SlideShare una empresa de Scribd logo

SNMP AT a GLANCE

Descargar como PPTX, PDF
A
assinha

overview of SNMP and description of features of SNMPv1,v2 and V3.It describes SNMP Key concepts with examples.

Educación
1 de 34
1
Overview SNMP (Simple Network Management Protocol) - It is an Internet-standard protocol for managing devices (routers, switches, printers, workstations, servers etc.) on IP network. The standard was defined by IETF RFC 1157 in May of 1990. It can be used to monitor the health of your routers, servers, and other pieces of network hardware, but you can also use it to control your network devices and even send pages or take other automatic action if problems arise. SNMP is an application layer protocol which uses User Datagram Protocol (UDP) for transport layer and Internet Protocol (IP) in the network layer of the TCP/IP protocol suite. SNMP requests are transmitted as UDP datagrams over a connectionless transmission interface between SNMP Manager and Agent (Residing in the device to be monitored). Communication is preformed via UDP on ports 161 and 162. 2
Key Components Managed Object (MO) – A resource that is supervised and controlled by the SNMP manager (e.g. switch, workstation etc.). MO can represent one or more resources or relationship between resources. MO has certain properties called attributes. Attribute – It describes the characteristics, current state and condition of the operation on the MO. An Attribute value is associated with each Attribute. For example a switch may have an attribute called status and value “operational”. Management Information Base (MIB) – It is a database containing information about elements to be managed In the MIB. Each resource is represented as an MO. Each MO is identified using a unique Object Identifier (OID). It Provides a map between numeric OIDs and a textual human readable form. Structured Management Information (SMI) - It defines the framework within which an MIB can be defined and constructed. It defines the data types that can be used and how MOs can be represented and named in the MIB. It is defined in RFC 1155. 3
Key Components Abstract Syntax Notation one(ASN.1) - SMI specifies use of ASN.1 to describe MIB variables. It is a notation (representation) that describes an abstract syntax for data types such as integers, counters etc. It has a set of simple data types and structure types that are used to define MIB structure. Basic Encoding Rule (BER) - It describes the actual representation of data. It provides a set of rules to develop bit level data for communication. The rule require that each type need to be converted to a data element. Data Element – It consist of three components – Type , Length and value (TLV). Type indicates whether the data element is a OBJECT IDENTIFIER or a Sequence etc. Length indicates length of content in octets. Value indicates the actual information of data element. It can be of variable length. V T L T L V T L V 4
Key Components SNMP Agent – Network device runs a SNMP agent as a daemon process which answers requests from the Manager. It makes the Object (MO) visible to Manager. It performs action on the Object requested by a Manager. It also notifies any change in the state of Object to Manager. SNMP Manager – It manages the system. It controls the MO by sending action request to agent. It can only deal with the MOs that the agent allows it to see. Several managers may share the same agent. Several managers may control the same MO. Working principle - Network device runs an SNMP agent as a daemon process which answers requests from the network. The agent populates the MIB which provides a large number of Object Identifiers and makes them available. An SNMP manager (client) can then query the agent’s OIDs for specific information. 5
Key Components SNMP Community – SNMP agent establishes a community with a set of managers based on the authentication and access privileges required for them to access the MIB or a subset of the MIB. Agent can define different communities based on the access privileges required for a set of managers. Each community is given a name. When agent receives a request from a Manager, it verifies the “community name” in the request message for authentication and provides limited access to MIB based on access policy. Traps – It enables an agent to send asynchronous messages to the managers. It is used to inform the managers of some significant event (e.g. link-down, cold-start ). 6
Example of SMI structure Below is a part of the Structure of Management Information of System Object Group in ASN.1. It declares “system” as a MIB Object. RFC1214-MIB DEFINITIONS :: = BEGIN IMPORTS TimeTicks, IpAddress, Counter FROM RFC1151-SMI; OBJECT-TYPE FROM RFC-1212; system OBJECT INDENTIFIER :: = { mib-2 1} sysUpTime OBJECT-TYPE TimeTicks (.001a): SYNTAX TimeTicks Time since last ACCESS read-only STATUS mandatory :: = { system 3} . . END 7
Defining a Table Defining a two dimensional table in ASN.1 – Define tcpConntable as a table containing TCPConnEntry as row. Each instance of TcpConnEntry will be considered as a row. tcpConntable OBJECT-TYPE SYNTAX Sequence of TcpConnEntry ACCESS not-accessible STATUS mandatory Description “A table containing TCP connection specific information” :: = { tcp 13} 8
Defining a Table Define columns (TcpConnEntry ) and Index - tcpConnEntry OBJECT-TYPE SYNTAX TcpConnEntry ACCESS not-accessible STATUS mandatory DESCRIPTION “Information about a particular current TCP connection” INDEX { tcpConnState, tcpConnLocalAddress, tcpConnLocalPort, tcpConnremAddress, tcpConnLocalPort } :: = { tcpConnTable 1} 9
