Network Administration (SNMP)
Transcript of Network Administration (SNMP)
Network Administration
The administration of the Internet:
SNMP (Simple Network Management Protocol)
1 PTIT HCM, Feb. 12
TRAN PHUOC NGUYEN [email protected]
Study Organization • Đ08TH_MMT&TT ( 49 H Theory + 9 H Exercise)
– 78 students • 7 groups • 1 group (presentation)
– Exercises » Must resolve the provided exercises
– Practice » Install SNMP on Linux or Windows
» Study SNMP protocol by using iReasoning and Wirshark
– 12 sessions • 6 Lectures • 6 Exercises
• Diligent (30%) – Present – Exercise – Practice
• Examination (70%) – Multiple Choice Questions (MCQ) – Theory – Practice
– First Time (14/05/2012 -03/06/2012) – Second Time (8/06/2012-24/06/2012)
PTIT HCM, Feb. 12 2
The Case for Management
PTIT HCM, Feb. 12 3
The Case for Management (1)
• Typical problem
–Remote user arrives at regional office and experiences slow or no response from corporate web server
• Where do you begin?
–Where is the problem?
–What is the problem?
–What is the solution?
• Without proper network management, these questions are difficult to answer
Corp Network
Regional Offices
WWW Servers
Remote User
Corp Network
Regional Offices
WWW Servers
Remote User
The Case for Management (2)
• With proper management tools and procedures in place, you may already have the answer
• Consider some possibilities 1. What configuration changes were
made overnight?
2. Have you received a device fault notification indicating the issue?
3. Have you detected a security breach?
4. Has your performance baseline predicted this behavior on an increasingly congested network link?
• An accurate database of your network’s topology, configuration, and performance
• A solid understanding of the protocols and models used in communication between your management server and the managed devices
• Methods and tools that allow you to interpret and act upon gathered information
Response Times High Availability
Predictability
Security
Solving Problem Procedure
Introduction to Network Management
PTIT HCM, Feb. 12 7
Introduction
• The network has become an indispensable resource to proper functioning of an organization, company, ...
• The administration of the network implements a set of means for: – Provide users with a quality service
– Allow the evolution of the system including new features
– Optimize the performance of services for users
– Allow for maximum use of resources for a minimum cost.
8 PTIT HCM, Feb. 12
Administration = operational part network
• Administrative functions should allow – Extracting information from network elements using
tools • Harvest a large number of information
– Reducing the amount of information by means of filters • Select significant information
– Storing information retained in a database administration data
– Processing of this information – Provide interfaces (administrative user, network
operator).
9 PTIT HCM, Feb. 12
Standards
• To be used by a wide range of products (systems terminals, switches, routers, telecom devices …) and in a multi-vendor,
• There are two main types of standards: – SNMP: Is a set of standards including a protocol, a
specification of the structure of the database and a set of objects. This is the standard TCP / IP.
– The administration of OSI: Includes a large set of
standards that describe a general architecture of administration, service and Management Protocol (CMIS / CMIP), the specification of the structure of the database and a set of objects.
10 PTIT HCM, Feb. 12
Expected from the network administration
• The functional areas of administration as defined in the OSI: – The fault management: allows the detection, location, fault repair and
return to a normal situation in the environment. – Accounting: to know the charges of managing objects, communication
costs, ... • This assessment is based on the volume and duration of the
transmission. These surveys are carried out at two levels: Network and Application.
– Configuration Management: allows to identify, set the various objects. The procedures required to manage a configuration are information gathering, monitoring system status, the state backup in a history
– The performance audit: to evaluate the performance of system resources and effectiveness. The network performance is evaluated from four parameters: response time, throughput, bit error rate and availability.
– The security management: the control and distribution of the information used for safety. A subset of the MIBs concerns the Security Management Base (SMIB). It provides encryption and list of access rights.
11 PTIT HCM, Feb. 12
Administration Organization
• Who need administration and for what? • There are different types of decision of administrators:
– Operational decisions: decision in the short term regarding the administration and day to day operations real-time on the system.
– Tactical decisions: Medium-term decision network evolution and application of long-term policies
– Strategic decisions: long-term decision on strategies for the future by expressing the new needs and desires of users.
• These levels determine different levels of administration: – Operational control system for operational decisions – Network management for tactical decision – Network analysis for tactical strategic decision – Planning for strategic decisions
12 PTIT HCM, Feb. 12
The network management systems
• A network management system is a collection of tools for controlling and managing the network, which includes:
– An operator interface with a set of commands to perform most administration tasks of networks.
