Chapter 6 Overview

Simple Network Management Protocol
o SNMPv1
SNMP packet format
 Structure of MIB tree
 MIB-2 objects
 SNMP commands
 SNMP security
 Network mgmt system functions

Chapter 6  SNMP
1
SNMP
 Recall
that SNMP is
o An application layer protocol
o Used to transfer info between mgmt
station and mgmt agent
 SNMP
is part of network management
o Like HTTP is part of Web browsing
Chapter 6  SNMP
2
Web Browsing
 Web
o
o
o
o
o
browsing requires
Web browser on your computer
HTTP
Web server(s) with data
Software on Web server
Communication architecture
Chapter 6  SNMP
3
Network Management
 Network
management requires
o Management application, mgmt
processes, management MIB
o SNMP
o Agent process, agent MIB
o Communication architecture
Chapter 6  SNMP
4
Management Environment
Manage ment
Appli cation
Appli cation Layer
SNMP
Mgmt Proce ss
TCP/IP
Proto col
Stack
Virtual
MI B
MI B
Appli cation Layer
SNMP
Agent Proc ess
Transport Lay er
Transport Lay er
Networ k Layer
Networ k Layer
Networ k Interface
Lay er
Networ k Interface
Lay er
MAC Layer
MAC Layer
Physical Layer
Physical Layer
TCP/IP
Proto col
Stack
 Components
of mgmt
environment
Physical Netwo rk
Management Station
Chapter 6  SNMP
Management Agent
5
Mgmt Application
This is the main part of NMS software
 Application that requests and manages info
from agents
 Display results in a usable format

o Graphs, pictures, etc.

May display data in the ISO mgmt
categories
Chapter 6  SNMP
6
Mgmt Process
 Mgmt
processes support mgmt
application
 Application programs that do
necessary functions
o For example, process accesses MIB
variable and passes it to SNMP
Chapter 6  SNMP
7
Mgmt Station SNMP
 Processes
packet to be sent to agent,
and those received from agent
 Note that SNMP packet contains
o
o
o
o
Version number
Community string
SNMP command
List of variables
Chapter 6  SNMP
8
Mgmt Agent SNMP
 Like
previous slide, but on agent
 For received SNMP packet
o Extract MIB variable
o Pass MIB variable to agent process
Chapter 6  SNMP
9
Agent Process
 Purpose
is to get the requested data
 Agent must locate the data in “virtual
database”
 Then prepare date for
o Mgmt agent SNMP (previous slide)
Chapter 6  SNMP
10
Essential Mgmt Components
Essential mgmt components include…
 MIB on Mgmt Station

o Stores MIB variables

NMS application software
o Display, analyze data

SNMP
o Format used for request/reply messages

Agent process
o Gathers data from virtual database
Chapter 6  SNMP
11
SNMPv1 Packet
 SNMPv1
packet has the form
Version
 Version
Communi ty Name
Protocol Data Unit (PDU)
 the version of SNMP
o SNMPv1 is “0” in version field
 Community
name  like a password
o Agent can limit who can see what
o Sent “in the clear”, so not very secure
Chapter 6  SNMP
12
SNMPv1 PDU
 PDU
for Get-Request, Get-Next-Request
and Set-Request has fields:
Request
ID
Error
Status
Error
Index
VarBindList
 Request
ID  like a sequence number
 Error status  error in Get-Response
 Error index  first variable in
VarBindList that caused error
Chapter 6  SNMP
13
SNMPv1 PDU

Error status
o
o
o
o
o
o
0 = noError
1 = tooBig (PDU has too many bytes)
2 = noSuchName (no object with requested name)
3 = badValue (invalid no. for PDU type)
4 = readOnly (incorrect implementation of SNMP)
5 = genErr (any other error)
Chapter 6  SNMP
14
SNMPv1 PDU
 VarBindList
form
 list of pairs of the
Variable ID
Variable Value
o Variable ID  Object Identifier as
defined in SMI specification
o Variable value  actual value, which
could be integer, IP address, etc.
Chapter 6  SNMP
15
SNMP Commands