Defining a Table Define columns (TcpConnEntry ) - TcpConnEntry ::= SEQUENCE { tcpConnState INTEGER, tcpConnLocalAddress IpAddress, tcpConnLocalPorta INTEGER(0…65535), tcpConnremAddress, IpAddress, tcpConnLocalPort INTEGER(0…65535) } Define each column entry - tcpConnState OBJECT-TYPE SYNTAX INTEGER { closed(1),listen(2),… deleteTCB(12) } ACCESS read-write STATUS mandatory DESCRIPTION “State of this TCP connection” :: = { tcpConnEntry 1 } 10
Defining a Table Define column entry - tcpConnLocalAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The local IP address of this TCP connection” :: = { tcpConnEntry 2 } tcpConnLocalPort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Local port number for this TCP connection” :: = { tcpConnEntry 3 } 11
Defining a Table Define column entry - tcpConnRemoteAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The Remote IP address of this TCP connection” :: = { tcpConnEntry 4 } tcpConnRemotePort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Remote port number for this TCP connection” :: = { tcpConnEntry 5 } 12
Defining a Table Define column entry - tcpConnRemoteAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The Remote IP address of this TCP connection” :: = { tcpConnEntry 4 } tcpConnRemotePort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Remote port number for this TCP connection” :: = { tcpConnEntry 5 } 13
Defining a Table The tcpConnTable table with column entries will be as below. OID is mentioned for each column. tcpConnState 1.3.6.1.2.1.6. 13.1.1 tcpConnLocal IpAddress 1.3.6.1.2.1.6. 13.1.2 tcpConnLocal Port 1.3.6.1.2.1.6. 13.1.3 tcpConnRemote IpAddress 1.3.6.1.2.1.6. 13.1.4 tcpCnnEntry oid for rows = 1.3.6.1.2.1.6.13 .1 tcpConnRemo tePort 1.3.6.1.2.1.6. 13.1.5 5 10.0.0.56 12 9.3.5.13 15 4 0.0.0.0 98 0 0 7 10.0.0.56 14 102.34.56.8 84 14
Defining a TRAP Traps - It is an asynchronous message sent by agent to Manager. It sends the trap to desired managers based on the Trap configuration file entry. tcpConnRemoteAddress TRAP-TYPE ENTERPRISE frame-relay VARIABLES (frCircuitIndex, frCircuitInDlci, frCircuitState) DESCRIPTION “Trap for frCircuitState state change notification” :: = 1 15
MIB Tree It is a MIB tree which displays the various groups and their associated OID. ROOT ITU-T(0) ISO(1) Joint-ISO-ITU-T(2) STND(0) REG-AUTH(1) MEM(2) CC ( iISO3166) IE-ORG(3) ICD (ISO 6523) DOD(6) Internet(1) Mgmt(2) Mib-2(1) Interfaces(2) Interfaces is uniquely identified as 1.3.6.1.2.1.2 16
SNMP Packet Data Unit Information is exchanged between a agent and a manager in the form of a SNMP message. Each message includes SNMP version number, community name and SNMP PDU. version community SNMP PDU (SNMP message format) SNMP PDU can be one of the following types of PDUs as below. PDU type request-id error–status error-index Variable-bindings PDU type Enter prise Agent-addr Generic -trap Specific -trap Time- Stamp Variable-bindings (PDU) variable-bindings PDU type request-id 0 0 name1 value1 … nameN valueN (Request PDU) (Response PDU) (Trap PDU) 17
Transmission of SNMP Messages Variable Binding – All SNMP operation involve access to an Object instance .SNMP allows grouping a number of same type of operations (get , set) in to a single message. To implement this all SNMP PDUs include a variable binding field. The field consist of a sequence of reference to object instance and corresponding value of the object. The variable binding part is ignored where PDU is concerned only with name of the object instance. SNMP performs following actions to transmit any of the PDUs to another SNMP entity. • PDU is constructed using ASN.1 structures defined in RFC 1157. • This PDU is then passed to Protocol Entity to construct a SNMP message consisting of version, community name and the PDU. • The new ASN.1 Object is encoded using BER and passed to transport service. 18
Receipt of SNMP Messages SNMP performs following actions after receiving any SNMP message from another SNMP entity. • It does a basic syntax check and discards the message if check fails • It verifies version number and discards the message if version mismatch • If authentication fails then Protocol Entity generates a TRAP and discards the message. • If authentication succeeds , a PDU in the form of an ASN.1 object that confirms to RFC 1157 is returned • Protocol entity does basic syntax check and discards the PDU if fails • Using community name, appropriate access policy, PDU is processed. 19
MIB View MIB-2 mib view - 20 ISO(1) IE-ORG(3) DOD(6) Internet(1) Mgmt(2) Interfaces(2) Mib-2(1) system(1) at(3) ip(4) icmp(5) tcp(6) udp(7) egp(8) cmot(9) transmission(10) snmp(11)
MIB-2 mib groups Part of the MIB-2 groups are shown below. system(1) sysDescr(1) sysObjectid(2) sysUpTime(3) sysContact(4) sysName(5) sysLocation(6) sysServices(7) Interface(2) ifNumber(1) IfTable(2) ifEntry(1) ifIndex(1) ifDescre(2) ip(4) ipForwarding(1) ipDefaultTTL(2) ipInreceives(3) ipAddrTable(20) ifOperStatus(8) ifSpecific(22) ipAddrEntry(1) ipAdpEntAddr(1) ipAdEntifindex(2) ipAdEntNetMask(3) ipAdEntBcastAddr4) ipAdEnReasmMaxSize(5) (MIB-2 System Group) (MIB-2 Interface Group) (MIB-2 IP Group)
Accessing Object Values Retrieving a simple object value - To access “Sysdescr” value from “MIB 2 system group” snmpGet option Hostname community 1.3.6.1.2.1.1.1.0 Response possible - 1.3.6.1.2.1.1.1.0 , value = <Name of SNMP agent> Retrieving a number of simple object value - To access multiple simple objects “sysDescr”, “sysObjectid”, “sysName”, and “sysLocation” values from MIB-2 system group snmpGet option Hostname community 1.3.6.1.2.1.1.1.0, 1.3.6.1.2.1.1.2.0, 1.3.6.1.2.1.1.6.0, 1.3.6.1.2.1.1.7.0 Response possible - 1.3.6.1.2.1.1.1.0 , value = <Name of SNMP agent> 1.3.6.1.2.1.1.2.0, value = 10 1.3.6.1.2.1.1.6.0, value = Drone 1.3.6.1.2.1.1.7.0, value = Bangalore 22