– A minimum of additional equipment integrated into the existing system.
• Setting up a managed network environment
13 PTIT HCM, Feb. 12
14 PTIT HCM, Feb. 12
Network Management Configuration(1)
• Network Management Entity (NME) – Contains a collection of software devoted to the NM task in each network
node – Collects statistics – Stores statistics locally – Responds to commands from network control center (manager)
• Transmit collect statistics to manager • Change a parameters (a timer in a transport protocol) • Provide status information • Generate artificial traffic for testing
– Send messages to network control center for significant changes in local conditions
– Be referred to as an agent – Agents are implemented in end systems and nodes
15 PTIT HCM, Feb. 12
Network Management Configuration(2)
• Network Management Application (NMA)
– Include an operator interface to allow an authorized user to manage the network
– Respond to user commands
• display information
• issue commands to NMEs through the network
– Communicate with and control NME in other nodes
• Application-level network management protocol
16 PTIT HCM, Feb. 12
The architecture of a network management software
• The architecture of the application in a manager or an agent will vary depending on the features of the platform.
• A generic view of a platform divided into three broad categories:
– The software user
– The network management software
– Communication software and data support
17 PTIT HCM, Feb. 12
18 PTIT HCM, Feb. 12
User Presentation Software
• An interface in manager systems – monitor and control the network
• An interface in agent systems – network testing and debugging
– view or set parameters locally
• Presentation tools – to organize, summarize, and simplify the information as
much as possible to avoid information overload
– graphical presentations
– user interface should be the same at any node, regardless of vender
19 PTIT HCM, Feb. 12
Network Management Software (1)
• Three-layer architecture – Network management application layer
– Application element layer
– Network management data transport service layer
20 PTIT HCM, Feb. 12
Network Management Software (2)
• Network management application – Provides services of interest to users – Each application covers a broad area of network management
and should exhibit consistency over various types of configurations (LAN, WAN, ..)
• Application elements – Implement primitive and general-purpose network
management functions • generating alarms or summarizing data
– Implement basic tools used by one or more network management applications
– Developed based on software reuse
21 PTIT HCM, Feb. 12
Network Management Data Transport Service
• The module consists of
– a NM protocol used to exchange management information among managers and agents
– a service interface to the application elements
• Provides very primitive functions (get, set and trap)
22 PTIT HCM, Feb. 12
Communication & Database Support Software (1)
• Network management software needs access to a local MIB, and to remote agents and managers
• Local MIB at an agent contains
– Information reflecting the configuration and behavior of this node
– Parameters used to control the operation of this node
• Local MIB at a manager contains
– node-specific information
– summary information about agents under control
23 PTIT HCM, Feb. 12
• MIB access module
– Include basic file management software that enables access to the MIB
– Convert local MIB format to a standardized form across the NMS
• Communications protocol stack
– OSI or TCP/IP stack
– Support the network management protocol
– Support communications among agents and managers
Communication & Database Support Software (2)
24 PTIT HCM, Feb. 12
Distributed Network Management (1)
25 PTIT HCM, Feb. 12
Network
Management server
Management application
MIB
Management server
Management application
MIB
Network
Element manager
Element manager
Network resources ( servers, routers, hosts ) with management agents
Management clients ( PCs, workstations )
Distributed Network Management (2)
• A centralized NMS enables the manager to maintain control over the entire configuration, balancing resource against needs and optimizing the overall utilization of resources
• Why distributed network management? – the proliferation of low-cost, high power PCs & workstations
– the proliferation of departmental LANs
– local control and optimization of distributed applications
– distributed computing
• Architecture of distributed network management – hierarchical architecture
– department-level managers
• manage downsized applications and PC LANs
26 PTIT HCM, Feb. 12
Distributed Network Management (3)
• Benefits – network management traffic overhead is minimized
– Offers greater scalability
– Eliminates single-point failure
• Elements for hierarchical architecture – Distributed management workstations
• be given limited access for monitoring and control
• manage the departmental resources
– One central workstation (with a backup) • global access rights to manage all network resources
