Beruflich Dokumente
Kultur Dokumente
1. NMS Overview 2. SMI or How a MIB is written 3. MIB II 4. SNMP Operations: Get, GetNext, Set.. 5. SNMPv3
Version 1.0
Version 1.0
NMS - Overview
Communication Networks Vary in Nature, Complexity and Size In addition, each Equipment vendor brings in his own proprietary implementations Effective Network Management thus is a critical component for Network operators and Service Providers to run their business Service providers face a huge challenge in managing the Network and ensuring the availability of Services
Version 1.0
NMS - Overview
IETF is standards body for IP networks which use SNMP Standardization for Telecom Network is driven by ITU which uses TMN Network Management Proxies are for converging different Network Management Standardizations
Version 1.0
NMS - Overview
Manager Agent Model
Manager: The entity that does the communicating with the agent
management
functions
by
Agent: The entity that represents part of the network being managed. Agent provides communication with the manager and executes the instructions received. Preferred Architecture : Hierarchical Manager Agent Model
Version 1.0
Workbook 1
Version 1.0
Workbook 1 ..
Look at the pictures in the previous slide. Which of them will have agents and which can have managers? Group these devices into categories. Arrange in a Network Management heirarchy. You can have as many copies of each device as you like.
Version 1.0
TRAPS
Version 1.0
Workbook 2
Version 1.0
Workbook 2
Look at the diagram in the previous slide What parameters will you poll and what traps and alarms will you capture
Version 1.0
10
Fault Management Configuration Management Accounting Management Performance Management Security Management
Version 1.0
11
Fault Management
Fault Management :
Alarm Handling Trouble Detection Trouble Correction Test and Acceptance Network Recovery
Version 1.0
12
Alarms
Alarms should contain the following information: 1. Originating resource (network element, facilities, element management system, Performance Monitoring, etc.) 2. Trouble explanation (e.g., defined alarm code) 3. Severity code 4. Date and time alarm condition occurred 5. Duration of alarm condition 6. Status of alarm (e.g., active, cleared, acknowledged, etc.)
Version 1.0
13
Configuration Management
Configuration Management :
System Boot Up Function Network Provisioning Auto Discovery Backup and Restore Database Handling
Version 1.0
14
Accounting Management
Accounting Management consists of:
Version 1.0
15
Performance Management
Performance Management entails:
Version 1.0
16
Security Management
Security Management involves:
Control Device Access Enable Device functions Access Logs Authentication Authorization Encryption
Version 1.0
17
Version 1.0
18
Business Mgmt Layer Service Mgmt Layer Network Mgmt Layer Element Mgmt Layer
Adaptation Layer
External Interfaces
PBX, Switches, ATM, Broadband, Access nodes, Transmission Nodes, Frame Relay
OSS Interfaces
Network
Version 1.0
19
o o
Version 1.0
20
NMS - Overview
What is a Managed Resource ?
A component in your network May be a physical device workstation network element circuit pack ... May be a logical entity session connection software ...
Version 1.0
21
Introduction to SMI
Version 1.0
22
Introduction To SNMP
SNMP stands for Simple Network Management Protocol Makes use of UDP/IP protocol stack for communication
Version 1.0
23
SNMP Components
SNMP Protocol Defines format of messages exchanged by management systems and agents. Specifies the Get, GetNext, Set, and Trap operations Structure of Management Information(SMI) Rules specifying format used to define objects managed on network that SNMP protocol accesses Uses Abstract Syntax Notation One (ASN.1) Management Information Base(MIB) Collection of information organized hierarchically
Version 1.0
24
In order to manage a network it is essential to Model the network One way (the best way) to model the network is by making use of Object oriented methodology SNMP also defines objects (Not really objects but attributes by making use of ASN.1 Macros)
Version 1.0
25
In order to define objects in uniform and consistent fashion, a framework is defined The framework is referred to as SMI (Structure of Management Information) SMIv1 is defined by IETF (RFC 1155) SNMPv1 in RFC1157 MIB-II is defined in RFC 1213 SNMPv2c RFCs defined in RFC 1902-1908 SNMPv3 RFCs defined in RFC 3411-3418
Version 1.0
26
SNMP SMI
Managed objects (network components) are accessed through virtual information store called Management Information Base (MIB) Each object type has name, syntax and encoding
The
encoding of the object is done by any of the standard encoding techniques BER (Basic Encoding Rule)
Version 1.0
27
The Object Identifier is a sequence of numbers that traverse a Tree structure Typically a label (textual name) is associated with the number Example: ccitt (0), iso (1)
internet OBJECT IDENTIFIER ::= {iso org(3) dod(6) 1} directory OBJECT IDENTIFIER ::= {internet 1}
mgmt OBJECT IDENTIFIER ::= {internet 2} experimental OBJECT IDENTIFIER ::= {internet 3}
Version 1.0
28
stnd (0)
reg-auth (1)
mb (2)
org (3)
directory (1)
experimental (3)
security (5)
snmpV2 (6)
mib-2 (1)
Version 1.0
29
Version 1.0
30
Workbook 3 ..
