NET311

NET311 ComputerNetworkManagement SNMPv2 Dr.MostafaH.Dahshan DepartmentofComputerEngineering CollegeofComputerandInformationSciences KingSaudUniversity mdahshan@ksu.edu.sa

Acknowledgements •Notesarebasedonslidesof: •NetworkManagement:PrinciplesandPractice,2E,ManiSubramanian. 2

Overview •SNMPv2majorchanges •Get-bulkrequestandinformation-request •SNMPMIBmodifications •IncompatibilitywithSNMPv1 •Proxyserver •Bilingualmanager 3

SNMPv2MajorChanges •Bulkdatatransfer •Manager-to-managermessage •EnhancementstoSMI:SMIv2 •Moduledefinitions:MODULE-IDENTITYmacro •Objectdefinitions:OBJECT-TYPEmacro •Trapdefinitions:NOTIFICATION-TYPEmacro •Textualconventions •Conformancestatements •Rowcreationanddeletionintable •MIBenhancements •Transportmappings 4

SNMPv2MajorChanges •Securityfeatures,originallytobeinSNMPv2movedtoSNMPv3 •LikeSNMPv1,SNMPv2iscommunity-basedadministrativeframework 5

SNMPv2InternetGroup internet {1361} SNMPv2 snmpv2 directory (1) mgmt (2) experimental (3) private (4) security (5) (6) Figure6.1SNMPv2InternetGroup •ObjectsaddedtoSystemgroup •ExtensivemodificationoftheSNMPgroup •AdditionalSNMPv2groupadded •Securitygroupisaplaceholder 6

SNMPv2NMArchitecture SNMPManager SNMPManager SNMPAgent Application PDU Application PDU SNMPManager Application SNMPManager Application SNMPAgent Application SNMP PDU SNMP PDU SNMP SNMP SNMP UDP IP UDP IP UDP IP DLC PHY DLC PHY DLC PHY PhysicalMedium PhysicalMedium Figure6.2SNMPv2NetworkManagementArchitecture 7

SNMPv2NewMessages Message Comments inform-request get-bulk-request Report Manager-to-managermessage Transferoflargedata Notused 8

SNMPv2MIB Internet {1361} experimental (3) private (4) mgmt (2 security (5) snmpv2 (6) directory (1) snmpdomains (1) snmpProxys snmpModules (3) (2) mib-2 (1) snmpMIB (1) system (1) snmp (11) snmpMIBObjects (1) snmpMIBConformance (2) Figure6.31SNMPv2InternetGroup 9

SNMPv2MIB •Securityisaplaceholder •Systemgroup •tablesysORTableaddedthatlistsresourcesthattheagentcontrols •MostoftheobjectsintheSNMPv1obsoleted •ObjectGroupsandNotificationGroupsdefinedforconformance specifications 10

AgentCapabilities •AGENT-CAPABILITIESmacro •SUPPORTSmodulesandincludesgroups •VARIATIONidentifiesadditionalfeatures 11

AgentCapabilities routerIsi123AGENT-CAPABILITIES PRODUCT-RELEASE"InfoTechRouterisiRouter123release1.0" STATUS DESCRIPTION SUPPORTS current "InfoTechHighSpeedRouter" snmpMIB INCLUDES {systemGroup,snmpGroup,snmpSetGroup, snmpBasicNotificationsGroup} coldStart VARIATION DESCRIPTION "AcoldStarttrapisgeneratedonall reboots." IF-MIB SUPPORTS SUPPORTS SUPPORTS SUPPORTS SUPPORTS INCLUDES INCLUDES INCLUDES INCLUDES INCLUDES {ifGeneralGroup,ifPacketGroup} IPMIB {ipGroup,icmpGroup} TCP-MIB {tcpGroup} UDP-MIB {udpGroup} EGP-MIB {egpGroup} ::={isiRouter1} Figure6.30ExampleofAGENT-CAPABILITIESMacro 12