• interact with less-enabled management stations
27 PTIT HCM, Feb. 12
Distributed Network Management (4)
• Distributed management system architecture – Management clients
• Provide the user access to management services and information
• Provide a graphical user interface • May access one or more management servers
– Management servers are the heart of the system • Support a set of management applications and a MIB • Store common management data models • Route management information to applications and clients
– Managed network devices • Are managed directly by one or more management servers • Through a vendor-specific element manager or proxy
28 PTIT HCM, Feb. 12
SNMP
(Simple Network Management Protocol)
29 PTIT HCM, Feb. 12
Introduction to SNMP
• Simple Network Management Protocol – Provides a tool
• for multi-vender, interoperable network management • used across a broad spectrum of product types
– include end systems, bridges, switches, routers and telecommunications equipment
– TCP/IP based
• Benefits: – Very simple protocol, easy to use – Allows remote management of the various machines – The functional model for monitoring and for managing is
scalable – Independent of machine architecture administered
30 PTIT HCM, Feb. 12
Simple Network Management Protocol
• A set of standards for network management
– a protocol
– a data base structure specification
– a set of data objects
31 PTIT HCM, Feb. 12
SNMP Family (1)
• SNMPv1
– Proposed in 1989
• SNMPv2
– Proposed in 1993
– Revised in 1995
– An upgrade to SNMPv1
– Add functional enhancements to SNMP and codify the use of SNMP on OSI-based networks
32 PTIT HCM, Feb. 12
SNMP Family (2)
• SNMPv3
– Issued in 1998
– Define a security capability for SNMP and an architecture for future enhancements
– Used with the functionality provided by SNMPv2 or SNMPv1
33 PTIT HCM, Feb. 12
The Model (1)
• An SNMP management is composed of three types of elements: – Agents to oversee equipment. We speak SNMP agent installed on any
type of equipment. – One or more management stations capable of interpreting data – A MIB (Management Information Base) describes the information
management.
• A protocol enabled by an API allows supervision, controlling and changing the settings of the elements of network.
• Functions: – Get: allows the station to interview an agent, – Get_next: allows playback of the next object of an agent without
knowing the name – Set: You can edit the data of an agent – Trap: You can send an alarm
34 PTIT HCM, Feb. 12
The Model (2)
35 PTIT HCM, Feb. 12
The Model (3)
• Using SNMP requires that all administrative agents and stations support IP and UDP.
• This limits the use of certain devices that do not support the TCP / IP.
• In addition, some machines (PC, station work, programmable controller, ... that implement TCP / IP support their applications, but do not wish to add a SNMP agent. – Use of the management proxy (proxies)
36 PTIT HCM, Feb. 12
MIB (Management Information Base)
• Data Model associated with SNMP: – SMI (Structure of Management Information) - meta model – MIB = list of variables recognized by the agents
• Database containing information on the network elements to manage
• 1 resource to be managed = 1 object – MIB = Collection structured objects – each node in the system must maintain a MIB reflecting the state of
managed resources – An administration entity can access resources on the node by reading
the values of the object and modifying them.
• 2 goals – A common pattern: SMI (Structure of Management Information) – A common definition of objects and their structure
37 PTIT HCM, Feb. 12
SMI (Structure of specification management information)
• Gives the rules of definition, access and adding objects in the MIB (meta model)
• Objective: to encourage simplicity and the extension of
the MIB – Make an object accessible in the same way on each
network entity – Have equal representation of objects – The MIB contains simple elements (scalar and arrays two-
dimensional scalar) – SNMP allows only scalar queries ≠ OSI provides structures
and methods of research complex
38 PTIT HCM, Feb. 12
The specification of the MIB accessible tree
• It uses ASN.1 syntax to describe the data.
• Each object is represented by an "object identifier"
• Example: Internet Object Identifier:: = {org ISO (3) dod (6) 1} 1.3.6.1 is in dotted notation for the node Internet.
•
• Example: directory OBJECT IDENTIFIER:: = {internet 1}
39 PTIT HCM, Feb. 12
The MIBs • Version 2 of the MIB • mib-2 OBJECT IDENTIFIER:: = {mgmt 1} • => Working Group "SNMP Working Group" • MIB II: 10 subsets are:
– System – Interfaces – At – Ip – Icmp – Tcp – Udp – Egp – Transmission – Snmp
40 PTIT HCM, Feb. 12
The MIBs
• System: is the name of the agent, no version, type of machine, operating system name, type of network software in printable ASCII
41 PTIT HCM, Feb. 12
The MIBs
• Interface: Different networks of a machine (number of interfaces, types of interfaces, nom of vendors, speed of interfaces, inPackets, outPackets, Packet errors ..