Accessing Object Values To access multiple simple objects udpIndatagrams, udpNoPorts, udpInError, updOutDatagrams values from MIB-2 UDP group snmpGetNext option Hostname –c community 1.3.6.1.2.1.7.1.0, 1.3.6.1.2.1.7.2.0, 1.3.6.1.2.1.7.3.0, 1.3.6.1.2.1.7.4.0 Agent will return values in lexicographic order– 1.3.6.1.2.1.7.1.0, value = 90 1.3.6.1.2.1.7.2.0, value = 1 1.3.6.1.2.1.7.3.0, value = 2 1.3.6.1.2.1.7.4.0, value = 120 If udpNoPorts is not supported then agent will retun the value of next OID in lexicographic order i.e. udpInError and finally udpOutputdatagrams. 23
Accessing Table Values Accessing Table values – If contents and no. of rows are not known , then snmpGetNext can be invoked with column names. Agent will respond with values of first row. • Retrieve a value using table index - Use an index into the table to select the field which uniquely indentifies the row. To get netmask in the ipAddrtable (MIB-2 IP group) for a router whose ipaddress is 100.90.22.7 snmpGet hostname -c public 1.3.6.2.1.4.20.1 3 100.90.22.7 • Retrieve a value using GetNext Get operational status on interface 1 (Interface group) snmpGetNext hostname -c public 1.3.6.1.2.1.2.2.1.8.1 Response - 1.3.6.1.2.1.2.2.1.8.2, value = 1 24
Object and Table Modification Modify Object value Set sysName for a router in MIB-2 system group SNMPset hostname –c community 1.3.6.1.2.1.1.5.0 value=“CiscoRouter1” Possible response - 1.3.6.1.2.1.1.5.0 , value = “CiscoRouter1” Update table value To update ipRouteMetric1 in ipAddrTable (MIB-2 ip group) for a router with ip address 100.90.22.7 SNMPset hostname –c community 1.3.6.2.1.4.21.1 3 value = 5 100.90.22.7 25
Object and Table Modification Add a new row In the SNMPset command, assign index a new value and assign all columnar objects with desired value. When agent finds an index value that is not available in the Table, then based on the policy configured, it may create a new row or reject the request with an error “noSuchName” Delete a row To delete ipRouteMetric1 in ipAddrTable (MIB-2 ip group) for a router with ip address 100.90.22.7 SNMPset hostname –c community 1.3.6.2.1.4.21.1 3 value = invalid 100.90.22.7 Based on the implementation agent will either the delete the row from MIB ro mark it as deleted. 26
SNMP V2 Commands SNMPwalk – It traverses the MIB tree based on a starting OID. By default with no OID, it returns the MIB-II OIDs. Walk on mgmt.mib-2.system group tree SNMPwalk switch2 1.3.6.1.2.1.1 Possible response - system.sysObjectID.0: OBJECT IDENTIFIER: iso.org.dod. internet. private. enterprises.cisco. system.sysUpTime.0 : Timeticks: (168113316) 19 days, 10:58:53.16 system.sysContact.0 : DISPLAY STRING- (ascii): J.C.M. Pager 555-1212 system.sysName.0 : DISPLAY STRING- (ascii): witch2.com system.sysLocation.0 : DISPLAY STRING- (ascii): Bangalore system.sysServices.0 : INTEGER: 6 27
SNMP V2 Commands SNMPbulk – It retrieves a chunk of information in one operation, as opposed to a single get or sequence of get-next operations. Get all info on ifInOctets and ifOutOctets in MIB-2 Interface group nonrepeaters and max-repetitions are set with the 0 and 3. SNMPbulkget -v2c -B 0 3 dec.com public ifInOctets ifOutOctets Possible Response - interfaces.ifTable.ifEntry.ifInOctets.1 = 70840 interfaces.ifTable.ifEntry.ifOutOctets.1 = 70840 interfaces.ifTable.ifEntry.ifInOctets.2 = 143548020 interfaces.ifTable.ifEntry.ifOutOctets.2 = 111725152 interfaces.ifTable.ifEntry.ifInOctets.3 = 0 interfaces.ifTable.ifEntry.ifOutOctets.3 = 0 28
SNMPV2 Enhancements • New data types Introduced – Unsigned32 and Counter64 • New Error messages introduced – – noSuchObject or noSuchInstance – endOfMibView • Set is done in two phases – Validation of each variable, incase of failure operation aborted. • Enhancement on Trap – Each trap is assigned an OID. – New macro NOTIFICATION-TYPE – Timestamp and trap identifier is moved to variable list • New commands – snmpwalk and snmpbulk • Communication between managers using inform-request 29
SNMPV3 Enhancements It consist of two layers – Application and SNMP Engine. SNMP Engine – • Dispatcher – Accepts PDU to be sent, supports multiple versions • Message Processing Subsystem - send messages and extract data from received messages • Security Subsystem – provides authenticity and privacy • Access Control Subsystem – provides authorization service Application – Command Generator – initiates Get and SET PDUs Command Responder – generate Responses Notification Receiver/Originator – generate responses to inform PDU Proxy Forwarder – Forwards SNMP messages 30
SNMPV3 Enhancements It consist of two layers – Application and SNMP Engine. SNMP Engine – • Dispatcher – Accepts PDU to be sent, supports multiple versions • Message Processing Subsystem - send messages and extract data from received messages • Security Subsystem – provides authenticity and privacy • Access Control Subsystem – provides authorization service Application – Command Generator – initiates Get and SET PDUs Command Responder – generate Responses Notification Receiver/Originator – generate responses to inform PDU Proxy Forwarder – Forwards SNMP messages 31
SNMPV3 Enhancements SNMP V3 MIBs – • Management target MIB • Notification MIB • Proxy MIB Security – • User based security • View based access control 32
Limitations of SNMP • SNMP may not be suitable for management of truly large network because of the performance limitations of polling. • SNMP is not well suited for retrieving large volumes of data such as an entire routing table. • SNMP traps are unacknowledged. Agent can not be sure of critical messages being delivered to Manager. • Basic SNMP is better suited for monitoring than for control. • SNMP MIB model is limited and does not support applications that make sophisticated management queries based on object value or types. 33
34 Send your queries to me - a_s_sinha@yahoo.com

