Simple Network Management Protocol

Simple Network Management Protocol
Roopavathy.S
Sep,2008
The SNMP Architecture
1. Implicit in the SNMP architectural model is a collection of network

management stations and network elements.
2. Network management stations execute management applications which

monitor and control network elements.
3. Network elements are devices such as hosts, gateways, terminal servers,

and the like, which have management agents responsible for performing the
network management functions requested by the network management
stations.
4. The Simple Network Management Protocol (SNMP) is used to communicate

management information between the network management stations and
the agents in the network elements.
2 | Presentation Title | Month 2006 All Rights Reserved © Alcatel-Lucent 2006, #####
SNMP PROTOCOL
MANAGER AGENT MIB

SNMP MESSAGES
UDP UDP
IP IP
LINK LINK
SNMP Communities
Used to establish trust between managers and agents.
The community names are essentially passwords
community strings are sent in plain text
 read-only, read-write, and trap.
SNMP Port
User Datagram Protocol (UDP) as the transport protocol
SNMP uses the UDP port 161 for sending and receiving requests
port 162 for receiving traps from managed devices.
The structure of Management Information
 The Structure of Management Information Version 1 (SMIv1, RFC 1155) does exactly that: it defines precisely how
managed objects are named and specifies their associated data types. The Structure of Management Information
Version 2 (SMIv2, RFC 2578) provides enhancements for SNMPv2.
 The definition of managed objects can be broken down into three attributes:
 Name
 The name, or object identifier (OID), uniquely defines a managed object.
 Type and syntax
 A managed object's datatype is defined using a subset of Abstract Syntax Notation One (ASN.1).
 Encoding
 A single instance of a managed object is encoded into a string of octets using the Basic Encoding Rules (BER). BER
defines how the objects are encoded and decoded so they can be transmitted over a transport medium such as
Ethernet.
OVERVIEW OF PDUs
manager agent manager agent

get getNext
MIB MIB
response response

set
MIB trap
response
MESSAGE & PDU STRUCTURE
variable bindings:
NAME 1 VALUE 1 NAME 2 VALUE 2 ••• ••• NAME n VALUE n
SNMP PDU:
* REQUEST ERROR ERROR
PDU TYPE ID STATUS INDEX VARIABLE BINDINGS
SNMP message:
VERSION COMMUNITY SNMP PDU
GET
manager get agent MIB
response
TO REQUEST THE VALUE OF 1 OR MORE VARIABLES
POSSIBLE ERRORS:
• noSuchName Object does not exist / Object is not a leaf
• tooBig Result does not fit in response PDU
• genErr All other causes
EXAMPLE MIB
1
address (1) info (2) route-table (3)

130.89.16.2
name (1) uptime (2) route-entry (1)

printer-1 123456
dest(1) policy(2) next(3)

2 1 2
2 3 1 3
5 1 2
7
5 2 3
1 5 9
7 1 2
8 8 1 3
9 1 2
3
GET EXAMPLES
get(1.1.0) response(1.1.0 => 130.89.16.2)
get(1.2.0)response(error-status = noSuchName)
get(1.1)response(error-status = noSuchName)
get(1.1.0; 1.2.2.0)response(1.1.0 => 130.89.16.2; 1.2.2.0 => 123456)
get(1.3.1.3.5.1)response(1.3.1.3.5.1 => 2)
get(1.3.1.1.5.1)response(1.3.1.1.5.1 => 5)
get(1.3.1.1.5.1, 1.3.1.2.5.1, 1.3.1.3.5.1)

response(1.3.1.1.5.1 => 5, 1.3.1.2.5.1 => 1, 1.3.1.3.5.1 => 2)
SET
manager set agent MIB
response
TO ASSIGN A VALUE TO AN EXISTING OBJECT INSTANCE
TO CREATE NEW INSTANCES
• TABLE ROWS
THE SET REQUEST IS ATOMIC
POSSIBLE ERRORS:
• noSuchName
• badValue
• tooBig
• 12genErr
| Presentation Title | Month 2006 All Rights Reserved © Alcatel-Lucent 2006, #####
SET EXAMPLES
set(1.2.1.0 => my-printer)
response(noError; 1.2.1.0 => my-printer)
set(1.2.1.0 => my-printer, 1.2.2.0 => 0)
response(error-status = noSuchName; error-index = 2)
GET-NEXT
manager getNext agent MIB
response
RETRIEVES THE INSTANCE NAME AND VALUE OF THE NEXT MIB ELEMENT
TO DISCOVER MIB STRUCTURES