42 PTIT HCM, Feb. 12
The MIBs
• at: used for compatibility reasons with MIB-I. It generates a translation table between logical (IP) and physical (MAC) network addresses, similar to ARP
43 PTIT HCM, Feb. 12
The MIBs
• ip: different parameters (TTL, nb. received and sent packets, encapsulation packet, fragmentation, routing table, sub-netmask, PHY add., etc.
44 PTIT HCM, Feb. 12
The MIBs
• icmp: 26 counter, for each ICMP message, 2 counters operate for counting the sent and received messages
• tcp: provide the TCP connections (real-time), the parameters and states related to TCP connections ( listen, time-wait, nb. of active open connections, nb. of MAX simultaneously connections, …)
• udp: 4 counters indicate on the nb. of datagram UDP sent, received, errors,… The table generates an application list using UDP.
• egp: corresponding to EGP (External gateway protocol), related to the nb. of incoming, outgoing, error packets, table of adjacent routers, the information of routers,…
• transmission: only concern on Type Object Identifier::={transmission number}
Allow to identify the type of media used for transmission • snmp: related to SNMP protocol, including nb. of incoming,
outgoing, bad version SNMP message , etc.
45 PTIT HCM, Feb. 12
SNMP Network Management
SNMP Protocol Specs
SNMP Operations GetRequest-PDU
GetNextRequest-PDU
SetRequest-PDU
GetResponse-PDU
Trap-PDU
Polling Frequency and limitations of SNMP v1
SNMPv2
46 PTIT HCM, Feb. 12
Communication Model
Communicate mgnt information between network mgnt stations and managed elements
Goals: o Management functions maintained by agents are kept simple
o Protocol flexibility (addition of new aspects of operation and management)
o Transparency (should not be affected by the architecture of particular hosts and gateways)
Operation: 5 messages o get-request, get-next request, set-request
o get-response, trap
SNMP messages are exchanged using UDP (connection less) transport protocol
47 PTIT HCM, Feb. 12
Message Format
Protocol entities support application entities
Communication between remote peer processes Message consists of :
o Version identifier
o Community name
Protocol Data Unit
Message encapsulated in UDP datagrams and transmitted Loss of message time out!
version community data
Like FTP, SNMP uses two well-known ports to operate: UDP Port 161 - SNMP
Messages
UDP Port 162 - SNMP Trap Messages
Size of SNMP message: 1472 bytes
48 PTIT HCM, Feb. 12
3 different versions:
SNMPv1, SNMPv2, SNMPv3
Message Format
SNMP message format is defined using ASN.1, encoded for transmission over UDP using BER
Message ::= SEQUENCE {
version INTEGER {version-1(0)},
community OCTET STRING,
data PDUs
}
version community data
49 PTIT HCM, Feb. 12
Message Format-Set/Get PDU
version community data
Message ::= SEQUENCE {
version INTEGER {version-1(0)},
community OCTET STRING,
data PDUs
}
PDUs::= CHOICE {
get-request [0] IMPLICIT PDU,
get-next-request [1] IMPLICIT PDU,
get-response [2] IMPLICIT PDU,
set-request [3] IMPLICIT PDU,
trap [4] IMPLICIT Trap-PDU
}
50 PTIT HCM, Feb. 12
Message Format-Set/Get PDU
request-
id
error-
status variable-bindings
error-
index
PDU-
type
PDU ::= SEQUENCE {
request-id INTEGER,
error-status INTEGER {
noError (0),
tooBig (1),
noSuchName(2),
badValue (3),
readOnly (4),
genErr (5)
},
error-index INTEGER,
variable-bindings VarBindList
}
request-id: track a message and indicate loss of a message (e.g., timeout, etc.)
error-status: indicate the occurrence of error
error-index: indicate the occurrence of error (position in the list of variables)
variable-bindings: grouping of number of operations in a single message: e.g., one request to get all
values and one response listing all values 51 PTIT HCM, Feb. 12
Message Format-variable bindings
name value
var-bind 1
name value
var-bind 2
name value
var-bind n
. . .