Open the AdventNet MIB Browser as shown in the previous slide. Load RFC1213 MIB. Examine from the root of the ISO OID MIB Tree. What do you observe?
Version 1.0
31
Version 1.0
32
Apart from the ASN.1 data types, SMIv1 defines application wide data types like:
Network Address A choice type to choose from family of addresses IP Address Octet String of length 4 Counter A non-negative integer that increases to a Max. value and resets to zero Gauge Integer value, that increase or decrease, but latches at Max (Min) value. Opaque A container type (OCTET STRING) for any ASN.1 type TimeTicks Integer each unit representing 1/100th of sec.
Version 1.0
33
Quick Quiz
IP Address type object will be found in Counter type object will be found in .. Gauge type object example is . Table type object example is OCTET STRING example is . NULL object example is OPAQUE object example is Time Ticks Object is found in ..
Version 1.0
34
SM Iv2
IN TE GE R OC TE T S T RING OB JEC T IDE NT IFIER Integer32 Unsigned32 Gauge32 Counter32 Counter64 TimeT icks IpA ddress Opaque BIT S
35
P S EU D O T Y PE S :
Version 1.0
OBJECT-TYPE Definition
OBJECT-TYPE:
INTEGER OCTET STRING OBJECT IDENTIFIER BITS IpAddress Integer32 Counter32 Counter64 Gauge32 TimeTicks Opaque New Type read-only read-write read-create accessible-for-notify not-accessible current deprecated obsolete ""
36
SYNTAX
MAX-ACCESS
STATUS DESCRIPTION
Version 1.0
Version 1.0
37
Workbook 4
Examine the RFC 1213 MIB file and locate an OBJECT TYPE definition for a scalar Locate OBJECT IDENTIFIER definitions and look at the definitions.
Version 1.0
38
EXAMPLE:
info STATUS DESCRIPTION OBJECT-IDENTITY current "The node under which future scalar objects should be registered " ::= {NEW-MIB 2}
Version 1.0
39
Definition of a MIB
NEW-MIB DEFINITIONS ::= BEGIN import statement(s) module identity definition definition of all node and leaf objects definition of implementation requirements END
Version 1.0
40
Version 1.0
41
Version 1.0
42
An Example MIB
WIN-MIB DEFINITIONS ::= BEGIN IMPORTS RowStatus, DisplayString FROM SNMPv2-TC OBJECT-TYPE, MODULE-IDENTITY, enterprises, Integer32 FROM SNMPv2-SMI; winSystem MODULE-IDENTITY LAST-UPDATED "200210110900Z" ORGANIZATION "jay Inc." CONTACT-INFO "jay Inc. Web site: www.wipro.com Email: jaya.venu@wipro.com" DESCRIPTION "The MIB module for managing winsys Info" ::= { enterprises jay(5000) 10 }
Version 1.0
43
MIB example(contd)
mySysObjects OBJECT IDENTIFIER ::= { winSystem 1 } mySystemName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "System name" ::= { mySysObjects 1 } mySystemDir OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "System directory" ::= { mySysObjects 2 } END
Version 1.0
44
Workbook 5
Locate a MIB file with a MIB MODULE definitions with IMPORTS and MODULE-IDENTITY. Can you follow how the module is organized? What do you think is the advantage of this approach?
Version 1.0
45
Version 1.0
46
udpInDatagrams OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION The total number of UDP datagrams delivered to UDP users ::= {udp 1}
Version 1.0
47
tcpConnTable OBJECT-TYPE SYNTAX SEQUENCE OF TcpConnEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION A table containing TCP connection specific information ::= {tcp 13} tcpConnEntry SYNTAX MAX-ACCESS STATUS DESCRIPTION INDEX OBJECT-TYPE TcpConnEntry not-accessible current Information about particular tcp connection {tcpConnLocaladdress, tcpConnLocalPort, tcpConnRemoteaddress, tcpConnRemotePort } ::= {tcpConnTable 1}
Version 1.0
48
Version 1.0
49
Workbook 6
Look at the Table Definition of any table object in RFC 1213 MIB like ipRouteTable What are the various components of a table definition?
