The document discusses network management systems (NMS), including their architecture, components, and protocols. It contains the following key points:
1. An NMS refers to a collection of applications that enable network components to be monitored and controlled. NMS systems use a common architecture based on the OSI network management model, which defines manager, agent, and managed object components as well as information and communication models.
2. Critical components of an NMS include the Structure of Management Information (SMI), which defines rules for naming and encoding managed objects, and the Management Information Base (MIB), which defines a collection of managed objects.
3. The Simple Network Management Protocol (SNMP) is a core network management protocol
1. Network Management,
Network Management Protocols,
Network Management Tools
Hamdamboy Urunov, a Ph.D. student.
Special Communication Research Center.,
Kookmin University
Seoul, South Korea
1
Resource by:
Jian Ren and Tongtong Li, Michigan State University
2. Studying structure on the schedule of 6
months (until September)
2
NMS
Analysis of Conceptual
model of NMS technologies
IoT-OneM2M technology
(OMA-DM, OMA-LWM2M,
BBF TR-069)
NMS protocols: Simple
Network Management
Protocol
Network management use
case analysis
Implementation Writing Papers
U-NMS architectureReport -1/2
Result
3. Agenda
3
1. NMS architecture
2. Structure of Management Information (SMI)
3. Management Information Base (MIB)
4. Network Management Protocols (SNMP)
4. NMS Architecture
A network management system (NMS) refers to a collection of applications that enable
network
– components to be monitored and controlled.
– network management systems have the same basic architecture, as shown in Figure
12.1.
NMS protocols
• SNMP and CMIP are two well-known network management protocols.
A network management system is generally described using the Open System Interconnection
(OSI) network management model.
4
5. OSI Network Management Model
5
Organization Model
• Manager, agent, and managed objects.
• It’s describe the components of a NMS.
• Functions and infrastructure.
Information Model
• the information structure and storage
• the information base used to describe the managed objects and their
relationships.
• Structure of Management Information (SMI) is the syntax and semantics
of management information store in MIB
• Management Information Base (MIB) for management process for
management information exchange and storage
Communication Model
• information exchange between agent and manager
Functional Model
• 5 functional areas of network management
6. Management Components
6
• To do the management task, SNMP uses two other protocols:
Structure of Management Information (SMI) and Management
Information Base (MIB).
• Means, Management on the Internet is done through the
cooperation of the three protocols SNMP, SMI and MIB.
7. • Structure of Management Information (SMI)
– Set of rules on how managed objects should be defined.
– Objects are defined using Abstract Syntax Notation One ASN.1 (ITU-T X.208 / ISO 8824)
• MIB
– The collection of all defined objects
– Contains hierarchically organized variables corresponding to managed objects.
– MIB-II, RMON MIB, Bridge MIB, Repeater MIB, X.25 MIB, FDDI MIB, Token Ring MIB, ...
7
Management Components (cont…)
8. Role of SNMP
• It defines the format of the packet (bits) to be sent
from a manager to an agent and vice versa.
• It also interprets the result and creates statistics.
• The packets exchanged contain the object (variable)
names and their status (values).
• SNMP is responsible for reading and changing these
values.
Role of SMI
• It defines the general rules for naming objects,
defining object types (including range and length),
and showing how to encode objects and values.
• SMI does not define the number of objects an
entity should manage or name the objects to be
managed or define the association between the
objects and their values.
• Management Components (cont…)
8
9. Role of MIB
• For each entity to be managed, this protocol must define the number
of objects, name them according to the rules defined by SMI, and
associate a type to each named object.
• MIB creates a set of objects defined for each entity similar to a
database.
An Analogy
• We can compare the task of network management to the task of writing
a program.
- both tasks need rules, in network management this is handled by
SMI.
- both tasks need variable declaration, in network management this
is handled by MIB.
- both tasks have actions performed by statements, in network
management this is handled by SNMP.
• Management Components (cont…)
9
10. 10
Structure of Management Information (SMI)
SMI
Object Identifiers Object Types Object Encoding Method
! Object
SNMP works by querying “Objects”.
An object is simply something that we can gather information about on a
network device.
