SNMP Simple Network Management Protocol
description
Transcript of SNMP Simple Network Management Protocol
1
SNMPSimple Network Management Protocol
2
SNMP Overview
Define mechanism for remote management of network devices (routers, bridges, etc.)
Fundamental principle: all device management done by simple variable value manipulation
Approach: standard means for specifying quantities recognized by
devices protocol for requesting, returning, notifying of changes of
values
3
SNMP Message Protocol
Messages use UDP, ports 161 (requests/responses) and 162 (notifications)
Message types: GetRequest: request values of variables from device GetNextRequest: request value of variable following the
one supplied GetResponse: return values SetRequest: instruct device to set values of variables Trap: from device - notify monitor / manager of value
change
4
SNMP SMI(Structure of Management Information)
Variables recognized by device supplied in MIB (Management Information Base)
text file giving variables and data structures defined using ASN.1
standard variable sets often provided as RFC’s device-specific sets provided by vendors
Management stations parse MIB’s to determine variables available for management
obtain both data structure and management information
5
Example portion of MIB (from RFC 1213)
-- the Interfaces group
-- Implementation of the Interfaces group is mandatory for -- all systems.
ifNumber OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The number of network interfaces (regardless of their current state) present on this system." ::= { interfaces 1 }
6
ASN.1 Object Identifiers
Variables identified by globally unique strings of digits ex: 1.3.6.1.4.1.3.5.1.1 name space is hierarchical; tree on next slide
in above, 1 stands for iso, 3 stands for org, 6 stands for dod, 1 stands for internet, 4 stands for private, etc.
Variable names are aliases for digit strings (within MIB)
From previous page: ifNumber ::= { interfaces 1 } interfaces was previously defined in MIB as 1.3.6.1.2.1.2, so
ifNumber = 1.3.6.1.2.1.2.1
7
Partial ASN.1 Object Identifier Tree
8
SNMP Environment
Manager processMIB
SNMP
Network dependent protocols
IP
UDP
Manager process
SNMP
Network dependent protocols
IP
UDP
Manager process
SNMP
Network dependent protocols
IP
UDP
Internetwork
TCP
UserProc.FTPetc.
NetworkManager Gateway Host/User Station
9
SNMP Specific Problems
Work on SNMP security took many many years to finally result in a stable and accepted SNMPv3 specification
Inefficiency of SNMP for retrieving bulk MIB data
10
SNMP Bulk Retrieval Problem
Problem: SNMP shows poor performance when retrieving
several thousands of MIB variables in a single logical transaction
Reasons: Lack of flow control Bandwidth inefficiency due to OID naming
overhead High latency caused by a large number of
request/response interactions
11
Proposal #1: SNMP over TCP
SNMP over TCP gives flow and congestion control for virtually no costs
Originator of a request/response transaction chooses the transport for one or more complete transactions
SNMP engines can close TCP connections at any point in time
SNMP engines may revert to SNMP over UDP when needed
SNMP engines must perform packetizing and connection management
12
Proposal #2: Lossless Payload Compression
Compress and wrap SNMP PDUs in a CompressedPDU
Each SNMP message is compressed and decompressed by itself without any relation to other SNMP messages (stateless compression)
The size of a compressed SNMP message must never exceed the size of the uncompressed message (non-expansion policy)
Support for multiple compression algorithms
Negotiation of compression algorithm via MIB objects
13
Deflate: Deflate achieves high compression ratios of 80 %
on typical MIB-II data Requires noticeable CPU resources on the
sending SNMP engine Interactions with message size constraints make it
difficult to build response messages that send as much data as possible
Proposal #2: Lossless Payload Compression
14
Proposal #3: Get-Subtree / Linked Responses
GetNext(row by row)
CG CR
GetNext(rows in parallel)
CG CR
GetBulk
CG CR
GetSubTree
CG CR
15
Proposal #3: Get-Subtree / Linked Responses
The format of get-subtree PDUs is similar to the format of the get-bulk PDU, except that there is no max-repetitions parameter
Linked response PDUs are ordinary response PDUs where the error-index contains a sequence number if the error-status is noError
Measurements over the loopback interface on a Linux box show that get-subtree is 4.5 times faster compared to get-next walks and 2 times faster than get-bulk walks
16
End of First Lecture