Network Administration

The administration of the Internet: SNMP (Simple Network Management Protocol)

TRAN PHUOC NGUYEN pn.tran2012@gmail.com

PTIT HCM, Feb. 12

Study Organization
08TH_MMT&TT ( 49 H Theory + 9 H Exercise)
78 students
7 groups 1 group (presentation)

Exercises Must resolve the provided exercises Practice Install SNMP on Linux or Windows

Study SNMP protocol by using iReasoning and Wirshark

12 sessions
6 Lectures 6 Exercises

Diligent (30%)
Present Exercise Practice

Examination (70%)
Multiple Choice Questions (MCQ) Theory Practice First Time (14/05/2012 -03/06/2012) Second Time (8/06/2012-24/06/2012)

PTIT HCM, Feb. 12

The Case for Management

PTIT HCM, Feb. 12

The Case for Management (1)

Remote User

Typical problem
Remote user arrives at regional office and experiences slow or no response from corporate web server
Regional Offices

Where do you begin?

Where is the problem? What is the problem? What is the solution?
WWW Servers

Without proper network management, these questions are difficult to answer

Corp Network

The Case for Management (2)

Remote User

With proper management tools and procedures in place, you may already have the answer Consider some possibilities
1. What configuration changes were made overnight? 2. Have you received a device fault notification indicating the issue? 3. Have you detected a security breach? 4. Has your performance baseline predicted this behavior on an increasingly congested network link?

Regional Offices

WWW Servers

Corp Network

Solving Problem Procedure

An accurate database of your networks topology, configuration, and performance A solid understanding of the protocols and models used in communication between your management server and the managed devices Methods and tools that allow you to interpret and act upon gathered information
Response Times High Availability

Security

Predictability

Introduction to Network Management

PTIT HCM, Feb. 12

Introduction
The network has become an indispensable resource to proper functioning of an organization, company, ... The administration of the network implements a set of means for:
Provide users with a quality service Allow the evolution of the system including new features Optimize the performance of services for users Allow for maximum use of resources for a minimum cost.

PTIT HCM, Feb. 12

Administration = operational part network

Administrative functions should allow
Extracting information from network elements using tools
Harvest a large number of information

Reducing the amount of information by means of filters

Select significant information

Storing information retained in a database administration data Processing of this information Provide interfaces (administrative user, network operator).
PTIT HCM, Feb. 12 9

Standards
To be used by a wide range of products (systems terminals, switches, routers, telecom devices ) and in a multi-vendor, There are two main types of standards:
SNMP: Is a set of standards including a protocol, a specification of the structure of the database and a set of objects. This is the standard TCP / IP. The administration of OSI: Includes a large set of standards that describe a general architecture of administration, service and Management Protocol (CMIS / CMIP), the specification of the structure of the database and a set of objects.
PTIT HCM, Feb. 12 10

Expected from the network administration

The functional areas of administration as defined in the OSI:
The fault management: allows the detection, location, fault repair and return to a normal situation in the environment. Accounting: to know the charges of managing objects, communication costs, ...
This assessment is based on the volume and duration of the transmission. These surveys are carried out at two levels: Network and Application.

Configuration Management: allows to identify, set the various objects. The procedures required to manage a configuration are information gathering, monitoring system status, the state backup in a history The performance audit: to evaluate the performance of system resources and effectiveness. The network performance is evaluated from four parameters: response time, throughput, bit error rate and availability. The security management: the control and distribution of the information used for safety. A subset of the MIBs concerns the Security Management Base (SMIB). It provides encryption and list of access rights. PTIT HCM, Feb. 12 11

Administration Organization
Who need administration and for what? There are different types of decision of administrators:
Operational decisions: decision in the short term regarding the administration and day to day operations real-time on the system. Tactical decisions: Medium-term decision network evolution and application of long-term policies Strategic decisions: long-term decision on strategies for the future by expressing the new needs and desires of users.

These levels determine different levels of administration:

Operational control system for operational decisions Network management for tactical decision Network analysis for tactical strategic decision Planning for strategic decisions

PTIT HCM, Feb. 12

12

The network management systems

A network management system is a collection of tools for controlling and managing the network, which includes:
An operator interface with a set of commands to perform most administration tasks of networks. A minimum of additional equipment integrated into the existing system.

