Chapter 5 SNMPv1: Communication and Functional Models

1
Chapter 5SNMPv1Communication and Functional
Models
2
SNMP Architecture
SNMP Manager
SNMP Agent
SNMP Manager Application
SNMP Agent Application
Get-Request
GetNext-Request
Set-Request
Get-Response
Trap
Get-Request
GetNext-Request
Set-Request
Get-Response
Trap
SNMP
SNMP
UDP
UDP
IP
IP
????
????
3
SNMP Messages

• Get-Request
• Get-Next-Request
• Set-Request
• Get-Response
• Trap
• Generic trap
• Specific trap

4
Administrative Model

• Based on community profile and policy
• SNMP Entities
• SNMP application entities - Reside in
  management stations and network elements
  - Manager and agent
• SNMP protocol entities - Communication
  processes (PDU handlers) - Peer processes that
  support application entities

5
SNMP Community

• Security in SNMPv1 is community-based
• Authentication scheme in manager and agent
• Community Pairing of two application entities
• Community name String of octets
• Two applications in the same community
  communicate with each other
• Application could have multiple community names
• Communication is not secured in SNMPv1 - no
  encryption

6
SNMP Community

• Community
• Relationship between an Agent and Managers.
• Community Name
• Used to validate the SNMP messages.
• SNMP Password.
• Default Get community name public.
• Authentication Failure
• Agent sends Authentication Failure Trap to
  Manager.

7
SNMP Community
8
Community Profile

• MIB view
• An agent is programmed to view only a subset
  of managed objects of a network element
• Access mode
• Each community name is assigned an access
  mode read-only and read-write
• Community profile MIB view access mode
• Operations on an object determined by community
  profile and the access mode of the object
• Total of four access privileges
• Some objects, such as table and table entry are
  non-accessible

9
Community Profile
community
10
Access Policy

• Administration model is SNMP access policy
• SNMP community paired with SNMP community
  profile is SNMP access policy

11
Access Policy
12
Generalized Administration Model
13
Proxy Access Policy
14
Protocol Entities
15
Default UDP Ports for SNMP
Management Station
Network Elements (NEs)
Manager
Agent
SNMP
SNMP
UDP
UDP
IP
IP
????
????
16
Protocol Entities

• Protocol entities support application entities
• Communication between remote peer processes
• Message consists of
• Version identifier
• Community name
• Protocol Data Unit
• Message encapsulated and transmitted

17
SNMP Message

• SNMP Message
• Version Identifier
• Community Name
• Protocol Data Unit
• The length of SNMP messages should not exceed
  484 octets.

Message SEQUENCE version INTEGER
version-1(0), community OCTET STRING, data
ANY
Version
SNMP PDU
Community
18
SNMP PDUs
19
SNMP PDU

• PDU SEQUENCE
• request-id INTEGER,
• error-status INTEGER
• noError(0),
• tooBig(1),
• noSuchName(2),
• badValue(3),
• readOnly(4),
• genErr(5),
• error-index INTEGER,
• variable-bindings
• SEQUENCE OF
• name ObjectName,
• value ObjectSyntax

Five SNMP PDUs
0 PDU 1 PDU 2 PDU 3 PDU 4 Trap-PDU
GetRquest GetNextRequest GetResponse
SetRequest Trap
PDU Protocol Data Unit
20
error-status

• noError(0)
• tooBig(1)
• The size of the GetResponse-PDU to be generated
  exceeds a local limitation.
• noSuchName(2)
• Any object name in the variable-bindings does not
  match the name of some object available in the
  MIB view.
• badValue(3)
• The value of any object named in the
  variable-bindings field does not manifest a
  type, length, and value that is consistent with
  that required for the variable.
• readOnly(4)
• To set the value of an object with read-only
  access mode.
• genErr(5)
• Any object named in the variable-bindings field
  cannot be accessed for reasons not covered by any
  of the foregoing rules.

21
error-index

• The index of the first variable, in the
  variable-bindings, with an error as indicated in
  the error-status field.
• If there are more than one error in the
  variable-bindings?
• Only the first error is indicated.
• For those variables without any error?
• Atomic vs. Best-effort
• SNMP is atomic!