TO RETRIEVE TABLE ROWS
POSSIBLE ERRORS:
• noSuchName (= END OF MIB)
• tooBig
• genErr
GET-NEXT EXAMPLES
getNext(1.1.0)
response(1.2.1.0 => printer-1)
getNext(1.2.1.0)
response(1.2.2.0 => 123456)
getNext(1)
response(1.1.0 => 130.89.16.2)
getNext(1.3.1.3.5.1)
response(1.3.1.3.5.2 => 3)
getNext(1.3.1.1; 1.3.1.2; 1.3.1.3)
response(1.3.1.1.2.1 => 2; 1.3.1.2.2.1 => 1; 1.3.1.3.2.1 => 2)

getNext(1.3.1.1.2.1; 1.3.1.2.2.1; 1.3.1.3.2.1)
response(1.3.1.1.3.1 => 3; 1.3.1.2.3.1 => 1; 1.3.1.3.3.1 => 3)

GET-NEXT EXAMPLES
getNext(1.1.0)
response(1.2.1.0 => printer-1)
getNext(1.2.1.0)
response(1.2.2.0 => 123456)
getNext(1)
response(1.1.0 => 130.89.16.2)
getNext(1.3.1.3.5.1)
response(1.3.1.3.5.2 => 3)
getNext(1.3.1.1; 1.3.1.2; 1.3.1.3)
response(1.3.1.1.2.1 => 2; 1.3.1.2.2.1 => 1; 1.3.1.3.2.1 => 2)

getNext(1.3.1.1.2.1; 1.3.1.2.2.1; 1.3.1.3.2.1)
response(1.3.1.1.3.1 => 3; 1.3.1.2.3.1 => 1; 1.3.1.3.3.1 => 3)

LEXICOGRAPHICAL ORDERING
THE MIB CAN BE CONSIDERED AS AN ORDERED LIST

INSTANCE ID INSTANCE VALUE
1.1.0 130.89.16.2
1.2.1.0 printer-1
1.2.2.0 123456
1.3.1.1.2.1 2
1.3.1.1.3.1 3
1.3.1.1.5.1 5
... ...
1.3.1.1.9.1 9
1.3.1.2.2.1 1
1.3.1.2.3.1 1
... ...
1.3.1.2.9.1 1
1.3.1.3.2.1 2
... ...
TRAP
manager agent
trap
TO SIGNAL AN EVENT
TRAP RECEPTION IS NOT CONFIRMED
(THUS UNRELIABLE)
POLLING REMAINS NECESSARY
AGENTS MAY BE CONFIGURED SUCH THAT:
• NO TRAPS WILL BE TRANSMITTED
• TRAPS WILL BE TRANSMITTED TO CERTAIN MANAGERS
DEFINED TRAPS
• COLDSTART
• WARMSTART
• LINKDOWN
• LINKUP
• AUTHENTICATION FAILURE
• EGPNEIGHBOURLOSS
• ENTERPRISESPECIFICTRAP
TRAP - PDU FORMAT
ENTERPRISE
AGENT-ADDRESS
GENERIC-TRAP
SPECIFIC-TRAP
TIME-STAMP
VARIABLE-BINDINGS
SNMPv2 PROTOCOL OPERATIONS
get set
MIB MIB
response response
getNext trap
MIB
response MIB
getBulk inform
MIB
response response MIB
manager agent manager "agent"
GET
manager get agent MIB
response
SIMILAR TO SNMPv1, EXCEPT FOR "EXCEPTIONS"
POSSIBLE EXCEPTIONS:
• noSuchObject
• noSuchInstance
EXCEPTIONS ARE CODED WITHIN THE VARBINDS
EXCEPTIONS DO NOT RAISE ERROR STATUS AND INDEX
GET EXAMPLES
get(1)
response(error-status => noError, 1.2 => noSuchObject)
get(1.1)
response(error-status => noError, 1.2.0 => noSuchInstance)
get(1.1.9)
response(error-status => noError, 1.2.0 => noSuchInstance)
get(1.2)
response(error-status => noError, 1.4.0 => noSuchObject)

