Telecom Network Management

SNMPv1 Network Management: Organization and Information Models Sheeba Philips

A Managed LAN and System Information acquired by an NMS

NMS on subnet 192.168.252.1 manages the router and the hubs on subnet 172.16.46.1 across the backbone network

System Up Time in hundredths of a second

Network Management Model - OSI

Organization Model Describes the components of an NMS and their functions Agent, Manager, Object Information Model Describes the structure and organization of Management Information SMI, MIB Communication Model Management Application processes in the Application Layer Layer Management between Layers Layer Operations within the Layers Functional Model FCAPS

The SNMP Model

Organization Model Relationship between network element, agent, and manager Hierarchical architecture Information Model Uses ASN.1 syntax SMI (Structure of Management Information) MIB ( Management Information Base) Communication Model Transfer syntax SNMP over TCP/IP Communication services addressed by messages Security framework community-based model Functional model is not explicitly addressed in SNMP. Security is covered as a part of communication.

The SNMP Organization Model: Two-Tier

Network Agent process residing in the managed object Network Manager residing in the NMS managing the managed object Any host that could query an agent is a manager Agent responds to any Mgmt system that talks to it using SNMP Common practice:

Use an NMS to monitor a Network of multiple vendor NMS as an NMS provided by the same vendor has more capabilities than other vendors NMS. Network Manager receives raw data from the agents and processes them.

The SNMP Organization Model: Three-Tier

Useful when we want temporal data like, data traffic as a function of time Instead of Manager polling, an intermediate agent is inserted between the agent and the manager. RMON (Remote Monitoring) gathers data from MO, analyses the data, and stores the data RMON acts as an agent and a manager; Communicates the statistics to the manager The Manager receives data from the managed object as well as the intermediate agent

Three -Tier Organization Model: Proxy Server

Used when it is required to manage non-SNMP Managed objects using SNMP Network elements do not have SNMP agents, eg. legacy systems management, wireless networks The information from these elements are gathered using associated tools Proxy server at a central location converts the non-SNMP data into a set compatible with SNMP Proxy server communicates with the SNMP Manager

NMS Behaving as Manager and Agent

Similar to Client-Server Architecture While collecting data from Network elements, acts like a Manager While providing data to another Network Manager, acts like an Agent eg. two telecommunication service providers managing their respective WANs, but needing to exchange information to provide end-t-end services to the customers

SNMP Network Management Architecture

SNMP Architecture and Messages

Three goals of the Architecture of SNMP: Management functions on the Agent should be minimal and simple Should be flexible to allow expansions Should be independent of the architecture of any particular hosts or gateways SNMP manages the network with 5 messages: 3 Messages from the Manager to the Agent, 2 from the Agent to the Manager

get-request: Sent by manager requesting data from agent get-next-request: Sent by manager requesting data on the next MO to the one specified set-request: Initializes or changes the value of network element get-response: Agent responds with data for get and set requests from the manager Trap - generic trap, specific trap, timestamp: Alarm generated by an agent

SNMP messages are exchanged using connectionless UDP protocol

The SNMP Information Model

Describes: The structure and storage of management information (SMI defined in RFC 1155) The representation of objects and their relevant management information The information base to describe the managed objects and their relationships (MIB defined in RFC 1213) SMI (Structure of Management Information) defines the syntax and semantics of the management information stored in the MIB (Management Information Base)

Manager MIB Agent MIB

Consists information of all the agent MIBs Its own view

Objects by private vendors, if they conform to SMI defined by RFC 1155 and have MIBs specified by RFC 1213, can be managed by SNMP-compatible NMS

Structure of Management Information

Managed Object comprises of: Object Type Defines the Management Information: OID, Syntax used to communicate, and Encoding Rules for the object Object Instance Instance of the object Multiple instances of an object type eg. Two similar routers from the same vendor. Multiple instances of this router in the Network

Object identifier (OID) is data type, not instance Object instance IP address; Each IP address is an instance of the object All Cisco routers of the same version have identical identifier; they are distinguished by the IP address

Object Type: Name

Every object type is uniquely identified by:

a DESCRIPTOR and an OBJECT IDENTIFIER (OID)

eg. internet MIB has its OID: 1.3.6.1

internet OBJECT IDENTIFIER ::= {iso standard dod internet} internet OBJECT IDENTIFIER ::= {1 3 6 1}

Any combination of the unique node number and unique name can be used

eg. internet OBJECT IDENTIFIER ::= {iso(1) standard dod(6) internet}

Any object in the internet MIB will start with the prefix 1.3.6.1 or internet

Examples of OID

directory mgmt experimental private mgmt

OBJECT IDENTIFIER ::= {internet 1} OBJECT IDENTIFIER ::= {internet 2} OBJECT IDENTIFIER ::= {internet 3} OBJECT IDENTIFIER ::= {internet 4} OBJECT IDENTIFIER ::= {1 3 6 1 2}

Object Type: Syntax

ASN.1 Data Type syntax is used to define structure of object types (SMI) in SNMP Management. Data Type - defined by its structure and tag Structure: Simple (Primitive), Defined (Application), Constructor (Structured) Tag: Class, Tag Number Class: Universal All built in data types Available in all applications Application Application specific Can override Universal Tag Number Context-specific Subset of an Application and limited to that application Private Used by Vendors of N/w products All the nodes under the vendor node will be private tags

Data type: Simple (Primitive)

Structure Primitive types Data Type INTEGER Comments Subtype INTEGER (n1..nN) Special case: Enumerated INTEGER type 8-bit bytes binary and textual data Subtypes can be specified by either range or fixed Object position in MIB Placeholder

