SlideShare a Scribd company logo

FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt

Download as PPT, PDF
U
useonlyfortech140

Network Management

Engineering
1 of 78
SNMP and Network Management Simple Network Management Protocol A Standard Protocol for Systems and Network Management
Systems and Network Management SNMP 2 Network Management — the problem: a scenario  BAD:  User: the server has been down for an hour, and printing has stopped working, and the connection to the Internet is down.  System manager: Oh, really? Well, let’s have a look and see what we can do.
Systems and Network Management SNMP 3 Network Management — the problem: a better scenario  BETTER:  User: the server has just gone down, and printing has stopped working, and the connection to the Internet is down.  System manager: Yes, we have been working on it; we know that this is a problem with our main switch, and the guys from Cisco are working with us to solve the problem.
Systems and Network Management SNMP 4 Network Management — the aim  BEST:  The user does not see any problem  The system managers could see from trends in the network traffic that there was a problem, e.g., number of bad packets  The problem was fixed before the users were aware of it.
Systems and Network Management SNMP 5 Network Management — its aims  Networks contain equipment and software from many vendors  Many protocols  One company’s solution can manage their equipment, but not all the rest  Need a standard way to communicate information about performance, configuration, accounting, faults and security.
Systems and Network Management SNMP 6 SNMP — how it was born  In 1980’s, networks grew, hard to manage  Many vendors, many protocols  Many saw a need for standard  SNMP Proposed to IETF (Internet Engineering Task Force) as a Request for Comments (RFC)  RFCs are the standards documents for the Internet
Systems and Network Management SNMP 7 SNMP: An IETF standard  There are three versions of SNMP  SNMPv1: RFC 1157  Basic functionality, supported by all vendors  SNMPv2: RFC 1905, 1906, 1907  Some useful additional features; supported by many vendors  SNMPv3: RFC 1905, 1906, 1907, 2571, 2572, 2573, 2574, 2575.  Still a proposed standard  Adds strong authentication  Supported by Net SNMP and some Cisco products
Systems and Network Management SNMP 8 Managers and Agents  A network management system consists of two software components:  Network manager  often called a NMS (Network Management Station)  Agent  Software that runs on the device being monitored/managed
Systems and Network Management SNMP 9 Managers and Agents 2  simple request -> response protocol agent device response request manager
Managers and Agents 3 agent management database agent management database agent management database agent management database software managment Managed Devices Manager (NMS) Workgroup Switch Catalyst CiscoSystems
Systems and Network Management SNMP 11 SNMP runs on UDP  UDP = User Datagram Protocol  Unreliable (no acknowlegment in UDP protocol)  Low overhead  Won’t flood a failing network with retransmissions  UDP port 161 for sending, receiving requests  UDP port 162 for receiving traps
Systems and Network Management SNMP 12 SNMP Communities  SNMPv1, v2 use a “community” as a way of establishing trust between manager and agent  This is simply a plain text password  There are three:  Read-only (often defaults to “public”)  Read-write (often defaults to “private”)  Trap  Change from default for production!!!!!!!!!!!
Systems and Network Management SNMP 13 Authentication in SNMPv3  Sophisticated authentication system  User based  Supports encryption  Overcomes the biggest weakness of SNMPv1, v2 community strings
Systems and Network Management SNMP 14 What is a managed object?  A better name is variable, but called managed object more often  You have looked at the managed object system.sysUpTime.0 in the lab  Gives time since agent was started  Is (generally) located on the agent  A managed object has one object identifier (OID)  Carries one scalar value, or a table of related information  Management involves monitoring and setting values in these managed objects  Agent software changes SNMP requests to action to read or set the requested value(s)
Systems and Network Management SNMP 15 Example: getting location  The Net-SNMP tools provide a tool snmpget that directly implements the get request from a manager  Here we request location of ictlab from its agent: $ snmpget –v 2c –c public ictlab SNMPv2-MIB::sysLocation.0 SNMPv2-MIB::sysLocation.0 = STRING: "Hong Kong, IVE(TY)/ICT"
Systems and Network Management SNMP 16 Example: getting location 2 agent manager ictlab SNMPv2c public get .1.3.6.1.2.1.1.6.0 SNMPv2c public response .1.3.6.1.2.1.1.6.0 Hong Kong ICT(TY) .1.3.6.1.2.1.1.6.0 is SNMPv2-MIB::sysLocation.0
Systems and Network Management SNMP 17 Structure of Management Information (SMI)  Defines how managed objects are named, and specifies their datatypes (called syntax).  Definition has three attributes:  Name (also called object identifier). Two forms (both very long):  Numeric  “Human readable”  Type and syntax: defined using a subset of ASN.1 (Abstract Syntax Notation One)  ASN.1 is machine independent  Encoding:  how an instance of a managed object is encoded as a string of bytes using the Basic Encoding Rules (BER)
Systems and Network Management SNMP 18 Naming managed objects  Objects are organised into a tree  Object ID is series of numbers separated by dots  “human readable” name substitutes a name for each number  But the names are very long and hard for a human to remember  NMS makes it easier to find variables (objects) in a more human friendly way
(rootnode) iso(1) ccitt(0) iso-ccit(2) standard(0) registration- authority(1) member- body(2) identified- organisation(3) dod(6) internet(1) mgmnt(2) directory(1) experimental (3) private(4) security(5) snmpV2(6) mib-2(1) enterprise(1) ibm(2) cisco(9) DeptofInfo.&Comms.Tech. HKIVE(TY) (11400)
Systems and Network Management SNMP 20 ASN.1  MIBs defined with a SYNTAX attribute  The SYNTAX specifies a datatype, as in a programming language  Exact specification, so works on any platform  Will see examples of MIB definitions later
Systems and Network Management SNMP 21 ASN.1 Basic data types  INTEGER: length can be specified  OCTET STRING: byte string  OBJECT IDENTIFIER: 1.3.6.1.4.1.11400 is ICT private enterprise OID.
Systems and Network Management SNMP 22 SNMPv1 data types  Counter: 32-bit unsigned value that wraps  IpAddress: 32-bit IPv4 address  NetworkAddress: can hold other types of addresses  Gauge: 32-bit unsigned value that can increase or decrease but not wrap  TimeTicks: 32-bit count in hundredths of a second  Opaque: allow any kind of data
Systems and Network Management SNMP 23 SNMPv2 data types  Integer32: a 32-bit signed integer  Counter32: same as Counter  Gauge32: Same as Gauge  Unsigned32: 32-bit unsigned value  Counter64: Same as Counter32, except uses 64 bits, a useful extension to cope with high-speed networks which can wrap a 32-bit counter in a short time  BITS: a set of named bits
Systems and Network Management SNMP 24 Protocol Data Unit (PDU)  The PDU is the message format that carries SNMP operations.  There is a standard PDU for each of the SNMP operations.
Systems and Network Management SNMP 25 Message Format: message header  SNMPv1, v2c message has a header and PDU  header contains:  version number (version of SNMP)  Community name (i.e., the shared password) message header PDU
