Presentation is loading. Please wait.

Presentation is loading. Please wait.

10/26/10 Network Management & Monitoring Introduction to SNMP.

Published byNicholas Hodges Modified over 8 years ago

Similar presentations

Presentation on theme: "10/26/10 Network Management & Monitoring Introduction to SNMP."— Presentation transcript:

1 10/26/10 Network Management & Monitoring Introduction to SNMP

2 Overview What is SNMP? OIDs MIBs Polling and querying Traps
04/25/10 10/26/10 What is SNMP? OIDs MIBs Polling and querying Traps SNMPv3 (Optional) 2

3 What is SNMP? SNMP – Simple Network Management Protocol Tree hierarchy
04/25/10 10/26/10 SNMP – Simple Network Management Protocol Industry standard, hundreds of tools exist to exploit it Present on any decent network equipment Query – response based: GET / SET GET is mostly used for monitoring Tree hierarchy Query for ”Object Identifiers” (OIDs) Concept of MIBs (Management Information Base) Standard and vendor-specific (Enterprise) 3

4 What is SNMP? UDP protocol, port 161 Different versions
04/25/10 10/26/10 UDP protocol, port 161 Different versions V1 (1988) – RFC1155, RFC1156, RFC1157 Original specification v2 – RFC RFC RFC2578 Extends v1, new data types, better retrieval methods (GETBULK) Used is version v2c (without security model) v3 – RFC RFC3418 (w/security) Typically we use SNMPv2 (v2c) 4

5 What is SNMP? Terminology: Manager (the monitoring ”client”)
04/25/10 10/26/10 Terminology: Manager (the monitoring ”client”) Agent (running on the equipment/server) 5

6 What is SNMP? Typical queries For hosts (servers or workstations)
04/25/10 10/26/10 Typical queries Bytes In/Out on an interface, errors CPU load Uptime Temperature or other vendor specific OIDs For hosts (servers or workstations) Disk space Installed software Running processes ... Windows and UNIX have SNMP agents 6

7 How does it work? Basic commands GET (manager -> agent)
04/25/10 10/26/10 Basic commands GET (manager -> agent) Query for a value GET-NEXT (manager -> agent) Get next value (list of values for a table) GET-RESPONSE (agent -> manager) Response to GET/SET, or error SET (manager -> agent) Set a value, or perform action TRAP (agent -> manager) Spontaneous notification from equipment (line down, temperature above threshold, ...) 7

8 The MIB Tree root ccitt(0) iso(1) joint-iso-ccitt(3) org(3) dod(6)
04/25/10 10/26/10 root ccitt(0) iso(1) joint-iso-ccitt(3) org(3) dod(6) internet(1) directory(1) mgmt(2) experimental(3) private(4) mib-2(1) enterprises(1) host(25) system(1) snmp(11) cisco(9) hrDevice hrStorage interfaces(2) ip(4) hrSystem 8

9 The MIB Tree root ccitt(0) iso(1) joint-iso-ccitt(3) org(3)
04/25/10 10/26/10 root ccitt(0) iso(1) joint-iso-ccitt(3) org(3) ciscoMgmt(9) dod(6) ciscoEnvMonMIB(13) ciscoEnvMonObjects(1) internet(1) ciscoEnvMonTemperatureStatusTable(3) directory(1) mgmt(2) experimental(3) private(4) ciscoEnvMonTemperatureStatusEntry(1) mib-2(1) enterprises(1) ciscoEnvMonTemperatureStatusValue(3) cisco(9) system(1) snmp(11) interfaces(2) ip(4) ... 9

10 If E-mail addresses were OIDs...
If Adresses were OIDs If addresses were OIDs... 10/26/10 would have been something like: except that we write the top-most part at the left: An OID is just a unique key (within one managed device) for one piece of information Ensures vendors don't have conflicting OIDs