SNMP commands (numbered 0 thru 4)
o Get-Request  request value(s) from agent MIB
o Get-Next-Request  next MIB element (based
on object identifier) in lexicographic order
 Can use this to “walk” the MIB tree
o Get-Response  response from agent
o Set-Request  write a value in agent’s MIB
 For example, the value might shut down device
o Trap  unsolicited msg from agent
Chapter 6  SNMP
16
SNMP Trap
 Trap
PDU is of the form
Enterprise
Agent
Address
Generic
Trap
Number
Specific
Tra p
Numb er
Time
Stamp
VarB ind List
o Enterprise  Object Identifier for device
that created trap message
o Agent address  IP address of device
o Generic trap number  7 categories
o Specific trap number  code number
o Time stamp  time since device initialized
o VarBindList  same as defined previously
Chapter 6  SNMP
17
SMI
 Structure
o RFC 1155
of Management Info
 The
data structure on the agent
 Object Identifier mapped to value
stored on subsystem
o NIC is example of a subsystem
o MAC address could be desired value
Chapter 6  SNMP
18
SMI

Each object has a name
o Groups of related objects also defined

Each object has a type
o For example, “integer”

Types can be
o Simple  a single value
o Constructed  multiple objects of simple type
Chapter 6  SNMP
19
SMI

SMI specification uses subset of Abstract
Syntax Notation One (ASN.1)
o Formal specification of MIB objects

ASN.1 used to specify
o
o
o
o

Name of object
Type of object
Read, read-write, or not accessible
Brief description of object
See Appendix B for info on ASN.1
Chapter 6  SNMP
20
SMI Object Tree
0 is the root
 Example:
Object ID of
sysDescr(1) is
1.3.6.1.2.1.1.1

Chapter 6  SNMP
21
SMI Object Tree
MIB objects identified as on previous slide
 Tree can be arbitrarily deep
 MIB-2 defined with 10 groups

o System, interfaces, address translation, IP,
ICMP, TCP, UDP, EGP, transmission, SNMP
o Later added 13 more groups (extensions)
o Group can contain many objects, and these
objects can be “constructed” type
Chapter 6  SNMP
22
Proprietary MIBs and RMON

If not enough groups in MIB-2…
o …can create a proprietary MIB

Proprietary MIBs are listed under
enterprise
o Enterprise is a sub-node of private (4)

RMON
o Remote Monitoring Standard
o An extension of MIB-2
o Deals with traffic on a network segment
Chapter 6  SNMP
23
SMI Tree
mi b-2 (1)
1.3.6.1.2.1
 MIB-2
(1)
 IP has 23 objects
sys tem (1)
interfaces (2)
at (3)
o ipRouteTable (21)
ip (4)
 ipRouteEntry (1),
consists of 13
column objects
icmp (5)
tcp (6)
udp (7)
ipRouteTable (21)
egp (8)
ipRouteEntry (1)
transmission (10)
snmp (11)
Chapter 6  SNMP
ipRou teNextHop
1.3.6.1.2.1.4.21.1.7
24
ipRouteEntry
ipRouteEntry = 1.3.6.1.2.1.4.21.1
ipR oute
Dest
(1)
10.3.4.3
10.3.4.4
10.3.4.5
ipR oute
ifindex
(2)
1
2
3
ipR oute
Metric 1
(3)
ipR oute
Metric 2
(4)
ipR oute
Metric 3
(5)
ipR oute
Metric 4
(6)
ipR oute
NextHop
(7)
ipR oute
Type
(8)
ipR oute
Protocol
(9)
ipR oute
Age
(10)
ipR oute
Mask
(11)
ipR oute
Metric 5
(12)
An instance of ipRouteEntry consists of all
13 columns in the table above
 How to select column 7?