Systems and Network Management SNMP 26 Message Format: the PDU  get, get-next, response, set PDUs all contain same fields  PDU type indicated operation (i.e., get, or set)  request ID associates request with response  Error status, index: show an error condition  used in response only, zero otherwise  Variable Bindings: object ID and value.  SNMP allows more than one OID/value pair to be sent together for efficiency PDU type Index Error Error Status ID Request Object 1 Value 1 Object 2 Object n Value n . . . variable bindings Value 2
Systems and Network Management SNMP 27 How Does SNMP Measure...  Units of network traffic = bits per second  Counter32 IF-MIB::ifOutOctets holds bytes  How does SNMP convert bytes->bps?  Use simple numerical differentiation:  Measure IF-MIB::ifOutOctets now, Nn  Measure IF-MIB::ifOutOctets after 5 minutes, Nn+1  Traffic = (Nn+1-Nn)/time_difference bytes/sec  Traffic = (Nn+1-Nn)*8/time_difference bits/sec
Systems and Network Management SNMP 28 Example network traffic  N_1=ifOutOctets at t_1 = 200000 bytes  N_2=ifOutOctets at t_2 = 230000 bytes  t_2 – t_1 = 5 minutes = 300 seconds  Number of bytes transferred = 230000 – 200000 = 30000 bytes  bytes per second = 30000/300 = 100 bytes per second  bits per second = bytes/second * 8= 800 bits per second ) at time ts (ifOutOcte 1 t
Systems and Network Management SNMP 29 What is a gauge used for?  Many measurements are absolute, e.g.,  temperature  CPU load  disk usage  For such measurements, use gauge  counter is used for measuring rates of change, such as errors/sec, network traffic
Systems and Network Management SNMP 30 SNMP Operations SNMPv1  get-request  get-next-request  set-request  get-response  trap SNMPv2, v3  get-bulk-request  Notification (actually just a macro for trap or inform-request)  inform-request  report
Systems and Network Management SNMP 31 get-request operation  Net SNMP tool: snmpget get NMS agent device response
Systems and Network Management SNMP 32 get-request  NMS sends a get-request for, say, the system load of ictlab  The agent on ictlab sends a response PDU containing the system load. snmpget -v 2c -c public ictlab UCD- SNMP-MIB::laLoad.1 UCD-SNMP-MIB::laLoad.1 = STRING: 0.39
Systems and Network Management SNMP 33 get-next-request operation  Net-SNMP tools:  snmpgetnext  snmpwalk NMS agent device get-next response
Systems and Network Management SNMP 34 get-next-request  NMS sends a get-next-request  Agent sends a response PDU containing the value for the next variable: $ snmpgetnext -v 2c –c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.74
Systems and Network Management SNMP 35 Ordering of OIDs: the next value  The ordering of the variables is "lexographical"  visit the node, then visit each of its children in order  this applies recursively  The example MIB tree on the next slide…
Systems and Network Management SNMP 36 An example MIB tree 1 14 11 10 1 4 15 16 1 17 18 19 6 2 1 3 4 3
Systems and Network Management SNMP 37 This example MIB tree is listed in this order:  1  1.1  1.1.10  1.1.11  1.4  1.4.14  1.4.15  2  2.1  2.1.16  2.1.17  2.6  2.6.18  2.6.19  3  3.1  3.3  4
Systems and Network Management SNMP 38 get-next-request: snmpwalk  snmpwalk provides a convenient way to request a number of entries at once: $ snmpwalk -v 2c –c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.74 UCD-SNMP-MIB::laLoad.2 = STRING: 0.53 UCD-SNMP-MIB::laLoad.3 = STRING: 0.48
Systems and Network Management SNMP 39 get-bulk-request (v2, v3)  Net-SNMP tools: snmpbulkget, snmpbulkwalk NMS agent device get-bulk response
Systems and Network Management SNMP 40 get-bulk-request  NMS sends a get-bulk-request for a number of variables  Agent replies with a response PDU with as many answers as are requested, or will fit in the PDU  Much more efficient  fewer requests and responses required to fetch data
Systems and Network Management SNMP 41 get-bulk-request and snmpbulkget: example $ snmpbulkget -v 2c -c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.62 UCD-SNMP-MIB::laLoad.2 = STRING: 0.66 UCD-SNMP-MIB::laLoad.3 = STRING: 0.59 UCD-SNMP-MIB::laConfig.1 = STRING: 2.00 UCD-SNMP-MIB::laConfig.2 = STRING: 4.00 UCD-SNMP-MIB::laConfig.3 = STRING: 4.00 UCD-SNMP-MIB::laLoadInt.1 = INTEGER: 61 UCD-SNMP-MIB::laLoadInt.2 = INTEGER: 66 UCD-SNMP-MIB::laLoadInt.3 = INTEGER: 58 UCD-SNMP-MIB::laLoadFloat.1 = Opaque: Float: 0.620000
Systems and Network Management SNMP 42 get-bulk-request PDU  All fields same as other SNMP PDUs in v1, v2c, except Nonrepeaters and Max- repetitions  Nonrepeaters: Specifies the number of object instances in the variable bindings field that should be retrieved no more than once from the beginning of the request.  used when some of the instances are scalar objects with only one variable.  Max-repetitions: Defines the maximum number of times that other variables beyond those specified by the non-repeaters field should be retrieved. PDU ty pe ID Request Object 1 Value1 Object 2 Object n Valuen . . . variablebindings Value2 Non- repetitions Max- repeaters
Systems and Network Management SNMP 43 get-bulk-request  Get can request more than one MIB object  But if agent cannot send it all back, sends error message and no data  get-bulk-request tells agent to send as much of the response back as it can  Possible to send incomplete data  Requires two parameters:  Nonrepeaters  Max-repetitions
Systems and Network Management SNMP 44 get-bulk-request: nonrepeaters, max-repetitions: 1  Nonrepeaters:  A number, N  Indicates first N objects can be retrieved with simple get-next operation  Max-repetitions:  A number, R  Can attempt up to R get-next operations to retrieve remaining objects
Systems and Network Management SNMP 45 get-bulk-request: nonrepeaters, max-repetitions: 2 $ snmpbulkget -v 2c –C n2r3 –c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.63 IF-MIB::ifInOctets.1 = Counter32: 35352440 IF-MIB::ifOutOctets.1 = Counter32: 35352440 IF-MIB::ifOutOctets.2 = Counter32: 297960502 IF-MIB::ifOutOctets.3 = Counter32: 0  Notice that we have one entry only for laLoad, and for ifInOctets  the first two variables are "non-repeaters", i.e., we just fetch one value for each  We get three values for ifOutOctets  we ask for three values for all remaining variables after the first two
Systems and Network Management SNMP 46 get-bulk-request: nonrepeaters, max-repetitions: 3 $ snmpbulkget -v 2c –C n1r3 –c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.77 IF-MIB::ifInOctets.1 = Counter32: 5356045 IF-MIB::ifOutOctets.1 = Counter32: 5356045 IF-MIB::ifInOctets.2 = Counter32: 1881446668 IF-MIB::ifOutOctets.2 = Counter32: 3664336845 IF-MIB::ifInOctets.3 = Counter32: 0 IF-MIB::ifOutOctets.3 = Counter32: 0  We have one value for the first variable laLoad (non-repeaters = 1)  We have 3 values for all the remaining variables we ask for
Systems and Network Management SNMP 47 get-bulk-request: nonrepeaters, max-repetitions: 4 $ snmpbulkget -v 2c -C n3r3 -c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.71 IF-MIB::ifInOctets.1 = Counter32: 35370916 IF-MIB::ifOutOctets.1 = Counter32: 35370916  Notice we only have one entry for all three OIDs we specified on the command line.  Same result, regardless of value of R, I.e., snmpbulkget -v 2c -C n3r0 ... gives the same result.
Systems and Network Management SNMP 48 get-bulk-request: snmpbulkwalk  snmpbulkwalk is convenient for efficiently browsing large tables in the MIB tree $ snmpbulkwalk -v 2c -c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.52 UCD-SNMP-MIB::laLoad.2 = STRING: 0.58 UCD-SNMP-MIB::laLoad.3 = STRING: 0.56