Setting up a managed network environment

PTIT HCM, Feb. 12 13

PTIT HCM, Feb. 12

14

Network Management Configuration(1)

Network Management Entity (NME)
Contains a collection of software devoted to the NM task in each network node Collects statistics Stores statistics locally Responds to commands from network control center (manager) Transmit collect statistics to manager Change a parameters (a timer in a transport protocol) Provide status information Generate artificial traffic for testing Send messages to network control center for significant changes in local conditions Be referred to as an agent Agents are implemented in end systems and nodes
PTIT HCM, Feb. 12 15

Network Management Configuration(2)

Network Management Application (NMA)
Include an operator interface to allow an authorized user to manage the network Respond to user commands
display information issue commands to NMEs through the network

Communicate with and control NME in other nodes

Application-level network management protocol
PTIT HCM, Feb. 12 16

The architecture of a network management software

The architecture of the application in a manager or an agent will vary depending on the features of the platform. A generic view of a platform divided into three broad categories:
The software user The network management software Communication software and data support
PTIT HCM, Feb. 12 17

PTIT HCM, Feb. 12

18

User Presentation Software

An interface in manager systems
monitor and control the network

An interface in agent systems

network testing and debugging view or set parameters locally

Presentation tools
to organize, summarize, and simplify the information as much as possible to avoid information overload graphical presentations user interface should be the same at any node, regardless of vender
PTIT HCM, Feb. 12 19

Network Management Software (1)

Three-layer architecture
Network management application layer Application element layer Network management data transport service layer

PTIT HCM, Feb. 12

20

Network Management Software (2)

Network management application
Provides services of interest to users Each application covers a broad area of network management and should exhibit consistency over various types of configurations (LAN, WAN, ..)

Application elements
Implement primitive and general-purpose network management functions
generating alarms or summarizing data

Implement basic tools used by one or more network management applications Developed based on software reuse
PTIT HCM, Feb. 12 21

Network Management Data Transport Service

The module consists of
a NM protocol used to exchange management information among managers and agents a service interface to the application elements
Provides very primitive functions (get, set and trap)

PTIT HCM, Feb. 12

22

Communication & Database Support Software (1)

Network management software needs access to a local MIB, and to remote agents and managers Local MIB at an agent contains
Information reflecting the configuration and behavior of this node Parameters used to control the operation of this node

Local MIB at a manager contains

node-specific information summary information about agents under control

PTIT HCM, Feb. 12

23

Communication & Database Support Software (2)

MIB access module
Include basic file management software that enables access to the MIB Convert local MIB format to a standardized form across the NMS

Communications protocol stack

OSI or TCP/IP stack Support the network management protocol Support communications among agents and managers

PTIT HCM, Feb. 12

24

Distributed Network Management (1)

Management clients ( PCs, workstations )

Network Management server

Management application

Management server

MIB

Management application

MIB

Network
Element manager Element manager

Network resources ( servers, routers, hosts ) with management agents

PTIT HCM, Feb. 12 25

Distributed Network Management (2)

A centralized NMS enables the manager to maintain control over the entire configuration, balancing resource against needs and optimizing the overall utilization of resources Why distributed network management?
the proliferation of low-cost, high power PCs & workstations the proliferation of departmental LANs local control and optimization of distributed applications distributed computing

Architecture of distributed network management

hierarchical architecture department-level managers manage downsized applications and PC LANs
PTIT HCM, Feb. 12 26

Distributed Network Management (3)

Benefits
network management traffic overhead is minimized Offers greater scalability Eliminates single-point failure

Elements for hierarchical architecture

Distributed management workstations
be given limited access for monitoring and control manage the departmental resources

One central workstation (with a backup)

global access rights to manage all network resources interact with less-enabled management stations
PTIT HCM, Feb. 12 27

Distributed Network Management (4)

Distributed management system architecture
Management clients
Provide the user access to management services and information Provide a graphical user interface May access one or more management servers

Management servers are the heart of the system

Support a set of management applications and a MIB Store common management data models Route management information to applications and clients

Managed network devices

Are managed directly by one or more management servers Through a vendor-specific element manager or proxy
PTIT HCM, Feb. 12 28

SNMP
(Simple Network Management Protocol)

PTIT HCM, Feb. 12

29

Introduction to SNMP
Simple Network Management Protocol
Provides a tool
for multi-vender, interoperable network management used across a broad spectrum of product types
include end systems, bridges, switches, routers and telecommunications equipment