22
SNMP PDU (cont.)
GetRequest, GetNextRequest, SetRequest
PDU type
request-id
0
0
variable-bindings
GetResponse
PDU type
request-id
variable-bindings
error-status
error-index
23
Trap-PDU
Trap-PDU 4 IMPLICIT SEQUENCE
enterprise OBJECT IDENTIFIER, agent-addr
NetworkAddress, generic-trap INTEGER
coldStart(0),
warmStart(1),
linkDown(2), linkUp(3),
authenticationFailure(4),
egpNeighborLoss(5),
enterpriseSpecific(6), spec
ific-trap INTEGER, time-stamp TimeTicks, vari
able-bindings VarBindList
Enterprise Type of Object generating
trap. Agent Address Address of object
generating trap. Generic Trap Generic trap
type. Specific Trap Enterprise specific
trap. Time Stamp Time elapsed between the last
initialization of the network entity and the
generation of the trap. Variable
Bindings Interesting information
generic-trap
time-stamp
PDU type
enterprise
agent-addr
specific-trap
variable-bindings
24
Trap Type
25
Generic Trap Example

• Enterprise .1.3.6.1.4.1.311.1.1.3.1.1
• Agent-Address 10.10.13.137
• Generic-Trap 4
• Specific-Trap 0
• Timestamp 29756264
• VarBinds 0

26
Enterprise-Specific Traps

• Traps defined by enterprises
• Identification of Enterprise-Specific Traps
• Enterprise ? Enterprise OID
• Generic-Trap ? 6
• Specific-Trap ? an Integer

27
Enterprise Trap Example

• Enterprise .1.3.6.1.4.1.522
• Agent-Address 10.10.13.24
• Generic-Trap 6
• Specific-Trap 4
• Timestamp 143739963
• VariableBindings (4)
• .1.3.6.1.4.1.522.3.14.23.1.2.11687128 021825
• .1.3.6.1.4.1.522.3.14.23.1.3.11687128 14
• .1.3.6.1.4.1.522.3.14.23.1.4.11687128
• (Info) Station 00092d142581 Associated
• .1.3.6.1.4.1.522.3.14.23.1.5.11687128
  AssociationOK

28
Agent
Manager
29
Get-Next Request
A B T E 1.1 1.2 2.1 2.2 3.1 3.2 Z
30
Lexicographic Order
31
Get-Next Request
MIB Tree
In SNMP, Only leaf objects have values.

4
5
6
Non-Leaf Object
1
2
3
Leaf Object
32
Get-Next Requests with Indices
33
SNMP Get-Request Example

• gtgtsnmpget -d 10.144.18.118 .1.3.6.1.2.1.1.1.0
• Transmitted 41 bytes to camry (10.144.18.118)
  port 161
• Initial Timeout 0.80 seconds
• 0 30 27 02 01 00 04 06 70 75 62 6c 69 63
  a0 1a 02 0'.....public...
• 16 02 18 bc 02 01 00 02 01 00 30 0e 30 0c
  06 08 2b .........0.0...
• 32 06 01 02 01 01 01 00 05 00 -- -- -- --
  -- -- -- ................
• 0 SNMP MESSAGE (0x30) 39 bytes
• 2 INTEGER VERSION (0x2) 1 bytes 0
  (SNMPv1)
• 5 OCTET-STR COMMUNITY (0x4) 6 bytes
  "public"
• 13 GET-REQUEST-PDU (0xa0) 26 bytes
• 15 INTEGER REQUEST-ID (0x2) 2 bytes
  6332
• 19 INTEGER ERROR-STATUS (0x2) 1 bytes
  noError(0)
• 22 INTEGER ERROR-INDEX (0x2) 1 bytes
  0
• 25 SEQUENCE VARBIND-LIST (0x30) 14
  bytes
• 27 SEQUENCE VARBIND (0x30) 12 bytes
• 29 OBJ-ID (0x6) 8 bytes
  .1.3.6.1.2.1.1.1.0
• 39 NULL (0x5) 0 bytes