o 1.3.6.1.2.1.4.21.1.7
o Note that the result is a column, not a value

How to specify row 3 of column 7?
o ipRouteDest serves as Index Object
o 1.3.6.1.2.1.4.21.1.7.10.3.4.5
Chapter 6  SNMP
25
ipR oute
Info
(13)
wsnmp
wsnmp is SNMP command line program
 Suppose we want to get sysDescr

Why does “get sysDescr” fail?
 Get-Request returns an instance (a value)

o sysDescr is an object

Must include Index Object of 0
Chapter 6  SNMP
26
wsnmp


Recall Get-Next-Request gets next object
in MIB tree (in lexicographic order)
getnext sysDescr
o sysDescr is at 1.3.6.1.2.1.1.1 in MIB tree
o sysDescr.0, i.e., 1.3.6.1.2.1.1.1.0, is next location in
MIB tree that contains a value
o The value at sysDescr.0 is “Hardware: x86 … “
Chapter 6  SNMP
27
wsnmp


Recall Get-Next-Request gets next object
in MIB tree (in lexicographic order)
getnext sysDescr.0
o sysDescr.0 is at 1.3.6.1.2.1.1.1.0 in MIB tree
o 1.3.6.1.2.1.1.2.0, sysObjectID.0, is next location
with a value
o Value of sysObjectID.0 is 1.3.6.1.4.1.311.1.1.3.1.3
Chapter 6  SNMP
28
MIB-2 System Group
sys tem (1)
1.3.6.1.2.1.1
sys Descr (1)
sys ObjectID (2)
sys UpTime (3)
sys Contact (4)
 Note
that
“311” (on
previous slide)
stands for
IBM
sys Name (5)
sys Location (6)
sys Services (7)
Chapter 6  SNMP
29
Get-Request vs Get-Next-Request

Spse you use Get-Request
o If no value for requested object (or other
error), NULL and error returned
o As we saw with “get sysDescr”

Spse you use Get-Next-Request
o If no value for specified object, you will still
get next value in MIB tree
o This is a good thing!
Chapter 6  SNMP
30
Get-Request vs Get-Next-Request
ipRouteEntry = 1.3.6.1.2.1.4.21.1
ipR oute
Dest
(1)
10.3.4.3
10.3.4.4
10.3.4.5
ipR oute
ifindex
(2)
1
2
3

ipR oute
Metric 1
(3)
ipR oute
Metric 2
(4)
ipR oute
Metric 3
(5)
ipR oute
Metric 4
(6)
ipR oute
NextHop
(7)
ipR oute
Type
(8)
ipR oute
Protocol
(9)
ipR oute
Age
(10)
ipR oute
Mask
(11)
ipR oute
Metric 5
(12)
What is result of GetNextRequest(ipRouteEntry)?
o Address of ipRouteEntry is 1.3.6.1.2.1.4.21.1
o Next value in MIB is at index 1.3.6.1.2.1.4.21.1.1.10.3.4.3
o Result: ipRouteDest.10.3.4.3 = 10.3.4.3

What is GetNextRequest(ipRouteDest.10.3.4.5)?
o ipRouteDest.10.3.4.5 is 1.3.6.1.2.1.4.21.1.1.10.3.4.5
o Next value in MIB tree is at 1.3.6.1.2.1.4.21.1.2.10.3.4.3
o Result: ipRouteifIndex.10.3.4.3 = 1
Chapter 6  SNMP
31
ipR oute
Info
(13)
Get-Request vs Get-Next-Request
ipRouteEntry = 1.3.6.1.2.1.4.21.1
ipR oute
Dest
(1)
10.3.4.3
10.3.4.4
10.3.4.5
ipR oute
ifindex
(2)
1
2
3