Systems and Network Management SNMP 49 set-request operation  Net-SNMP tool: snmpset NMS set agent device response
Systems and Network Management SNMP 50 set  NMS sends a set-request to set sysLocation to ICT Laboratory, Hong Kong  Agent replies with either an error response, or a noError response in a request PDU
Systems and Network Management SNMP 51 Trap  A trap has no response: NMS agent device trap
Systems and Network Management SNMP 52 SNMP traps  Lets the agent tell the manager something happened, e.g.,  A network interface is down on the device where the agent is installed  The network interface came back up  A call came in to the modem rack, but could not connect to any modem  A fan has failed
Systems and Network Management SNMP 53 SNMP inform-request (v2, v3)  A kind of trap with an acknowledgment  Can be sent by a manager or by an agent  There is an acknowledgement: a response PDU  The agent can resend the inform-request if no response is received in a reasonable time.
Systems and Network Management SNMP 54 inform-request  An inform-request has a confirmation response: NMS response inform agent or NMS
Systems and Network Management SNMP 55 SNMP notification (v2, v3)  This is a macro that sends either a trap or an inform-request
Systems and Network Management SNMP 56 Traps and Inform: port 162  Other SNMP operations are on UDP port 161  trap and inform-request operations are on UDP port 162.
SNMP v3 Authentication and Encryption Some security at last!
Systems and Network Management SNMP 58 SNMPv1 now officially "historic"  Recently, SNMPv3 has moved futher to becoming an official standard  SNMPv1 RFCs are being changed from the status of standard to being historic  for details:  see news link from Net-SNMP web site  or go directly to http://sourceforge.net/forum/forum.php?forum_id =203052
Systems and Network Management SNMP 59 Main RFCs for SNMP v3  RFC 3411: an architecture for describing SNMP Management Frameworks  RFC 3412: Message Processing and Dispatch for SNMP  RFC 3413: SNMPv3 Applications MIBs  RFC 3414: User-based Security Model (USM) for SNMPv3  RFC 3415: View-based Access Control Model (VACM) for SNMP
Systems and Network Management SNMP 60 Changes in SNMPv3  Aim: provide cryptographic security  Make backwardly compatible with SNMPv1, SNMPv2c  Many new terms  Most importantly:  now abandon notion of managers and agents  both managers and agents now called SNMP entities  SNMPv3 defines an architecture  not just a set of messages
Systems and Network Management SNMP 61 SNMPv3 architecture (RFC 3411) Dispatcher Message Processing Security Subsystem Subsystem Access Control Subsystem SNMP Entity SNMP Engine (Identified by SnmpEngineID) Application(s) Command generator Command Responder Notification Reciever Notification Originator Proxy Forwarder Other
Systems and Network Management SNMP 62 SNMP Engine: 5 components  Dispatcher  send and receive messages.  determines version of each received message (v1, v2, v3)  if can handle received message, hands to Message Processing Subsystem  Message Processing Subsystem  prepares messages to be sent  extracts data from received messages  can have modules for each of SNMP v1, v2 and v3 (or any other future type of message)  Security Subsystem  provides authentication and encryption ("privacy")  Uses MD5 or SHA algorithms to authenticate users  passwords not sent in clear text  Access Control Subsystem  controls access to MIB objects  which objects, and level of access  Applications module (discussed next)
Systems and Network Management SNMP 63 SNMPv3 Applications Module  Each SNMPv3 entity has one or more applications  Really are elements used to build applications:  command generator (NMS)  notification receiver (NMS)  proxy forwarder (NMS)  command responder (agent)  notification originator (agent)
Systems and Network Management SNMP 64 Command Generator: manager role  This application is found on managers  used to send  get-request  get-next-request  set-request  get-bulk-request
Systems and Network Management SNMP 65 Command Responder: agent role  processes commands sent by Command Generator  performs the action required  sends a response message
Systems and Network Management SNMP 66 Notification Originator: agent role  Generates a trap or inform-request message  generally implemented on agents
Systems and Network Management SNMP 67 Notification Receiver: manager  receives traps and inform-requests, and  acts on them
Systems and Network Management SNMP 68 Proxy Forwarder: manager role  A front end to manager for older SNMP agents  e.g., convert get-bulk-request to get-next-requests  handles requests from:  command generator  command responder  notification generator.
Systems and Network Management SNMP 69 SNMPv3 names: Engine ID  A manager or agent has an identifier: SNMP engineID, unique in this network  the management software expects all SNMP engines it talks to have different SNMP Engine IDs.  See RFC 3411 for details of how to assign an SNMP Engine ID  The SNMP engineID is used when calculating hashes of USM passwords.
Systems and Network Management SNMP 70 SNMPv3 names: context  An entity can be responsible for more than one managed device.  Usually means the agent on one network device is a proxy for another separate legacy physical device that does not support SNMP  The default context will be for the local physical device, called “”  other named contexts may be for other remote physical devices for which this machine is a proxy  Each managed device has a contextEngineID and a contextName  contextName is unique in one SNMP entity  normally contextEngineID = snmpEngineID
Systems and Network Management SNMP 71 SNMPv3 MIBs  New MIBs for SNMPv3 support  management architecture  authentication and encryption  Location: under snmpv2 (.1.3.6.1.6) in snmpModules (.1.3.6.1.6.3)
Systems and Network Management SNMP 72 SNMPv3 User-based Security Model (USM)  Supports authentication using  MD5 (Message Digest 5) or  SHA1 (Secure Hash Algorithm)  Supports encryption using DES (Data Encryption Standard)  Supports individual user accounts
Systems and Network Management SNMP 73 SNMPv3 Access Control: VACM  Uses the View-based Access Control Model (VACM)  Has 5 elements:  groups  security level  contexts  MIB views and view families  access policy
Systems and Network Management SNMP 74 VACM: MIB views and view families  A MIB view is a subset of the MIB tree  can be a subtree (i.e., SNMPv2-MIB::system and below)  Can be a set of trees  Can be a family of view subtrees:  e.g., monitor a set of columns from a table, but not all the columns  useful for ISPs to allow customers to monitor input, output traffic
Systems and Network Management SNMP 75 VACM: groups  Basically, a set of one or more users (security names)  All elements belonging to a group have equal access rights
Systems and Network Management SNMP 76 VACM: security level  There are three levels:  no authentication, no privacy  authentication, no privacy  authentication, privacy  privacy means encryption using DES  authentication requires a password hashed with MD5 or SHA1.
Systems and Network Management SNMP 77 VACM: Access Policy  Four levels:  not accessible  read view  write view  notify view
Systems and Network Management SNMP 78 SNMPv3 Notes Continued:  My new set of notes on SNMPv3 continue from here  Provide a practical exploration of SNMPv3