34
SNMP Get-Response Example

• Received 69 bytes from 10.144.18.118 port 161
• 0 30 43 02 01 00 04 06 70 75 62 6c 69 63
  a2 36 02 0C.....public.6.
• 16 02 18 bc 02 01 00 02 01 00 30 2a 30 28
  06 08 2b .........00(..
• 32 06 01 02 01 01 01 00 04 1c 53 75 6e 20
  53 4e 4d .........Sun SNM
• 48 50 20 41 67 65 6e 74 2c 20 53 55 4e 57
  2c 55 6c P Agent, SUNW,Ul
• 64 74 72 61 2d 31 -- -- -- -- -- -- -- --
  -- -- -- tra-1...........
• 0 SNMP MESSAGE (0x30) 67 bytes
• 2 INTEGER VERSION (0x2) 1 bytes 0
  (SNMPv1)
• 5 OCTET-STR COMMUNITY (0x4) 6 bytes
  "public"
• 13 RESPONSE-PDU (0xa2) 54 bytes
• 15 INTEGER REQUEST-ID (0x2) 2 bytes
  6332
• 19 INTEGER ERROR-STATUS (0x2) 1 bytes
  noError(0)
• 22 INTEGER ERROR-INDEX (0x2) 1 bytes
  0
• 25 SEQUENCE VARBIND-LIST (0x30) 42
  bytes
• 27 SEQUENCE VARBIND (0x30) 40 bytes
• 29 OBJ-ID (0x6) 8 bytes
  .1.3.6.1.2.1.1.1.0
• 39 OCTET-STR (0x4) 28 bytes "Sun
  SNMP Agent, SUNW,Ultra-1"
• system.sysDescr.0 DISPLAY STRING- (ascii) Sun
  SNMP Agent, SUNW,Ultra-1

35
SNMP-Walk- Use of SNMP Get-Next Request

• snmpwalk 10.144.18.118 .1.3.6.1.2.1.1
• system.sysDescr.0 DISPLAY STRING- (ascii) Sun
  SNMP Agent, SUNW,Ultra-1
• system.sysObjectID.0 OBJECT IDENTIFIER
  .iso.org.dod.internet.private.enterprises.42.2.1.1
  
• system.sysUpTime.0 Timeticks (198219958) 22
  days, 223639.58
• system.sysContact.0 DISPLAY STRING- (ascii)
  lino_at_ms.chttl.com.tw
• system.sysName.0 DISPLAY STRING- (ascii)
  camry
• system.sysLocation.0 DISPLAY STRING- (ascii)
  Information Technology Laboratory 3F
• system.sysServices.0 INTEGER 72 (01001000)B

36
SNMP Trap Example

• Transmitted 64 bytes to 10.144.18.100 port 162
• 0 30 3e 02 01 00 04 06 70 75 62 6c 69 63
  a4 31 06 0gt.....public.1.
• 16 09 2b 06 01 04 01 84 64 01 01 40 04 0a
  90 12 74 ......d.._at_....t
• 32 02 01 06 02 03 01 86 9f 43 01 00 30 13
  30 11 06 ........C..0.0..
• 48 04 2b 06 01 01 04 09 54 72 61 70 20 74
  65 73 74 ......Trap test
• 0 SNMP MESSAGE (0x30) 62 bytes
• 2 INTEGER VERSION (0x2) 1 bytes 0
  (SNMPv1)
• 5 OCTET-STR COMMUNITY (0x4) 6 bytes
  "public"
• 13 V1-TRAP-PDU (0xa4) 49 bytes
• 15 OBJ-ID ENTERPRISE (0x6) 9 bytes
  .1.3.6.1.4.1.612.1.1
• 26 IPADDRESS AGENT-ADDR (0x40) 4
  bytes 10.144.18.116
• 32 INTEGER GENERIC-TRAP (0x2) 1 bytes
  6
• 35 INTEGER SPECIFIC-TRAP (0x2) 3 bytes
  99999
• 40 TIMETICKS TIME-STAMP (0x43) 1
  bytes 0 (0x0)
• 43 SEQUENCE VARBIND-LIST (0x30) 19
  bytes
• 45 SEQUENCE VARBIND (0x30) 17
  bytes
• 47 OBJ-ID (0x6) 4 bytes
  .1.3.6.1.1
• 53 OCTET-STR (0x4) 9 bytes "Trap
  test"