ipR oute
Metric 1
(3)
ipR oute
Metric 2
(4)
ipR oute
Metric 3
(5)
ipR oute
Metric 4
(6)
ipR oute
NextHop
(7)
ipR oute
Type
(8)
ipR oute
Protocol
(9)
ipR oute
Age
(10)
ipR oute
Mask
(11)
ipR oute
Metric 5
(12)
What is GetNextRequest(ipRouteifIndex.10.3.4.3)?
o ipRouteifIndex.10.3.4.3 is 1.3.6.1.2.1.4.21.1.2.10.3.4.3
o Next value in MIB tree is at 1.3.6.1.2.1.4.21.1.2.10.3.4.4
o Result: ipRouteifIndex.10.3.4.4 = 2

ipR oute
Info
(13)
What is result of GetNextRequest(ipRouteTable)?
o Recall address of ipRouteTable is 1.3.6.1.2.1.4.21
o Next value in MIB is at index 1.3.6.1.2.1.4.21.1.1.10.3.4.3
o Result: ipRouteDest.10.3.4.3 = 10.3.4.3
Chapter 6  SNMP
32
Get-Next-Request

Can use Get-Next-Request to access all
values in a table
o Even if we don’t know how many rows in table
Can access values in MIB tree from a given
starting point on
 Can “walk” the MIB tree in lexicographic
order
 A nice feature!

Chapter 6  SNMP
33
Set Command
Recall Set-Request used to remotely “set”
(write) a value
 For example,

o SetRequest(sysContact = Frank)
o Would change value of sysContact to “Frank”
o Response to this would be Get-Response with
sysContact = Frank
Chapter 6  SNMP
34
Security

We mentioned previously the SNMP
method of authentication
o A community name acts like a password
o More than one mgmt station may have access

Authorization is also a concern
o Assuming that you have access…
o …then what are you allowed to do?
Chapter 6  SNMP
35
Security
 SNMP
security features
Authentication
 Community
Name
Authorization (Rights)
 SNMP Access Mode
 Read-Only
 Read-Writ e





MIB Acce ss
read-only
read-writ e
writ e-only
not-accessible
MIB View
 Object
 Object 2



 SNMP
Object N
community profile
o Access mode specifies type of access
o MIB view specifies access or not
Chapter 6  SNMP
36
Security
 SNMP
security features
Authentication
 Community
Name
Authorization (Rights)
 SNMP Access Mode
 Read-Only
 Read-Writ e





MIB Acce ss
read-only
read-writ e
writ e-only
not-accessible
MIB View
 Object
 Object 2



 SNMP
Object N
Access Policy
o Combination of all of the above
Chapter 6  SNMP
37
Security
SNMP Access Mode  MIB Access
 Mapping between these given below

SNMP Access Mode
Read-Only
Read-Writ e
MIB Acce ss
Read-Only
Read-Writ e
Writ e-Only
Not-accessible
Read-Only
Read-Writ e
Writ e-Only
Not-Accessible
Chapter 6  SNMP
Resolution
Object ava il able for Get and Trap operations
Object ava il able for Get and Trap operations
Object ava il able for Get and Trap operations but
the value is im plementation dependen t
Object is unava il able
Object ava il able for Get and Trap operations
Object ava il able for Get, Set and Trap
operations
Object ava il able for Get, Set and Trap
operations but the value is im plementation
depend ent for Get and Trap operations
Object is unava il able
38
Proxy

SNMP agent can act as a proxy
o To collect mgmt values
Device might not support SNMP
 Might be used to improve performance

Chapter 6  SNMP
39
Meterware NMS
 MIB
browser
screen
 Much easier
than command
line mode!
Chapter 6  SNMP
40
Meterware NMS
 Meterware
“decodes” the information
and presents it in a readable form
o Also presents hex view
 See
book for more pictures of
Meterware output
Chapter 6  SNMP
41
Chapter 6 Summary
 Components
of mgmt environment
 Format of SNMP messages
o Get-Request
o Get-Next-Request
o Command line
 Security
(or lack thereof)
 Meterware NMS
Chapter 6  SNMP
42