11 The Internet MIB directory(1) OSI directory
04/25/10 10/26/10 directory(1) OSI directory mgmt(2) RFC standard objects experimental(3) Internet experiments private(4) Vendor-specific security(5) Security snmpV2(6) SNMP internal 11

12 OIDs and MIBs Navigate tree downwards OIDs separated by '.'
04/25/10 10/26/10 Navigate tree downwards OIDs separated by '.' OID corresponds to a label => sysName The complete path: .iso.org.dod.internet.mgmt.mib-2.system.sysName How do we convert from OIDs to Labels (and vice versa ?) Use of MIBs files! 12

13 MIBs 04/25/10 10/26/10 MIBs are files defining the objects that can be queried, including: Object name Object description Data type (integer, text, list) MIBS are structured text, using ASN.1 Standard MIBs include: MIB-II – (RFC1213) – a group of sub-MIBs HOST-RESOURCES-MIB (RFC2790) 13

14 MIBs - 2 04/25/10 10/26/10 MIBs also make it possible to interpret a returned value from an agent For example, the status for a fan could be 1,2,3,4,5,6 – what does it mean ? 14

15 MIBs - SAMPLE This defines the object called sysUpTime.
04/25/10 10/26/10 sysUpTime OBJECT-TYPE SYNTAX TimeTicks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized." ::= { system 3 } This defines the object called sysUpTime. SYNTAX TimeTicks This object is of the type TimeTicks. Object types are specified in the SMI we mentioned a moment ago. ACCESS read-only This object can only be read via SNMP (i.e., get-request); it cannot be changed (i.e., set-request). STATUS mandatory This object must be implemented in any SNMP agent. DESCRIPTION A description of the object The sysUpTime object is the third branch off of the system object group tree. 15

16 MIBs - SAMPLE CiscoEnvMonState ::= TEXTUAL-CONVENTION STATUS current
04/25/10 10/26/10 CiscoEnvMonState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the state of a device being monitored. Valid values are: normal(1): the environment is good, such as low temperature. warning(2): the environment is bad, such as temperature above normal operation range but not too high. critical(3): the environment is very bad, such as temperature much higher than normal operation limit. shutdown(4): the environment is the worst, the system should be shutdown immediately. notPresent(5): the environmental monitor is not present, such as temperature sensors do not exist. notFunctioning(6): the environmental monitor does not function properly, such as a temperature sensor generates a abnormal data like 1000 C. 16

17 Querying SNMP agent Some typical commands for querying:
04/25/10 10/26/10 Some typical commands for querying: snmpget snmpwalk snmpstatus snmptable Syntax: snmpXXX -c community -v1 host [oid] snmpXXX -c community -v2c host [oid] 17

18 Querying SNMP agent Let's take an example
04/25/10 10/26/10 Let's take an example snmpstatus -c NetManage -v2c snmpget -c NetManage -v2c iso.org.dod.internet.mgmt.mib- 2.interfaces.ifNumber.0 snmpwalk -c NetManage -v2c ifDescr 18

19 Querying SNMP agent Community: OID
04/25/10 10/26/10 Community: A ”security” string (password) to define whether the querying manager will have RO (read only) or RW (read write) access This is the simplest form of authentication in SNMP OID A value, for example, , or it's name equivalent .iso.org.dod.internet.mgmt.mib-2.system.sysName.0 Let's ask for the system's name (using the OID above) Why the .0? What do you notice? 19

20 Coming up in our exercises...
04/25/10 10/26/10 Using snmpwalk, snmpget Configuring SNMPD Loading MIBs Configuring SNMPv3 (optional) 20

21 References Essential SNMP (O’Reilly Books) Douglas Mauro, Kevin Schmi
04/25/10 10/26/10 Essential SNMP (O’Reilly Books) Douglas Mauro, Kevin Schmi Basic SNMP at Cisco Wikipedia: IP Monitor MIB Browser Cisco MIB browser: Open Source Java MIB Browser (Java) SNMP Link – collection of SNMP resources Net-SNMP Open Source SNMP tools Integration with Nagios traps.html 21