37
net-snmp (Windows)

• Download
• http//sourceforge.net/projects/net-snmp/files/net
  -snmp20binaries/5.5-binaries/
• Choose net-snmp-5.5.0-2.x64.exe or
  net-snmp-5.5.0-1.x86.exe
• Installation
• if php-snmp or GetIf has been installed before
  net-snmp,
• the mib directory will be C\usr\mibs
• Copy "C\Program Files\net-snmp\usr\share\snmp\mib
  s" to C\usr\mibs
• Unzip http//ycchen.im.ncnu.edu.tw/nm/macroRemoved
  .zip to C\usr\mibs
• Commands
• snmpget, snmpgetnext, snmpset, snmpwalk, ...
• See http//www.net-snmp.org/wiki/index.php/Tutoria
  ls
• Examples
• snmpget -v 1 -c public 10.32.10.84
  .1.3.6.1.2.1.1.1.0
• snmpget -v 1 -c public 10.32.10.84 ifNumber.0
  sysUpTime.0
• snmpget -v 2c -c public 10.32.10.84
  SNMPv2-MIBsysUpTime.0
• snmpwalk -v 1 -c public 10.32.10.84 system
• snmpgetnext -d -v 1 -c public 10.32.10.84
  ifInOctets.1

38
snmptrapd, snmptrap
TYPE i INTEGER u UNSIGNED c COUNTER32 s
STRING x HEX STRING d DECIMAL STRING n
NULLOBJ o OBJID t TIMETICKS a IPADDRESS b
BITS

• snmptrapd -L o
• snmptrapd.conf
• "\usr\etc\snmp\snmptrapd.conf"
• authCommunity log comm
• logOption o
• ?
• logOption f C\logs\snmptraps.log
• snmptrap
• snmptrap -v 1 -c comm 10.10.1.15
  .1.3.6.1.4.1.19652 10.34.11.78 2 0 "" ifIndex.3 i
  3
• snmptrap -v 1 -c comm 10.10.1.15
  .1.3.6.1.4.1.19652 10.34.11.78 6 99 ""

snmptrap -v 1 -c comm managerIP enterpriseOID
agentAddress genericTrap SpecificTrap
timeStamp oid type value oid type value
39
????

• Windows ????????snmptrap??,??net-snmp?snmptrap????
  ?
• ?Command Line???,??snmptrap?,?snmptrapd???trap,???
  ??Windows?snmptrap?
• ????
• ?net-snmp?snmptrap.exe??
• snmptrap.exe????"usr\bin\"
• "snmptrap.exe" ? "netsnmptrap.exe"

netsnmptrap -v 1 -c comm
40
Get System Information

• Get System Group of MIB II
• Use get_request or get_next_request
• sysDescr .1.3.6.1.2.1.1.1.0
• sysObjectID .1.3.6.1.2.1.1.2.0
• sysUptime .1.3.6.1.2.1.1.3.0
• sysContact .1.3.6.1.2.1.1.4.0
• sysName .1.3.6.1.2.1.1.5.0
• sysLocation .1.3.6.1.2.1.1.6.0

41
Get Interface Information

• Get Interface Group of MIB II
• Repeatedly Use get_next_request
• Note We dont know the ifIndex values in
  ifTable.
• First get the next object of .ifTable.ifEntry.0
• Then repeatedly get_next
• Until the whole subtree is visited.

42
(No Transcript)
43
Traffic Monitoring

• Get ifInOctets and ifOutOctets of MIB II
  Interface Group
• t1 C1 t2 C2

(C2 - C1 ) ? 8
? 100
Utilization ()
(t2 - t1) ? Bandwidth
44
(No Transcript)
45
SNMP MIB Group