Recomendados

Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
Snmp
SnmpSnmp
Snmphetaljadav
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Big ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsBig ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsUtpal Sinha
 
Snmpv3
Snmpv3Snmpv3
Snmpv3jignash
 
snmp
snmpsnmp
snmpحسن رشید
 
SNMP
SNMPSNMP
SNMPMuKunD VInaYaK
 

Recomendados

Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
Snmp
SnmpSnmp
Snmphetaljadav
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Big ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsBig ip f5 ltm load balancing methods
Big ip f5 ltm load balancing methodsUtpal Sinha
 
Snmpv3
Snmpv3Snmpv3
Snmpv3jignash
 
snmp
snmpsnmp
snmpحسن رشید
 
SNMP
SNMPSNMP
SNMPMuKunD VInaYaK
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewallmohannadalhanahnah
 
SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)Mohammad Awais Javaid
 
OSI Model
OSI ModelOSI Model
OSI ModelDaffodil International University
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management ProtocoleAmin Komeili
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
SNMP/SMTP/MIME
SNMP/SMTP/MIMESNMP/SMTP/MIME
SNMP/SMTP/MIMEShantanu Hinge
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdfkristinatemen
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
What is Ping
What is PingWhat is Ping
What is PingDisha Dudhal
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring toolsQaswarBosan
 
package mangement
package mangementpackage mangement
package mangementARYA TM
 
OSI reference model
OSI reference modelOSI reference model
OSI reference modelIshan Udyoga
 
Firewall
FirewallFirewall
FirewallShivank Shah
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CSThanveen
 
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios
 
Snmp
SnmpSnmp
Snmpjignash
 

Más contenido relacionado

La actualidad más candente

SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)Mohammad Awais Javaid
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management ProtocoleAmin Komeili
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdfkristinatemen
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocolAmeer Agel
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)NetProtocol Xpert
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path FirstKashif Latif
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring toolsQaswarBosan
 
package mangement
package mangementpackage mangement
package mangementARYA TM
 
OSI reference model
OSI reference modelOSI reference model
OSI reference modelIshan Udyoga
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CSThanveen
 

La actualidad más candente (20)

CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewall
 
SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)SNMP(Simple Network Management Protocol)
SNMP(Simple Network Management Protocol)
 
OSI Model
OSI ModelOSI Model
OSI Model
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+
 
Simple Network Management Protocole
Simple Network Management ProtocoleSimple Network Management Protocole
Simple Network Management Protocole
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)
 
SNMP/SMTP/MIME
SNMP/SMTP/MIMESNMP/SMTP/MIME
SNMP/SMTP/MIME
 
Network Monitoring System ppt.pdf
Network Monitoring System ppt.pdfNetwork Monitoring System ppt.pdf
Network Monitoring System ppt.pdf
 
ospf routing protocol
ospf routing protocolospf routing protocol
ospf routing protocol
 
Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)Virtual Routing and Forwarding, (VRF-lite)
Virtual Routing and Forwarding, (VRF-lite)
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
What is Ping
What is PingWhat is Ping
What is Ping
 
Open Shortest Path First
Open Shortest Path FirstOpen Shortest Path First
Open Shortest Path First
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring tools
 
package mangement
package mangementpackage mangement
package mangement
 
OSI reference model
OSI reference modelOSI reference model
OSI reference model
 
Firewall
FirewallFirewall
Firewall
 
User Datagram protocol For Msc CS
User Datagram protocol For Msc CSUser Datagram protocol For Msc CS
User Datagram protocol For Msc CS
 

Similar a SNMP AT a GLANCE

Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.pptFALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.pptuseonlyfortech140
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibilityHamdamboy (함담보이)
 
Introduction tosnmp
Introduction tosnmpIntroduction tosnmp
Introduction tosnmpjorlugon
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1MOHD ARISH
 
UNIT V - The OMG way-system object model Notes.ppt
UNIT V - The OMG way-system object model Notes.pptUNIT V - The OMG way-system object model Notes.ppt
UNIT V - The OMG way-system object model Notes.pptAsmitSilhare1
 
Simple network management protocol
Simple network management protocolSimple network management protocol
Simple network management protocolni35540
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessmentSupriya G
 
Chapter 4 communication2
Chapter 4 communication2Chapter 4 communication2
Chapter 4 communication2DBU
 
Ccent notes part 1
Ccent notes part 1Ccent notes part 1
Ccent notes part 1ahmady
 
OSMC 2017 | SNMP explained by Rob Hassing
OSMC 2017 | SNMP explained by Rob HassingOSMC 2017 | SNMP explained by Rob Hassing
OSMC 2017 | SNMP explained by Rob HassingNETWAYS
 

Similar a SNMP AT a GLANCE (20)

Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios PluginsNagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
Nagios Conference 2013 - William Leibzon - SNMP Protocol and Nagios Plugins
 
Snmp
SnmpSnmp
Snmp
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptx
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7
 
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.pptFALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt
FALLSEM2023-24_BCSE308L_TH_VL2023240100841_2023-07-10_Reference-Material-II.ppt
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibility
 
Introduction tosnmp
Introduction tosnmpIntroduction tosnmp
Introduction tosnmp
 
4. Net Mgmt.pdf
4. Net Mgmt.pdf4. Net Mgmt.pdf
4. Net Mgmt.pdf
 
Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1Centralized monitoring station for it computing and network infrastructure1
Centralized monitoring station for it computing and network infrastructure1
 
UNIT V - The OMG way-system object model Notes.ppt
UNIT V - The OMG way-system object model Notes.pptUNIT V - The OMG way-system object model Notes.ppt
UNIT V - The OMG way-system object model Notes.ppt
 
Simple network management protocol
Simple network management protocolSimple network management protocol
Simple network management protocol
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessment
 
Snmp protocol
Snmp protocolSnmp protocol
Snmp protocol
 
Bt0076 tcp ip
Bt0076 tcp ipBt0076 tcp ip
Bt0076 tcp ip
 
Tcp
TcpTcp
Tcp
 
Chapter 4 communication2
Chapter 4 communication2Chapter 4 communication2
Chapter 4 communication2
 
Chapter3 transport
Chapter3 transportChapter3 transport
Chapter3 transport
 
Ccent notes part 1
Ccent notes part 1Ccent notes part 1
Ccent notes part 1
 
OSMC 2017 | SNMP explained by Rob Hassing
OSMC 2017 | SNMP explained by Rob HassingOSMC 2017 | SNMP explained by Rob Hassing
OSMC 2017 | SNMP explained by Rob Hassing
 

Más de assinha

Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...
Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...
Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...assinha
 
Layer3protocols
Layer3protocolsLayer3protocols
Layer3protocolsassinha
 
Umts explained
Umts explainedUmts explained
Umts explainedassinha
 
Architectural patterns part 4
Architectural patterns part 4Architectural patterns part 4
Architectural patterns part 4assinha
 
Architectural patterns part 3
Architectural patterns part 3Architectural patterns part 3
Architectural patterns part 3assinha
 
Architectural Patterns - Interactive and Event Handling Patterns
Architectural Patterns - Interactive and Event Handling PatternsArchitectural Patterns - Interactive and Event Handling Patterns
Architectural Patterns - Interactive and Event Handling Patternsassinha
 
Architectural patterns part 1
Architectural patterns part 1Architectural patterns part 1
Architectural patterns part 1assinha
 
Data Structures used in Linux kernel
Data Structures used in Linux kernel Data Structures used in Linux kernel
Data Structures used in Linux kernel assinha
 
E nodeb handover procedure
E nodeb handover procedureE nodeb handover procedure
E nodeb handover procedureassinha
 
Initial LTE call Setup Flow
Initial LTE call Setup FlowInitial LTE call Setup Flow
Initial LTE call Setup Flowassinha
 

Más de assinha (10)

Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...
Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...
Nwe Embodiment (Naba Kalebara) of Lord Jagannath of PURI - The Greatest and B...
 
Layer3protocols
Layer3protocolsLayer3protocols
Layer3protocols
 
Umts explained
Umts explainedUmts explained
Umts explained
 
Architectural patterns part 4
Architectural patterns part 4Architectural patterns part 4
Architectural patterns part 4
 
Architectural patterns part 3
Architectural patterns part 3Architectural patterns part 3
Architectural patterns part 3
 
Architectural Patterns - Interactive and Event Handling Patterns
Architectural Patterns - Interactive and Event Handling PatternsArchitectural Patterns - Interactive and Event Handling Patterns
Architectural Patterns - Interactive and Event Handling Patterns
 
Architectural patterns part 1
Architectural patterns part 1Architectural patterns part 1
Architectural patterns part 1
 
Data Structures used in Linux kernel
Data Structures used in Linux kernel Data Structures used in Linux kernel
Data Structures used in Linux kernel
 
E nodeb handover procedure
E nodeb handover procedureE nodeb handover procedure
E nodeb handover procedure
 
Initial LTE call Setup Flow
Initial LTE call Setup FlowInitial LTE call Setup Flow
Initial LTE call Setup Flow
 

Último

Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Último (20)

Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

SNMP AT a GLANCE

  • 1. 1
  • 2. Overview SNMP (Simple Network Management Protocol) - It is an Internet-standard protocol for managing devices (routers, switches, printers, workstations, servers etc.) on IP network. The standard was defined by IETF RFC 1157 in May of 1990. It can be used to monitor the health of your routers, servers, and other pieces of network hardware, but you can also use it to control your network devices and even send pages or take other automatic action if problems arise. SNMP is an application layer protocol which uses User Datagram Protocol (UDP) for transport layer and Internet Protocol (IP) in the network layer of the TCP/IP protocol suite. SNMP requests are transmitted as UDP datagrams over a connectionless transmission interface between SNMP Manager and Agent (Residing in the device to be monitored). Communication is preformed via UDP on ports 161 and 162. 2
  • 3. Key Components Managed Object (MO) – A resource that is supervised and controlled by the SNMP manager (e.g. switch, workstation etc.). MO can represent one or more resources or relationship between resources. MO has certain properties called attributes. Attribute – It describes the characteristics, current state and condition of the operation on the MO. An Attribute value is associated with each Attribute. For example a switch may have an attribute called status and value “operational”. Management Information Base (MIB) – It is a database containing information about elements to be managed In the MIB. Each resource is represented as an MO. Each MO is identified using a unique Object Identifier (OID). It Provides a map between numeric OIDs and a textual human readable form. Structured Management Information (SMI) - It defines the framework within which an MIB can be defined and constructed. It defines the data types that can be used and how MOs can be represented and named in the MIB. It is defined in RFC 1155. 3
  • 4. Key Components Abstract Syntax Notation one(ASN.1) - SMI specifies use of ASN.1 to describe MIB variables. It is a notation (representation) that describes an abstract syntax for data types such as integers, counters etc. It has a set of simple data types and structure types that are used to define MIB structure. Basic Encoding Rule (BER) - It describes the actual representation of data. It provides a set of rules to develop bit level data for communication. The rule require that each type need to be converted to a data element. Data Element – It consist of three components – Type , Length and value (TLV). Type indicates whether the data element is a OBJECT IDENTIFIER or a Sequence etc. Length indicates length of content in octets. Value indicates the actual information of data element. It can be of variable length. V T L T L V T L V 4
  • 5. Key Components SNMP Agent – Network device runs a SNMP agent as a daemon process which answers requests from the Manager. It makes the Object (MO) visible to Manager. It performs action on the Object requested by a Manager. It also notifies any change in the state of Object to Manager. SNMP Manager – It manages the system. It controls the MO by sending action request to agent. It can only deal with the MOs that the agent allows it to see. Several managers may share the same agent. Several managers may control the same MO. Working principle - Network device runs an SNMP agent as a daemon process which answers requests from the network. The agent populates the MIB which provides a large number of Object Identifiers and makes them available. An SNMP manager (client) can then query the agent’s OIDs for specific information. 5
  • 6. Key Components SNMP Community – SNMP agent establishes a community with a set of managers based on the authentication and access privileges required for them to access the MIB or a subset of the MIB. Agent can define different communities based on the access privileges required for a set of managers. Each community is given a name. When agent receives a request from a Manager, it verifies the “community name” in the request message for authentication and provides limited access to MIB based on access policy. Traps – It enables an agent to send asynchronous messages to the managers. It is used to inform the managers of some significant event (e.g. link-down, cold-start ). 6
  • 7. Example of SMI structure Below is a part of the Structure of Management Information of System Object Group in ASN.1. It declares “system” as a MIB Object. RFC1214-MIB DEFINITIONS :: = BEGIN IMPORTS TimeTicks, IpAddress, Counter FROM RFC1151-SMI; OBJECT-TYPE FROM RFC-1212; system OBJECT INDENTIFIER :: = { mib-2 1} sysUpTime OBJECT-TYPE TimeTicks (.001a): SYNTAX TimeTicks Time since last ACCESS read-only STATUS mandatory :: = { system 3} . . END 7
  • 8. Defining a Table Defining a two dimensional table in ASN.1 – Define tcpConntable as a table containing TCPConnEntry as row. Each instance of TcpConnEntry will be considered as a row. tcpConntable OBJECT-TYPE SYNTAX Sequence of TcpConnEntry ACCESS not-accessible STATUS mandatory Description “A table containing TCP connection specific information” :: = { tcp 13} 8
  • 9. Defining a Table Define columns (TcpConnEntry ) and Index - tcpConnEntry OBJECT-TYPE SYNTAX TcpConnEntry ACCESS not-accessible STATUS mandatory DESCRIPTION “Information about a particular current TCP connection” INDEX { tcpConnState, tcpConnLocalAddress, tcpConnLocalPort, tcpConnremAddress, tcpConnLocalPort } :: = { tcpConnTable 1} 9
  • 10. Defining a Table Define columns (TcpConnEntry ) - TcpConnEntry ::= SEQUENCE { tcpConnState INTEGER, tcpConnLocalAddress IpAddress, tcpConnLocalPorta INTEGER(0…65535), tcpConnremAddress, IpAddress, tcpConnLocalPort INTEGER(0…65535) } Define each column entry - tcpConnState OBJECT-TYPE SYNTAX INTEGER { closed(1),listen(2),… deleteTCB(12) } ACCESS read-write STATUS mandatory DESCRIPTION “State of this TCP connection” :: = { tcpConnEntry 1 } 10
