View
62
Download
3
Category
Preview:
DESCRIPTION
Chapter 5 SNMPv1: Communication and Functional Models. Network. SNMP Architecture. SNMP Manager. SNMP Agent. SNMP Manager Application. SNMP Agent Application. Get-Request. GetNext-Request. Set-Request. Get-Response. Trap. Get-Request. GetNext-Request. Set-Request. Get-Response. - PowerPoint PPT Presentation
Citation preview
Chapter 5SNMPv1:Communication and Functional Models
SNMP Architecture
Network
網路介面
SNMP
UDP
IP
SNMP Manager SNMP Agent
SNMP ManagerSNMP ManagerApplicationApplication
Get-
Request
Get-
Request
GetN
ext-
Request
GetN
ext-
Request
Set-
Request
Set-
Request
Get-
Resp
onse
Get-
Resp
onse
Tra
pTra
p
網路介面
SNMP
UDP
IP
SNMP AgentSNMP AgentApplicationApplication
Get-
Request
Get-
Request
GetN
ext-
Request
GetN
ext-
Request
Set-
Request
Set-
Request
Get-
Resp
onse
Get-
Resp
onse
Tra
pTra
p
SNMP Messages
• Get-Request• Get-Next-Request• Set-Request• Get-Response• Trap
• Generic trap• Specific trap
Administrative Model
• Based on community profile and policy• SNMP Entities:
• SNMP application entities - Reside in management stations and network elements - Manager and agent
• SNMP protocol entities - Communication processes (PDU handlers) - Peer processes that support application entities
SNMP Community• Security in SNMPv1 is community-based• Authentication scheme in manager and agent • Community: Pairing of two application entities• Community name: String of octets• Two applications in the same community
communicate with each other• Application could have multiple community
names• Communication is not secured in SNMPv1 - no
encryption
SNMP Community Community
Relationship between an Agent and Managers.
Community Name Used to validate the SNMP messages. SNMP PasswordPassword. Default ‘Get’ community name: “public”.
Authentication Failure Agent sends “Authentication Failure Trap”
to Manager.
SNMP Community
Community Profile
• MIB view• An agent is programmed to view only a subset
of managed objects of a network element• Access mode
• Each community name is assigned an access mode:: read-only and read-write
• Community profile = MIB view + access modeCommunity profile = MIB view + access mode• Operations on an object determined by community
profile and the access mode of the object• Total of four access privileges• Some objects, such as table and table entry are
non-accessible
Community Profile
community
Access Policy
• Administration model is SNMP access policy
• SNMP community paired with SNMP community profile is SNMP access policy
Access Policy
Community
Community Profile 1
Community Profile 2 Agent 2
Agent 1
Manager
GeneralizedGeneralizedAdministrationAdministrationModelModel
GeneralizedGeneralizedAdministrationAdministrationModelModel
Proxy Access Policy
Protocol Entities
Default UDP Ports for SNMP
網路介面
SNMP
UDP
IP
Manager
ManagementStation
Network Elements (NEs)
網路介面
SNMP
UDP
IP
Agent
162 Any 161 Any
Protocol Entities
•Protocol entities support application entities
• Communication between remote peer processes
• Message consists of
• Version identifier
• Community name
• Protocol Data Unit
• Message encapsulated and transmitted
SNMP Message
SNMP Message Version Identifier Community Name Protocol Data Unit
The length of SNMP messages should not exceed 484 octets.
Message ::= SEQUENCE {
version INTEGER {version-1(0)},community OCTET STRING,data ANY
}
Version Community SNMP PDU
SNMP PDUs
SNMP PDU
PDU ::= SEQUENCE {request-id INTEGER,error-status INTEGER {
noError(0),tooBig(1),noSuchName(2),badValue(3),readOnly(4),genErr(5)},
error-index INTEGER,variable-bindings
SEQUENCE OF {name
ObjectName,value
ObjectSyntax}
}
GetRquest ::=GetNextRequest ::=
GetResponse ::=SetRequest ::=
Trap ::=
[0] PDU[1] PDU[2] PDU[3] PDU[4] Trap-PDU
Five SNMP PDUs:
PDU: Protocol Data Unit
error-status noError(0) tooBig(1)
The size of the GetResponse-PDU to be generated exceeds a local limitation.
noSuchName(2) Any object name in the variable-bindings does not match
the name of some object available in the MIB view. badValue(3)
The value of any object named in the variable-bindings field does not manifest a type, length, and value that is consistent with that required for the variable.
readOnly(4) To set the value of an object with read-only access mode.
genErr(5) Any object named in the variable-bindings field cannot be
accessed for reasons not covered by any of the foregoing rules.
error-index The index of the first variable, in the
variable-bindings, with an error as indicated in the error-status field.
