Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP4690, by Dr Xiaowen Chu, HKBU

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "COMP4690, by Dr Xiaowen Chu, HKBU"— Presentation transcript:

1 COMP4690, by Dr Xiaowen Chu, HKBU
Network Management Chapter 3 SNMP and MIB COMP4690, by Dr Xiaowen Chu, HKBU

2 COMP4690, by Dr Xiaowen Chu, HKBU
Outline SNMPv1: Simple Network Management Protocol SMI: Structure of Management Information MIB: Management Information Base SNMPv3 COMP4690, by Dr Xiaowen Chu, HKBU

3 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv1 Packet SNMPv1 packet has the form Version  the version of SNMP SNMPv1 is “0” in version field Community name  like a password Agent can control who can access what Sent as plaintext, so not secure Improved by SNMPv3 COMP4690, by Dr Xiaowen Chu, HKBU

4 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv1 PDU SNMP has different types of packets, each with different format. PDU for Get-Request, Get-Next-Request and Set-Request has fields: Request ID  an integer, like a sequence number Error status  error in Get-Response Error index  an integer which identifies the first variable in VarBindList that caused error COMP4690, by Dr Xiaowen Chu, HKBU

5 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv1 PDU Error status 0 = noError 1 = tooBig (PDU has too many bytes) 2 = noSuchName (no object with requested name) 3 = badValue (invalid no. for PDU type) 4 = readOnly (incorrect implementation of SNMP) 5 = genErr (any other error) COMP4690, by Dr Xiaowen Chu, HKBU

6 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv1 PDU VarBindList  a list of Variable ID and Variable Value: Variable ID  Object Identifier of the variable defined in SMI specification Variable Value  actual value, which could be integer, IP address, etc. COMP4690, by Dr Xiaowen Chu, HKBU

7 COMP4690, by Dr Xiaowen Chu, HKBU
SNMP Commands SNMPv1 commands (numbered 0 thru 4) Get-Request  request value(s) from agent MIB Get-Next-Request  request next MIB element (based on object identifier) in lexicographic order Can use this to “walk” the MIB tree Get-Response  response from agent Set-Request  write a value in agent’s MIB Trap  unsolicited message from agent, to inform the managing entity of exceptional events SNMPv2 has two more commands: Get-Bulk-Request  get values in large block of data Inform-Request  used by a managing entity to notify another managing entity of MIB information COMP4690, by Dr Xiaowen Chu, HKBU

8 COMP4690, by Dr Xiaowen Chu, HKBU
SNMP Trap Trap PDU is of the form Enterprise  Object Identifier for device that created trap message Agent address  IP address of device Generic trap number  7 categories Specific trap number  code number Time stamp  time since device initialized VarBindList  same as defined previously COMP4690, by Dr Xiaowen Chu, HKBU

9 COMP4690, by Dr Xiaowen Chu, HKBU
SMI & MIB The agent needs to find the “Variable Value” based on the “Variable ID”. It’s better to define a data structure. Object Identifier mapped to value stored on subsystem E.g., NIC is a subsystem, its MAC address could be the desired value COMP4690, by Dr Xiaowen Chu, HKBU

10 COMP4690, by Dr Xiaowen Chu, HKBU
SMI & MIB Each object in the MIB has a name Groups of related objects also defined Each object has a type For example, “integer” Types can be Simple  a single value Constructed  multiple objects of simple type SMI: Structure of Management Information RFC 1155 The language used to define MIBs COMP4690, by Dr Xiaowen Chu, HKBU

11 COMP4690, by Dr Xiaowen Chu, HKBU
SMI SMI specification uses subset of Abstract Syntax Notation One (ASN.1) Formal specification of MIB objects ASN.1 used to specify Name of object Type of object Read, read-write, or not accessible Brief description of object COMP4690, by Dr Xiaowen Chu, HKBU

12 COMP4690, by Dr Xiaowen Chu, HKBU
Data types of SMI (RFC 2578) INTEGER Interger32 Unsigned32 OCTET STRING IPaddress Counter32 Counter64 Etc. COMP4690, by Dr Xiaowen Chu, HKBU

13 Higher-Level Constructs
OBJECT-TYPE To specify the data type, status, and semantics of a managed object Four clauses SYNTAX: specify the basic data type MAX-ACCESS: whether the object can be read & written, created, etc. STATUS: valid, obsolete, or deprecated DESCRIPTION: human-readable textual definition COMP4690, by Dr Xiaowen Chu, HKBU