VarBindList ::= SEQUENCE OF VarBind
VarBind ::= SEQUENCE {
name ObjectName,
value ObjectSyntax
}
ObjectName ::= OBJECT IDENTIFIER
ObjectSyntax ::= CHOICE {
simple SimpleSyntax,
application-wide ApplicationSyntax
}
52 PTIT HCM, Feb. 12
Message Format-variable bindings
SimpleSyntax ::= CHOICE {
number INTEGER,
string OCTET STRING,
object OBJECT IDENTIFIER,
empty NULL
}
ApplicationSyntax::= CHOICE {
address NetworkAddress,
counter Counter,
gauge Gauge,
ticks TimeTicks,
arbitrary Opaque
}
NetworkAddress::= CHOICE {
internet IpAddress
}
53 PTIT HCM, Feb. 12
Message Format-Trap PDU
Trap-PDU ::= SEQUENCE {
enterprise OBJECT IDENTIFIER,
agent-addr NetworkAddress,
generic-trap INTEGER {
coldStart (0),
warmStart (1),
linkDown (2),
linkUp (3),
authenticationFailure(4),
egpNeighborLoss (5),
enterpriseSpecific (6)
},
specific-trap INTEGER,
time-stamp TimeTicks,
variable-bindings VarBindList
}
Entreprise Agent
Address variable-bindings
Generic
Trap Type
PDU-
type
Specific
Trap Type
Time
Stamp
-Pertain to the system generating the trap (sysObjectID) -IP address of the object
Elapsed time since last re-initialization
Specific code to identify the trap cause…
54 PTIT HCM, Feb. 12
SNMP Network Management
SNMP Protocol Specs
SNMP Operations GetRequest-PDU
GetNextRequest-PDU
SetRequest-PDU
GetResponse-PDU
Trap-PDU
Polling Frequency and limitations of SNMP v1
SNMPv2
55 PTIT HCM, Feb. 12
SNMP Operations
An SNMP entity performs the following to transmit a PDU Construct a PDU using ASN.1
Pass PDU to Authentication Service (AS) along with s-d transport addresses and community name
o AS returns a PDU that is encrypted (if encryption is supported)
The Protocol entity then constructs an SNMP message by adding the version field and the community name to the PDU
Message is encoded using BER and it is passed to the transport service
An SNMP entity performs the following upon reception of an SNMP message
Basic syntax check, message is discarded in case of error
Verifies the version number--message discarded if there is mismatch
o Authentication (if supported): if message does not authenticate, generate trap and discard message.
Finally, using the community name, the access policy is selected and PDU is processed
56 PTIT HCM, Feb. 12
GetRequest PDU
Sender includes the following fields:
PDU Type
request-id
Variable-bindings
A list of object instances whose values are requested
SNMP dictates that a scalar object is identified by its OBJECT-IDENTIFIER concatenated with 0
e.g., sysDescr.0: distinguishes between the object type and an instance of the object
sysServices (7)
sysLocation (6)
sysDescr (1)
system (mib-2 1)
sysObjectId (2)
sysUpTime (3) sysName (5)
sysContact (4)
57 PTIT HCM, Feb. 12
GetRequest PDU
GetRequest (sysDescr.0)
GetResponse (sysDescr .0= "SunOS" )
GetRequest (sysObjectID.0)
GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )
GetRequest (sysUpTime.0)
GetResponse (sysUpTime.0=2247349530)
GetRequest (sysContact.0)
GetResponse (sysContact.0=" ")
GetRequest (sysName.0)
GetResponse (sysName.0="noc1 ")
GetRequest (sysLocation.0)
GetResponse (sysLocation.0=" ")
GetRequest (sysServices.0)
GetResponse (sysServices.0=72)
Manager Process
Agent Process
.0 indicates that the scalar value should be retrieved (scalar objects only)
The manager could have used only one message to obtain the values of all objects under system group: using “variable binding list” 58 PTIT HCM, Feb. 12
GetRequest PDU
Get Request is atomic
Either all values (of all variables provided in the binding list) retrieved or none
error message is generated if at least one of the variables could not be found/returned; error-
status:
noSuchName
tooBig
genErr
error-index: indicate the problem object (i.e., variable in binding list that caused the problem)
With SNMP, only leaf objects in the MIB can be retrieved e.g. it is not possible to
retrieve an entire row of a table by simply accessing the Entry Object (e.g., ipRouteEntry)
the management stations has to include each object instance (in the row) in the binding list
o By including the complete object identifier and respecting the rule of indexing!