  • 11. Defining a Table Define column entry - tcpConnLocalAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The local IP address of this TCP connection” :: = { tcpConnEntry 2 } tcpConnLocalPort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Local port number for this TCP connection” :: = { tcpConnEntry 3 } 11
  • 12. Defining a Table Define column entry - tcpConnRemoteAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The Remote IP address of this TCP connection” :: = { tcpConnEntry 4 } tcpConnRemotePort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Remote port number for this TCP connection” :: = { tcpConnEntry 5 } 12
  • 13. Defining a Table Define column entry - tcpConnRemoteAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-only STATUS mandatory DESCRIPTION “The Remote IP address of this TCP connection” :: = { tcpConnEntry 4 } tcpConnRemotePort OBJECT-TYPE SYNTAX INTEGER {0 …65535} ACCESS read-only STATUS mandatory DESCRIPTION “The Remote port number for this TCP connection” :: = { tcpConnEntry 5 } 13
  • 14. Defining a Table The tcpConnTable table with column entries will be as below. OID is mentioned for each column. tcpConnState 1.3.6.1.2.1.6. 13.1.1 tcpConnLocal IpAddress 1.3.6.1.2.1.6. 13.1.2 tcpConnLocal Port 1.3.6.1.2.1.6. 13.1.3 tcpConnRemote IpAddress 1.3.6.1.2.1.6. 13.1.4 tcpCnnEntry oid for rows = 1.3.6.1.2.1.6.13 .1 tcpConnRemo tePort 1.3.6.1.2.1.6. 13.1.5 5 10.0.0.56 12 9.3.5.13 15 4 0.0.0.0 98 0 0 7 10.0.0.56 14 102.34.56.8 84 14
  • 15. Defining a TRAP Traps - It is an asynchronous message sent by agent to Manager. It sends the trap to desired managers based on the Trap configuration file entry. tcpConnRemoteAddress TRAP-TYPE ENTERPRISE frame-relay VARIABLES (frCircuitIndex, frCircuitInDlci, frCircuitState) DESCRIPTION “Trap for frCircuitState state change notification” :: = 1 15
  • 16. MIB Tree It is a MIB tree which displays the various groups and their associated OID. ROOT ITU-T(0) ISO(1) Joint-ISO-ITU-T(2) STND(0) REG-AUTH(1) MEM(2) CC ( iISO3166) IE-ORG(3) ICD (ISO 6523) DOD(6) Internet(1) Mgmt(2) Mib-2(1) Interfaces(2) Interfaces is uniquely identified as 1.3.6.1.2.1.2 16
  • 17. SNMP Packet Data Unit Information is exchanged between a agent and a manager in the form of a SNMP message. Each message includes SNMP version number, community name and SNMP PDU. version community SNMP PDU (SNMP message format) SNMP PDU can be one of the following types of PDUs as below. PDU type request-id error–status error-index Variable-bindings PDU type Enter prise Agent-addr Generic -trap Specific -trap Time- Stamp Variable-bindings (PDU) variable-bindings PDU type request-id 0 0 name1 value1 … nameN valueN (Request PDU) (Response PDU) (Trap PDU) 17
  • 18. Transmission of SNMP Messages Variable Binding – All SNMP operation involve access to an Object instance .SNMP allows grouping a number of same type of operations (get , set) in to a single message. To implement this all SNMP PDUs include a variable binding field. The field consist of a sequence of reference to object instance and corresponding value of the object. The variable binding part is ignored where PDU is concerned only with name of the object instance. SNMP performs following actions to transmit any of the PDUs to another SNMP entity. • PDU is constructed using ASN.1 structures defined in RFC 1157. • This PDU is then passed to Protocol Entity to construct a SNMP message consisting of version, community name and the PDU. • The new ASN.1 Object is encoded using BER and passed to transport service. 18
  • 19. Receipt of SNMP Messages SNMP performs following actions after receiving any SNMP message from another SNMP entity. • It does a basic syntax check and discards the message if check fails • It verifies version number and discards the message if version mismatch • If authentication fails then Protocol Entity generates a TRAP and discards the message. • If authentication succeeds , a PDU in the form of an ASN.1 object that confirms to RFC 1157 is returned • Protocol entity does basic syntax check and discards the PDU if fails • Using community name, appropriate access policy, PDU is processed. 19
  • 20. MIB View MIB-2 mib view - 20 ISO(1) IE-ORG(3) DOD(6) Internet(1) Mgmt(2) Interfaces(2) Mib-2(1) system(1) at(3) ip(4) icmp(5) tcp(6) udp(7) egp(8) cmot(9) transmission(10) snmp(11)
  • 21. MIB-2 mib groups Part of the MIB-2 groups are shown below. system(1) sysDescr(1) sysObjectid(2) sysUpTime(3) sysContact(4) sysName(5) sysLocation(6) sysServices(7) Interface(2) ifNumber(1) IfTable(2) ifEntry(1) ifIndex(1) ifDescre(2) ip(4) ipForwarding(1) ipDefaultTTL(2) ipInreceives(3) ipAddrTable(20) ifOperStatus(8) ifSpecific(22) ipAddrEntry(1) ipAdpEntAddr(1) ipAdEntifindex(2) ipAdEntNetMask(3) ipAdEntBcastAddr4) ipAdEnReasmMaxSize(5) (MIB-2 System Group) (MIB-2 Interface Group) (MIB-2 IP Group)
  • 22. Accessing Object Values Retrieving a simple object value - To access “Sysdescr” value from “MIB 2 system group” snmpGet option Hostname community 1.3.6.1.2.1.1.1.0 Response possible - 1.3.6.1.2.1.1.1.0 , value = <Name of SNMP agent> Retrieving a number of simple object value - To access multiple simple objects “sysDescr”, “sysObjectid”, “sysName”, and “sysLocation” values from MIB-2 system group snmpGet option Hostname community 1.3.6.1.2.1.1.1.0, 1.3.6.1.2.1.1.2.0, 1.3.6.1.2.1.1.6.0, 1.3.6.1.2.1.1.7.0 Response possible - 1.3.6.1.2.1.1.1.0 , value = <Name of SNMP agent> 1.3.6.1.2.1.1.2.0, value = 10 1.3.6.1.2.1.1.6.0, value = Drone 1.3.6.1.2.1.1.7.0, value = Bangalore 22
