1 / 29

SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol. Team: Matrix CMPE-208 Fall 2006. What is Network Management?. Maintenance and administration of networks at the top level Configuration Management Keeping track of network device settings Fault Management

yardan
Download Presentation

SNMP Simple Network Management Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SNMPSimple Network Management Protocol Team: Matrix CMPE-208 Fall 2006

  2. What is Network Management? Maintenance and administration of networks at the top level • Configuration Management • Keeping track of network device settings • Fault Management • Detect, isolate and correct problems in the network (alerts) • Performance Management • Provide data for statistic and network performance • Security Management - protect network against unauthorized access • Bandwidth Management -measuring and controlling communications on a network

  3. What is SNMP? • SNMP (Simple Network Management protocol): A protocol that enables a management station to configure, monitor, and receive trap (alarm) messages from network devices

  4. SNMP & Network Management History • 1983- TCP/IP replaces ARPANET at U.S. DoD, effective birth of Internet • 1987 - CMIP - Common Management Information Protocol CMOT - CMIP over TCP SGMP - Simple Gateway Monitoring protocol (RFC 1028) • 1989- SNMP working group formed • 1990– SNMP promoted to a recommended status (RFC 1157) • 1991– SNMPv1 defined with format of MIBs and traps (RFCs 1212, 1215)

  5. SNMP Characteristics • Widespread adoption -de facto standard for inter-network management. • Simple -requires little code to implement -vendors can easily build SNMP agents to their products • Extensible -easy for vendors to add network management functions to products. • Clean architecture -separates management architecture from hardware devices’ architecture -broadens the base of multi-vendor support

  6. Major Components of SNMP Comprised of mainly agents and managers • Agent - process (software) running on each managed device collecting information about the device it is running on. • Manager - process (software) running on a management workstation that requests information about devices on the network.

  7. SNMP Architectural Model

  8. SNMP: Inside the Agents SNMP network managed devices are dictated by: • Management Information Base (MIB) • A map of the hierarchical order of all managed objects • Leaves represent individual data items • Structure of Management Information (SMI) • Rules specifying the format used to define objects managed on the network that the SNMP protocol accesses • Abstract Syntax Notation One (ASN.1) • Dictates how MIB variables must be defined and referenced

  9. Object Identifiers (Ids) • Uniquely identify or named the MIB objects • Like telephone number--they are organized hierarchically with specific digits assigned by different organizations MIBs and Object Identifiers Let’s have a detailed look at MIBs ... • MIBS • An abstract tree with an unnamed root, individual data items make up the leaves of the tree • Tree is extensible by virtue of experimental and private branches (Vendors can define their own private branches to include instances of their own products)

  10. MIB Sample Tree BEA Object ID =1.3.6.1.4.1.140

  11. Four Basic Commands • Get Retrieves the value of a MIB variable stored on the agent machine • GetNext Retrieves the next value of the next lexical MIB variable • Set Changes the value of a MIB variable • Trap An Event/Alarm notification sent by an agent to a management application

  12. request managing entity managing entity data data agent agent • SNMP Operations trap response Managed device Managed device Request/Response Mode Trap Mode

  13. SNMP Transport Messages • SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages EthernetFrame IP Packet SNMP Message CRC UDP Datagram • Like FTP, SNMP uses two well-known ports to operate: • UDP Port 161 - SNMP Messages • UDP Port 162 - SNMP Trap Messages

  14. SNMP Basic Message Format Message Length Message Version Message Preamble • Community names are used to define where an SNMP message is destined for. Community String PDU Header SNMP Protocol Data Unit PDU Body

  15. SNMP Message Formats Message Length Message Length Message Version Message Version Community String Community String PDU Type PDU Type PDU Length PDU Length Request ID Enterprises MIB OID Error Status Agent IP Address Error Index Standard Trap Type Specific Trap Type Length of Variable Bindings Time Stamp Length of First Binding Length of Variable Bindings OID of First Binding Length of First Binding Type of First Binding OID of First Binding Value of First Binding Type of First Binding Length of Second Binding Value of First Binding OID of Second Binding Length of Second Binding Type of Second Binding OID of Second Binding Value of Second Binding Type of Second Binding Value of Second Binding Additional Variable Bindings Additional Variable Bindings SNMP Message Preamble PDU Header PDU Body

  16. VARIABLE BINDINGS SNMP PDU SNMP MESSAGE

  17. SNMP Versions • SNMP v1: RFC 1155 and RFC 1157. • SNMP v2c: RFC 1901, RFC 1905, and RFC 1906 • SNMP v3: RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.

  18. SNMP v1 • Most widely used of all versions • Support GET GETNEXT SET TRAP • Security based on Read-only and Read-Write community strings • Defined in RFC 1157

  19. SNMP v2c • Same PDU structure for Trap and Get/Set request • Updated protocol operations: Getbulk, Inform • Updated data types: Counter32, Counter64,… • Used the same community-based security from v1 • Support Get, Get next, Get bulk, set, trap, inform • Defined in RFCs 1901, 1905, and 1906

  20. New Commands in SNMPv2c • Get Bulk Request • Retrieve N objects with simple get-next operation • Inform • Enable manager to send some information to another manger

  21. SNMP v3 • SNMPv2 protocol operations and data types • Proxy support • User-based security • Defined in RFCs 2571, 2572, 2573, 2574, and 2575

  22. SNMP v3 Protocol Operations • Get, GetNext, Set • v2Trap Same as a v1 notification, except the PDU has the same structure as Get, GetNext, and Set • Inform Used by a manager to send an alert to another manager • GetBulk Retrieves a potentially large amount MIB values without having the manager to send successive GetNext requests • Report Contain Security information from Agent to Manager for connection establishment.

  23. SNMP v3 User-Based Security User Security Model (USM) is designed to secure against the following principle threats: • Modification of Information • Masquerade • Message Stream Modification • Disclosure

  24. SNMP v3 User-Based Security USM Message Processing

  25. SNMP v3 User-Based Security USM authentication protocols: • HMAC-MD5-96 • HMAC-SHA-96 USM encryption: • Cipher Block Chaining (CBC) mode of the Data Encryption Standard (DES)

  26. SNMPRFC’s

  27. SNMP References ____________________________________________________________ • WEBSITES: • “Simple Network Management Protocol (SNMP)” • http://www.cisco.com/warp/public/535/3.html • “The Simple Times” Volume 5, Number 1; December, 1997 • http://www.simple-times.org/pub/simple-times/issues/5-1.html#alternative • “SNMPv3: A Security Enhancement for SNMP”, William Stallings • http://www.comsoc.org/pubs/surveys/4q98issue/stallings.html • BOOKS: • .”Understanding SNMP MIBs”, David Perkins Evan McGinnis • “SNMP, SNMPv2, and RMON”, William Stallings, 1996, ISBN#0-201-63479-1 • “Internetworking with TCP/IP”, 4th edition, Douglas E. Comer, 2000, ISBN#0-13-018380-6

  28. Thank You

  29. SUGGESTIONS and QUESTIONS

More Related