专家讲解snmp原理讲义课件

Introduction to SNMP,Yen-Cheng Chen .tw/ycchen/ .tw,Contents,1. Basic Concepts 2. Management Information Base 3. Simple Network Management Protocol 4. SNMP Application Examples 5. Reference Appendix: ASN.1 Concept,3,1. Basic Concepts,Internet,RMON Device,UNIX,UNIX,Firewall / Router,Management Station,.,Polling,Notification,.,UNIX,NM,4,網路管理標準化,如果每個廠商的網路設備均提供一套獨特專屬(Proprietary)的網管方法與介面，網路管理工作將很難執行。 網路管理標準化 每個網路設備必須提供一致的網路管理介面(亦即相同的網路管理通信協定)。,5,網路管理相關標準,Internet SNMPv1, SNMPv2, SNMPv3 ISO/ITU-T X.700 Series: CMIP/S (Common Management Information Protocol / Service) ITU-T M.3000 Series: TMN (Telecommunication Management Networks),SNMP Concepts,SNMP: Simple Network Management Protocol De facto standards of network management for TCP/IP networks (Internet) IAB recommends all IP & TCP implementations should be network manageable. That is, all TCP/IP network devices should support SNMP.,IAB: Internet Activities Board,SNMP Architectural Model,Key Components One or more Management Stations Perform management applications, i.e, Monitor & Control. Multiple Network Elements hosts, routers, gateways, ., which each contain an Agent. Network Management Protocol Exchange network management information.,SNMP Architectural Model (cont.),Manager,Agent,Agent,. . .,Management Station,Host,Router,Network Elements (NEs),Network Management Protocol,SNMP,9,Management Components,Manager Agent Network Management Protocol Management Information Base (MIB),10,Management Components,Management Station (Manager) Network management applications. Provide an interface which the human network manager can monitor and control the network. Agent Network devices should be equipped with agent software so that they can be managed from a management station. Responds to requests for information from managers. Responds to requests for actions from managers. May asynchronously provide managers with important but unsolicited information.,11,Management Components (cont.),Network Management Protocol Communication protocol between managers and agents NM protocol provides a standard way to exchange management information between managers and agents. Management Information Base (MIB) A collection of Managed Objects. The resources to be managed are represented as objects, called Managed Objects (MOs).,Management Information Base (MIB),Each resource to be managed is represented by an object, called managed object (MO). The MIB is a structured collection of MOs. Essentially, each MO is a data variable. Each agent in an NE maintains an MIB. Monitor: by reading the values of MOs in the MIB. Control: by modifying the values of MOs in the MIB.,網路介面,SNMP,UDP,IP,Agent,Managed Resources,MIB,NE: Network Element,SNMP Services,Four Services Get, Set, GetNext, Trap Five SNMP PDUs GetRequest, SetRequest, GetNextRequest, GetResponse, Trap,Manager,Agent(s),PDU: Protocol Data Unit,14,SNMP Services,Get GetNext Set Trap,SNMP Services (cont.),Get Request: Retrieve the values of objects in the MIB of an agent. Get-Next Request: Retrieve the values of the next objects in the MIB of an agent. Set Request: Update the values of objects in the MIB of an agent. Trap Request Report extraordinary events to the manager.,Get-Next Request,In SNMP, Only leaf objects have values.,Default UDP Ports for SNMP,網路介面,SNMP,UDP,IP,Manager,Management Station,Network Elements (NEs),網路介面,SNMP,UDP,IP,Agent,SNMP Standards,SNMP Protocol (Std 15) RFC1157: Simple Network Management Protocol. Structure of Management Information (SMI) (Std 16) RFC1155: Structure and Identification of Management Information for TCP/IP-based Internets. RFC1212: Concise MIB Definitions. MIB-II (Std 17) RFC1213: Management Information Base for Network Management of TCP/IP-based Internets: MIB-II.,/rfc-editor/rfc.html,2. Management Information Base,Structure of Management Information (SMI) Set of rules on how managed objects should be defined. Objects are defined using Abstract Syntax Notation One ASN.1 (ITU-T X.208 / ISO 8824) MIB The collection of all defined objects Contains hierarchically organized variables corresponding to managed objects. MIB-II, RMON MIB, Bridge MIB, Repeater MIB, X.25 MIB, FDDI MIB, Token Ring MIB, .,Object Identifier,Object Identifier (OID): Global identifier for a particular object type. An OID consists of a sequence of integers, which specify the position of the object in the global object identifier tree.,root,ccitt,iso,joint-iso-ccitt,directory,0,1,2,std,reg authority,member body,org,0,1,2,3,dod,internet,6,1,1,2,3,4,mgmt,experimental,private,MIB II,system 1,interface 2,at 3,IP 4,ICMP 5,TCP 6,UDP 7,EGP 8,Trans. 