GET-NEXT
manager getNext agent MIB
response
SIMILAR TO SNMPv1, EXCEPT FOR "EXCEPTIONS"
POSSIBLE EXCEPTIONS:
• endOfMibView
EXAMPLE
getNext(1.4.0)
response(error-status => noError, 1.4.0 => endOfMibView)
GET-BULK
manager getBulk agent MIB
response
NEW IN SNMPv2
TO RETRIEVE A LARGE NUMBER OF VARBINDS
IMPROVES PERFORMANCE!
GET-BULK
getBulk REQUEST HAS TWO ADDITIONAL PARAMETERS:
• non-repeators
• max-repetitions
• THE FIRST N ELEMENTS (non-repeators) OF THE VARBIND LIST
ARE TREATED AS IF THE OPERATION
WAS A NORMAL getnext OPERATION
• THE NEXT ELEMENTS OF THE VARBIND LIST
ARE TREATED AS IF THE OPERATION

CONSISTED OF A NUMBER (max-repetitions)
OF REPEATED getnext OPERATIONS
GET-BULK
REQUEST(non-repeaters = N; max-repetitions = M;
VariableBinding-1; ... ; VariableBinding- N; VariableBinding- (N+1); ... ; VariableBinding- (N+R)
)
N-TIMES
RESPONSE(
VariableBinding-1; ... ; VariableBinding- N; VariableBinding-(N+1); ... ; VariableBinding- (N+R)
1st LEXICOGRAPHICAL SUCCESSOR VariableBinding- (N+1); ... ; VariableBinding- (N+R)
2nd LEXICOGRAPHICAL SUCCESSOR
VariableBinding- (N+1); ... ; VariableBinding- (N+R) M-TIMES
3 th LEXICOGRAPHICAL SUCCESSOR ...

VariableBinding- (N+1); ... ; VariableBinding- (N+R)
)
M th LEXICOGRAPHICAL SUCCESSOR
GET-BULK EXAMPLE
getBulk(max-repetitions = 4; 1.1)
response(
1.1.0 => 130.89.16.2
1.2.1.0 => printer-1
1.2.2.0 => 123456
1.3.1.1.2.1 => 2 )
getBulk(max-repetitions = 3; 1.3.1.1; 1.3.1.2; 1.3.1.3)
response(
1.3.1.1.2.1 => 2; 1.3.1.2.2.1 => 1; 1.3.1.3.2.1 => 2
1.3.1.1.3.1 => 3; 1.3.1.2.3.1 => 1; 1.3.1.3.3.1 => 3
1.3.1.1.5.1 => 5; 1.3.1.2.5.1 => 1; 1.3.1.3.5.1 => 2
)
SET
manager set agent MIB
response
SIMILAR TO SNMPv1
CONCEPTUAL TWO PHASE COMMIT:

• PHASE 1: PERFORM VARIOUS CHECKS
• PHASE 2: PERFORM THE ACTUAL SET
MANY NEW ERROR CODES ARE DEFINED
NEW ERROR CODES FOR SETS
SNMPv1 SNMPv2
PHASE 1: badValue wrongValue
badValue wrongEncoding
badValue wrongType
badValue wrongLength
badValue inconsistentValue
noSuchName noAccess
noSuchName notWritable
noSuchName noCreation
noSuchName inconsistentName
genErr resourceUnavailable
genErr genErr
PHASE 2: genErr CommitFailed

genErr undoFailed
TRAP
manager agent MIB

trap
SNMPv1:
• COLD START• WARM START• LINK DOWN• LINK UP• AUTHETICATION FAILURE
• EGP NEIGHBOR LOSS
SNMPv2:
• MIBs MAY NOW INCLUDE NOTIFICATION TYPE MACROS
• FIRST TWO VARBINDS: sysUptime AND snmpTrapOID
• USES SAME FORMAT AS OTHER PDUs
EXAMPLE OF NOTIFICATION TYPE MACRO
linkUp NOTIFICATION-TYPE
OBJECTS {ifIndex}
STATUS current
DESCRIPTION "A linkUp trap signifies that the entity
has detected that
the ifOperStatus
object has
changed to Up"
::= {snmpTraps 4}
INFORM
manager "agent" MIB

inform
Response
CONFIRMED TRAP
ORIGINALLY TO INFORM A HIGHER LEVEL MANAGER
SAME FORMAT AS TRAP PDU
POSSIBLE ERROR: tooBig
REPORT
manager agent
report
NEW PDU TO SIGNAL PROTOCOL EXCEPTIONS / ERRORS
NO SEMANTICS DEFINED IN SNMPv2