Recommended

Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptxTanzeelGill
 
snmp
snmpsnmp
snmpحسن رشید
 
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1MOHD ARISH
 
Snmp
SnmpSnmp
Snmpjignash
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibilityHamdamboy (함담보이)
 
SNMP Network Tracker Project
SNMP Network Tracker ProjectSNMP Network Tracker Project
SNMP Network Tracker ProjectPraveen Mathews
 

Recommended

Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptxTanzeelGill
 
snmp
snmpsnmp
snmpحسن رشید
 
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1MOHD ARISH
 
Snmp
SnmpSnmp
Snmpjignash
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibilityHamdamboy (함담보이)
 
SNMP Network Tracker Project
SNMP Network Tracker ProjectSNMP Network Tracker Project
SNMP Network Tracker ProjectPraveen Mathews
 
001 implementation nms_software
001 implementation nms_software001 implementation nms_software
001 implementation nms_softwareHamdamboy (함담보이)
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management ProtocoleAmin Komeili
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolAnupomShill
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
Snmpv3
Snmpv3Snmpv3
Snmpv3jignash
 
Chapter 5 ppt
Chapter 5 pptChapter 5 ppt
Chapter 5 pptRajesh I S
 
Introduction tosnmp
Introduction tosnmpIntroduction tosnmp
Introduction tosnmpjorlugon
 
Functional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration ManagementFunctional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration Managementjeronimored
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCEassinha
 
A step on developing network monitoring tools
A step on developing network monitoring toolsA step on developing network monitoring tools
A step on developing network monitoring toolsAlexander Decker
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdfkristinatemen
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
13class0403.ppt
13class0403.ppt13class0403.ppt
13class0403.pptAbdisayidkhalifTahir
 
SNMP
SNMPSNMP
SNMPs1160135
 
group presentation
group presentationgroup presentation
group presentations1120099
 
group G
group Ggroup G
group Gs1120099
 
a
aa
as1120099
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureMOHD ARISH
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 

More Related Content

Similar to FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt

CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management ProtocoleAmin Komeili
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolAnupomShill
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
Introduction tosnmp
Introduction tosnmpIntroduction tosnmp
Introduction tosnmpjorlugon
 
Functional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration ManagementFunctional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration Managementjeronimored
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCEassinha
 