10,SNMP 11,1,1,enterprises,.2.1.2,.4.1,.2.1,MIB II,interface,enterprises,21,Private MIB Registration,Companies can register their private MIB extensions in the global MIB tree by contacting the Internet Assigned Numbers Authority (IANA). / Currently assigned enterprise subtrees,/in-notes/iana/assignments/enterprise-numbers,SMI (RFC1155),RFC1155-SMI DEFINITIONS := BEGIN EXPORTS - EVERYTHING internet, directory, mgmt, experimental, private, enterprises, OBJECT-TYPE, ObjectName, ObjectSyntax, SimpleSyntax, ApplicationSyntax, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks, Opaque; internet OBJECT IDENTIFIER := iso org(3) dod(6) 1 directory OBJECT IDENTIFIER := internet 1 mgmt OBJECT IDENTIFIER := internet 2 experimental OBJECT IDENTIFIER := internet 3 private OBJECT IDENTIFIER := internet 4 enterprises OBJECT IDENTIFIER := private 1 ,SMI (cont.),OBJECT-TYPE MACRO := BEGIN TYPE NOTATION := “SYNTAX“ type (TYPE ObjectSyntax) “ACCESS“ Access “STATUS“ Status VALUE NOTATION := value (VALUE ObjectName) Access := “read-only“ | “read-write“ | “write-only“ | “not-accessible“ Status := “mandatory“ | “optional“ | “obsolete“ END,ObjectName := OBJECT IDENTIFIER,ASN.1 Macro,24,OBJECT-TYPE Example,sysDesc OBJECT-TYPE SYNTAX DisplayString (SIZE (0255) ACCESS read-only STATUS mandary := system 1,ObjectName := OBJECT IDENTIFIER ObjectSyntax := CHOICE simple SimpleSyntax, application-wide ApplicationSyntax SimpleSyntax := CHOICE number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL ApplicationSyntax := CHOICE address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque ,NetworkAddress := CHOICE internet IpAddress IpAddress := APPLICATION 0 IMPLICIT OCTET STRING (SIZE (4) Counter := APPLICATION 1 IMPLICIT INTEGER (04294967295) Gauge := APPLICATION 2 IMPLICIT INTEGER (04294967295) TimeTicks := APPLICATION 3 IMPLICIT INTEGER (04294967295) Opaque := APPLICATION 4 IMPLICIT OCTET STRING END,SMI (cont.),26,Object Syntax Summary,Simple Syntax Integer Octet String Object Identifier Null,Application Syntax Network Address Counter Gauge Time Ticks Opaque,Concise MIB Definition (RFC 1212),OBJECT-TYPE MACRO := BEGIN TYPE NOTATION := “SYNTAX“ type(ObjectSyntax) “ACCESS“ Access “STATUS“ Status DescrPart ReferPart IndexPart DefValPart VALUE NOTATION := value (VALUE ObjectName),DescrPart := “DESCRIPTION“ value (description DisplayString) | empty ReferPart := “REFERENCE“ value (reference DisplayString) | empty IndexPart := “INDEX“ “ IndexTypes “ | empty IndexTypes := IndexType | IndexTypes “,“ IndexType IndexType := value (indexobject ObjectName) | type (indextype) DefValPart := “DEFVAL“ “ value (defvalue ObjectSyntax) “ | empty END,Examples: MIB II (RFC 1213),ifEntry OBJECT-TYPE SYNTAX IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION “An interface entry containing objects at the subnetwork layer and below for a particular interface.“ INDEX ifIndex := ifTable 1 ,ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry ACCESS not-accessible STATUS mandatory DESCRIPTION “A list of interface entries. The number of entries is given by the value of ifNumber.“ := interfaces 2 ,29,Identification of Managed Objects,Use Object Identifier (OID) OID = Object Type OID . Instance Identifier Object Type OID: Each Object type has a unique OID Instance Identifier: Identify instances of object type E.g .erface.ifTable.ifEntry.ifDescr.2,30,Two Kinds of Managed Objects,Type-Specific Objects: sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0255) := system 1 OID: mib-2.system.1.0 Columnar Objects OID:,erface.ifTable.ifEntry.ifDescr.2 erface.ifTable.ifEntry.ifDescr.6 erface.ifTable.ifEntry.ifType.2 erface.ifTable.ifEntry.ifType.6,31,Columnar Objects,ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry := interface 2 ,IfEntry := SEQUENCE ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER, ,ifEntry OBJECT-TYPE SYNTAX IfEntry INDEX ifIndex := ifTable 1,ifDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0255) ACCESS read-only STATUS madatory . := ifEntry 2,32,Columnar Objects,ifIndex ifDescr ifType . . . 