  • 23. Accessing Object Values To access multiple simple objects udpIndatagrams, udpNoPorts, udpInError, updOutDatagrams values from MIB-2 UDP group snmpGetNext option Hostname –c community 1.3.6.1.2.1.7.1.0, 1.3.6.1.2.1.7.2.0, 1.3.6.1.2.1.7.3.0, 1.3.6.1.2.1.7.4.0 Agent will return values in lexicographic order– 1.3.6.1.2.1.7.1.0, value = 90 1.3.6.1.2.1.7.2.0, value = 1 1.3.6.1.2.1.7.3.0, value = 2 1.3.6.1.2.1.7.4.0, value = 120 If udpNoPorts is not supported then agent will retun the value of next OID in lexicographic order i.e. udpInError and finally udpOutputdatagrams. 23
  • 24. Accessing Table Values Accessing Table values – If contents and no. of rows are not known , then snmpGetNext can be invoked with column names. Agent will respond with values of first row. • Retrieve a value using table index - Use an index into the table to select the field which uniquely indentifies the row. To get netmask in the ipAddrtable (MIB-2 IP group) for a router whose ipaddress is 100.90.22.7 snmpGet hostname -c public 1.3.6.2.1.4.20.1 3 100.90.22.7 • Retrieve a value using GetNext Get operational status on interface 1 (Interface group) snmpGetNext hostname -c public 1.3.6.1.2.1.2.2.1.8.1 Response - 1.3.6.1.2.1.2.2.1.8.2, value = 1 24
  • 25. Object and Table Modification Modify Object value Set sysName for a router in MIB-2 system group SNMPset hostname –c community 1.3.6.1.2.1.1.5.0 value=“CiscoRouter1” Possible response - 1.3.6.1.2.1.1.5.0 , value = “CiscoRouter1” Update table value To update ipRouteMetric1 in ipAddrTable (MIB-2 ip group) for a router with ip address 100.90.22.7 SNMPset hostname –c community 1.3.6.2.1.4.21.1 3 value = 5 100.90.22.7 25
  • 26. Object and Table Modification Add a new row In the SNMPset command, assign index a new value and assign all columnar objects with desired value. When agent finds an index value that is not available in the Table, then based on the policy configured, it may create a new row or reject the request with an error “noSuchName” Delete a row To delete ipRouteMetric1 in ipAddrTable (MIB-2 ip group) for a router with ip address 100.90.22.7 SNMPset hostname –c community 1.3.6.2.1.4.21.1 3 value = invalid 100.90.22.7 Based on the implementation agent will either the delete the row from MIB ro mark it as deleted. 26
  • 27. SNMP V2 Commands SNMPwalk – It traverses the MIB tree based on a starting OID. By default with no OID, it returns the MIB-II OIDs. Walk on mgmt.mib-2.system group tree SNMPwalk switch2 1.3.6.1.2.1.1 Possible response - system.sysObjectID.0: OBJECT IDENTIFIER: iso.org.dod. internet. private. enterprises.cisco. system.sysUpTime.0 : Timeticks: (168113316) 19 days, 10:58:53.16 system.sysContact.0 : DISPLAY STRING- (ascii): J.C.M. Pager 555-1212 system.sysName.0 : DISPLAY STRING- (ascii): witch2.com system.sysLocation.0 : DISPLAY STRING- (ascii): Bangalore system.sysServices.0 : INTEGER: 6 27
  • 28. SNMP V2 Commands SNMPbulk – It retrieves a chunk of information in one operation, as opposed to a single get or sequence of get-next operations. Get all info on ifInOctets and ifOutOctets in MIB-2 Interface group nonrepeaters and max-repetitions are set with the 0 and 3. SNMPbulkget -v2c -B 0 3 dec.com public ifInOctets ifOutOctets Possible Response - interfaces.ifTable.ifEntry.ifInOctets.1 = 70840 interfaces.ifTable.ifEntry.ifOutOctets.1 = 70840 interfaces.ifTable.ifEntry.ifInOctets.2 = 143548020 interfaces.ifTable.ifEntry.ifOutOctets.2 = 111725152 interfaces.ifTable.ifEntry.ifInOctets.3 = 0 interfaces.ifTable.ifEntry.ifOutOctets.3 = 0 28
  • 29. SNMPV2 Enhancements • New data types Introduced – Unsigned32 and Counter64 • New Error messages introduced – – noSuchObject or noSuchInstance – endOfMibView • Set is done in two phases – Validation of each variable, incase of failure operation aborted. • Enhancement on Trap – Each trap is assigned an OID. – New macro NOTIFICATION-TYPE – Timestamp and trap identifier is moved to variable list • New commands – snmpwalk and snmpbulk • Communication between managers using inform-request 29
  • 30. SNMPV3 Enhancements It consist of two layers – Application and SNMP Engine. SNMP Engine – • Dispatcher – Accepts PDU to be sent, supports multiple versions • Message Processing Subsystem - send messages and extract data from received messages • Security Subsystem – provides authenticity and privacy • Access Control Subsystem – provides authorization service Application – Command Generator – initiates Get and SET PDUs Command Responder – generate Responses Notification Receiver/Originator – generate responses to inform PDU Proxy Forwarder – Forwards SNMP messages 30
  • 31. SNMPV3 Enhancements It consist of two layers – Application and SNMP Engine. SNMP Engine – • Dispatcher – Accepts PDU to be sent, supports multiple versions • Message Processing Subsystem - send messages and extract data from received messages • Security Subsystem – provides authenticity and privacy • Access Control Subsystem – provides authorization service Application – Command Generator – initiates Get and SET PDUs Command Responder – generate Responses Notification Receiver/Originator – generate responses to inform PDU Proxy Forwarder – Forwards SNMP messages 31
  • 32. SNMPV3 Enhancements SNMP V3 MIBs – • Management target MIB • Notification MIB • Proxy MIB Security – • User based security • View based access control 32
  • 33. Limitations of SNMP • SNMP may not be suitable for management of truly large network because of the performance limitations of polling. • SNMP is not well suited for retrieving large volumes of data such as an entire routing table. • SNMP traps are unacknowledged. Agent can not be sure of critical messages being delivered to Manager. • Basic SNMP is better suited for monitoring than for control. • SNMP MIB model is limited and does not support applications that make sophisticated management queries based on object value or types. 33
  • 34. 34 Send your queries to me - a_s_sinha@yahoo.com