A step on developing network monitoring tools
A step on developing network monitoring toolsA step on developing network monitoring tools
A step on developing network monitoring toolsAlexander Decker
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdfkristinatemen
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
group presentation
group presentationgroup presentation
group presentations1120099
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureMOHD ARISH
 

Similar to FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt (20)

001 implementation nms_software
001 implementation nms_software001 implementation nms_software
001 implementation nms_software
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management Protocole
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptx
 
Snmpv3
Snmpv3Snmpv3
Snmpv3
 
Chapter 5 ppt
Chapter 5 pptChapter 5 ppt
Chapter 5 ppt
 
Introduction tosnmp
Introduction tosnmpIntroduction tosnmp
Introduction tosnmp
 
Functional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration ManagementFunctional Areas of Network Management Configuration Management
Functional Areas of Network Management Configuration Management
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCE
 
A step on developing network monitoring tools
A step on developing network monitoring toolsA step on developing network monitoring tools
A step on developing network monitoring tools
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdf
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
13class0403.ppt
13class0403.ppt13class0403.ppt
13class0403.ppt
 
SNMP
SNMPSNMP
SNMP
 
group presentation
group presentationgroup presentation
group presentation
 
group G
group Ggroup G
group G
 
a
aa
a
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructure
 

Recently uploaded

GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 

Recently uploaded (20)

Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 

FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt

  • 1. SNMP and Network Management Simple Network Management Protocol A Standard Protocol for Systems and Network Management
  • 2. Systems and Network Management SNMP 2 Network Management — the problem: a scenario  BAD:  User: the server has been down for an hour, and printing has stopped working, and the connection to the Internet is down.  System manager: Oh, really? Well, let’s have a look and see what we can do.
  • 3. Systems and Network Management SNMP 3 Network Management — the problem: a better scenario  BETTER:  User: the server has just gone down, and printing has stopped working, and the connection to the Internet is down.  System manager: Yes, we have been working on it; we know that this is a problem with our main switch, and the guys from Cisco are working with us to solve the problem.
  • 4. Systems and Network Management SNMP 4 Network Management — the aim  BEST:  The user does not see any problem  The system managers could see from trends in the network traffic that there was a problem, e.g., number of bad packets  The problem was fixed before the users were aware of it.
  • 5. Systems and Network Management SNMP 5 Network Management — its aims  Networks contain equipment and software from many vendors  Many protocols  One company’s solution can manage their equipment, but not all the rest  Need a standard way to communicate information about performance, configuration, accounting, faults and security.
  • 6. Systems and Network Management SNMP 6 SNMP — how it was born  In 1980’s, networks grew, hard to manage  Many vendors, many protocols  Many saw a need for standard  SNMP Proposed to IETF (Internet Engineering Task Force) as a Request for Comments (RFC)  RFCs are the standards documents for the Internet
  • 7. Systems and Network Management SNMP 7 SNMP: An IETF standard  There are three versions of SNMP  SNMPv1: RFC 1157  Basic functionality, supported by all vendors  SNMPv2: RFC 1905, 1906, 1907  Some useful additional features; supported by many vendors  SNMPv3: RFC 1905, 1906, 1907, 2571, 2572, 2573, 2574, 2575.  Still a proposed standard  Adds strong authentication  Supported by Net SNMP and some Cisco products
  • 8. Systems and Network Management SNMP 8 Managers and Agents  A network management system consists of two software components:  Network manager  often called a NMS (Network Management Station)  Agent  Software that runs on the device being monitored/managed
  • 9. Systems and Network Management SNMP 9 Managers and Agents 2  simple request -> response protocol agent device response request manager
  • 10. Managers and Agents 3 agent management database agent management database agent management database agent management database software managment Managed Devices Manager (NMS) Workgroup Switch Catalyst CiscoSystems
  • 11. Systems and Network Management SNMP 11 SNMP runs on UDP  UDP = User Datagram Protocol  Unreliable (no acknowlegment in UDP protocol)  Low overhead  Won’t flood a failing network with retransmissions  UDP port 161 for sending, receiving requests  UDP port 162 for receiving traps
  • 12. Systems and Network Management SNMP 12 SNMP Communities  SNMPv1, v2 use a “community” as a way of establishing trust between manager and agent  This is simply a plain text password  There are three:  Read-only (often defaults to “public”)  Read-write (often defaults to “private”)  Trap  Change from default for production!!!!!!!!!!!
  • 13. Systems and Network Management SNMP 13 Authentication in SNMPv3  Sophisticated authentication system  User based  Supports encryption  Overcomes the biggest weakness of SNMPv1, v2 community strings
  • 14. Systems and Network Management SNMP 14 What is a managed object?  A better name is variable, but called managed object more often  You have looked at the managed object system.sysUpTime.0 in the lab  Gives time since agent was started  Is (generally) located on the agent  A managed object has one object identifier (OID)  Carries one scalar value, or a table of related information  Management involves monitoring and setting values in these managed objects  Agent software changes SNMP requests to action to read or set the requested value(s)
  • 15. Systems and Network Management SNMP 15 Example: getting location  The Net-SNMP tools provide a tool snmpget that directly implements the get request from a manager  Here we request location of ictlab from its agent: $ snmpget –v 2c –c public ictlab SNMPv2-MIB::sysLocation.0 SNMPv2-MIB::sysLocation.0 = STRING: "Hong Kong, IVE(TY)/ICT"
  • 16. Systems and Network Management SNMP 16 Example: getting location 2 agent manager ictlab SNMPv2c public get .1.3.6.1.2.1.1.6.0 SNMPv2c public response .1.3.6.1.2.1.1.6.0 Hong Kong ICT(TY) .1.3.6.1.2.1.1.6.0 is SNMPv2-MIB::sysLocation.0
  • 17. Systems and Network Management SNMP 17 Structure of Management Information (SMI)  Defines how managed objects are named, and specifies their datatypes (called syntax).  Definition has three attributes:  Name (also called object identifier). Two forms (both very long):  Numeric  “Human readable”  Type and syntax: defined using a subset of ASN.1 (Abstract Syntax Notation One)  ASN.1 is machine independent  Encoding:  how an instance of a managed object is encoded as a string of bytes using the Basic Encoding Rules (BER)
  • 18. Systems and Network Management SNMP 18 Naming managed objects  Objects are organised into a tree  Object ID is series of numbers separated by dots  “human readable” name substitutes a name for each number  But the names are very long and hard for a human to remember  NMS makes it easier to find variables (objects) in a more human friendly way
  • 19. (rootnode) iso(1) ccitt(0) iso-ccit(2) standard(0) registration- authority(1) member- body(2) identified- organisation(3) dod(6) internet(1) mgmnt(2) directory(1) experimental (3) private(4) security(5) snmpV2(6) mib-2(1) enterprise(1) ibm(2) cisco(9) DeptofInfo.&Comms.Tech. HKIVE(TY) (11400)
  • 20. Systems and Network Management SNMP 20 ASN.1  MIBs defined with a SYNTAX attribute  The SYNTAX specifies a datatype, as in a programming language  Exact specification, so works on any platform  Will see examples of MIB definitions later
  • 21. Systems and Network Management SNMP 21 ASN.1 Basic data types  INTEGER: length can be specified  OCTET STRING: byte string  OBJECT IDENTIFIER: 1.3.6.1.4.1.11400 is ICT private enterprise OID.
  • 22. Systems and Network Management SNMP 22 SNMPv1 data types  Counter: 32-bit unsigned value that wraps  IpAddress: 32-bit IPv4 address  NetworkAddress: can hold other types of addresses  Gauge: 32-bit unsigned value that can increase or decrease but not wrap  TimeTicks: 32-bit count in hundredths of a second  Opaque: allow any kind of data
  • 23. Systems and Network Management SNMP 23 SNMPv2 data types  Integer32: a 32-bit signed integer  Counter32: same as Counter  Gauge32: Same as Gauge  Unsigned32: 32-bit unsigned value  Counter64: Same as Counter32, except uses 64 bits, a useful extension to cope with high-speed networks which can wrap a 32-bit counter in a short time  BITS: a set of named bits
  • 24. Systems and Network Management SNMP 24 Protocol Data Unit (PDU)  The PDU is the message format that carries SNMP operations.  There is a standard PDU for each of the SNMP operations.
  • 25. Systems and Network Management SNMP 25 Message Format: message header  SNMPv1, v2c message has a header and PDU  header contains:  version number (version of SNMP)  Community name (i.e., the shared password) message header PDU