If there are more than one error in the variable-bindings? Only the first error is indicated.
For those variables without any error? Atomic vs. Best-effort SNMP is atomic!
SNMP PDU (cont.)
PDU type request-id 0 0 variable-bindings
GetRequest, GetNextRequest, SetRequest
PDU type request-id error-status error-index variable-bindings
GetResponse
variable-bindings
name value name value name value. . .
Trap-PDUTrap-PDU ::= [4]
IMPLICIT SEQUENCE {enterprise OBJECT IDENTIFIER,agent-addr NetworkAddress,
generic-trap INTEGER { coldStart(0), warmStart(1), linkDown(2), linkUp(3), authenticationFailure(4), egpNeighborLoss(5), enterpriseSpecific(6)},
specific-trap INTEGER,time-stamp TimeTicks,variable-bindings VarBindList
}
EnterpriseEnterprise: Type of Object generating trap.
Agent AddressAgent Address:Address of object generating trap.
Generic TrapGeneric Trap:Generic trap type.
Specific TrapSpecific Trap:Enterprise specific trap.
Time StampTime Stamp:Time elapsed between the last initialization of the network entity andthe generation of the trap.
Variable BindingsVariable Bindings“Interesting” information
PDU type enterprise agent-addr generic-trap variable-bindingsspecific-traptime-stamp
Trap Type
Generic Trap Example
Enterprise: .1.3.6.1.4.1.311.1.1.3.1.1
Agent-Address: 10.10.13.137Generic-Trap: 4Specific-Trap: 0Timestamp: 29756264#VarBinds: 0
Enterprise-Specific Traps
Traps defined by enterprises Identification of Enterprise-Specific
Traps Enterprise Enterprise OID Generic-Trap 6 Specific-Trap an Integer
Enterprise Trap Example
Enterprise: .1.3.6.1.4.1.522Agent-Address: 10.10.13.24Generic-Trap: 6Specific-Trap: 4Timestamp: 143739963VariableBindings: (4) .1.3.6.1.4.1.522.3.14.23.1.2.11687128: 02:18:25 .1.3.6.1.4.1.522.3.14.23.1.3.11687128: 14 .1.3.6.1.4.1.522.3.14.23.1.4.11687128: (Info): Station 00092d142581 Associated .1.3.6.1.4.1.522.3.14.23.1.5.11687128:
AssociationOK
Manag
Manag
erer A
gen
tA
gen
t
Get-Next Request
ABTE
1.11.22.12.23.13.2Z
Lexicographic Order
Get-Next Request
:Non-Leaf Object
:Leaf Object1 2 3
4 5 6
MIB Tree :In SNMP, In SNMP, Only leaf objects have Only leaf objects have values.values.
*
Get-Next Requests with Indices
SNMP Get-Request Example
>>>>snmpgetsnmpget -d 10.144.18.118 .1.3.6.1.2.1.1.1.0-d 10.144.18.118 .1.3.6.1.2.1.1.1.0Transmitted 41 bytes to camry (10.144.18.118) port 161:Transmitted 41 bytes to camry (10.144.18.118) port 161:Initial Timeout: 0.80 secondsInitial Timeout: 0.80 seconds 0: 30 0: 30 2727 02 01 02 01 0000 04 06 04 06 70 75 62 6c 69 6370 75 62 6c 69 63 a0 a0 1a1a 02 0'.....public... 02 0'.....public... 16: 02 16: 02 18 bc18 bc 02 01 02 01 0000 02 01 02 01 0000 30 0e 30 0c 06 08 30 0e 30 0c 06 08 2b2b .........0.0...+ .........0.0...+ 32: 32: 06 01 02 01 01 01 0006 01 02 01 01 01 00 05 00 -- -- -- -- -- -- -- ................ 05 00 -- -- -- -- -- -- -- ................ 