Version 1.0
50
udpEntry
Version 1.0
51
Version 1.0
52
MIB II
Version 1.0
53
System Group provides general information about the managed system SYSTEM
54
Interface Group :-
Interfaces
contains information about the physical interfaces of the entity, including configuration and statistics of events occurring on the interface
ifNumber ifTable
ifIndex ifDescr ifType ifSpeed ifMtu
Version 1.0
55
Includes information about The host/gateway operating system Individual network interfaces Internet protocol software Internet control message protocol Transport and routing Snmp related objects
Version 1.0
56
Version 1.0
57
MIB-II IP Group
Version 1.0
58
Version 1.0
59
SNMP Operations
Version 1.0
60
SNMP MANAGER
UDP / IP
SNMP AGENT
UDP / IP
Data Link
Data Link
Physical
Physical
Version 1.0
61
SNMP Protocol
The network devices are managed by the management station Devices run agent software and management station run manager software The Manager learns about the network device through the agent Hence, both the agent and manager need to share the same Information model to work together Agent interact with the Device (back end) to retrieve values
Version 1.0
62
SNMP Protocol
The management station and the network device use SLEEK UDP protocol to send and receive messages Management station will not instantiate the MIB, it retrieves the instance from the agent The manager and the agent use simple interaction: Manager sends a request message when it wants to retrieve objects and agent replies Agent on its own reports any trouble it notices on the device or TRAPS to the manager
Version 1.0
63
Version 1.0
64
as
password
for
Version 1.0
65
list of requested objects (names) with their values known as var binding list
In case of error, the index indicates object which caused the error
Version 1.0
66
In order to retrieve scalar objects from the agent, manager has to send object name suffixed with value ZERO: eg: sysUpTime.0 In order to retrieve values from a table, the object name is suffixed with the index value If the agent doesnt find the object with the name supplied by the manager it returns noSuchObject , or noSuchInstance if no instance of object found in the value field of the variable for SNMPv2.
Version 1.0
67
Management Station
PDU Type Req id 0 0 Variable Bindings (names)
Device
Agent Process
PDU Type Req id 0 0 Name Variable 1 1
MIB
Management process
Name n
Variable n
Response - No Error
Request
id
Variable Bindings
68
Management Station
PDU Type Req id 0 0 Variable Bindings (names)
Device
Agent Process
PDU Type Req id
MIB
Management Process
toobig
NULL
Response Error too big- message size Exceeds max size PDU Format GetRequest/Response
PDU Type
Version 1.0
Request id
Error Status
Error Index
Variable Bindings
69
Management Station
PDU Type Req id 0 0 Variable Bindings (names) PDU Type Req id
Device
generror
Index Of problem object
MIB
Management Process
Agent Process
Response Error generror- processing of Variable name fails PDU Format GetRequest/Response
PDU Type Request id Error Status Error Index Variable Bindings
Version 1.0
70
Version 1.0
71
Error Status
noSuchName(2)
Object specified which agent did not know based on specified community. Most common source is reading objects that do not exist.
Version 1.0
72
Version 1.0
73
SNMPv2 Exceptions
For SNMP GET requests we can get back noSuchObject and noSuchInstance Exception For SNMP GETNEXT requests we can get back endOfMibView. For SNMP SET requests we cannot get back any exceptions. For SNMP GETBULK requests we can get back endOfMibView
Version 1.0
74
The SNMP table is represented as ASN.1 SEQUENCE OF type. Each table has an Entry which is SEQUENCE Type. Each column in the table entry is identified by the object identifier Each row is identified by the index value In order to retrieve values from a table, the object name is suffixed with the index value The agent need to create the rows in the table either during start up or when the manager sends a SET request to the agent
Version 1.0
75
Get Next operation is similar to Get Request. However, Get Next operation retrieves the - next lexicographically ordered object Get Next operation allows the manager to search through the table, without having to know the index value
Version 1.0
76
Get Request
Consider following MIB table a subset of ifTable Instance 1 2 3 4 5 6 ifIndex 1 2 3 4 5 6 ifDescr ethernet ethernet serial ppp ethernet ethernet ifType 6 6 22 23 6 6
Version 1.0
77
Version 1.0
78
Version 1.0
79
GetNextRequest Illustration
Issue a GetNextRequest(ifInOctets, ifInUcastPkts, ifInNUcastPkts) Response will be: ifInOctets.1 200123 ifInUcastPkts.1 560 ifInNUcastPkts.1 912 GetNestRequest automatically returns the queried columns of the first row. The response will also have the index of the first row instance, i.e 1 in example
Version 1.0
80
GetNextRequest Illustration
Issue a GetNextRequest(ifInOctets.1, ifInUcastPkts.1, ifInNUcastPkts.1) using index of first row. Response will be fields of next row: ifInOctets.2 4587213 ifInUcastPkts.2 8876 ifInNUcastPkts.2 1780
Version 1.0
81
Management Station
PDU Type Req id Nonrepeaters Maxrepetitions Variable Bindings
Device
Agent Process
PDU Type Req id Nonrepeaters
MIB
Maxrepetitions Variable Bindings
Management Process
Variable Bindings
82
GetBulkRequest
Version 1.0
83
Manager sends Set Request to set value of objects. In order to set object values, manager need to specify both the object name and the value Agent responds to the SET request with same PDU as GET-RESPONSE PDU
Version 1.0
84
PDU Type
Device
Agent Process
MIB
Name Variable n n
PDU Type
Req 0 id
0 Name Variable 1 1
If no Validation error Phase-2 : If no updation error The values are set PDU Format SetRequest/Response
PDU Type
Version 1.0
Request id
Error Status
Error Index
Variable Bindings
85
Management Station
PDU type Req Id
Device
00 Variable Bind List MIB
Management process
Agent Process
Request id
Error Status
Error Index
Variable Bindings
86
Trap PDU
Format for SNMPv2 Trap PDU
----------------------------------------------------------| 0xA7 | reqid | 0 | 0 | variable bindings | ----------------------------------------------------------PDU format identical to Get, GetNext or Set .Info about trap embedded in variable bindings. First variable provides agents value of sysUpTime when Trap generated. Next variable is snmpTrapOID.0 which identifies what type of trap it is
Version 1.0
87
NOTIFICATION-TYPE
SNMPv2 Traps are defined by this macro.