TCP/IP based

Benefits:
Very simple protocol, easy to use Allows remote management of the various machines The functional model for monitoring and for managing is scalable Independent of machine architecture administered
PTIT HCM, Feb. 12 30

Simple Network Management Protocol

A set of standards for network management
a protocol a data base structure specification a set of data objects

PTIT HCM, Feb. 12

31

SNMP Family (1)

SNMPv1
Proposed in 1989

SNMPv2
Proposed in 1993 Revised in 1995 An upgrade to SNMPv1 Add functional enhancements to SNMP and codify the use of SNMP on OSI-based networks
PTIT HCM, Feb. 12 32

SNMP Family (2)

SNMPv3
Issued in 1998 Define a security capability for SNMP and an architecture for future enhancements Used with the functionality provided by SNMPv2 or SNMPv1

PTIT HCM, Feb. 12

33

The Model (1)

An SNMP management is composed of three types of elements:
Agents to oversee equipment. We speak SNMP agent installed on any type of equipment. One or more management stations capable of interpreting data A MIB (Management Information Base) describes the information management.

A protocol enabled by an API allows supervision, controlling and changing the settings of the elements of network. Functions:
Get: allows the station to interview an agent, Get_next: allows playback of the next object of an agent without knowing the name Set: You can edit the data of an agent Trap: You can send an alarm

PTIT HCM, Feb. 12

34

The Model (2)

PTIT HCM, Feb. 12

35

The Model (3)

Using SNMP requires that all administrative agents and stations support IP and UDP. This limits the use of certain devices that do not support the TCP / IP. In addition, some machines (PC, station work, programmable controller, ... that implement TCP / IP support their applications, but do not wish to add a SNMP agent.
Use of the management proxy (proxies)
PTIT HCM, Feb. 12 36

MIB (Management Information Base)

Data Model associated with SNMP:
SMI (Structure of Management Information) - meta model MIB = list of variables recognized by the agents

Database containing information on the network elements to manage 1 resource to be managed = 1 object
MIB = Collection structured objects each node in the system must maintain a MIB reflecting the state of managed resources An administration entity can access resources on the node by reading the values of the object and modifying them.

2 goals
A common pattern: SMI (Structure of Management Information) A common definition of objects and their structure

PTIT HCM, Feb. 12

37

SMI (Structure of specification management information)

Gives the rules of definition, access and adding objects in the MIB (meta model) Objective: to encourage simplicity and the extension of the MIB
Make an object accessible in the same way on each network entity Have equal representation of objects The MIB contains simple elements (scalar and arrays twodimensional scalar) SNMP allows only scalar queries OSI provides structures and methods of research complex
PTIT HCM, Feb. 12 38

The specification of the MIB accessible tree

It uses ASN.1 syntax to describe the data. Each object is represented by an "object identifier" Example: Internet Object Identifier:: = {org ISO (3) dod (6) 1} 1.3.6.1 is in dotted notation for the node Internet. Example: directory OBJECT IDENTIFIER:: = {internet 1}
PTIT HCM, Feb. 12 39

The MIBs
Version 2 of the MIB mib-2 OBJECT IDENTIFIER:: = {mgmt 1} => Working Group "SNMP Working Group" MIB II: 10 subsets are:
System Interfaces At Ip Icmp Tcp Udp Egp Transmission Snmp
PTIT HCM, Feb. 12 40

The MIBs
System: is the name of the agent, no version, type of machine, operating system name, type of network software in printable ASCII

PTIT HCM, Feb. 12

41

The MIBs
Interface: Different networks of a machine (number of interfaces, types of interfaces, nom of vendors, speed of interfaces, inPackets, outPackets, Packet errors ..
PTIT HCM, Feb. 12 42

The MIBs
at: used for compatibility reasons with MIBI. It generates a translation table between logical (IP) and physical (MAC) network addresses, similar to ARP

PTIT HCM, Feb. 12

43

The MIBs
ip: different parameters (TTL, nb. received and sent packets, encapsulation packet, fragmentation, routing table, subnetmask, PHY add., etc.