For instance, an object might be something like Interface Status. Querying
Interface Status would return a variable – the interface could be Up, or Down.
SNMP identifies objects like with an Object Identifier, or OID.
http://www.networkmanagementsoftware.com/snmp-tutorial-part-2-rounding-out-the-basics/
11. OIDs and MIBs example
11
Most network management software has the ability to display the OID tree in some way.
For example in the screenshot below, the OID tree is displayed in a folder-style list:
12. MANAGEMENT Components (cont…)
Structure of Management Information (SMI)
• The SMI, version 2 (SMIv2) is a component for network
management.
• Performs the functions such as
- To name objects.
- To define the type of data that can be stored in an object.
- To show how to encode data for transmission over the network.
• SMI is guideline for SNMP, it emphasizes three attributes to handle
an object: name, data type and encoding method.
12
13. Structure of Management Information detail information
13
Object Identifiers:
Each SNMP object has a unique object identifier.
SMI permits object identifiers to be either in name form (e.g.
iso.org.dod.internet.mgmt.mib-2) or in number form (e.g. 1.3.6,1,2,1).
Note that both forms have a hierarchical structure.
Object Types :
As for object types,
SMI defines both standard types like integer, octet string etc.
and non-standard network specific types like IP address, Time ticks etc.
Object Encoding Method:
SMI uses the Basic Encoding Rules (BER) method consisting of type/tag,
length and value, to encode objects along with their values, for transmission inside SNMP
packets.
SMI does not specify the list of objects for a specific network protocol/entity nor does it specify the
type of objects to be used for a specific network protocol.
These aspects are taken care by MIB.
14. Structure of Management Information detail information cont..
14
The objects are defined in a hierarchical tree structure. This global naming tree ensures
that all object names are unique and gives a unique way for finding them.
The RFC1155 defines the rules to apply in version 1.
The version 2 of the SMI is also available and MIB files could use either the SMI v1 or
the SMI v2.
The following graph shows a part of the SMI tree:
15. Name
• The SMI, requires that each managed object (such as a router, a
variable in a router, a value) have a unique name.
• To name objects globally, SMI uses an “Object Identifier”, which is a
hierarchical identifier based on tree structure.
• Tree structure starts with an unnamed root, each object can be
defined by using a sequence of integers separated by dots (used by
SNMP).
• Tree structure can also define an object by using a sequence of
textual names separated by dots (used by people).
For example:
iso.org.dod.internet.mgmt.mib 1.3.6.1.2.1
The objects that are used in SNMP are located under mib object, so their
identifiers always starts with 1.3.6.1.2.1
15
Structure of SMI
17. Structure of SMI
Type of data
• The second attribute of an object is the type of data stored in it.
• To define the data type, SMI uses fundamental Abstract Syntax
Notation 1 (ASN.1) definitions and adds some new definitions i.e.
SMI is both a subset and superset of ASN.1.
It has 2 categories of data types: simple and structured.
17
18. Structure of SMI (cont..)
Type of data
• Simple data type: the first five are from ASN.1; next seven are
defined by SMI.
Type Size Description
INTEGER 4 bytes An integer with a value between -231 and 231-1
Integer32 4 bytes Same as INTEGER
Unsigned32 4 bytes Unsigned with value between 0 and 232-1
OCTECT STRING Variable Byte string up to 65,535 bytes long
OBJECT IDENTIFIER Variable An Object Identifier
IPAddress 4 bytes An IP Address made of 4 integers
Counter32 4 bytes An Integer whose value can be incremented from 0 to 232; when it reaches
its maximum value, it wraps back to 0
Counter64 8 bytes 64-bit counter
Gauge32 4 bytes Same as Counter32, but when it reaches its maximum value, it does not
wrap; it remains there until it is reset.
TimeTicks 4 bytes A counting value that records time in 1/100 second
BITS A string of bits
Opaque Variable Un interpreted string
18
19. Type of data
• Structured data type: SMI defines two structured data types-
Sequence and Sequence of.
• Sequence: it is a combination of simple data types, not necessarily
same type. It is like the concept of struct in C.
• Sequence of: it is a combination of simple data types all of same
type. It is like the concept of array in C.
