SNMP
PDU
PDU
Type
RequestID
Error
Status
Error
Index
Figure 5.8 Get and Set Type PDUs
VarBind 1
name
VarBind 1
value
...
VarBind n
name
VarBind n
value
PDUs ::=
CHOICE {
get-request GetRequest-PDU,
get-next-request GetNextRequest-PDU,
get-response GetResponse-PDU,
set-request SetRequest-PDU,
trap Trap-PDU
}
get-request
[0]
get-next-request
[1]
set-request
[2]
get-response
[3]
trap
[4]
ErrorStatus ::=
INTEGER {
noError(0)
tooBig(1)
noSuchName(2)
bad value(3)
readOnly(4)
genErr(5)
}
VarBind 1
name
VarBind 1
value
PDU
Type
Enterprise
Agent
Address
...
VarBind n
name
VarBind n
value
Generic
Trap Type
Specific
Trap Type
Timestamp
Generic Trap Type Description (brief)
coldStart(0) Sending protocol entity is reinitializing itself;
agent's configuration or protocol entity
implementation may be altered
warmStart(1) Sending protocol entity is reinitializing itself;
agent configuration or protocol entity
implementation not altered
linkDown(2) Failure of one of the communication links
linkUp(3) One of the links has come up
authenticationFailu
re(4)
Authentication failure
egpNeighborLoss(
5)
Loss of EGP neighbor
enterpriseSpecific(
6)
Enterprise-specific trap
Figure 5.10 Get-Request Operation for System Group
GetRequest (sysDescr.0)
GetResponse (sysDescr .0= "SunOS" )
GetRequest (sysObjectID.0)
GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )
GetRequest (sysUpTime.0)
GetResponse (sysUpTime.0=2247349530)
GetRequest (sysContact.0)
GetResponse (sysContact.0=" ")
GetRequest (sysName.0)
GetResponse (sysName.0="noc1 ")
GetRequest (sysLocation.0)
GetResponse (sysLocation.0=" ")
GetRequest (sysServices.0)
GetResponse (sysServices.0=72)
Manager
Process
Agent
Process
T
Z
A
B
1.1
Figure 5.12 MIB for Operation Examples in Figures 5.13 and 5.15
E
2.1
3.1
1.2
2.2
3.2
Numerical Order
Lexicographic order
1
1
2
1118
3
115
9
126
15
15
22
2
34
22
115
250
126
2509
250
3
321
321
1118
34
2509
9
T
Z
A
B
1.1
E
2.1
3.1
1.2
2.2
3.2
3
9
1
2
18
1
5
2
6
2
10
9
21
4
Figure 5.14 MIB Example for Lexicographic Ordering
1
1.1
1.1.5
1.1.18
1.2
1.2.6
2
2.2
2.10
2.10.9
3
3.4
3.21
9
T.E.1.1
Figure 5.15 Get-Next-Request Operation for MIB in Figure 5.12
T.E.2.1
T.E.3.1
T.E.1.2
T.E.2.2
T.E.3.2
E
T
Z
A
B
GetRequest ( A )
GetResponse ( A )
GetNextRequest ( A )
GetResponse ( B )
GetNextRequest ( B )
GetResponse ( T.E.1.1 )
GetNextRequest (T.E.1.1 )
GetResponse ( T.E.1.2 )
GetNextRequest (T.E.1.2 )
GetResponse ( T.E.2.1 )
GetNextRequest (T.E.2.1 )
GetResponse ( T.E.2.2 )
GetNextRequest (T.E.2.2 )
GetResponse ( T.E.3.1 )
GetNextRequest (T.E.3.1 )
GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 )
GetResponse ( Z )
GetNextRequest ( Z )
GetResponse ( noSuchName
)
Manager
Process
Agent
Process
atIfIndex
23
13
16
atPhysAddress
0000000C3920B4
0000000C3920AC
0000000C3920AF
atNetAddress
192.168.3.1
172.16.46.1
172.16.49.1
GetNextRequest (sysObjId,
atPhysAddress)
GetResponse( (sysUpTime.0 = "315131795"),
(atPhysAddress.13.172.16.46.1 = "0000000C3920AC"))
GetNextRequest (sysObjId,
atPhysAddress.13.172.16.46.1)
GetResponse( (sysUpTime.0 = "315131800"),
(atPhysAddress.16.172.16.49.1 = "0000000C3920AF") )
GetNextRequest (sysObjId,
atPhysAddress.16.172.16.49.1)
GetResponse( (sysUpTime.0 = "315131805"),
(atPhysAddress.23.192.168.3.1 = "0000000C3920B4") )
GetNextRequest (sysObjId,
atPhysAddress.23.192.168.3.1)
GetResponse( (sysUpTime.0 = "315131810"),
(ipForwarding.0 = "1") )
Figure 5.16 GetNextRequest Example with Indices
Agent
Process
Manager
Process
14:03:36.788270 noc3.btc.gatech.edu.164 >
noc1.btc.gatech.edu.snmp:
Community = public
GetRequest
(111)
Request ID = 4
system.sysDescr.0
system.sysObjectID.0
system.sysUpTime.0
system.sysContact.0
system.sysName.0
system.sysLocation.0
system.sysServices.0
Figure 5.17(a) Get-Request Message from Manager-to-Agent
14:03:36.798269 noc1.btc.gatech.edu.snmp >
noc3.btc.gatech.edu.164:
Community = public
GetResponse
(196)
Request ID = 4
system.sysDescr.0 = "SunOS noc1 5.5.1 Generic_103640-08
sun4u"
system.sysObjectID.0 = E:hp.2.3.10.1.2
system.sysUpTime.0 = 247396453
system.sysContact.0 = "Brandon Rhodes"
system.sysName.0 = "noc1"
system.sysLocation.0 = "BTC NM Lab"
system.sysServices.0 = 72
Figure 5.17(b) Get-Response Message from Agent-to-
Manager (After)
snmp
(mib-2 11)
snmpInPkts(1)
snmpOutPkts (2)
snmpInBadVersions (3)
snmpInCommunityNames (4)
snmpInBadCommunityUses (5)
snmpInASNParseErrors (6)
-- not used (7)
snmpInTooBigs (8)
snmpInNoSuchNames (9)
snmpInBadValues (10)
snmpInReadOnlys (11)
snmpEnableAuthenTraps (30)
snmpOutTraps (29)
snmpOutGetResponses (28)
snmpOutSetRequests (27)
snmpOutGetNexts (26)
snmpOutGetRequests (25)
snmpOutGenErrs (24)
-- not used (23)
snmpOutBadValues (22)
snmpOutNoSuchNames (21)
snmpOutTooBigs (20)
snmpInGenErrs (12)
snmpInTotalReqVars (13)
snmpInTotalSetVars (14)
snmpInGetRequests (15)
snmpInTraps (19)
snmpInGetResponses
(18)
snmpInSetRequests (17)
snmpInGetNexts (16)
Figure 5.21 SNMP Group