22 Optional Materials 10/26/10 SNMP Version 3

23 SNMP and Security SNMP versions 1 and 2c are insecure
10/26/10 SNMP versions 1 and 2c are insecure SNMP version 3 created to fix this Components Dispatcher Message processing subsystem Security subsystem Access control subsystem

24 SNMP version 3 (SNMPv3) 10/26/10 The most common module is based in user, or a “User-based Security Model” Authenticity and integrity: Keys are used for users and messages have digital signatures generated with a hash function (MD5 or SHA) Privacy: Messages can be encrypted with secret-key (private) algorithms (DES) Temporary validity: Utilizes a synchronized clock with a 150 second window with sequence checking.

25 Security Levels noAuthPriv authNoPriv authPriv
10/26/10 noAuthPriv No authentication, no privacy authNoPriv Authentication with no privacy authPriv Authentication with privacy

26 Cisco SNMPv3 configuration
10/26/10 snmp-server view vista-ro internet included snmp-server group ReadGroup v3 auth read vista-ro snmp-server user admin ReadGroup v3 auth md5 xk122r56 Or alternatively: snmp-server user admin ReadGroup v3 auth md5 xk122r priv des56 D4sd#rr56

27 Net-SNMP SNMPv3 configuration
10/26/10 # apt-get install snmp snmpd # net-snmp-config --create-snmpv3-user -a "xk122r56" admin /usr/sbin/snmpd # snmpwalk -v3 -u admin -l authNoPriv -a MD5 -A "xk122r56”

Download ppt "10/26/10 Network Management & Monitoring Introduction to SNMP."

Similar presentations

Management Information Base for Version 2 of the Simple Network Management Protocol Presented by Zhou Ji (MIB for SNMPv2) By SNMPv2 Working Group.

Management Information Base for Version 2 of the Simple Network Management Protocol Presented by Zhou Ji (MIB for SNMPv2) By SNMPv2 Working Group.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (
Implementing a Highly Available Network

Implementing a Highly Available Network
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 24 Network Management: SNMP.
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim 04.19.2010.

CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim 04.15.2009.

CSEE W4140 Networking Laboratory Lecture 11: SNMP Jong Yul Kim
1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.

1 SNMP Simple Network Management Protocol. 2 SNMP Overview Define mechanism for remote management of network devices (routers, bridges, etc.) Fundamental.
COMP4690, by Dr Xiaowen Chu, HKBU

COMP4690, by Dr Xiaowen Chu, HKBU
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
Traffic Monitoring and Flow Analysis For IP Networks.

Traffic Monitoring and Flow Analysis For IP Networks.
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.

Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Equipping Today’s Instructors for Tomorrow’s.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Equipping Today’s Instructors for Tomorrow’s.
SNMP Terms SNMP Agent (network element to monitor) SNMP Management Station Community String (password) SMI (Structure of Management Info) MIB (Management.

SNMP Terms SNMP Agent (network element to monitor) SNMP Management Station Community String (password) SMI (Structure of Management Info) MIB (Management.
Introduction to SNMP AfNOG 11, Kigali/Rwanda.

Introduction to SNMP AfNOG 11, Kigali/Rwanda.
These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (
1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.

1 Kyung Hee University Prof. Choong Seon HONG SNMP Management Information.
Ch. 31 Q and A CS332 Spring 2014. Network management more than just Ethernet Q: Comer mentions that network managers need to be able to account for different.

Ch. 31 Q and A CS332 Spring Network management more than just Ethernet Q: Comer mentions that network managers need to be able to account for different.
SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.

SNMP (Simple Network Management Protocol) Jon Sevy Geometric and Intelligent Computing Laboratory Department of Mathematics and Computer Science Drexel.

Similar presentations

Ads by Google