Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Jim Binkley SNMP SMI Structure of Management Information Network Mgmt/Sec.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Jim Binkley SNMP SMI Structure of Management Information Network Mgmt/Sec."— Presentation transcript:

1 1 Jim Binkley SNMP SMI Structure of Management Information Network Mgmt/Sec.

2 2 Jim Binkley Outline u ASN.1 short intro –BER –grammar/types u SMI –types and application types –MACROs –tables/examples

3 3 Jim Binkley jrb comment: u this will seem like “much ado about nothing” –painful, but useful taken in medicine-sized doses u formal definition of syntax u form before content... u Master Kung said: “the superior person defines his/her terminology first”

4 4 Jim Binkley ASN.1 u Abstract Syntax Notation Dot One u a formal grammar used for defining –packet encodings »ISO/OSI packet types (network layer and up) u CLNP - ISO IP equivalent »IETF SNMP Packet Data Units (app layer) –data definition language »X.500 data »RSA Public-Key Crypto Standards »SNMP data (variable binding part)

5 5 Jim Binkley for more information see: u RSA “A Layman’s Guide to a Subset of ASN.1, BER, and DER –Kaliski Jr., 1993 u Stallings, SNMP, etc. –Appendix B

6 6 Jim Binkley ASN consists of two parts u a formal grammar that consists of productions –A ::= B (definition of types and instances) –syntax sugar »e.g., comments -- this is a comment u and rules for encoding the constructs into binary data –Basic Encoding Rules (BER) u much like how a compiler takes a programming language and produces object (binary) data... (duh)

7 7 Jim Binkley syntax sugar u comments -- BLAH BLAH -- BLECH FOO! u ::= for assignment (e.g., derived types) –OctetStringType ::= OCTETSTRING u identifiers begin with a lowercase letter u type/module references begin with uppercase u built-in types all upper case u identifiers/type names can have digits/hypens

8 8 Jim Binkley BER (let’s go bottom up 1st) u Basic Encoding Rules –ISO 8825 –DER, in X.509, Distinguished Encoding, gives one way to define BER values only u how to encode/decode values of ASN.1 types into/from binary u basic idea: tag, length, value u roughly 1 byte tag (what is it), ASN.1 type u 1 byte length (how long is it) u value: the data itself as a string of bytes

9 9 Jim Binkley Great Scott! u SNMP is all TLVs... u keep in mind: mostly shipping MIB variable names (OIDs) and values back and forth u MIB values have an amazing tendency to be: –integers of various sizes –strings “my name is Joe Bob Cisco Router” –and a few constructs like IP addresses, etc.

10 10 Jim Binkley BER isn’t that simple though u 3 methods for encoding an ASN.1 value –length of data and/or number of tags in tag set u 1. primitive, definite-length –simple, non-string types –ID is tag (class and tag #) of ASN.1 type »02 for INTEGER, 04 OCTET STRING (bytes) –length, if less than 128 can fit in one byte –value/contents, the ASN.1 value as byte string »depends on the TYPE...

11 11 Jim Binkley BER 2/3 u 2. constructed, definite-length encoding –can be used for strings, structured types –length must be known in advance via length field (hence definite-length) u 3. constructed, indefinite-length encoding –strings, structured types, again –difference is length field NOT used –must look thru contents to find End-Of- Contents, two bytes with value 0x0000

12 12 Jim Binkley basic simple form, and bigger tag fields tag/id length value 1 byte 1 byte 1..127 bytes tag field decomposed: as one byte tag as multiple bytes class (2 bits) Prim/Con (1)tag # (5) c P/C tag=111111 tag bits 0 tag bits octet 1 octet 2 octet 3

13 13 Jim Binkley length can be long too OR ignored (indefinite length) 0 length <= 127 multi-byte (definite) 1 one byte length (definite) 7 bits, length in bytesmore bytes indefinite form (length not included) 10000000need EOC in data

14 14 Jim Binkley ASN tag classes u basic idea is that there are universal tags and possible application-derived (non- universal, local interest) tags u 00 - universal u 01 - application u 10 - context specific (more limited context than app) u 11 - private (no standards)

15 15 Jim Binkley some universal class/tags u 1 - BOOLEAN u 2 - INTEGER (2’s complement) u 3 - BIT STRING u 4 - OCTET STRING (aka bytes) u 5 - NULL u 6 - OBJECT IDENTIFIER u 7 - Object descriptor (human string - explain object) u 9 - REAL u 16 - SEQUENCE and /SEQUENCE-OF u 17 - SET and SET-OF u 27 - GeneralString