1 le0 6 . . . 6 llc0 1 . . . 7 lo0 24 . . . 9 le1 6 . . .,.ifTable.ifEntry.1 (..1.1) .ifTable.ifEntry.2 (..1.2) .ifTable.ifEntry.3 (..1.3),..1.3.7,..1.2.6,33,Index in MIB II,ifEntry ifIndex atEntry atNetIfIndex, atNetAddress ipAddrEntry ipAdEntAddr ipRouteEntry ipRouteDest ipNetToMediaEntry ipNetToMediaIfIndex, ipNetToMediaNetAddress tcpConnEntry tcpConnLocalAddress, tcpConnLocalPort, tcpConnRemoteAddress, tcpConnRemotePort udpEntry udpLocalAddress, udpLocalPort egpNeighEntry egpNeighAddr,34,Index Example,To get the state of the TCP connection: 18:1200 = 0:1600 Use snmp_get_req. to get the “tcpConnState” of the tcpConnTable in MIB II. tcpConnState = ..3.1.1,..18.14.40.1600,MIB II,System Group Provide general information about the managed system. Interfaces Group Contains generic information about the physical interfaces. Address-Translation Group Contains information about the mapping between network addresses and physical addresses for each physical interface. IP Group Contains information about the implementation and operation of IP at the managed system. ICMP Group Contains information about the implementation and operation of ICMP at the managed system.,MIB-II (cont.),TCP Group Contains information about the implementation and operation of TCP at the managed system. UDP Group Contains information about the implementation and operation of UDP at the managed system. EGP Group Contains information about the implementation and operation of EGP at the managed system. Transmission Group Provides details about the underlying transmission media for each interface. SNMP Group Provides the statistics of SNMP operations at the managed system.,IETF MIBs,1213 MIB-II 1316 Character Stream 1317 RS-232-like Hardware 1471 PPP 1513 RMON for Token Ring 1757 RMON 2021 RMON-II .,3. SNMP,SNMP Message Version Identifier Community Name Protocol Data Unit The length of SNMP messages should not exceed 484 octets.,SNMP Authentication,Community Relationship between an Agent and Managers. Community Name Used to validate the SNMP messages. SNMP Password. Default Get community name: “public”. Authentication Failure Agent sends “Authentication Failure Trap” to Manager.,SNMP PDU,PDU := SEQUENCE request-id INTEGER, error-status INTEGER noError(0), tooBig(1), noSuchName(2), badValue(3), readOnly(4) genErr(5), error-index INTEGER, variable-bindings SEQUENCE OF name ObjectName, value ObjectSyntax ,GetRquest : GetNextRequest : GetResponse : SetRequest : Trap :,0 PDU 1 PDU 2 PDU 3 PDU 4 Trap-PDU,Five SNMP PDUs:,PDU: Protocol Data Unit,SNMP PDU (cont.),Trap-PDU,Trap-PDU := 4 IMPLICIT SEQUENCE enterprise OBJECT IDENTIFIER, agent-addr NetworkAddress, generic-trap INTEGER coldStart(0), warmStart(1), linkDown(2), linkUp(3), authenticationFailure(4), egpNeighborLoss(5), enterpriseSpecific(6), specific-trap INTEGER, time-stamp TimeTicks, variable-bindings VarBindList ,Enterprise: Type of Object generating trap. Agent Address: Address of object generating trap. Generic Trap: Generic trap type. Specific Trap: Enterprise specific trap. Time Stamp: Time elapsed between the last initialization of the network entity and the generation of the trap. Variable Bindings “Interesting” information,PDU type,enterprise,agent-addr,generic-trap,variable-bindings,specific-trap,time-stamp,How does a Manager do?,Translates Internal Data to ASN.1 Format,Translates ASN.1 Package to Internal Data Format,NM Application,NM Application,Agent,Agent,Manager,How does an Agent do?,From Manager,To Manager,Agent,Main Loop of Agent,Agent waits for an incoming datagram in Port 161 Reads the datagram from UDP and notes the transport address of the sending entity. Increments the QUANTUM to keep track of the logical request-id being processed by agent De-serializes the datagram into an ASN.1 structure. If error occurs, log error and discard packet. The ASN.1 structure is translated into SNMP message. If error occurs, log error and discard packet. Check on VERSION-NUMBER field. If error occurs, log error and