Structure of SMI (cont..)
19
20. Structure of SMI (cont…)
Data Encoding Method
• SMI uses standard, Basic Encoding Rules (BER), to encode data to be transmitted over the network.
• BER specifies each piece of data be encoded in triplet format: tag, length and value.
• Tag: it is a 1 byte field that defines the type of data. It
consist of 3 subfields: class (2bits), format (1bit) and
number (5bits).
- Class field defines the scope of the data: four classes are
defined: Universal (00), application wide (01), context
specific (10) and private (11). 20
21. Data Encoding Method
• The Universal (00) data types are taken from ASN.1 (INTEGER, OCTECT STRING, and
ObectIdentifier).
• The Application wide (01) are added by SMI (IPAddress, Counter, Gauge and TimeTicks).
• The 5 context-specific (10) data types have meanings that may change from one protocol to
another.
• The private (11) data types are vendor specific.
• The format subfield indicates whether the data are simple (0) or structured (1).
• The number subfield further divides simple or structured data into subgroups for example:
in the universal class, with simple format, INTEGER has a value of 2, OCTECT STRING has a
value of 4 and so on.
Structure of SMI (cont…)
21
22. Data Encoding Method
• Length: it is 1 or more bytes. If it is 1 byte, the MSB is 0, the other 7 bits defines the
length of data. If it is more than 1 byte, the MSB of the first byte must be 1 and other 7
bits defines the number of bytes needed to define the length.
• Value: it codes the value of the data according to the rules defined in BER
0
Structure of SMI (cont…)
22
23. Data Encoding Method
• Following table shows the data types and their tags in binary and
Hexadecimal numbers.
Data Type Class Format Number Tag (Binary) Tag
(Hex)
INTEGER 00 0 00010 00000010 02
OCTECT STRING 00 0 00100 00000100 04
OBJECT IDENTIFIER 00 0 00110 00000110 06
NULL 00 0 00101 00000101 05
Sequence, Sequence of 00 1 10000 00110000 30
IPAddress 01 0 00000 01000000 40
Counter 01 0 00001 01000001 41
Gauge 01 0 00010 01000010 42
TimeTicks 01 0 00011 01000011 43
Opaque 01 0 00100 01000100 44
23
Structure of SMI (cont…)
24. 24
RFC1155-SMI DEFINITIONS ::=
BEGIN
EXPORTS -- EVERYTHING
internet, directory, mgmt, experimental, private,
enterprises, OBJECT-TYPE, ObjectName,
ObjectSyntax, SimpleSyntax,
ApplicationSyntax, NetworkAddress, IpAddress,
Counter, Gauge, TimeTicks, Opaque;
internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 }
directory OBJECT IDENTIFIER ::= { internet 1 }
mgmt OBJECT IDENTIFIER ::= { internet 2 }
experimental OBJECT IDENTIFIER ::= { internet 3 }
private OBJECT IDENTIFIER ::= { internet 4 }
enterprises OBJECT IDENTIFIER ::= { private 1 }
Structure of Management Information detail information cont..
25. 25
OBJECT-TYPE MACRO ::=
BEGIN
TYPE NOTATION ::=
"SYNTAX" type (TYPE ObjectSyntax)
"ACCESS" Access
"STATUS" Status
VALUE NOTATION ::= value (VALUE ObjectName)
Access ::= "read-only"
| "read-write"
| "write-only"
| "not-accessible"
Status ::= "mandatory"
| "optional"
| "obsolete"
END
ObjectName ::= OBJECT IDENTIFIER
Structure of Management Information detail information cont..
28. Object Syntax Summary
• Simple Syntax
– Integer
– Octet String
– Object Identifier
– Null
• Application Syntax
– Network Address
– Counter
– Gauge
– Time Ticks
– Opaque
28
Structure of Management Information detail information cont..
29. MIB (Management Information Base)
MIB Version 2 (MIB2) is a second component used in network
management.
• Each agent has its own MIB2, which is a collection of all objects
that the manager can manage.
• The objects in MIB2 are categorized under 10 different groups:
system, interface, address translation, ip, icmp, tcp, udp, egp,
transmission and snmp.
