3AgendaWhy SNMP?An Introduction to SNMPTechnical Solution
4Why bother for SNMP at all? First version has been defined in the late 1980sRFC 1067, 1098, 1157A protocol to monitor and manage network elementsDefines a message structure and communication flowsWidely deployed and heavily used in the IT datacom industryRouter, switches, servers, network printers, ...One would think that SNMP isWell establishedWell deployed and thereWell tested!
6Summary – Why SNMP SNMP is well established in the IT community Application to new domains require thorough testingof existing functionalityin sometimes hazard environmentsby not native IT/datacom experts
7Introduction to SNMP (I) SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devicesComprised ofagents andmanagersSNMP is a “client pull” modelThe management system (client) “pulls” data from the agent (server)SNMP is a “server push” modelThe agent (server) “pushes” out a trap message to a (client) management system
8Introduction to SNMP (II) SNMP managementSNMP ProtocolDefinition of message formatOperation specificationStructure of Management Information (SMI)Rules specifying the format used to define objects managedManagement Information Base (MIB)A map all managed objectsLanguages of SNMPASN.1Used to define the MIBsBasic Encoding Rules (BER)For SNMP message encodingThree different versions of SNMP defined over the yearsv1, v2 and v3V3 adds authorization and encryption
10The Object Identifier (OID) A scheme that allows two vendors or products within a vendor to compare like itemsObject identifiers (OID) as the identification schemeAn OID is an ordered sequence of non-negative integers written left to right, containing at least two elementsOnce a MIB module is published, OIDs are bound for all time to the objects definedObjects cannot be deletedCan only be made obsoleteEven minor changes to an object are discouraged10
11SNMP Operations (v1, v2 & v3) GetGet-nextGet-bulk (SNMPv2 and SNMPv3)SetGet-responseTrapInform (SNMPv2 and SNMPv3)Report (SNMP2 and SNMPv3)11
12SNMP PDU Sequences Manager Agent GetNextRequest PDU GetRequest PDU GetResponse PDUSetRequest PDUGetNextRequest PDUTrap PDU(a) Get values(b) Get next values(c) Set values(d) Send trap12
14Summary – What is SNMP? A protocol to manage network agents Communication is ASN.1/BER basedMIBs define the managed objectsDifferent versions of SNMP are availableSecurity plays a major role in v3 but it is considered difficult to handle by users.
15Test AspectsSingle and multiple (table) values for the objects defined in the given MIB file(s) should be verified for type and value conformanceTest the main operations for each version of the SNMP protocol that is being usedGET/GET-NEXT/GET-BULK/SETNegative and positive testsPositive: e.g. GET a read-write objectNegative: e.g. SET a read-only objectTest the main operations within different security levels15
16Abstract Test Architecture for SNMP SNMPv3 Testing: Basic Test Concept ConfigurationTTCN-3Test SystemConvert MIB definitions to TTCN-3and import them in TTCN-3 modulesAct as a SMP ManagerSNMP TransmissionSNMP EntityCompile MIB definitionsMIB documentSNMP AgentSUT16
17Abstract Architecture for Testing SNMP jointly with other Protocols/Test Access SNMP TTCN-3 Test SystemSUTSET (USM)SNMP Testing ModuleSNMPGET / GETNEXT GET BULKGET RESPONSE / TRAPGeneric Test AccessIPLPTWebService17
18Abstract Workflow Create the test components Process MIBsCreate the test componentsCreate a TTCN-3 type system for messagesCreate test case templatesCreate test cases to test generic SNMP compliancePer defined OID create the relevant test templatesAdapt the templatesUse additional test access to enforce predictable SNMP valuesExecute the generated tests
20The Patterns Testing for type conformance Testing for values T5, T6, T7Testing for access rightsT2, T4Testing for values can be enhanced by value enforcement via additional test accessWeb Service, IP Packets,
21The Complete Test System Test CasesType SystemTTworkbenchCodecPortExternalFunctionsSUT
22Summary & Outlook Summary Outlook A test architecture as TTplugin-SNMP for testing SNMPv1,2,3 was developedFocus was on the seamless management of the different SNMP version and security mechanismsTest case templates that cover the main groups of tests for SNMP are defined and implemented in the frameworkA very powerful framework to quickly define test cases to SNMP agents and/or SNMP mastersTTplugin –SNMP can also be used to manipulate SNMP manged system in non-SNMP testing contextOutlookTo generate more test cases based on generic patterns22