Beruflich Dokumente
Kultur Dokumente
By Xian
Introduction.
SNMP Managed Network Technology.
SNMP Basic Commands.
SNMP Management Information Base (MIB).
SNMP VERSION 1 (SNMPv1).
SNMPv1 Message Formats.
SNMP VERSION 2 (SNMPv2).
SNMPv2 Proxy Agents.
SNMP Security.
Conclusion.
INTRODUCTION
Defined in RFC 1157. UDP port 161/162
Application layer protocol that is designed to exchange
the network management information between network
devices.
Helps system administrators to monitor network attached
devices, solve network problems and plan for future
growth on network.
3 versions: SNMPv1, SNMPv2, SNMPv3(Standardization
Pending).
Consists of standards for network management, including
Application layer protocol, a database schema and a set of
data objects.
Uses managed systems that exposes management data in
the form of variables.
Managing application can also query these variables.
SNMP MANAGED NETWORK TECHNOLOGY
Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1022816
SNMP MANAGED NETWORK TECHNOLOGY
Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
SNMPv1 MESSAGE
FORMATS
TRAP PDU FORMAT
Enterprise: Identifies the type of object
generating trap.
Agent Address: Provides the address of
managed object generating trap.
Generic Trap Types: Indicates one of a number
of generic trap types.
Specific trap codes: Indicates one of number of
specific trap codes.
Time Stamp: Provides a amount of time that
has elapsed between the last network
reinitialization and generation of the trap.
Variable Bindings: Acts as a data field in
SNMPv2PDU. Each variable binding associates a
particular object instance with its current value.
SNMP VESION 2
Evolution of version 1.
Provides additional protocol operation over SNMPv1.
SNMPv2 and Structure Management information: Bit
strings are defined only in SNMPv2 and comprise of
zero or more named bits that specify a value.
Supports all types of address as compared to SMNPv1
which offers support only for 32-bit IP address.SNMPv2
supports 32 bit and 64 bit counters as well.
SMI Information Modules: Specifies a group of related
definitions. 3 types SMI information modules like MIB
modules, compliance statements and capability
statements. MIB modules contains definitions of
interrelated managed objects. Compliance statements
provide a systematic way to describe a group of
managed objects that must be implemented for
conformance to a standard. Capability statements are
used to indicate the precise level of support that an
agent claims with respect to a MIB group.
SNMP VESION 2
SNMPv2 protocol Operation: SNMPv2 offers 2
new protocol operations like GetBulk and Inform.
Also includes protocol operations of SNMPv1.
Inform : Allows one NMS to send the TRAP to
other NMS.
GetBulk PDU Format: Efficiently retrieves large
blocks of data such as multiple rows in the table.
GetBulk PDU format shown below.
Reference:http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.ht
SNMP VESION 2
GetBulk Format
PDU Type: identifies PDU as a GetBulk operation.
Request ID: Associates SNMP requests and
responses.
Non repeaters: Specifies the number of object
instances in the variable bindings. Used when
some instances are scalar objects.
Max repetitions: maximum number of times that
other variables beyond those specified by the
Non repeaters field should be retrieved.
Variable Bindings: Acts as a data field in
SNMPv2PDUEach variable binding associates a
particular object instance with its current value
SNMPv2 PROXY AGENTS
SNMPv2 can act as a proxy agent for SNMPv1 managed
devices.
SNMPv2 issues commands that are intended for an
SNMPv1 agent.
NMS then sends messages to the SNMPv2 proxy agents.
Proxy agent then forwards Get, GetNext, and Set
messages to the SNMPv1 agent unchanged.
Proxy agent converts the GetBulk messages to the
GetNext messages and then forward it to SNMPv1
agent.
Proxy agent maps SNMPv1 trap messages to the
SNMPv2 trap messages.
SNMP SECURITY
Lacks authentication. Vulnerable to the variety of
security threats.
Vulnerable to masquerading, modification of
information, time modifications, message
sequencing and disclosures.
Message sequence and timing modifications
occurs when an entity who is unauthorized
reorders, delays, or copies and later replays a
message generated by an authorized entity.
As SNMP does not implement any authentication
Set operations are not implemented by many
vendors.
CONCLUSION
SNMP is an attractive solution for
network management because it is
a standard protocol and ubiquitous.
Its simple and well known.
Firewalls can be easily configured
to pass the SNMP traffic through it.
It goes on UDP so it has lightweight
network resource consumption.
REFERNCES
http://en.wikipedia.org/wiki/SNMP
http://www.cisco.com/warp/public/535/3.html
http://faqs.org/rfcs/rfc1157.html
http://blogs.sun.com/jmxetc/entry/don_t_fell_i
n_the#Conclusion
http://www.dpstele.com/layers/l2/snmp_l2_tut_
part1.php
Q &A ?
THANK YOU