• These groups are under MIB2 object in the object identifier tree.
Each group has defined variables and/ or tables.
30. 30
MIB structure and Object Identifier (Object ID or OID)
https://www.manageengine.com/network-monitoring/what-is-snmp.html
31. MIB (Management Information Base)
Following is a brief description of some of the objects.
• sys: system object defines general information about the node (system) such as
name, location, and lifetime.
• if: interface object defines information about all the interfaces of the node including
interface no. physical address and IP address.
• at: address translation object defines information about the ARP table.
• ip: this object defines information related to IP (routing table, IP address).
• icmp: this object defines information about the ICMP (no. of packets sent and
received and total errors created).
• tcp: this object defines information about the TCP (connection table, time-out value,
no. of ports and no. of packets sent and received ).
• udp: this object defines information about the UDP ( no. of ports and no. of packets
sent and received ).
• Snmp: this object defines information about SNMP (itself).
32. Management Information Base (MIB)
32
MIBs enable representation of device parameters in a standard format.
MIBs are nothing
• but the actual set of objects supported by a network device,
• for controlling and monitoring by the SNMP protocol.
Each protocol/entity that can be managed by SNMP (e.g.
System MIB,
Chassis MIB,
IP MIB,
TCP MIB,
UDP MIB,
ICMP MIB,
Interface MIB etc.).
MIBs are organized in a tree like structure and each MIB variable has a
unique object ID.
Each MIB file define three things, namely
• List of objects supported for a specific protocol/entity
• Type of each object
• Hierarchical relationship between all the objects of a given protocol/entity
33. Accessing MIB variables.
• Simple variables: to access the simple variables, we use the id of the group followed by the id of the variable. Following
figure shows how to access each variable.
For example: we use the group udp, then variables under udp group can be accessed as
follows.
udpInDatagrams 1.3.6.1.2.1.7.1
udpNoPorts 1.3.6.1.2.1.7.2
udpInErrors 1.3.6.1.2.1.7.3
MIB (Management Information Base)
34. Concise MIB Definition (RFC 1212)
34
OBJECT-TYPE MACRO ::=
BEGIN
TYPE NOTATION ::=
"SYNTAX" type(ObjectSyntax)
"ACCESS" Access
"STATUS" Status
DescrPart
ReferPart
IndexPart
DefValPart
VALUE NOTATION ::=
value (VALUE ObjectName)
DescrPart ::=
"DESCRIPTION" value (description DisplayString)
| empty
ReferPart ::=
"REFERENCE" value (reference DisplayString)
| empty
IndexPart ::=
"INDEX" "{" IndexTypes "}" | empty
IndexTypes ::=
IndexType | IndexTypes "," IndexType
IndexType ::=
value (indexobject ObjectName) | type (indextype)
DefValPart ::=
"DEFVAL" "{" value (defvalue ObjectSyntax) "}"
| empty
END
35. Writing the MIB
35
http://net-snmp.sourceforge.net/wiki/index.php/Writing_your_own_MIBs
For example, use the Net-SNMP examples mib, and start by moving it
to your own branch.
• Here is an example that moves it into the netSnmpPlaypen, which is a
branch we've defined for private testing purposes.
• No "public" management objects should ever be defined within this
tree.
• It is provided for private experimentation, prior to transferring a MIB
structure to another part of the overall OID tree.
36. Private MIB Registration
• Companies can register their private MIB
extensions in the global MIB tree by
contacting the Internet Assigned Numbers
Authority (IANA).
–http://www.iana.org/
• Currently assigned enterprise subtrees
36
ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers
39. SNMP versions
39
• SNMP standards are defined in a series of documents, called
request for comments or RFCs,
• proposed by the Internet Engineering Task Force (IETF).
• A list of RFCs for SNMPv1, SNMPv2, and SNMPv3 is available.
SNMP
SNMPv1 SNMPv2 SNMPv3
40. SNMP version 1
40
SNMPv1 RFC
The SNMP Version 1 RFC is:
RFC 1157. Simple Network Management Protocol
SMIv1 RFCs also apply to all SNMPv1 entities.