SNMPv2SNMPMIB snmp (mib-211) snmpInPkts(1) snmpProxyDrops(32) snmpSilentDrops(31) snmpInBadVersions(3) snmpInBadCommunityNames(4) snmpEnableAuthenTraps(30) snmpInASNParseErrors(6) snmpInBadCommunityUses(5) ComparethistoSNMPv1MIB! SNMPGroupObjects 1,3,6,30,31,32snmpGroup 4,5 7,23 snmpCommunityGroup notused 2,8-23,24-29snmpObsoleteGroup Figure6.33SNMPv2SNMPGroup 13

snmpMIBObjectsMIB snmpMIBObjects (snmpMIB1) snmpTrap (4) snmpTraps (5) snmpSet (6) snmpTrapOID (1) snmpTrapEnterprise (3) snmpSetSerialNo (1) coldStart(1) authenticationFailure(5) linkUp(4) warmStart(2) linkDown(3) Figure6.34MIBModulesundersnmpMIBObjects 14

SNMPv2PDU PDU Type Error Status Error Index VarBind1 name VarBind1 value VarBindn name VarBindn value RequestID ... Figure6.37SNMPv2PDU(AllbutBulk) Standardizedformatforallmessages 15

SNMPv2PDUValues Table6.11 Value Type 0 1 2 3 4 5 6 Get-Request-PDU GetNextRequest-PDU Response-PDU Set-Request-PDU obsolete GetBulkRequest--PDU InformRequest-PDU 16

SNMPv2ErrorStatusValues Table6.11 ValueType ValueType 0 1 2 3 4 5 6 7 8 noError tooBig 10wrongValue 11noCreation noSuchName badValue readOnly genErr noAccess wrongType wrongLength 12inconsistentValue 13resourceUnavailable 14commitFailed 15undoFailed 16authorizationError 17notWritable 18inconsistentName 17

SNMPv2GetBulkRequestPDU PDU Type Non- Max VarBind1VarBind1 namevalue VarBindnVarBindn namevalue RequestID ... RepeatersRepetitions Figure6.38SNMPv2GetBulkRequestPDU Notes •ErrorstatusfieldreplacedbyNon-repeaters •ErrorindexfieldreplacedbyMaxrepetitions •Noone-to-onerelationshipbetweenrequestandresponse 18

Get-Bulk-Request:GenericMIB A B T A B T Z E E T.E.1.1 T.E.1.2 T.E.1.3 T.E.1.4 T.E.2.1 T.E.2.2 T.E.2.3 T.E.2.4 T.E.3.1 T.E.3.2 T.E.3.3 T.E.3.4 2.1 2.2 3.1 3.2 1.1 1.2 1.3 1.4 2.3 2.4 3.3 3.4 Z Figure6.39MIBforOperationSequencesinFigures6.40and6.41 19

Get-Next-RequestOperation GetRequest(A,B) Manager GetResponse(A,B) Process GetNextRequest(T.E.1.T.E.2,T.E.3) GetResponse(T.E.1.1,T.E.2.1,T.E.3.1) GetNextRequest(T.E.1.1,T.E.2.1,T.E.3.1) GetResponse(T.E.1.2,T.E.2.2,T.E.3.2) GetNextRequest(T.E.1.2,T.E.2.2,T.E.3.2) GetResponse(T.E.1.3,T.E.2.3,T.E.3.3) GetNextRequest(T.E.1.3,T.E.2.3,T.E.3.3) GetResponse(T.E.1.4,T.E.2.4,T.E.3.4) GetNextRequest(T.E.1.4,T.E.2.4,T.E.3.4) GetResponse(T.E.2.1,T.E.3.1,Z) Figure6.40Get-Next-RequestOperationforMIBinFigure6.39 20