discard packet.,Main Loop of Agent (cont.),Community name is looked up. If community is unknown to agent, agent send AUTHENTICATION trap to Manager station in Port 162; log error and discard packet. Agent loops through list of variables in the request. If no prototype is found, return a GET-RESPONE with error noSuchName and discard package. Once prototype is fund, operation is checked against community profile. If mismatch occurs, return get-respone with error noSuchName or readOnly and discard package. Otherwise, agent invokes access routine to perform the desired operation.,Whats New in SNMPv2,No more Trap PDU, 3 New PDUs: getBulkReq, InformReq, SNMPv2-Trap Added Security 18 Error Status Values SNMPv2 SMI / SNMPv2 MIB M-to-M Communications Table Operations .,4. SNMP Application Examples,SNMP Commands snmpget options node variable . query a node using SNMP Get request snmpnext options node variable . query a node using SNMP GetNext request snmpwalk options node variable query a node repeatedly using SNMP GetNext/GetBulk requests snmptrap -d -p port -c community node enterprise agent-addr generic-trap specific-trap time-stamp variable type value variable type value. issue an SNMP Version 1 Trap options:-d -t timeout -r retries -p port -c community -v version,Example for snmpget,snmpget -d 18 ...0 Transmitted 41 bytes to camry (18) port 161: Initial Timeout: 0.80 seconds 0: 30 27 02 01 00 04 06 70 75 62 6c 69 63 a0 1a 02 0.public. 16: 02 18 bc 02 01 00 02 01 00 30 0e 30 0c 06 08 2b .0.0.+ 32: 06 01 02 01 01 01 00 05 00 - - - - - - - 0: SNMP MESSAGE (0x30): 39 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: “public“ 13: GET-REQUEST-PDU (0xa0): 26 bytes 15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332 19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0) 22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0 25: SEQUENCE VARBIND-LIST (0x30): 14 bytes 27: SEQUENCE VARBIND (0x30): 12 bytes 29: OBJ-ID (0x6) 8 bytes: ...0 39: NULL (0x5) 0 bytes,Example for snmpget (cont.),Received 69 bytes from camry (18) port 161: 0: 30 43 02 01 00 04 06 70 75 62 6c 69 63 a2 36 02 0C.public.6. 16: 02 18 bc 02 01 00 02 01 00 30 2a 30 28 06 08 2b .0*0(+ 32: 06 01 02 01 01 01 00 04 1c 53 75 6e 20 53 4e 4d .Sun SNM 48: 50 20 41 67 65 6e 74 2c 20 53 55 4e 57 2c 55 6c P Agent, SUNW,Ul 64: 74 72 61 2d 31 - - - - - - - - - - - tra-1. 0: SNMP MESSAGE (0x30): 67 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: “public“ 13: RESPONSE-PDU (0xa2): 54 bytes 15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332 19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0) 22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0 25: SEQUENCE VARBIND-LIST (0x30): 42 bytes 27: SEQUENCE VARBIND (0x30): 40 bytes 29: OBJ-ID (0x6) 8 bytes: ...0 39: OCTET-STR (0x4) 28 bytes: “Sun SNMP Agent, SUNW,Ultra-1“ system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1,Example of snmpwalk,snmpwalk 18 ..2.1.1 system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1 system.sysObjectID.0 : OBJECT IDENTIFIER: .ernet.private.enterprises. system.sysUpTime.0 : Timeticks: (198219958) 22 days, 22:36:39.58 system.sysContact.0 : DISPLAY STRING- (ascii): .tw system.sysName.0 : DISPLAY STRING- (ascii): camry system.sysLocation.0 : DISPLAY STRING- (ascii): Information Technology Laboratory 3F system.sysServices.0 : INTEGER: 72 (01001000)B,Example of snmptrap,snmptrap -d manager ..4.1.612.1.1 16 6 99999 0 ..1 octetstringascii “Trap test“ Transmitted 64 bytes to manager (00) port 162: 0: 30 3e 02 01 00 04 06 70 75 62 6c 69 63 a4 31 06 0.public.1. 16: 09 2b 06 01 04 01 84 64 01 01 40 04 0a 90 12 74 .+.dt 32: 02 01 06 02 03 01 86 9f 43 01 00 30 13 30 11 06 C0.0 48: 04 2b 06 01 01 04 09 54 72 61 70 20 74 65 73 74 .+.Trap test 0: SNMP MESSAGE (0x30): 62 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: “public“ 13: V1-TRAP-PDU (0xa4): 49 bytes 15: OBJ-ID ENTERPRISE (0x6) 9 bytes: ..4.1.612.1.1 26: IPADDRESS AGENT-ADDR (0x40) 4 bytes: 16 (manager2) 32: INTEGER GENERIC-TRAP (0x2) 1 bytes: 6 35: INTEGER SPECIFIC-TRAP (0x2) 3 bytes: 99999 40: TIMETICKS TIME-STAMP (0x43) 1 bytes: 0 (0x0) 43: SEQUENCE VARBIND-LIST (0x30): 19 bytes 45: SEQUENCE VARBIND (0x30): 17 bytes 47: OBJ-ID (0x6) 4 by