PTIT HCM, Feb. 12

44

The MIBs
icmp: 26 counter, for each ICMP message, 2 counters operate for counting the sent and received messages tcp: provide the TCP connections (real-time), the parameters and states related to TCP connections ( listen, time-wait, nb. of active open connections, nb. of MAX simultaneously connections, ) udp: 4 counters indicate on the nb. of datagram UDP sent, received, errors, The table generates an application list using UDP. egp: corresponding to EGP (External gateway protocol), related to the nb. of incoming, outgoing, error packets, table of adjacent routers, the information of routers, transmission: only concern on Type Object Identifier::={transmission number} Allow to identify the type of media used for transmission snmp: related to SNMP protocol, including nb. of incoming, outgoing, bad version SNMP message , etc.
PTIT HCM, Feb. 12 45

SNMP Network Management

SNMP Protocol Specs SNMP Operations
GetRequest-PDU GetNextRequest-PDU SetRequest-PDU GetResponse-PDU Trap-PDU

Polling Frequency and limitations of SNMP v1 SNMPv2

PTIT HCM, Feb. 12

46

Communication Model
Communicate mgnt information between network mgnt stations and managed elements Goals:
o Management functions maintained by agents are kept simple o Protocol flexibility (addition of new aspects of operation and management) o Transparency (should not be affected by the architecture of particular hosts and gateways)

Operation: 5 messages
o get-request, get-next request, set-request o get-response, trap

SNMP messages are exchanged using UDP (connection less) transport protocol
PTIT HCM, Feb. 12 47

Message Format
version community data

Protocol entities support Like FTP, SNMP uses two wellapplication entities known ports to operate: Communication between remote UDP Port 161 - SNMP peer processes Message consists of Messages : UDP Port 162 - SNMP Trap
o Version identifier o Community name

Protocol Data Unit Message encapsulated in UDP datagrams and transmitted

Loss of message time out!

Messages Size of SNMP message: 1472 bytes

PTIT HCM, Feb. 12

48

Message Format
version community data

SNMP message format is defined using ASN.1, encoded for transmission over UDP using BER
Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs }

3 different versions: SNMPv1, SNMPv2, SNMPv3

PTIT HCM, Feb. 12 49

Message Format-Set/Get PDU

version community data

Message ::= SEQUENCE { version INTEGER {version-1(0)}, community OCTET STRING, data PDUs } PDUs::= CHOICE { get-request [0] IMPLICIT PDU, get-next-request [1] IMPLICIT PDU, get-response [2] IMPLICIT PDU, set-request [3] IMPLICIT PDU, trap [4] IMPLICIT Trap-PDU }

PTIT HCM, Feb. 12

50

Message Format-Set/Get PDU

PDUtype

requestid

errorstatus

errorindex

variable-bindings
request-id:

PDU ::= SEQUENCE { request-id INTEGER, error-status INTEGER { noError (0), tooBig (1), noSuchName(2), badValue (3), readOnly (4), genErr (5) }, error-index INTEGER, variable-bindings VarBindList }

track a message and indicate loss of a message (e.g., timeout, etc.) error-status: indicate the occurrence of error error-index: indicate the occurrence of error (position in the list of variables) variable-bindings: grouping of number of operations in a single message:
e.g., one request to get all values and one response listing 51 all values

PTIT HCM, Feb. 12

Message Format-variable bindings

var-bind 1 var-bind 2 var-bind n

name

value

name

value

...

name

value

VarBindList

::= SEQUENCE OF VarBind

VarBind ::= SEQUENCE { name ObjectName, value ObjectSyntax } ObjectName ::= OBJECT IDENTIFIER

ObjectSyntax ::= CHOICE { simple SimpleSyntax, application-wide ApplicationSyntax }

PTIT HCM, Feb. 12

52

Message Format-variable bindings

SimpleSyntax ::= CHOICE { number INTEGER, string OCTET STRING, object OBJECT IDENTIFIER, empty NULL } ApplicationSyntax::= CHOICE { address NetworkAddress, counter Counter, gauge Gauge, ticks TimeTicks, arbitrary Opaque } NetworkAddress::= CHOICE { internet IpAddress }
PTIT HCM, Feb. 12 53