14 Higher-Level Constructs
MODULE-IDENTITY Allow related objects to be grouped together within a “module” E.g., RFC2012 defines the MIB module for TCP, RFC2013 defines the MIB module for UDP, RFC2021 defines the MIB module for RMON COMP4690, by Dr Xiaowen Chu, HKBU

15 MIB: Management Information Base
A virtual information store, holding managed objects whose values collectively reflect the current “state” of the network. The values may be queried and/or set by a managing entity by SNMP messages. Managed objects are specified using the OBJECT-TYPE SMI construct, and gathered into MIB modules using the MODULE-IDENTITY construct. COMP4690, by Dr Xiaowen Chu, HKBU

16 Object Identifier Tree
0 is the root Example: Object ID of tcp is COMP4690, by Dr Xiaowen Chu, HKBU

17 Object Identifier Tree
MIB objects identified as on previous slide Tree can be arbitrarily deep MIB-2 defined with 10 groups System, interfaces, address translation, IP, ICMP, TCP, UDP, EGP, transmission, SNMP Later added 13 more groups (extensions) Group can contain many objects, and these objects can be “constructed” type COMP4690, by Dr Xiaowen Chu, HKBU

18 Proprietary MIBs and RMON
If not enough groups in MIB-2… …can create a proprietary MIB Proprietary MIBs are listed under enterprise Enterprise is a sub-node of private (4) RMON Remote Monitoring Standard An extension of MIB-2 Deals with traffic on a network segment COMP4690, by Dr Xiaowen Chu, HKBU

19 COMP4690, by Dr Xiaowen Chu, HKBU
Security We mentioned previously the SNMP method of authentication A community name acts like a password More than one mgmt station may have access Authorization is also a concern Assuming that you have access… …then what are you allowed to do? COMP4690, by Dr Xiaowen Chu, HKBU

20 COMP4690, by Dr Xiaowen Chu, HKBU
Security SNMP security features SNMP community profile Access mode specifies type of access MIB view specifies access or not COMP4690, by Dr Xiaowen Chu, HKBU

21 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv3 SNMPv3 can be thought of as SNMPv2 with additional security and administration capabilities. SNMP applications Command generator: generates GetRequest, GetNextRequest, SetRequest, etc. Notification generator: generates Traps Proxy forwarder: forwards request, notification, and response COMP4690, by Dr Xiaowen Chu, HKBU

22 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv3 A PDU sent by and SNMP application next passes through the SNMP Engine. A security module is provided by SNMPv3 User-based security: RFC3414 Encryption Authentication Protection against playback attacks: RFC3414 Access control: RFC3415 COMP4690, by Dr Xiaowen Chu, HKBU

23 COMP4690, by Dr Xiaowen Chu, HKBU
SNMPv3 COMP4690, by Dr Xiaowen Chu, HKBU

Download ppt "COMP4690, by Dr Xiaowen Chu, HKBU"

Similar presentations

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
Lecture 16 Network Management CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger slides are modified from Jim Kurose, Keith.

Lecture 16 Network Management CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger slides are modified from Jim Kurose, Keith.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim 04.19.2010.

CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
Pertemuan 10 Perbedaan antar versi SNMP

Pertemuan 10 Perbedaan antar versi SNMP
1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.

1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.
Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.

Dr Alejandra Flores-Mosri Network Monitoring Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Explain.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.

1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.

SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.
1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.

1 Network Management Computer Networks. 2 OSI Network Management Model Performance Management e.g. utilization Fault Management e.g. SNMP traps Configuration.
Chapter 6 Overview Simple Network Management Protocol

Chapter 6 Overview Simple Network Management Protocol
McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.

McGraw-Hill The McGraw-Hill Companies, Inc., 2000 SNMP Simple Network Management Protocol.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
SNMP ( Simple Network Management Protocol ) based Network Management.

SNMP ( Simple Network Management Protocol ) based Network Management.
SNMP Communication and Functional Models

SNMP Communication and Functional Models
SNMP: Simple Network Management Protocol

SNMP: Simple Network Management Protocol
SNMP (Simple Network Management Protocol)

SNMP (Simple Network Management Protocol)
Network Protocols UNIT IV – NETWORK MANAGEMENT FUNDAMENTALS.

Network Protocols UNIT IV – NETWORK MANAGEMENT FUNDAMENTALS.

Similar presentations

Ads by Google