  • 26. Systems and Network Management SNMP 26 Message Format: the PDU  get, get-next, response, set PDUs all contain same fields  PDU type indicated operation (i.e., get, or set)  request ID associates request with response  Error status, index: show an error condition  used in response only, zero otherwise  Variable Bindings: object ID and value.  SNMP allows more than one OID/value pair to be sent together for efficiency PDU type Index Error Error Status ID Request Object 1 Value 1 Object 2 Object n Value n . . . variable bindings Value 2
  • 27. Systems and Network Management SNMP 27 How Does SNMP Measure...  Units of network traffic = bits per second  Counter32 IF-MIB::ifOutOctets holds bytes  How does SNMP convert bytes->bps?  Use simple numerical differentiation:  Measure IF-MIB::ifOutOctets now, Nn  Measure IF-MIB::ifOutOctets after 5 minutes, Nn+1  Traffic = (Nn+1-Nn)/time_difference bytes/sec  Traffic = (Nn+1-Nn)*8/time_difference bits/sec
  • 28. Systems and Network Management SNMP 28 Example network traffic  N_1=ifOutOctets at t_1 = 200000 bytes  N_2=ifOutOctets at t_2 = 230000 bytes  t_2 – t_1 = 5 minutes = 300 seconds  Number of bytes transferred = 230000 – 200000 = 30000 bytes  bytes per second = 30000/300 = 100 bytes per second  bits per second = bytes/second * 8= 800 bits per second ) at time ts (ifOutOcte 1 t
  • 29. Systems and Network Management SNMP 29 What is a gauge used for?  Many measurements are absolute, e.g.,  temperature  CPU load  disk usage  For such measurements, use gauge  counter is used for measuring rates of change, such as errors/sec, network traffic
  • 30. Systems and Network Management SNMP 30 SNMP Operations SNMPv1  get-request  get-next-request  set-request  get-response  trap SNMPv2, v3  get-bulk-request  Notification (actually just a macro for trap or inform-request)  inform-request  report
  • 31. Systems and Network Management SNMP 31 get-request operation  Net SNMP tool: snmpget get NMS agent device response
  • 32. Systems and Network Management SNMP 32 get-request  NMS sends a get-request for, say, the system load of ictlab  The agent on ictlab sends a response PDU containing the system load. snmpget -v 2c -c public ictlab UCD- SNMP-MIB::laLoad.1 UCD-SNMP-MIB::laLoad.1 = STRING: 0.39
  • 33. Systems and Network Management SNMP 33 get-next-request operation  Net-SNMP tools:  snmpgetnext  snmpwalk NMS agent device get-next response
  • 34. Systems and Network Management SNMP 34 get-next-request  NMS sends a get-next-request  Agent sends a response PDU containing the value for the next variable: $ snmpgetnext -v 2c –c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.74
  • 35. Systems and Network Management SNMP 35 Ordering of OIDs: the next value  The ordering of the variables is "lexographical"  visit the node, then visit each of its children in order  this applies recursively  The example MIB tree on the next slide…
  • 36. Systems and Network Management SNMP 36 An example MIB tree 1 14 11 10 1 4 15 16 1 17 18 19 6 2 1 3 4 3
  • 37. Systems and Network Management SNMP 37 This example MIB tree is listed in this order:  1  1.1  1.1.10  1.1.11  1.4  1.4.14  1.4.15  2  2.1  2.1.16  2.1.17  2.6  2.6.18  2.6.19  3  3.1  3.3  4
  • 38. Systems and Network Management SNMP 38 get-next-request: snmpwalk  snmpwalk provides a convenient way to request a number of entries at once: $ snmpwalk -v 2c –c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.74 UCD-SNMP-MIB::laLoad.2 = STRING: 0.53 UCD-SNMP-MIB::laLoad.3 = STRING: 0.48
  • 39. Systems and Network Management SNMP 39 get-bulk-request (v2, v3)  Net-SNMP tools: snmpbulkget, snmpbulkwalk NMS agent device get-bulk response
  • 40. Systems and Network Management SNMP 40 get-bulk-request  NMS sends a get-bulk-request for a number of variables  Agent replies with a response PDU with as many answers as are requested, or will fit in the PDU  Much more efficient  fewer requests and responses required to fetch data
  • 41. Systems and Network Management SNMP 41 get-bulk-request and snmpbulkget: example $ snmpbulkget -v 2c -c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.62 UCD-SNMP-MIB::laLoad.2 = STRING: 0.66 UCD-SNMP-MIB::laLoad.3 = STRING: 0.59 UCD-SNMP-MIB::laConfig.1 = STRING: 2.00 UCD-SNMP-MIB::laConfig.2 = STRING: 4.00 UCD-SNMP-MIB::laConfig.3 = STRING: 4.00 UCD-SNMP-MIB::laLoadInt.1 = INTEGER: 61 UCD-SNMP-MIB::laLoadInt.2 = INTEGER: 66 UCD-SNMP-MIB::laLoadInt.3 = INTEGER: 58 UCD-SNMP-MIB::laLoadFloat.1 = Opaque: Float: 0.620000
  • 42. Systems and Network Management SNMP 42 get-bulk-request PDU  All fields same as other SNMP PDUs in v1, v2c, except Nonrepeaters and Max- repetitions  Nonrepeaters: Specifies the number of object instances in the variable bindings field that should be retrieved no more than once from the beginning of the request.  used when some of the instances are scalar objects with only one variable.  Max-repetitions: Defines the maximum number of times that other variables beyond those specified by the non-repeaters field should be retrieved. PDU ty pe ID Request Object 1 Value1 Object 2 Object n Valuen . . . variablebindings Value2 Non- repetitions Max- repeaters
  • 43. Systems and Network Management SNMP 43 get-bulk-request  Get can request more than one MIB object  But if agent cannot send it all back, sends error message and no data  get-bulk-request tells agent to send as much of the response back as it can  Possible to send incomplete data  Requires two parameters:  Nonrepeaters  Max-repetitions
  • 44. Systems and Network Management SNMP 44 get-bulk-request: nonrepeaters, max-repetitions: 1  Nonrepeaters:  A number, N  Indicates first N objects can be retrieved with simple get-next operation  Max-repetitions:  A number, R  Can attempt up to R get-next operations to retrieve remaining objects
  • 45. Systems and Network Management SNMP 45 get-bulk-request: nonrepeaters, max-repetitions: 2 $ snmpbulkget -v 2c –C n2r3 –c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.63 IF-MIB::ifInOctets.1 = Counter32: 35352440 IF-MIB::ifOutOctets.1 = Counter32: 35352440 IF-MIB::ifOutOctets.2 = Counter32: 297960502 IF-MIB::ifOutOctets.3 = Counter32: 0  Notice that we have one entry only for laLoad, and for ifInOctets  the first two variables are "non-repeaters", i.e., we just fetch one value for each  We get three values for ifOutOctets  we ask for three values for all remaining variables after the first two
  • 46. Systems and Network Management SNMP 46 get-bulk-request: nonrepeaters, max-repetitions: 3 $ snmpbulkget -v 2c –C n1r3 –c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.77 IF-MIB::ifInOctets.1 = Counter32: 5356045 IF-MIB::ifOutOctets.1 = Counter32: 5356045 IF-MIB::ifInOctets.2 = Counter32: 1881446668 IF-MIB::ifOutOctets.2 = Counter32: 3664336845 IF-MIB::ifInOctets.3 = Counter32: 0 IF-MIB::ifOutOctets.3 = Counter32: 0  We have one value for the first variable laLoad (non-repeaters = 1)  We have 3 values for all the remaining variables we ask for
  • 47. Systems and Network Management SNMP 47 get-bulk-request: nonrepeaters, max-repetitions: 4 $ snmpbulkget -v 2c -C n3r3 -c public ictlab laLoad ifInOctets ifOutOctets UCD-SNMP-MIB::laLoad.1 = STRING: 0.71 IF-MIB::ifInOctets.1 = Counter32: 35370916 IF-MIB::ifOutOctets.1 = Counter32: 35370916  Notice we only have one entry for all three OIDs we specified on the command line.  Same result, regardless of value of R, I.e., snmpbulkget -v 2c -C n3r0 ... gives the same result.
  • 48. Systems and Network Management SNMP 48 get-bulk-request: snmpbulkwalk  snmpbulkwalk is convenient for efficiently browsing large tables in the MIB tree $ snmpbulkwalk -v 2c -c public ictlab laLoad UCD-SNMP-MIB::laLoad.1 = STRING: 0.52 UCD-SNMP-MIB::laLoad.2 = STRING: 0.58 UCD-SNMP-MIB::laLoad.3 = STRING: 0.56