Message Format-Trap PDU

PDUAgent Generic Specific Entreprise type Address Trap Type Trap Type Time Stamp

variable-bindings

Trap-PDU ::= SEQUENCE { -Pertain to the system generating enterprise OBJECT IDENTIFIER, the trap (sysObjectID) agent-addr NetworkAddress, -IP address of the object generic-trap INTEGER { coldStart (0), warmStart (1), linkDown (2), linkUp (3), authenticationFailure(4), egpNeighborLoss (5), enterpriseSpecific (6) }, Specific code to identify the specific-trap INTEGER, trap cause time-stamp TimeTicks, Elapsed time since last re-initialization variable-bindings VarBindList }
PTIT HCM, Feb. 12 54

SNMP Network Management

SNMP Protocol Specs SNMP Operations
GetRequest-PDU GetNextRequest-PDU SetRequest-PDU GetResponse-PDU Trap-PDU

Polling Frequency and limitations of SNMP v1 SNMPv2

PTIT HCM, Feb. 12

55

SNMP Operations
An SNMP entity performs the following to transmit a PDU
Construct a PDU using ASN.1 Pass PDU to Authentication Service (AS) along with s-d transport addresses and community name
o AS returns a PDU that is encrypted (if encryption is supported)

The Protocol entity then constructs an SNMP message by adding the version field and the community name to the PDU Message is encoded using BER and it is passed to the transport service

An SNMP entity performs the following upon reception of an SNMP message Basic syntax check, message is discarded in case of error Verifies the version number-message discarded if there is mismatch
o Authentication (if supported): if message does not authenticate, generate trap and discard message.

Finally, using the community name, the access policy is selected and PDU is processed
56

PTIT HCM, Feb. 12

GetRequest PDU
system (mib-2 1)

Sender includes the following fields:

PDU Type request-id Variable-bindings
A list of object instances whose values are requested

SNMP dictates that a scalar object is identified by its OBJECT-IDENTIFIER concatenated with 0
e.g., sysDescr.0: distinguishes between the object type and an instance of the object

sysDescr (1) sysObjectId (2) sysUpTime (3)

sysServices (7) sysLocation (6) sysName (5)

sysContact (4)

PTIT HCM, Feb. 12

57

GetRequest PDU
.0 indicates that the scalar value should be retrieved (scalar objects only)
Manager Process GetRequest (sysDescr.0) GetResponse (sysDescr .0= "SunOS" ) GetRequest (sysObjectID.0) GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 ) GetRequest (sysUpTime.0) GetResponse (sysUpTime.0=2247349530) GetRequest (sysContact.0) GetResponse (sysContact.0=" ") Agent Process

GetRequest (sysName.0)
GetResponse (sysName.0="noc1 ") GetRequest (sysLocation.0) GetResponse (sysLocation.0=" ") GetRequest (sysServices.0) GetResponse (sysServices.0=72)

The manager could have used only one message to obtain the values of all objects under system group: using variable binding list PTIT HCM, Feb. 12

58

GetRequest PDU
Get Request is atomic
Either all values (of all variables provided in the binding list) retrieved or none
With SNMP, only leaf objects

in the MIB can be retrieved

error message is generated if at least one of the variables could not be found/returned; errorstatus:
noSuchName tooBig genErr

e.g. it is not possible to retrieve an entire row of a table by simply accessing the Entry Object (e.g., ipRouteEntry) the management stations has to include each object instance (in the row) in the binding list
o By including the complete object identifier and respecting the rule of indexing!

error-index: indicate the problem object (i.e., variable in binding list that caused the problem)
PTIT HCM, Feb. 12

59

GetRequest PDU
ipRouteDest ipRouteMetric1 ipRouteNextHop

9.1.2.3 10.0.0.51 10.0.0.99

Index of table

3 5 5

99.0.0.3 89.1.1.42 89.1.1.42

GetRequest (ipRouteDest.9.1.2.3, ipRouteMetric1.9.1.2.3, ipRouteNextHop. 9.1.2.3 )

PTIT HCM, Feb. 12

60

GetNextRequest PDU
PDU format:
same as GetReqest
system (mib-2 1)

Difference:
each variable in the binding list refers to an object instance next in the lexicographic order
sysDescr (1) sysObjectId (2) sysUpTime (3) sysServices (7) sysLocation (6) sysName (5)

GetNextRequest (sysDescr.0) return the value of the object instance of sysObjectId Advantages:
Allows a network manager to discover a MIB structure dynamically Efficient way for searching through tables whose entries are unknown

sysContact (4)

PTIT HCM, Feb. 12

61

GetNextRequest PDU
Manager Process
GetRequest (sysDescr.0) GetResponse (sysDescr .0= "SunOS" ) Agent Process