16 16 Jim Binkley types may be u simple - defined in terms of values –INTEGER (say 1..127 or whatever) u structured - defined in terms of other types –like a C structure, PERL associative array –or set in other programming languages –in ASN, structures may have structures (but not in SNMP...) –structures made up of component types

17 17 Jim Binkley some explanation u OBJECTIDENTIFIER –tree-based name scheme for all ASN objects –value is sequence of small integers u SEQUENCE - like a C structure –ordered list of types from simpler types u SEQUENCE OF - like an associative array –index scheme may be “interesting” –all component types the same u SET - basically like sequence but not ordered

18 18 Jim Binkley some BER examples (from Stallings) u 02, 02, FF 7F (INTEGER, -129) u 04,04, 01 02 03 04 (OCTET STRING, –value is 01020304 u 05 00 (NULL) u 1A 05 4A 6F T3 65 73 (CharacterString, 5 bytes of “Jones” u 30 06, 02 01 03, 02 01 08 (SEQUENCE of two INTEGERs)

19 19 Jim Binkley ASN module structure u must start with module definition u module-name DEFINITIONS ::= BEGIN IMPORTS section EXPORTS section Assignments (productions) section End u IMPORTS - from other modules u EXPORTS - definitions that can be used by other modules

20 20 Jim Binkley rfc1213.txt (aka MIB-II) u p. 12 starts with this: RFC1213-MIB DEFINITIONS ::= BEGIN IMPORTS mgmt,...IpAddress, Counter, Gauge, TimeTicks FROM RFC1155-SMI OBJECT-TYPE FROM RFC-1212; then some assignments... (some :->)

21 21 Jim Binkley types, types, types u the term “tag” may be over-used in ASN.1 u new types may be defined from old types u types may be called tagged types to create sub-name conventions u implicit - replace old tag with new class/tag number (derivation) u explicit - add new tag to create one component STRUCTURE type (encapsulation)

22 22 Jim Binkley type creation - example in ASN.1 speak u TelephoneNumber ::= [APPLICATION 3] IMPLICIT INTEGER (-range..+range) u meaning a new tag/type (implicit) has the application class, and is an integer

23 23 Jim Binkley CHOICE, ANY u data types without any tagging (no BER) u CHOICE when defined must include list of alternative types –only one will actually be used at runtime –e.g., SNMP PDU types include CHOICE of get-request, get-next-request, set-request, etc. u ANY is used when can’t know type in advance

24 24 Jim Binkley ASN MACRO facility exists u allows designer to arbitrarily extend ASN syntax to define new types/values u very limited use in SNMP (we’ll see it RSN) u form: MACRO ::= BEGIN TYPE NOTATION/s ::= new types VALUE NOTATION/s ::= new value type productions... END

25 25 Jim Binkley SMI - Structure of Management Information u ASN.1 is vast untamed grammar mechanism u SNMP seeks to simplify to smaller set of types/constructs/and a macro or two u need simplicity in order to have a shot at interoperability between managers/agents u RFC 1155 - Structure and Identification of Management Information for TCP/IP-based Internets, M. Rose, K. McCloghire, 1990

26 26 Jim Binkley overview u MIB tree structure u SNMP types –universal and application-wide –object types/OBJECT-TYPE macro u tables u a few examples

27 27 Jim Binkley MIB tree structure (again) u MIB variables named thru rooted tree u 1.3.6.1.2.2.1(system) etc... u iso(1).org(3).dod(6).internet(1) gets us to: u directory - reserved for X.500 u mgmt - IAB approved objects (MIB-2) u experimental - used to id objects used in Inet experiments u private - used to id private-enterprise objects

28 28 Jim Binkley org(3) iso(1) dod(6) internet(1) directory(1) X.500 mgmt(2) mib-2(1) experimental(3) private(4) enterprises(1) top part of OID tree

29 29 Jim Binkley types in SNMP u basically integers/strings/null/object id, some application types, and tables (reflected in sequence/sequence-of) u tables are simple objects (barring their index/walking mechanisms) –cannot have tables nested in tables u full ASN syntax definition is cut back quite a bit

30 30 Jim Binkley another way of looking at it: u ASN basic types NOT used include: –BOOLEAN –BIT STRING –ObjectDescriptor –EXTERNAL –REAL –ENUMERATED –SET and SET OF

31 31 Jim Binkley fundamentally includes: u INTEGER u OCTET STRING (aka bytes...) u OBJECT IDENTIFIER u SEQUENCE (one tuple) u SEQUENCE OF (ordered set of tuples)