  • 49. Systems and Network Management SNMP 49 set-request operation  Net-SNMP tool: snmpset NMS set agent device response
  • 50. Systems and Network Management SNMP 50 set  NMS sends a set-request to set sysLocation to ICT Laboratory, Hong Kong  Agent replies with either an error response, or a noError response in a request PDU
  • 51. Systems and Network Management SNMP 51 Trap  A trap has no response: NMS agent device trap
  • 52. Systems and Network Management SNMP 52 SNMP traps  Lets the agent tell the manager something happened, e.g.,  A network interface is down on the device where the agent is installed  The network interface came back up  A call came in to the modem rack, but could not connect to any modem  A fan has failed
  • 53. Systems and Network Management SNMP 53 SNMP inform-request (v2, v3)  A kind of trap with an acknowledgment  Can be sent by a manager or by an agent  There is an acknowledgement: a response PDU  The agent can resend the inform-request if no response is received in a reasonable time.
  • 54. Systems and Network Management SNMP 54 inform-request  An inform-request has a confirmation response: NMS response inform agent or NMS
  • 55. Systems and Network Management SNMP 55 SNMP notification (v2, v3)  This is a macro that sends either a trap or an inform-request
  • 56. Systems and Network Management SNMP 56 Traps and Inform: port 162  Other SNMP operations are on UDP port 161  trap and inform-request operations are on UDP port 162.
  • 57. SNMP v3 Authentication and Encryption Some security at last!
  • 58. Systems and Network Management SNMP 58 SNMPv1 now officially "historic"  Recently, SNMPv3 has moved futher to becoming an official standard  SNMPv1 RFCs are being changed from the status of standard to being historic  for details:  see news link from Net-SNMP web site  or go directly to http://sourceforge.net/forum/forum.php?forum_id =203052
  • 59. Systems and Network Management SNMP 59 Main RFCs for SNMP v3  RFC 3411: an architecture for describing SNMP Management Frameworks  RFC 3412: Message Processing and Dispatch for SNMP  RFC 3413: SNMPv3 Applications MIBs  RFC 3414: User-based Security Model (USM) for SNMPv3  RFC 3415: View-based Access Control Model (VACM) for SNMP
  • 60. Systems and Network Management SNMP 60 Changes in SNMPv3  Aim: provide cryptographic security  Make backwardly compatible with SNMPv1, SNMPv2c  Many new terms  Most importantly:  now abandon notion of managers and agents  both managers and agents now called SNMP entities  SNMPv3 defines an architecture  not just a set of messages
  • 61. Systems and Network Management SNMP 61 SNMPv3 architecture (RFC 3411) Dispatcher Message Processing Security Subsystem Subsystem Access Control Subsystem SNMP Entity SNMP Engine (Identified by SnmpEngineID) Application(s) Command generator Command Responder Notification Reciever Notification Originator Proxy Forwarder Other
  • 62. Systems and Network Management SNMP 62 SNMP Engine: 5 components  Dispatcher  send and receive messages.  determines version of each received message (v1, v2, v3)  if can handle received message, hands to Message Processing Subsystem  Message Processing Subsystem  prepares messages to be sent  extracts data from received messages  can have modules for each of SNMP v1, v2 and v3 (or any other future type of message)  Security Subsystem  provides authentication and encryption ("privacy")  Uses MD5 or SHA algorithms to authenticate users  passwords not sent in clear text  Access Control Subsystem  controls access to MIB objects  which objects, and level of access  Applications module (discussed next)
  • 63. Systems and Network Management SNMP 63 SNMPv3 Applications Module  Each SNMPv3 entity has one or more applications  Really are elements used to build applications:  command generator (NMS)  notification receiver (NMS)  proxy forwarder (NMS)  command responder (agent)  notification originator (agent)
  • 64. Systems and Network Management SNMP 64 Command Generator: manager role  This application is found on managers  used to send  get-request  get-next-request  set-request  get-bulk-request
  • 65. Systems and Network Management SNMP 65 Command Responder: agent role  processes commands sent by Command Generator  performs the action required  sends a response message
  • 66. Systems and Network Management SNMP 66 Notification Originator: agent role  Generates a trap or inform-request message  generally implemented on agents
  • 67. Systems and Network Management SNMP 67 Notification Receiver: manager  receives traps and inform-requests, and  acts on them
  • 68. Systems and Network Management SNMP 68 Proxy Forwarder: manager role  A front end to manager for older SNMP agents  e.g., convert get-bulk-request to get-next-requests  handles requests from:  command generator  command responder  notification generator.
  • 69. Systems and Network Management SNMP 69 SNMPv3 names: Engine ID  A manager or agent has an identifier: SNMP engineID, unique in this network  the management software expects all SNMP engines it talks to have different SNMP Engine IDs.  See RFC 3411 for details of how to assign an SNMP Engine ID  The SNMP engineID is used when calculating hashes of USM passwords.
  • 70. Systems and Network Management SNMP 70 SNMPv3 names: context  An entity can be responsible for more than one managed device.  Usually means the agent on one network device is a proxy for another separate legacy physical device that does not support SNMP  The default context will be for the local physical device, called “”  other named contexts may be for other remote physical devices for which this machine is a proxy  Each managed device has a contextEngineID and a contextName  contextName is unique in one SNMP entity  normally contextEngineID = snmpEngineID
  • 71. Systems and Network Management SNMP 71 SNMPv3 MIBs  New MIBs for SNMPv3 support  management architecture  authentication and encryption  Location: under snmpv2 (.1.3.6.1.6) in snmpModules (.1.3.6.1.6.3)
  • 72. Systems and Network Management SNMP 72 SNMPv3 User-based Security Model (USM)  Supports authentication using  MD5 (Message Digest 5) or  SHA1 (Secure Hash Algorithm)  Supports encryption using DES (Data Encryption Standard)  Supports individual user accounts
  • 73. Systems and Network Management SNMP 73 SNMPv3 Access Control: VACM  Uses the View-based Access Control Model (VACM)  Has 5 elements:  groups  security level  contexts  MIB views and view families  access policy
  • 74. Systems and Network Management SNMP 74 VACM: MIB views and view families  A MIB view is a subset of the MIB tree  can be a subtree (i.e., SNMPv2-MIB::system and below)  Can be a set of trees  Can be a family of view subtrees:  e.g., monitor a set of columns from a table, but not all the columns  useful for ISPs to allow customers to monitor input, output traffic
  • 75. Systems and Network Management SNMP 75 VACM: groups  Basically, a set of one or more users (security names)  All elements belonging to a group have equal access rights
  • 76. Systems and Network Management SNMP 76 VACM: security level  There are three levels:  no authentication, no privacy  authentication, no privacy  authentication, privacy  privacy means encryption using DES  authentication requires a password hashed with MD5 or SHA1.
  • 77. Systems and Network Management SNMP 77 VACM: Access Policy  Four levels:  not accessible  read view  write view  notify view
  • 78. Systems and Network Management SNMP 78 SNMPv3 Notes Continued:  My new set of notes on SNMPv3 continue from here  Provide a practical exploration of SNMPv3