59 PTIT HCM, Feb. 12
GetRequest PDU
GetRequest (ipRouteDest.9.1.2.3,
ipRouteMetric1.9.1.2.3, ipRouteNextHop. 9.1.2.3 )
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42
Index of table
60 PTIT HCM, Feb. 12
GetNextRequest PDU
PDU format: same as GetReqest
Difference: each variable in the binding list refers to
an object instance next in the lexicographic order
GetNextRequest (sysDescr.0) return the value of the object instance of sysObjectId
Advantages: Allows a network manager to discover a
MIB structure dynamically
Efficient way for searching through tables whose entries are unknown
sysServices (7)
sysLocation (6)
sysDescr (1)
system (mib-2 1)
sysObjectId (2)
sysUpTime (3) sysName (5)
sysContact (4)
61 PTIT HCM, Feb. 12
Error message: no object next to sysServices
GetNextRequest PDU
GetRequest (sysDescr.0)
GetResponse (sysDescr .0= "SunOS" )
GetNextRequest (sysDescr.0)
GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )
Get-Next-Request Operation for System Group
Manager Process
Agent Process
GetNextRequest (sysObjectID.0)
GetResponse (sysUpTime.0=2247349530)
GetNextRequest (sysUpTime.0)
GetResponse (sysContact.0=" ")
GetNextRequest (sysContact.0)
GetResponse (sysName.0="noc1 ")
GetNextRequest (sysName.0)
GetResponse (sysLocation.0=" ")
GetNextRequest (sysLocation.0)
GetResponse (sysServices.0=72)
GetNextRequest (sysServices.0)
GetResponse (noSuchName)
62 PTIT HCM, Feb. 12
Generalized Case
T Z A B
1.1
E
2.1 3.1
1.2 2.2 3.2
A sample MIB that contains both scalar values and aggregate objects
Retrieving scalar as well as aggregate objects using get-request and get-next-request
63 PTIT HCM, Feb. 12
Generalized Case
T.E.1.1 T.E.2.1 T.E.3.1
T.E.1.2 T.E.2.2 T.E.3.2
E
T
Z
A
B
GetRequest ( A )
GetResponse ( A )
GetRequest ( B )
GetResponse ( B )
GetRequest (T.E.1.1)
GetResponse ( T.E.1.1 )
GetRequest (T.E.1.2)
GetResponse ( T.E.1.2 )
GetRequest (T.E.2.1)
GetResponse ( T.E.2.1 )
GetRequest (T.E.2.2)
GetResponse ( T.E.2.2 )
GetRequest (T.E.3.1 )
GetResponse ( T.E.3.1 )
GetRequest (T.E.3.2 )
GetResponse ( T.E.3.2 )
GetRequest (Z )
GetResponse ( Z )
Manager Process
Agent Process
64 PTIT HCM, Feb. 12
Generalized Case
T.E.1.1 T.E.2.1 T.E.3.1
T.E.1.2 T.E.2.2 T.E.3.2
E
T
Z
A
B
Observations:
1)- we need to know all the elements in the MIB, including the # of columns and rows in a table
2)- a MIB is traversed from top to bottom (i.e., from left to right in the tree structure)
3)- data in tables is retrieved by traversing all instances of a columnar object
NOTES:
1)- dynamic table: # rows may not be known to manager
A request to T.E.1.3 results in error message
3)- GetNextRequest could avoid this!