32 32 Jim Binkley Application types u NetworkAddress - CHOICE of addrs, but only IpAddress at this point u IpAddress - 4 bytes OCTET STRING u Counter (Counter32) - non-neg int, 2*32-1 u Gauge - non-neg int (can go down) u TimeTicks - # ticks in 1/100 second since boot u Opaque - OCTET STRING, no attributes

33 33 Jim Binkley application types, cont u Counter - a counter may be incremented but not decremented. rolls over to zero at max –example: interface bytes in u Gauge - may increase or decrease. if max, gets stuck (latches) –example: temperature u timetick - note that it is relative, no notion like NTP/universal time

34 34 Jim Binkley from rfc1155 u IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (size 4) u Counter ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) u Gauge ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) u note: snmpv2 defines Counter32/Counter64,Gauge32/Gauge64

35 35 Jim Binkley OBJECT-TYPES u a MIB is a set of OBJECT-TYPES u each defines a kind of managed object –via a syntax description u an object instance is a particular instance bound to a specific value u the OBJECT-TYPE macro is used to define all MIB values

36 36 Jim Binkley ASN syntax: u OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= “SYNTAX” type (TYPE ObjectSyntax) “ACCESS” Access “STATUS” Status VALUE NOTATION ::= value (VALUE ObjectName)... END u some variable of some type with some value and a couple of attributes (access/status)

37 37 Jim Binkley continued u Access includes: –read-only –read-write –write-only –not-accessible (can’t read or write) u Status includes: –mandatory –optional –obsolete (don’t have to do it) –deprecated (implemented but doomed)

38 38 Jim Binkley continued u note definition of derived type u DisplayString ::= OCTET STRING (0..255) u Indices (used with table rows) may include CHOICE –number INTEGER –string OCTET STRING –object OBJECT IDENTIFIER –address NetworkAddress –IpAddress IpAddress

39 39 Jim Binkley 1.3.6.1.2.1.1.1 (an example) u mib-2(1).system(1).sysDescr(1) : –sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandatory DESCRIPTION “A textual description of the entity. This value should include the full name and version identification of the systems’ hardware type... yadda yadda”. ::= { system 1 }

40 40 Jim Binkley constructed types give us TABLE u row: type with form: ::= SEQUENCE {,, type } u :: = SEQUENCE OF u we get simple non-nestable 2-d table u IndexPart defines index mechanism for row

41 41 Jim Binkley example (logic not syntax garp): u mib-2.interfaces has ifTable (table) made up of ifEntry (row) u each ifEntry defines an interface with 22 component types u e.g., ifTable ifEntry ifIndex INTEGER -- unique per i/f ifDesc DisplayString ifType INTEGER (e.g., enet) ifMtu INTEGER etc...

Download ppt "1 Jim Binkley SNMP SMI Structure of Management Information Network Mgmt/Sec."

Similar presentations

Management Information Base for Version 2 of the Simple Network Management Protocol Presented by Zhou Ji (MIB for SNMPv2) By SNMPv2 Working Group.

Management Information Base for Version 2 of the Simple Network Management Protocol Presented by Zhou Ji (MIB for SNMPv2) By SNMPv2 Working Group.
1 Pertemuan 05 Model Informasi - SMI Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.

1 Pertemuan 05 Model Informasi - SMI Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
Chapter 7  Management Information Base (MIB) 1 Chapter 7 Overview  Structure of management info (SMI)  Definition of mib-2 objects  Use of MIB browser.

Chapter 7  Management Information Base (MIB) 1 Chapter 7 Overview  Structure of management info (SMI)  Definition of mib-2 objects  Use of MIB browser.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
MJ04/07041 Session 04 Arsitektur SNMP Organization Model Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

MJ04/07041 Session 04 Arsitektur SNMP Organization Model Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Simple Network Management Protocol (SNMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
Jump to first page PKI2001 (TIFR, Mumbai) ASN.1 Abstract Syntax Notation One ASN.1 is a standard way to describe a message(a unit application data) that.

Jump to first page PKI2001 (TIFR, Mumbai) ASN.1 Abstract Syntax Notation One ASN.1 is a standard way to describe a message(a unit application data) that.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
Network Management: SNMP

Network Management: SNMP
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.

1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.

SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.
Chapter 3 Basic Foundations: Standards, Models, and Language.

Chapter 3 Basic Foundations: Standards, Models, and Language.
1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.

1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.
Chapter 6 Overview Simple Network Management Protocol

Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.

McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
SNMP Management Information

SNMP Management Information

Similar presentations

Ads by Google