GetNextRequest (sysDescr.0)
GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )

GetNextRequest (sysObjectID.0)
GetResponse (sysUpTime.0=2247349530) GetNextRequest (sysUpTime.0) GetResponse (sysContact.0=" ") GetNextRequest (sysContact.0) GetResponse (sysName.0="noc1 ") GetNextRequest (sysName.0) GetResponse (sysLocation.0=" ") GetNextRequest (sysLocation.0) GetResponse (sysServices.0=72) GetNextRequest (sysServices.0) GetResponse (noSuchName)

Error message: no object next to sysServices PTIT HCM, Feb. System Group Get-Next-Request Operation for 12 62

Generalized Case
A sample MIB that contains both scalar values and aggregate objects Retrieving scalar as well as aggregate objects using get-request and get-next-request
A B T Z

1.1

2.1

3.1

1.2

2.2

3.2

PTIT HCM, Feb. 12

63

Generalized Case
Manager Process Agent Process A

B GetRequest ( A ) GetResponse ( A ) GetRequest ( B ) GetResponse ( B ) GetRequest (T.E.1.1) GetResponse ( T.E.1.1 ) GetRequest (T.E.1.2) GetResponse ( T.E.1.2 ) GetRequest (T.E.2.1) GetResponse ( T.E.2.1 ) T.E.1.1 T.E.2.1 T.E.3.1 E

GetRequest (T.E.2.2)
GetResponse ( T.E.2.2 ) GetRequest (T.E.3.1 ) GetResponse ( T.E.3.1 ) GetRequest (T.E.3.2 ) Z T.E.1.2 T.E.2.2 T.E.3.2

GetResponse ( T.E.3.2 )
GetRequest (Z ) GetResponse ( Z )

PTIT HCM, Feb. 12

64

Generalized Case
Observations: 1)- we need to know all the elements in the MIB, including the # of columns and rows in a table
A

2)- a MIB is traversed from top to bottom (i.e., from left to right in the tree structure)
3)- data in tables is retrieved by traversing all instances of a columnar object NOTES: 1)- dynamic table: # rows may not be known to manager
A request to T.E.1.3 results in error message
T.E.1.2 T.E.1.1

T.E.2.1

T.E.3.1

T.E.2.2

T.E.3.2

3)- GetNextRequest could avoid this! 4)- A convention is required for the definition of the next object in a MIB SNMP uses lexicographic convention
PTIT HCM, Feb. 12

65

Lexicographic Convention
Procedure for ordering
Start with leftmost digit as first position Before increasing the order in the first position, select the lowest digit in the second position Continue the process till the lowest digit in the last position is captured Increase the order in the last position until all the digits in the last position are captured Move back to the last but one position and repeat the process Continue advancing to the first position until all the numbers are ordered
Numerical Order 1 2 3 9 15 22 34 115 126 250 321 1118 2509 Lexicographic order 1 1118 115 126 15 2 22 250 2509 3 321 34 9

Tree structure for the above process

PTIT HCM, Feb. 12

66

Lexicographic Ordring- example

start
1 1.1 1.1.5 1.1.18 1.2 1.2.6 2 2.2 2.10 2.10.9 3 3.4 3.21 9

end

10

21

18

MIB example of lexicographic ordering

PTIT HCM, Feb. 12 67

GetNextRequest PDU
Manager Process Agent Process A GetRequest ( A ) GetResponse ( A ) GetNextRequest ( A ) GetResponse ( B ) GetNextRequest ( B )

T.E.1.1 is next object to scalar B

GetResponse ( T.E.1.1 ) GetNextRequest (T.E.1.1 ) GetResponse ( T.E.1.2 ) GetNextRequest (T.E.1.2 ) GetResponse ( T.E.2.1 )

GetNextRequest (T.E.2.1 ) GetResponse ( T.E.2.2 )

GetNextRequest (T.E.2.2 ) GetResponse ( T.E.3.1 ) GetNextRequest (T.E.3.1 ) T.E.1.2 T.E.2.2 T.E.3.2 T.E.1.1 T.E.2.1 T.E.3.1

GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 ) GetResponse ( Z ) GetNextRequest ( Z ) GetResponse ( noSuchName ) Z