OCTET STRING

OBJECT IDENTIFIER NULL

Data Types: Defined Types

Defined types NetworkAddress IpAddress Counter Not used Dotted decimal IP address Wrap-around, non-negative integer, monotonically increasing, max 2^32 -1 Capped, non-negative integer, increase or decrease Non-negative integer in hundredths of second units Application-wide arbitrary ASN.1 syntax, double wrapped OCTET STRING

Gauge TimeTicks Opaque

IpAddress Dotted decimal IP Address Used to define IP Address of a Network element. Internally it is an OCTET STRING of length 4 Counter Wraparound non negative incrementing integer, Used for defining values which always increase eg. Input packets received on an interface

Gauge Capped non negative integer, increase or decrease Used for defining values which can increase or decrease eg. No. of interfaces that are active on a hub TimeTicks Non negative integer in hundredths of second units Time measured in 100ths of a second from the time it was initialized to 0 upto the current instant. eg. System Up time Opaque Application wide arbitrary syntax. Used to create data types based on previously defined data types.

Data Types: Constructor Types

SEQUENCE List Maker; Used to make a list of data types

SEQUENCE {<type1>, <type2>,.,<typeN>} eg. List: IpAddrEntry::= SEQUENCE { ipAdEntAddr IpAddress ipAdEntIfIndex INTEGER ipAdEntNetMask IpAddress ipAdEntBcastAddr INTEGER ipAdEntReasmMaxSize INTEGER(0..65535) } SEQUENCE OF Table Maker; Makes a table from the list SEQUENCE OF <list> where list is a list made using SEQUENCE eg Table: IpAddrTable ::= SEQUENCE OF IpAddrEntry SET and SET OF are not used in SNMP

Object Type: Encoding

SNMPv1 uses Basic Encoding Rules (BER) for encoding the information to be transmitted between the agent and the manager.
Type Length Value

Class (7-8th bits)

P/C (6th bit)

Tag Number (1-5th bits)

SNMP Data Types and Tags

BER uses the tag length value (TLV) notation OBJECT IDENTIFIER SEQUENCE The first octet of the encoding is the tag, IpAddress then the length of the value, then the value. Counter Gauge OID is encoded as an octet string. TimeTicks IP Address is encoded as octet strings Opaque Counter, gauge and TimeTicks are coded as integers Opaque is octet string

Type

Tag UNIVERSAL 6 UNIVERSAL 16 APPLICATION 0 APPLICATION 1 APPLICATION 2 APPLICATION 3 APPLICATION 4

Structure of Managed Objects

Managed Object has 5 parameters:

Textual name Is mnemonic and starts with a small letter, eg. sysUpTime, sysDescr, etc. Also called OBJECT DESCRIPTOR Syntax Is the ASN.1 definition of the object, eg. OCTET STRING, INTEGER etc. Definition - Textual description of the object Access Type of privilege associated with the object: eg. read-only, read-write or not-accessible Status specifies whether the object is current or obsolete. A managed object once defined can only be made obsolete and not removed or deleted. If it is current, then specify whether its implementation is optional or mandatory eg. sysDescr: {system 1} Syntax: OCTET STRING Definition: A textual description of the entity Access: read-only Status: mandatory

Aggregate Object
An aggregate object is a group of related objects eg. IpAddrEntry::= SEQUENCE{ ipAdEntAddr IpAddress ipAdEntIfIndex INTEGER ipAdEntNetMask IpAddress ipAdEntBcastAddr INTEGER ipAdEntReamMaxSize INTEGER } ipAddrTable::=SEQUENCE OF IpAddrEntry ipAddrTable Syntax Definition Access Status {ip 20} SEQUENCE OF IPAddrEntry .. not-accessible mandatory

Aggregate Object as Columnar Object

A Multiple-Instance Managed Object: ipAddrTable

ipAddrTable {internet 20} or {1.3.6.1.2.1.4.20} ipAddrEntry (1) ipAdEntAddr (1) ipAdEntIfIndex (2) ipAdEntNetMask (3) ipAdEntBcastAddr (4) ipAdEntReamMaxSize (5) OID of ipAdEntIfIndex is {1.3.6.1.2.1.4.20.1.2} Row ipAdEntAddr ipAdEntIfIndex Consists of objects: IP address Interface Subnet mask (which subnet this address belongs to) Broadcast address (value of l.s.b. in IP broadcast address) Largest IP datagram that can be assembled ipAdEntReasm MaxSize

ipAdEntNetMask ipAdEntBcast Addr

1
2 3

123.34.23.1
123.34.23.2 123.34.23.3

1
3 2

255.255.255.0
255.255.255.0 255.255.0.0

0
0 1

12000
12000 12000

ipAdEntAddr OID for Row 3 : {1.3.6.1.2.1.4.20.1.1.123.34.23.3} ipAdEntBcastAddr OID for Row 2 :{1.3.6.1.2.1.4.20.1.4. 123.34.23.2 }

Structure of Managed Objects

SNMP:
Characteristics
Object Type Syntax

Values
OID INTEGER | SEQUENCE | IpAddress | SEQUENCE OF |

Access
Status Description

Read-only | write-only | not-accessible | read-write

Mandatory | optional | obsolete text

Management Information Base

A MIB example: Internet MIB Objects that are related are grouped into groups

System Group

Interfaces Group
IfEntry OBJECT-TYPE SYNTAX IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An interface entry containing objects at the subnetwork layer and below for a particular interface." INDEX {ifIndex} ::= {ifTable 1}