Simple Network Management Protocol

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Simple Network Management Protocol

Diunggah oleh

Hak Cipta:

Format Tersedia

Simple Network Management Protocol

1. Implicit in the SNMP architectural model is a collection of network

2. Network management stations execute management applications which

3. Network elements are devices such as hosts, gateways, terminal servers,

4. The Simple Network Management Protocol (SNMP) is used to communicate

MANAGER AGENT MIB

Used to establish trust between managers and agents.

The community names are essentially passwords

community strings are sent in plain text

 read-only, read-write, and trap.

User Datagram Protocol (UDP) as the transport protocol

port 162 for receiving traps from managed devices.

Version 2 (SMIv2, RFC 2578) provides enhancements for SNMPv2.

 The name, or object identifier (OID), uniquely defines a managed object.

 Type and syntax

manager agent manager agent

manager agent manager agent

NAME 1 VALUE 1 NAME 2 VALUE 2 ••• ••• NAME n VALUE n

VERSION COMMUNITY SNMP PDU

manager get agent MIB

TO REQUEST THE VALUE OF 1 OR MORE VARIABLES

• tooBig Result does not fit in response PDU

• genErr All other causes

address (1) info (2) route-table (3)

name (1) uptime (2) route-entry (1)

dest(1) policy(2) next(3)

get(1.1.0; 1.2.2.0)response(1.1.0 => 130.89.16.2; 1.2.2.0 => 123456)

get(1.3.1.1.5.1, 1.3.1.2.5.1, 1.3.1.3.5.1)

manager set agent MIB

TO ASSIGN A VALUE TO AN EXISTING OBJECT INSTANCE

TO CREATE NEW INSTANCES

THE SET REQUEST IS ATOMIC

set(1.2.1.0 => my-printer)

response(noError; 1.2.1.0 => my-printer)

set(1.2.1.0 => my-printer, 1.2.2.0 => 0)

response(error-status = noSuchName; error-index = 2)

manager getNext agent MIB

TO DISCOVER MIB STRUCTURES

• noSuchName (= END OF MIB)

response(1.2.1.0 => printer-1)

response(1.2.2.0 => 123456)

getNext(1.3.1.1; 1.3.1.2; 1.3.1.3)

response(1.3.1.1.2.1 => 2; 1.3.1.2.2.1 => 1; 1.3.1.3.2.1 => 2)

response(1.3.1.1.3.1 => 3; 1.3.1.2.3.1 => 1; 1.3.1.3.3.1 => 3)

response(1.2.1.0 => printer-1)

response(1.2.2.0 => 123456)

getNext(1.3.1.1; 1.3.1.2; 1.3.1.3)

response(1.3.1.1.2.1 => 2; 1.3.1.2.2.1 => 1; 1.3.1.3.2.1 => 2)

response(1.3.1.1.3.1 => 3; 1.3.1.2.3.1 => 1; 1.3.1.3.3.1 => 3)

THE MIB CAN BE CONSIDERED AS AN ORDERED LIST

• TRAPS WILL BE TRANSMITTED TO CERTAIN MANAGERS

manager agent manager agent

manager agent manager agent

manager agent manager "agent"

manager get agent MIB

SIMILAR TO SNMPv1, EXCEPT FOR "EXCEPTIONS"

EXCEPTIONS ARE CODED WITHIN THE VARBINDS

EXCEPTIONS DO NOT RAISE ERROR STATUS AND INDEX

response(error-status => noError, 1.2 => noSuchObject)

response(error-status => noError, 1.2.0 => noSuchInstance)

response(error-status => noError, 1.2.0 => noSuchInstance)

response(error-status => noError, 1.4.0 => noSuchObject)

manager getNext agent MIB

SIMILAR TO SNMPv1, EXCEPT FOR "EXCEPTIONS"