PTIT HCM, Feb. 12

68

GetNextRequest PDU
Manager Process Agent Process GetRequest ( A ) GetResponse ( A ) GetNextRequest ( A ) GetResponse ( B ) GetNextRequest ( B ) GetResponse ( T.E.1.1 ) GetNextRequest (T.E.1.1 ) GetResponse ( T.E.1.2 ) GetNextRequest (T.E.1.2 ) GetResponse ( T.E.2.1 )

Advantages of Get-NextRequest
1)- no need to know the object ID of the next entity to retrieve its value 2)- issues with dynamic table resolved 3)- allows NMS to discover the structure of a MIB view dynamically 4)- provides an efficient mechanism for searching a table whose entries are unknown
69

GetNextRequest (T.E.2.1 ) GetResponse ( T.E.2.2 )

GetNextRequest (T.E.2.2 ) GetResponse ( T.E.3.1 ) GetNextRequest (T.E.3.1 )

GetResponse ( T.E.3.2 )
GetNextRequest (T.E.3.2 ) GetResponse ( Z ) GetNextRequest ( Z ) GetResponse ( noSuchName )

PTIT HCM, Feb. 12

Lexicographic Ordring- example

ipRouteDest 9.1.2.3 10.0.0.51 10.0.0.99 ipRouteMetric1 3 5 5 ipRouteNextHop 99.0.0.3 89.1.1.42 89.1.1.42

ipRouteTable 1.3.6.1.2.1.4.21

Index of table

ipRouteEntry 1.3.6.1.2.1.4.21.1 = x

ipRouteDest x.1

ipRouteMetric1 x.3

ipRouteNextHop x.7

ipRouteDest.9.1.2.3 x.1.9.1.2.3 ipRouteDest.10.0.0.51 x.1.10.0.0.51 ipRouteDest.10.0.0.99 x.1.10.0.0.99

ipRouteMetric1.9.1.2.3 x.3.9.1.2.3 ipRouteMetric1.10.0.0.51 x.3.10.0.0.51 ipRouteMetric1.10.0.0.99 x.3.10.0.0.99 12 PTIT HCM, Feb.

ipRouteNextHop.9.1.2.3 x.7.9.1.2.3 ipRouteNextHop.10.0.0.51 x.7.10.0.0.51 ipRouteNextHop.10.0.0.99 x.7.10.0.0.99

70

Accessing Table Values

ipRouteDest 9.1.2.3 10.0.0.51 10.0.0.99 ipRouteMetric1 3 5 5 ipRouteNextHop 99.0.0.3 89.1.1.42 89.1.1.42

Retrieving the entire table w/out knowing its contents or number of rows:
GetNextRequest (ipRouteDest, ipRouteMetric1, ipRouteNextHop)

The agent will respond with the values from the first row
GetResponse ((ipRouteDest.9.1.2.3 = 9.1.2.3), (ipRouteMetric1.9.1.2.3 = 3), (ipRouteNextHop.9.1.2.3 = 99.0.0.3))

The MS stores this info and retrieves the second row

PTIT HCM, Feb. 12 71

Accessing Table Values

ipRouteDest 9.1.2.3 10.0.0.51 10.0.0.99 ipRouteMetric1 3 5 5 ipRouteNextHop 99.0.0.3 89.1.1.42 89.1.1.42

GetNextRequest (ipRouteDest.9.1.2.3, ipRouteMetric1.9.1.2.3, ipRouteNextHop.9.1.2.3) ------------------------------------------GetResponse ((ipRouteDest.10.0.0.51 = 10.0.0.51), (ipRouteMetric1.10.0.0.51 = 5), (ipRouteNextHop.10.0.0.51 = 89.1.1.42)) --------------------------------------------------------------------GetNextRequest (ipRouteDest.10.0.0.51, ipRouteMetric1.10.0.0.51, ipRouteNextHop.10.0.0.51) ------------------------------------------GetResponse ((ipRouteDest.10.0.0.99 = 10.0.0.99), (ipRouteMetric1.10.0.0.99 = 5), (ipRouteNextHop.10.0.0.99 = 89.1.1.42))
PTIT HCM, Feb. 12 72

Accessing Table Values

ipRouteDest 9.1.2.3 10.0.0.51 10.0.0.99 ipRouteMetric1 3 5 5 ipRouteNextHop 99.0.0.3 89.1.1.42 89.1.1.42

What happens next!, When does the MS stop?