4)- A convention is required for the definition of the next object in a MIB
SNMP uses lexicographic convention
65 PTIT HCM, Feb. 12
Lexicographic Convention
Procedure for ordering Start with leftmost digit as first position
Before increasing the order in the first
position, select the lowest digit in the second
position
Continue the process till the lowest digit in
the last position is captured
Increase the order in the last position until
all the digits in the last position are captured
Move back to the last but one position and
repeat the process
Continue advancing to the first position
until all the numbers are ordered
Tree structure for the above process
Numerical Order
Lexicographic order
1 1
2 1118
3 115
9 126
15 15
22 2
34 22
115 250
126 2509
250 3
321 321
1118 34
2509 9
66 PTIT HCM, Feb. 12
Lexicographic Ordring- example
3 9 1 2
18
1
5
2
6
2 10
9
21 4
start end 1
1.1
1.1.5
1.1.18
1.2
1.2.6
2
2.2
2.10
2.10.9
3
3.4
3.21
9
MIB example of lexicographic ordering
67 PTIT HCM, Feb. 12
T.E.1.1 is next object to scalar B
GetNextRequest PDU
T.E.1.1 T.E.2.1 T.E.3.1
T.E.1.2 T.E.2.2 T.E.3.2
E
T
Z
A
B
GetRequest ( A )
GetResponse ( A )
GetNextRequest ( A )
GetResponse ( B )
GetNextRequest ( B )
GetResponse ( T.E.1.1 )
GetNextRequest (T.E.1.1 )
GetResponse ( T.E.1.2 )
GetNextRequest (T.E.1.2 )
GetResponse ( T.E.2.1 )
GetNextRequest (T.E.2.1 )
GetResponse ( T.E.2.2 )
GetNextRequest (T.E.2.2 )
GetResponse ( T.E.3.1 )
GetNextRequest (T.E.3.1 )
GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 )
GetResponse ( Z )
GetNextRequest ( Z )
GetResponse ( noSuchName )
Manager Process
Agent Process
68 PTIT HCM, Feb. 12
GetNextRequest PDU
GetRequest ( A )
GetResponse ( A )
GetNextRequest ( A )
GetResponse ( B )
GetNextRequest ( B )
GetResponse ( T.E.1.1 )
GetNextRequest (T.E.1.1 )
GetResponse ( T.E.1.2 )
GetNextRequest (T.E.1.2 )
GetResponse ( T.E.2.1 )
GetNextRequest (T.E.2.1 )
GetResponse ( T.E.2.2 )
GetNextRequest (T.E.2.2 )
GetResponse ( T.E.3.1 )
GetNextRequest (T.E.3.1 )
GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 )
GetResponse ( Z )
GetNextRequest ( Z )
GetResponse ( noSuchName )
Manager Process
Agent Process
Advantages of Get-Next-Request 1)- no need to know the object
ID of the next entity to retrieve
its value
2)- issues with dynamic table
resolved
3)- allows NMS to discover the
structure of a MIB view
dynamically
4)- provides an efficient
mechanism for searching a table
whose entries are unknown
69 PTIT HCM, Feb. 12
Lexicographic Ordring- example
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42 ipRouteTable
1.3.6.1.2.1.4.21
ipRouteEntry
1.3.6.1.2.1.4.21.1 = x
ipRouteDest
x.1
ipRouteMetric1
x.3
ipRouteNextHop
x.7
ipRouteDest.9.1.2.3
x.1.9.1.2.3
ipRouteDest.10.0.0.51
x.1.10.0.0.51
ipRouteDest.10.0.0.99
x.1.10.0.0.99
ipRouteMetric1.9.1.2.3
x.3.9.1.2.3
ipRouteMetric1.10.0.0.51
x.3.10.0.0.51
ipRouteMetric1.10.0.0.99
x.3.10.0.0.99
ipRouteNextHop.9.1.2.3
x.7.9.1.2.3
ipRouteNextHop.10.0.0.51
x.7.10.0.0.51
ipRouteNextHop.10.0.0.99
x.7.10.0.0.99
Index of table
70 PTIT HCM, Feb. 12
Accessing Table Values
Retrieving the entire table w/out knowing its contents or number of rows:
GetNextRequest (ipRouteDest, ipRouteMetric1, ipRouteNextHop)
The agent will respond with the values from the first row
GetResponse ((ipRouteDest.9.1.2.3 = 9.1.2.3),
(ipRouteMetric1.9.1.2.3 = 3),
(ipRouteNextHop.9.1.2.3 = 99.0.0.3))
The MS stores this info and retrieves the second row
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42
71 PTIT HCM, Feb. 12
Accessing Table Values
GetNextRequest (ipRouteDest.9.1.2.3, ipRouteMetric1.9.1.2.3,
ipRouteNextHop.9.1.2.3)
-------------------------------------------
GetResponse ((ipRouteDest.10.0.0.51 = 10.0.0.51),
(ipRouteMetric1.10.0.0.51 = 5),
(ipRouteNextHop.10.0.0.51 = 89.1.1.42))
---------------------------------------------------------------------
GetNextRequest (ipRouteDest.10.0.0.51, ipRouteMetric1.10.0.0.51,
ipRouteNextHop.10.0.0.51)
-------------------------------------------
GetResponse ((ipRouteDest.10.0.0.99 = 10.0.0.99),
(ipRouteMetric1.10.0.0.99 = 5),
(ipRouteNextHop.10.0.0.99 = 89.1.1.42))
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42
72 PTIT HCM, Feb. 12
Accessing Table Values
What happens next!, When does the MS stop?