linkDown NOTIFICATION-TYPE OBJECTS { ifIndex, ifAdminStatus , ifOperStatus} STATUS current DESCRIPTION A linkdown trap . ::= { snmpTraps 3}
Version 1.0
88
Version 1.0
89
Generic Traps
Six Generic Traps are defined: coldStart (0) warmStart (1) linkDown(2) linkUp (3) authenticationFailure(4) egpNeighbourLoss(5)
Version 1.0
90
Informs
Informs are like SNMPv2 Traps but they are acknowledged. InformsRequest PDU is: ----------------------------------------------------------| 0xA6 | reqid | 0 | 0 | variable bindings | ---------------------------------------------------------- Type Value of 0xA6 indicates it is an Informs message. This can also be sent from one manager to another.
Version 1.0
91
Workbook 8
Explore the AdventNet Manager and access the agent on Linux machine and see how the manager and agent interact. Capture in Ethereal the exchange between manager and agent and note the port number used by manager and agent and also the various filelds in the SNMP message. Use snmpget, snmpgetnext, snmpbulkget for accessing MIB objects both scalars and table objects. Use snmptrap to generate traps which can be seen on AdventNet Trap Viewer.
Version 1.0
92
Version 1.0
93
Version 1.0
94
Workbook 9
Make an SNMP request to the agent from your manager and trace byte wise the SNMP request and response in Ethereal.
Version 1.0
95
Introduction to SNMP v3
Version 1.0
96
SNMPv3 Architecture
Version 1.0
97
SNMP Applications
Version 1.0
98
Version 1.0
99
2. Accepts incoming PDUs. Does the following Authentication Decryption Extraction of PDUs from messages
Version 1.0
100
snmpv3
reportable, priv,auth
101
Version 1.0
102
Version 1.0
103
A MIB View
Version 1.0
104
VACM
OID security name vacmSecurityToGroupTable groupName MIB View security model vacmAccessTable
vacmViewTree FamilyTable
security level
context name
Version 1.0
105
Version 1.0
106
Version 1.0
107
Version 1.0
108
Authentication
There are three goals in authentication: (1) to verify that the user is really who he says he is (2) to verify the user's message was not changed during transport (3) to verify that the message is not being replayed (copy the message and play it over again in the future). Authentication is optional in SNMPv3. There may be situations where the users are trusted and/or the data is not sensitive. In these cases, the organization may not want to incur the overhead of using authentication. This is referred to as noauth/nopriv.
Version 1.0
109
Authentication
Sending an authenticated SNMPv3 packet:
1. The entire packet is created. The authentication flag is turned on in the msgFlags, and the msgAuthenticationParameters is zeroed out. 2. A message digest is computed of the packet using the secret authentication key for the user specified in msgUserName. The algorithm used HMAC (MD5 or SHA )is determined by the authentication protocol specified for the user. 3. The computed message digest is inserted in the message. 4. The packet is sent.
Version 1.0
110
Version 1.0
111
Workbook 10
Observe the demo for configuring an SNMPv3 Agent. Implement View Based Access Control on the v3 Agent in your system and test it out.
Version 1.0
112
SNMP V2
Trap PDU redefined to be same as that of GetRequest Get Bulk operation was defined Inform Request PDU was defined for an acknowledged trap & to exchange info between mgmt stations
The operation Get Bulk was never defined Inform Request was not defined
Version 1.0
113