SI MPLE NETWORK MANAGEMENT PROTOCOL (SNMP) 9/20/2014 1 Department of Computer Science COMPUTER NETWORK PROTOCOLS Assignment I Dated : 18-08-2014 M. Tech [CSE] I year / I Semester SNMP - Contents Introduction. OSI Layers. Components. Functionality - Principle of Communication. Functional area of Network Management. Traps, Port and UDP. Message Format. Management Information Base(MIB) & MIB Objects. Message Types. Languages of SNMP. SNMP Commands. SNMP Versions RFCs. Advantages. References.
9/20/2014 Department of Computer Science 2 SNMP - Introduction A Internet Standard protocol for managing devices on IP network. SNMP is a component of the Internet Protocol Suite as defined by the I nternet Engineering Task Force (I ETF). SNMP is used mostly in network management systems to monitor network-attached devices. It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects. SNMP is not NMS. SNMP is protocol that facilitates network management functionality. It is not, in itself, a network management system (NMS). SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices.
9/20/2014 Department of Computer Science 3 SNMP - HISTORY Apr. 1989 - SNMP promoted to recommended status as the de facto TCP/IP network management framework (RFC 1098). J une 1989 Internet Architecture Board(IAB) committee which oversees IETF decides to let SNMP develop separately. May 1990 - IAB promotes SNMP to a standard protocol with a recommended status (RFC 1157) Mar. 1991 - format of MIBs and traps defined (RFCs 1212, 1215) TCP/IP MIB definition revised to create SNMPv1 (RFC 1213)
9/20/2014 Department of Computer Science 4 SNMP & OSI Layers 7 APPLICATION LAYER Management and Agent APIs, SNMP 6 PRESENTATION LAYER ASN.1 and BER 5 SESSION LAYER RPC and NetBIOS 4 TRANSPORT LAYER TCP and UDP 3 NETWORK LAYER IP 2 DATA LINK LAYER ETHERNET, TOKEN RING and FDDI 1 PHYSICAL LAYER 9/20/2014 Department of Computer Science 5 SNMP - Components An SNMP managed network consists of three key components Managed Device A network node that implements an SNMP interface. Can be any type of network device. Network Management System provide the bulk of the processing and memory resources required for network management. Agent Software that runs on managed device. 9/20/2014 Department of Computer Science 6 PRINCIPLE OF COMMUNICATION 9/20/2014 Department of Computer Science 7 SNMP manager - An SNMP manager, also known as an SNMP management system or a management console, is any computer that sends queries for IP-related information to a managed computer, known as an SNMP agent. SNMP agent - An SNMP agent is any computer or other network device that monitors and responds to queries from SNMP managers. The agent can also send a trap message to the manager when specified events, such as a system reboot or unauthenticated access failure.
9/20/2014 Department of Computer Science 8 SNMP NETWORK MANAGEMENT HAS THREE PARTS 9/20/2014 Department of Computer Science 9 SNMP PROTOCOL Defines format of messages exchanged by management systems and agents. Specifies the Get, GetNext, Set, and Trap operations STRUCTURE OF MANAGEMENT INFORMATION Rules specifying the format used to define objects managed on the network that the SNMP protocol accesses MANAGEMENT INFORMATION BASE A map of the hierarchical order of all managed objects and how they are accessed FUNCTIONAL AREAS OF NMS
9/20/2014 Department of Computer Science 10 Configuration Management inventory and configuration. Fault Management reactive and proactive fault Performance Management No. of packets dropped, timeouts, collisions, CRC errors Accounting Management Cost Management Asset Management statistics of equipment, facility, and administration personnel
Planning Management analysis of trends to help justify a network upgrade or bandwidth increase TRAPS Traps are unrequested event reports that are sent to a management system by an SNMP agent process. When a trappable event occurs, a trap message is generated by the agent and is sent to a trap destination (a specific, configured network address). Many events can be configured to signal a trap, like a network cable fault, failing NI C or Hard Drive, a General Protection Fault, or a power supply failure. Traps can also be throttled -- You can limit the number of traps sent per second from the agent. Traps have a priority associated with them -- Critical, Major, Minor, Warning, Marginal, I nformational, Normal, Unknown
9/20/2014 Department of Computer Science 11 SNMP Trap Types 9/20/2014 Department of Computer Science 12 Trap Type Trap Name Description 0 ColdStart The SNMP agent initialized its configuration tables. 1 WarmStart The SNMP agent re-initialized its configuration tables. 2 LinkDown The state of a network adapter on the SNMP agent changed from up to down 3 LinkUp The state of a network adapter on the SNMP agent changed from down to up. 4 authenticationFailure The SNMP agent received a message from an SNMP manager, but the message contained an invalid community name. 5 egpNeighborLoss The SNMP agent could not communicate with its Exterior Gateway Protocol(EGP) peer. 6 enterpriseSpecific Reserved for vendor-defined error conditions and error codes SNMP USES UDP 9/20/2014 Department of Computer Science 13 UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap Messages
MESSAGE FORMAT 9/20/2014 Department of Computer Science 14 Message Length Message Version Community String PDU Header PDU Body Message Preamble SNMP Protocol Data Unit 9/20/2014 Department of Computer Science 15
Message Length Message Version Community String PDU Type PDU Length Request ID Error Status Error Index Length of Variable Bindings Length of First Binding Additional Variable Bindings OID of First Binding Type of First Binding Value of First Binding Length of Second Binding OID of Second Binding Type of Second Binding Value of Second Binding Message Length Message Version Community String PDU Type PDU Length Enterprises MIB OID Agent IP Address Standard Trap Type Length of Variable Bindings Length of First Binding Additional Variable Bindings OID of First Binding Type of First Binding Value of First Binding Length of Second Binding OID of Second Binding Type of Second Binding Value of Second Binding Specific Trap Type Time Stamp PDU Body SNMP Message Preamble PDU Header SNMP Message Formats What is Management Information Base? When an SNMP manager requests information from an SNMP agent, the SNMP agent retrieves the current value of the requested information from the Management Information Base (MIB). Each system in a network (workstation, server, router, bridge, and so forth) maintains a MIB. MIB has status of the managed resources on that system, such as the version of the software running on the device, the I P address assigned to a port or interface, the amount of free hard drive space, or the number of open files. The MIB defines the managed objects that an SNMP manager monitors (or sometimes configures) on an SNMP agent. SNMP relies on the three basic operations: get (object), set (object, value) and get-next (object). 9/20/2014 Department of Computer Science 16 Structure of MIB 9/20/2014 Department of Computer Science 17 MIB Objects
The definition of each MIB object that an SNMP agent manages includes the following elements: The object name and object identifier (also known as an OID). A text description of the object. The objects data-type definition (such as counter, string, gauge, or address). The index for objects that are assigned complex data types. The index specifies the key field for the table that is, the field that can be used to identify a row. The only complex SNMP data type that is allowed is a table, and tables cannot be nested. Examples include the list of a systems network interfaces, a routing table, or the Address Resolution Protocol (ARP) table. The level of access to the object (such as read or read/write) that is allowed. Size restrictions. Range information.
