1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information

2 Kyung Hee University Basic Concepts of SNMP  RFC 1157  General purpose operations supported by SNMP get : retrieving the value of objects at the agent set : setting the value of objects at the agent trap : notifying the management station of significant events  Control about the use of MIB Authentication service : the managed station may wish to limit access to the MIB to authorized managed stations Access policy : Managed station may wish to give different access privileges to management stations l SNMP access mode : {READ_ONLY, READ-WRITE} Proxy service :A managed station may act as a proxy to other managed stations. Involving implementing the authentication service and access policy service as a proxy to other managed stations

3 Kyung Hee University Instance Identification  Object instance is identified by columnar object and row in the table  Two techniques for identifying a specific object instance serial-access technique based on a lexicographic ordering of objects in the MIB (in section 7.2) random access technique  See Fig. 5.7 Three instances of tcpConnState have same object identifier : the value of INDEX objects of a table are used to distinguish one row from another combination of the object identifier for a columnar object and one set of values of the INDEX objects : specifying a particular scalar object in a particular row of the table

4 Kyung Hee University Instance Identification (2)  Convention used in SNMP : concatenating the scalar object identifier with the values of the INDEX objects  A simple example, Object ID of ifType : (see Fig. 5.1, 6.2) Accordingly, instance ID for the ifType corresponding to the row containing a value of ifIndex of 2 :  More complicated example consider tcpConnTable having 4 INDEX objects(See Fig. 5.6, Fig. 6.10) instance IDs for all of the columnar objects from Fig. 5.7 (see Table 7.2) See page 168

5 Kyung Hee University Instance Identification (3)

6 Kyung Hee University Instance Identification (3)  Conceptual Table and Row Objects no instance ID for table and row objects for example, tcpConnTable and tcpConnEntry are not leaf objects l not accessible by SNMP ACCESS characteristic : “not accessible”  Scalar Objects Instance ID of nontabular scalar object : Object ID + 0 example, see Table 7.4

7 Kyung Hee University Lexicographical Ordering  Object ID : exhibiting a lexicographical ordering generated by traversing the tree of object ID in the MIB See Appendix 7A extending to object instance ID (sequence of integers)  For example, ipRouteTable ( See Figure 7.2 and Table 7.5)

8 Kyung Hee University Lexicographical Ordering

9 Kyung Hee University Lexicographical Ordering

10 Kyung Hee University Protocol Specification  Protocol Data Unit VersionCommunitySNMP PDU PDU type Request-id 0 0Variablebindings PDU type Request-id Variablebindings Error status Error index PDU type enterprise Variablebindings Agent addr Generic- trap Specific- trap Time stamp name1 value 1 valuen name2 value namen (a) SNMP message (b) GetRequest PDU, GetNextRequest PDU, and SetRequest PDU (c) Get Response PDU (d) Trap PDU (e) variablebindings Generic trap : - A warmStart trap signifies that the sending protocol entity is reinitializing itself such that neither the agent configuration nor the protocol entity implementation is altered. - A coldStart trap signifies that the sending protocol entity is reinitializing itself such that the agent's configuration or the protocol entity implementation may be altered

11 Kyung Hee University Action of SNMP Entity upon Reception of an SNMP Message 1) basic syntax check of message 2) verifying version number 3) passing user name, PDU portion of message, and the source and destination transport address to authentication service (a) if authentication fails, generating trap (b) if authentication succeeds, authentication service returns a PDU 4) protocol entity does basic syntax check of PDU

12 Kyung Hee University Variable Bindings  Grouping a number of operations of the same type (get, set, trap) into single message  Getting the values of all the scalar objects in a particular group at a particular agent

13 Kyung Hee University GetRequest PDU  Issued by SNMP entity  Including following fields in the PDU: PDU type : GetRequest PDU request-id : for correlating incoming response variablebindings : lists of object instances l automic operation l if not match to object ID : noSuchName as error-status  Receipt of SNMP PDUs ( see Fig7.6)