GetNextRequest (ipRouteDest.10.0.0.99, ipRouteMetric1.10.0.0.99,
ipRouteNextHop.10.0.0.99)
-------------------------------------------
GetResponse ((ipRouteMetric1.9.1.2.3 = 3),
(ipRouteNextHop.9.1.2.3 = 99.0.0.3),
(ipNetToMediaIfIndex.1.3 = 1))
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42
Object names in the list in the response does not match those in the request MS knows it has reached the end of the table
73 PTIT HCM, Feb. 12
SetRequest-PDU
Write a value rather than reading a variable
The operation is atomic: o either all variables in binding list are updated or none
Procedure receive-SetRequest:
begin
if object not available for set then
issue getresponse (noSuchName, index)
else if inconsistent object value then
issue getresponse (badValue, index)
else if generated PDU too big then
issue getresponse (tooBig)
else if value not settable for some other reason then
issue getresponse (genErr, index)
else issue getresponse (variable bindings)
end; 74 PTIT HCM, Feb. 12
SetRequest-PDU-example
Updating the value of ipRouteMetric1 metric of the first row:
SetRequest (ipRouteMetric1.9.1.2.3 = 9)
GetResponse (ipRouteMetric1.9.1.2.3 = 9)
Adding a row to the table -- a MS issues a command:
SetRequest ((ipRouteDest.11.3.3.12 = 11.3.3.12),
(ipRouteMetric1.11.3.3.12 = 9),
(ipRouteNextHop.11.3.3.12 = 91.0.0.5))
ipRouteDest ipRouteMetric1 ipRouteNextHop
9.1.2.3 3 99.0.0.3
10.0.0.51 5 89.1.1.42
10.0.0.99 5 89.1.1.42
Index of the new object instance in the table
But this is currently unknown for the agent!
75 PTIT HCM, Feb. 12
Three ways for the agent to handle the request:
1)- reject the operation with error-status = noSuchName
2)- recognize the operation (as creation of a new row) and check whether the operation can be accepted (i.e., all values are correct, no syntax error, etc..)
2.1)- if NO, then return error-status = badValue
2.2)- if YES, then new row is created and
GetResponse ((ipRouteDest.11.3.3.12 = 11.3.3.12),
(ipRouteMetric1.11.3.3.12 = 9),
(ipRouteNextHop.11.3.3.12 = 91.0.0.5))
If only this argument is passed, then the agent may accept or not; if it accepts to create the row, then the other objects are assigned default values
SetRequest-PDU-example
Adding a row to the table -- a MS issues a command:
SetRequest ((ipRouteDest.11.3.3.12 = 11.3.3.12),
(ipRouteMetric1.11.3.3.12 = 9),
(ipRouteNextHop.11.3.3.12 = 91.0.0.5))
76 PTIT HCM, Feb. 12
SetRequest-PDU-example
Row Deletion:
SetRequest (ipRouteMetric1.7.3.5.3 = invalid)
GetResponse (ipRouteMetric1. 7.3.5.3 = invalid)
Some other tables may/may not allow any operation to be done on its columnar objects – check RFCs for more details
Performing an action:
SNMP can read and set values of objects. SNMP can also issue commands to perform certain actions: example, a device may have a flag “reBoot”, if it is set by the manager, then the device will reboot.
77 PTIT HCM, Feb. 12
References
• Internet Standards 15, 16 and 17 • ASN.1 Complete, J. Larmouth, Open Systems Solutions, 1999 (available online) • SNMP : a guide to network management, S. Feit, McGraw-Hill, 1995 • Mani Subramanian .Network Management: Principles and Practice. Addison Wesley. 2000.
• Computer network manager E.C Rosen, 2002
• Richard Burke. Network Management: Concepts and Practice, A Hands-On Approach. Prentice Hall. 2003
Implementation • Net-SNMP (Net-SNMP: Open source SNMP implementation) • Netsnmpj: Open source SNMP for Java • OpenSNMP: multi-threaded SNMPv3 engine • PySNMP: pure-Python module, BSD license • TinySNMP: an easy to configure minimal SNMPv1 agent • .SNMPv3 for .NET • iReasoning MIB Browser / SNMP Manager (Free) • Net::SNMP : a pure Perl module that implements SNMPv1, v2 and v3 on IPv4 and IPv6 • SNMP4J - Free SNMP API for Java Managers and Agents • versatile-serializing.net, .NET library, contains a SNMP V2C implementation
PTIT HCM, Feb. 12 78