9/20/2014 Department of Computer Science 18 9/20/2014 Department of Computer Science 19 SNMP MESSAGE TYPES SNMP Manager/Agent Communication 9/20/2014 Department of Computer Science 20 The SNMP manager, Host A, forms an SNMP message that contains an information request (Get) for the number of active sessions, the name of the community to which the SNMP manager belongs, and the destination of the message the IP address (131.107.3.24) of the SNMP agent, Host B.
The SNMP manager can use either the Microsoft SNMP Management API library (Mgmtapi.dll) or the Microsoft WinSNMP API library (Wsnmp32.dll) to perform this step. The SNMP manager sends the information request to Host B by using the SNMP service libraries.
When Host B receives the message, it verifies that the community name (MonitorInfo) contained in the packet is on its list of acceptable community names, evaluates the request against the agents list of access permissions for that community, and verifies the source IP address.
If the community name or access permission is incorrect, and the SNMP service has been configured to send an authentication trap, the agent sends an authentication failure trap to the specified trap destination, Host C. Hosts B and C belong to the TrapAlarm community.
The master agent component of the SNMP agent calls the appropriate extension agent to retrieve the requested session information from the MIB.
Using the session information that it retrieved from the extension agent, the SNMP service forms a return SNMP message that contains the number of active sessions and the destination the IP address (131.107.7.29) of the SNMP manager, Host A.
Host B sends the response to Host A.
9/20/2014 Department of Computer Science 21 SNMP Manger/Agent Communication Network protocol identification and statistics.
Dynamic identification (discovery) of devices attached to the network.
Hardware and software configuration data.
Device performance and usage statistics.
Device error and event messages.
Program and application usage statistics.
9/20/2014 Department of Computer Science 22 9/20/2014 Department of Computer Science 23 Languages of SNMP
Structure of Management Information (SMI) Abstract Syntax Notation One (ASN.1) Basic Encoding Rules (BER) specifies the format used for defining managed objects that are accessed via the SNMP protocol used to define the format of SNMP messages and managed objects (MIB modules) using an unambiguous data description format used to encode the SNMP messages into a format suitable for transmission across a network SNMP COMMANDS 9/20/2014 Department of Computer Science 24 SNMP - VERSIONS The following RFCs relate to SNMP version 1: RFC 1157, Simple Network Management Protocol (SNMP). RFC 1155, Structure and Identification of Management Information for TCP/IP-based Internets. RFC 1213, Management Information Base for Network Management of TCP/IP-based Internets: MIB-II. RFC 1573, Evolution of the Interfaces Group of MIB-II. The following RFCs relate to SNMP version 2: RFC 1901, Introduction to CommunityBased SNMPv2. RFC 1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2). RFC 1903, Textual Conventions for SNMPv2. RFC 1904, Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2). RFC 1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2). RFC 1906, Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2). RFC 1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2). RFC 1908, Coexistence between Version 1 and Version 2 of the Internet-standard Network Management Framework. RFC 2089, V2ToV1 Mapping SNMPv2 onto SNMPv1 Within a Bi-Lingual SNMP Agent. 9/20/2014 Department of Computer Science 25 9/20/2014 Department of Computer Science 26 SNMP Advantages Standardized universally supported extendible portable allows distributed management access lightweight protocol Example MIB Object 9/20/2014 Department of Computer Science 27 sysContact OBJECT-TYPE -- OBJECT-TYPE is a macro SYNTAX DisplayString (SIZE (0..255)) ACCESS read-write -- or read-write, write-only, not-accessible STATUS mandatory -- or optional, deprecated, obsolete DESCRIPTION Chris Francois cfrancois@acm.org (360)650-0000 ::= { system 4 } Example OID in NET-SNMP TOOL 9/20/2014 Department of Computer Science 28 REFERENCES docs.oracle.com/cd/...01/.../SNMP_commands_reference_appendix.html technet.microsoft.com/en-us/library/cc783142(v=ws.10).aspx en.wikipedia.org/wiki/Simple_Network_Management_Protocol www.cisco.com/c/en/us/td/docs/ios/12_2/.../command/.../frf014.html
9/20/2014 Department of Computer Science 29 Queries 9/20/2014 Department of Computer Science 30 9/20/2014 Department of Computer Science 31