GetNextRequest (ipRouteDest.10.0.0.99, ipRouteMetric1.10.0.0.99, ipRouteNextHop.10.0.0.99) ------------------------------------------GetResponse ((ipRouteMetric1.9.1.2.3 = 3), (ipRouteNextHop.9.1.2.3 = 99.0.0.3), (ipNetToMediaIfIndex.1.3 = 1))

Object names in the list in the response does not match those in the request MS knows it has reached the end of the table
PTIT HCM, Feb. 12 73

SetRequest-PDU
Write a value rather than reading a variable The operation is atomic:
o

either all variables in binding list are updated or none

Procedure receive-SetRequest: begin if object not available for set then issue getresponse (noSuchName, index) else if inconsistent object value then issue getresponse (badValue, index) else if generated PDU too big then issue getresponse (tooBig) else if value not settable for some other reason then issue getresponse (genErr, index) else issue getresponse (variable bindings) end; PTIT HCM, Feb. 12 74

SetRequest-PDU-example
ipRouteDest 9.1.2.3 10.0.0.51 10.0.0.99 ipRouteMetric1 3 5 5 ipRouteNextHop 99.0.0.3 89.1.1.42 89.1.1.42

Updating the value of ipRouteMetric1 metric of the first row: SetRequest (ipRouteMetric1.9.1.2.3 = 9) GetResponse (ipRouteMetric1.9.1.2.3 = 9)

Adding a row to the table -- a MS issues a command: SetRequest ((ipRouteDest.11.3.3.12 = 11.3.3.12), (ipRouteMetric1.11.3.3.12 = 9), (ipRouteNextHop.11.3.3.12 = 91.0.0.5))
But this is currently unknown for the agent!

Index of the new object instance in the table

PTIT HCM, Feb. 12

75

SetRequest-PDU-example
Adding a row to the table -- a MS issues a command: SetRequest ((ipRouteDest.11.3.3.12 = 11.3.3.12), (ipRouteMetric1.11.3.3.12 = 9), (ipRouteNextHop.11.3.3.12 = 91.0.0.5)) Three ways for the agent to handle the request: only this argument is passed, If 1)- reject the operation with error-status =then the agent may accept or not; noSuchName if it accepts to create the row, 2)- recognize the operation (as creation of a new row)other objects are assigned then the and check whether default values the operation can be accepted (i.e., all values are correct, no syntax error, etc..) 2.1)- if NO, then return error-status = badValue 2.2)- if YES, then new row is created and GetResponse ((ipRouteDest.11.3.3.12 = 11.3.3.12), (ipRouteMetric1.11.3.3.12 = 9), (ipRouteNextHop.11.3.3.12 = 91.0.0.5))
PTIT HCM, Feb. 12 76

SetRequest-PDU-example
Row Deletion: SetRequest (ipRouteMetric1.7.3.5.3 = invalid) GetResponse (ipRouteMetric1. 7.3.5.3 = invalid) Some other tables may/may not allow any operation to be done on its columnar objects check RFCs for more details Performing an action: SNMP can read and set values of objects. SNMP can also issue commands to perform certain actions: example, a device may have a flag reBoot, if it is set by the manager, then the device will reboot.

PTIT HCM, Feb. 12

77

References
Internet Standards 15, 16 and 17 ASN.1 Complete, J. Larmouth, Open Systems Solutions, 1999 (available online) SNMP : a guide to network management, S. Feit, McGraw-Hill, 1995 Mani Subramanian .Network Management: Principles and Practice. Addison Wesley. 2000. Computer network manager E.C Rosen, 2002 Richard Burke. Network Management: Concepts and Practice, A Hands-On Approach. Prentice Hall. 2003

Implementation Net-SNMP (Net-SNMP: Open source SNMP implementation) Netsnmpj: Open source SNMP for Java OpenSNMP: multi-threaded SNMPv3 engine PySNMP: pure-Python module, BSD license TinySNMP: an easy to configure minimal SNMPv1 agent .SNMPv3 for .NET iReasoning MIB Browser / SNMP Manager (Free) Net::SNMP : a pure Perl module that implements SNMPv1, v2 and v3 on IPv4 and IPv6 SNMP4J - Free SNMP API for Java Managers and Agents versatile-serializing.net, .NET library, contains a SNMP V2C implementation

PTIT HCM, Feb. 12

78