MIB-II RFCs also apply to all SNMPv1 agent entities.
41. SNMP version 2
41
The SNMP Version 2 RFCs are:
RFC 1901. Introduction to Community-based SNMPv2
RFC 1908. Coexistence between Version 1 and Version 2 of the
Internet-standard Network Management Framework
RFC 3416. Version 2 of SNMP Protocol Operations
RFC 3417. Transport Mappings
SMIv1 and SMIv2 RFCs also apply to all SNMPv2c entities.
MIB-II RFCs also apply to all SNMPv2c agent entities.
http://www.snmp.com/protocol/snmp_rfcs.shtml
42. • The SNMP Version 3 RFCs are:
• RFC 3410. Introduction and Applicability Statements for Internet Standard
Management Framework
• RFC 3411. An Architecture for Describing SNMP Management Frameworks
• RFC 3412. Message Processing and Dispatching
• RFC 3413. SNMP Applications
• RFC 3414. User-based Security Model
• RFC 3415. View-based Access Control Model
• RFC 3416. Version 2 of SNMP Protocol Operations
• RFC 3417. Transport Mappings
• RFC 3584. Coexistence between Version 1, Version 2, and Version 3 of the Internet-
standard Network Management Framework
• RFC 3826. The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP
User-based Security Model
• RFC 5343. Simple Network Management Protocol (SNMP) Context EngineID Discovery
• Additional SNMPv3 RFCs including the Datagram Transport Layer Security RFCs (also
known as DTLS or (D)TLS) are:
• RFC 5590. Transport Subsystem for the Simple Network Management Protocol (SNMP)
• RFC 5591. Transport Security Model for the Simple Network Management Protocol
(SNMP)
• RFC 5953. Transport Layer Security (TLS) Transport Model for the Simple Network
Management Protocol (SNMP)
• SMIv1 and SMIv2 RFCs also apply to all SNMPv3 entities.
MIB-II RFCs also apply to all SNMPv3 agent entities.
42
SNMP version 3
43. SNMP
SNMP uses both SMI and MIB in Internet network management. It is an
application program that allows
1. A manager to retrieve the value of an object defined in an agent.
2. A manager to store a value in an object defined in an agent.
3. An agent to send an alarm message about an abnormal situation (such as it’s
rebooting) to the manager.
PDUs
SNMPv3 defines eight types of packets (or PDUs):
GetRequest, GetNextRequest, GetBulkRequest, SetRequest, Response, Trap,
InformRequest and Report.
GetRequest: it is sent from the manager (client) to the agent (server) to retrieve
the value of a variable or a set of variables.
GetNextRequest: it is sent from the manager (client) to the agent (server) to
retrieve the value of a variable. It is mostly used to retrieve the values of the
entries in a table.
GetBulkRequest: it is sent from the manager (client) to the agent (server) to
retrieve a large amount of data. It can be used instead of above two PDUs
44. PDUs
SetRequest: it is sent from the manager (client) to the agent (server) to set (store)
a value in a variable.
Response: it is sent from an agent (server) to the manager (client) in response to
GetRequest or GetNextRequest. It contains the values of the variables
requested by manager.
Trap: the trap PDU is sent from the agent (server) to the manager (client) to
report an event, for example: if the agent is rebooted, it informs the manager
and reports the time of rebooting.
InformRequest: it is sent from one manager (client) to another remote manager
to get the value of some variables from agents under the control of the
remote manager. The remote manager responds with a Response PDU.
Report: the Report PDU is designed to report some types of errors between
managers. It is not yet in use.
SNMP
http://highered.mheducation.com/sites/0072967722/student_view0/chapter_27_quiz.html
45. 45
Being the part of TCP⁄ IP protocol suite,
the SNMP messages are wrapped as User Datagram Protocol (UDP)
and intern wrapped and transmitted in the Internet Protocol.
The following diagram will illustrate the four–layer model developed
by Department of Defense (DoD).
Typical SNMP communication
https://www.manageengine.com/network-monitoring/what-is-snmp.html
46. 46
GET⁄ GET NEXT⁄ GET BULK⁄ SET
Typical SNMP communication (cont…)
TRAP
INFORM