14 Kyung Hee University GetRequest PDU  SNMP PDU Sequences

15 Kyung Hee University GetNextRequest PDU  Returning the value of object instance that is next in lexicographical order.  Automic operation but, more flexible than GetRequest  Allowing a network management station to discover the structure of a MIB view dynamically providing an efficient mechanism for searching a table whose entries are unknown  Retrieving a Simple Object Value (see sec ) GetRequest (udpInDatagrams.0, udpNoPorts.0, udpInErrors.0, udpOutDatagrams.0) GetNextRequest (udpInDataGrams, udpNoPorts, udpInErrors, udpOutDatagrams)

16 Kyung Hee University GetNextRequest PDU (2)  Retrieving Unknown Objects GetNextRequest (udpInDatagrams.2) --> GetResponse (udpNoPorts.0 = value) GetNextRequest (udp) ---> GetNextRequest(udpInDataGrams.0 = value) l to probe a MIB view and discover its structure  Accessing Table Values See page 184

17 Kyung Hee University SetRequest PDU  Used to write an object value rather than read one  Automic operation  badValue for type, length, or actual value of the supplied value  Updating a Table SetRequest (ipRouteMetric = 9) --> GetResponse (ipRouteMetric = 9) Supporting a new row (see Page 186) something depends on policy and implementation matter for the agent  Row Deletion SetRequest (ipRouteType = invalid) --> GetResponse (ipRouteDest = invalid) : having the effect eliminating the row See Table 7.8

18 Kyung Hee University SetRequest PDU (2)  Performing an Action an agent could include a proprietary object reBoot with an initial vaule; if a management station sets the object’s value to 1, the agent system reboots and resets the object vale to 0

19 Kyung Hee University Trap PDU  PDU type : Trap PDU  Enterprise : identifying the network management subsystem  agent-addr  generic-trap : having 7 values  specific-trap  time-stamp  variablebindings  Not soliciting a response from the other side

20 Kyung Hee University Transport-Level Support  Connetionless Transport Service Using the User Datagram Protocol (UDP) Using connectionless transport support service (CLTS) of OSI architecture UDP details l UDP over IP l UDP header : – source and destination port fields – enabling application-level protocols such as SNMP to address each other – optional checksum for UDP header and user data CLTS details l Transport protocol data unit including source and destination transport service access points (TSAPs) l Optional checksum l TSAP address : network-layer address + TSAP ID

21 Kyung Hee University Transport-Level Support (2) Loss of PDU l UDP and CLTS are not reliable l Guaranteeing delivery application that is using SNMP – setting time-out of GetResponse – repeating the request one or more times  Connection-Oriented Transport Service SNMP intended for use over a connectionless transport service l Key reason : for robustness RFC 1283 : prescribing conventions for the use of SNMP over the ISO connection-oriented transport service (COTS) At first, setting-up a transport connection to the agent, then sending request

22 Kyung Hee University SNMP Group  Snmp group as part of MIB-II including information relevant to the implementation and operation of SNMP (see Figure and Table 7.9)  all of the objects except object, snmpEnableAuthenTraps : Read-only counters

23 Kyung Hee University List of features for network management station  Extended MIB support network management station that can load MIB definitions for extended MIBs defined for agent products from other vendors  Intuitive interface easy and powerful user interface l separate window for each part of the network l capable of displaying topological and geographic maps of the network l capable to show the status of the devices  Automatic discovery At the installing time, able to discover agents to build maps and configure icons  Programmable events allowing for user to define the actions for occurrence of the events l ex) changing states of icons, messages to manager, setting off beeper

24 Kyung Hee University List of features for network management station (2)  Advanced network control performing some predefined functions under certain conditions l ex) automatic shut-off for a bad or suspect hub or isolating an overactive network segment so that the whole network does not suffer  Object-oriented management MIB and SMI specifications referring to “objects”, but SNMP not using object-oriented technology Object-oriented system that can support SNMP  Custom iconsd not just simple rectangular and circle to describe network topology, but descriptive icons creating custom icons