Get-Bulk-RequestOperation GetBulkRequest(2,3, A,B,T.E.1,T.E.2,T.E.3) Manager Agent Process Response(A,B, Process T.E.1.1,T.E.2.1,T.E.3.1 T.E.1.2,T.E.2.2,T.E.3.2 T.E.1.3,T.E.2.3,T.E.3.3) GetBulkRequest(0,3, T.E.1.3,T.E.2.3,T.E.3.3) Response(T.E.1.4,T.E.2.4,T.E.3.4,Z,"endOfMibView") Figure6.41Get-Bulk-RequestOperationforMIBinFigure6.39 21

Get-Bulk-RequestOperation •GetBulkRequest(2,3,..) •2:twonon-repetitiveobjects(AandB) •3:threerepetitiveinstancesofcolumnarobjects(TE.1,TE.2andTE.3) •GetBulkRequest(0,3,..) •3:threemorerowsofthetable •Response •onlyonerowleft •sendsnextlexicographicentryZ,error:endOfMibView 22

Get-Bulk-RequestExample atIfIndex atPhysAddress 0000000C3920AC 0000000C3920AF 0000000C3920B4 atNetAddress 172.46.46.1 172.46.49.1 192.168.3.1 Manager Process Agent Process 13 16 23 GetBulkRequest(1,3, sysUpTime, atPhysAddress) Response((sysUpTime.0="315131795"), (atPhysAddress.13.172.46.46.1="0000000C3920AC") (atPhysAddress.16.172.46.49.1="0000000C3920AF") (atPhysAddress.23.192.168.3.1="0000000C3920B4")) GetBulkRequest(1,3, sysUpTime, atPhysAddress.23.192.168.3.1) Response((sysUpTime.0="315131800"), (ipForwarding.0="1")) Figure6.42Get-Bulk-RequestExample 23

SNMPv2Trap PDU Type Error Status Error Index VarBind1 sysUpTime VarBind1 value VarBind2 snmpTrapOID VarBind2.. value RequestID . Figure6.43SNMPv2TrapPDU Notes •AdditionofNOTIFICATION-TYPEmacro •OBJECTSclause,ifpresent,defines orderofvariablebindings •Positions1and2inVarBindListare sysUpTimeandsnmpTrapOID 24

SNMPv2Trap linkUpNOTIFICATION-TYPE OBJECTS {ifIndex} STATUS current DESCRIPTION "AlinkUptrapsignifiesthattheSNSMPv2entity, actinginanagentrole,recognizesthatoneofthe communicationlinksrepresentedinitsconfiguration hascomeup." Figure6.44ExampleofOBJECTSClauseinNOTIFICATION-TYPE •AdditionofNOTIFICATION-TYPEmacro •OBJECTSclause,ifpresent,definesorderofvariablebindings •Positions1and2inVarBindListaresysUpTimeandsnmpTrapOID 25

Inform-Request •Inform-Requestbehavesastrapinthatthemessagegoesfromone managertoanotherunsolicited •Thereceivingmanagersendsresponsetothesendingmanager •UsesthesameTrapPDUformat 26

BilingualManager •CompatibilitywithSNMPv1 •BilingualManager Agent Profile Bi-lingualManager SNMPv1 SNMPv2 •ProxyServer InterpreterInterpreter •BilingualManagerisexpensivein resourceandoperation SNMPv1 Agents SNMPv2 Agents Figure6.45SNMPBi-lingualManager 27

SNMPProxyServer SNMPv2-v1ProxyServer SNMPv2Manager SNMPv2Manager Pass-Through Pass-Through Pass-Through GetRequest GetRequest Proxy Server GetNextRequest SetRequest GetNextRequest SetRequest Set:1.non-repeaters=0 2.max-repetitions=0 GetBulkRequest GetNextRequest SNMPv1 Agents SNMPv2 Agents Pass-Through Response Exception:For'tooBig'error,contentsofvariable-bindingsfieldGetResponse removed. PrependVarBind:1.sysUpTime.0 SNMPv2-Trap Trap 2.snmpTrapOID.0 Figure6.46SNMPv2ProxyServerConfiguration Figure6.47SNMPv2-v1ProxyServer 28

NET311

NET311

Presentation Transcript