0: SNMP MESSAGE (0x30): 0: SNMP MESSAGE (0x30): 3939 bytes bytes 2: INTEGER VERSION (0x2) 1 bytes: 2: INTEGER VERSION (0x2) 1 bytes: 00 (SNMPv1) (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "5: OCTET-STR COMMUNITY (0x4) 6 bytes: "publicpublic"" 13: GET-REQUEST-PDU (0xa0): 13: GET-REQUEST-PDU (0xa0): 2626 bytes bytes 15: 15: INTEGER REQUEST-ID (0x2) 2 bytes: INTEGER REQUEST-ID (0x2) 2 bytes: 63326332 19: 19: INTEGER ERROR-STATUS (0x2) 1 bytes: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0)noError(0) 22: 22: INTEGER ERROR-INDEX (0x2) 1 bytes: INTEGER ERROR-INDEX (0x2) 1 bytes: 00 25: 25: SEQUENCE VARBIND-LIST (0x30): 14 bytesSEQUENCE VARBIND-LIST (0x30): 14 bytes 27: 27: SEQUENCE VARBIND (0x30): 12 bytesSEQUENCE VARBIND (0x30): 12 bytes 29: 29: OBJ-ID (0x6) 8 bytes: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0.1.3.6.1.2.1.1.1.0 39: 39: NULL (0x5) 0 bytesNULL (0x5) 0 bytes
SNMP Get-Response Example
Received 69 bytes from 10.144.18.118 port 161:Received 69 bytes from 10.144.18.118 port 161: 0: 30 0: 30 4343 02 01 02 01 0000 04 06 04 06 70 75 62 6c 69 6370 75 62 6c 69 63 a2 36 02 0C.....public.6. a2 36 02 0C.....public.6. 16: 02 16: 02 18 bc18 bc 02 01 02 01 0000 02 01 02 01 0000 30 2a 30 28 06 08 30 2a 30 28 06 08 2b2b .........0*0(..+ .........0*0(..+ 32: 32: 06 01 02 01 01 01 0006 01 02 01 01 01 00 04 1c 04 1c 53 75 6e 20 53 4e 4d53 75 6e 20 53 4e 4d .........Sun SNM .........Sun SNM 48: 48: 50 20 41 67 65 6e 74 2c 20 53 55 4e 57 2c 55 6c50 20 41 67 65 6e 74 2c 20 53 55 4e 57 2c 55 6c P Agent, SUNW,Ul P Agent, SUNW,Ul 64: 64: 74 72 61 2d 3174 72 61 2d 31 -- -- -- -- -- -- -- -- -- -- -- tra-1........... -- -- -- -- -- -- -- -- -- -- -- tra-1........... 0: SNMP MESSAGE (0x30): 0: SNMP MESSAGE (0x30): 6767 bytes bytes 2: INTEGER VERSION (0x2) 1 bytes: 2: INTEGER VERSION (0x2) 1 bytes: 00 (SNMPv1) (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "5: OCTET-STR COMMUNITY (0x4) 6 bytes: "publicpublic"" 13: RESPONSE-PDU (0xa2): 54 bytes13: RESPONSE-PDU (0xa2): 54 bytes 15: 15: INTEGER REQUEST-ID (0x2) 2 bytes: INTEGER REQUEST-ID (0x2) 2 bytes: 63326332 19: 19: INTEGER ERROR-STATUS (0x2) 1 bytes: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0)noError(0) 22: 22: INTEGER ERROR-INDEX (0x2) 1 bytes: INTEGER ERROR-INDEX (0x2) 1 bytes: 00 25: 25: SEQUENCE VARBIND-LIST (0x30): 42 bytesSEQUENCE VARBIND-LIST (0x30): 42 bytes 27: 27: SEQUENCE VARBIND (0x30): 40 bytesSEQUENCE VARBIND (0x30): 40 bytes 29: 29: OBJ-ID (0x6) 8 bytes: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0.1.3.6.1.2.1.1.1.0 39: 39: OCTET-STR (0x4) 28 bytes: "OCTET-STR (0x4) 28 bytes: "Sun SNMP Agent, SUNW,Ultra-1Sun SNMP Agent, SUNW,Ultra-1""system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1
SNMP-Walk- Use of SNMP Get-Next Request
snmpwalk 10.144.18.118 .1.3.6.1.2.1.1snmpwalk 10.144.18.118 .1.3.6.1.2.1.1system.sysDescr.0system.sysDescr.0 : DISPLAY STRING- (ascii): : DISPLAY STRING- (ascii): Sun SNMP Agent, Sun SNMP Agent,
SUNW,Ultra-1SUNW,Ultra-1
system.sysObjectID.0system.sysObjectID.0 : OBJECT : OBJECT IDENTIFIER: IDENTIFIER: .iso.org.dod.internet.private.enterprises.42.2.1.1.iso.org.dod.internet.private.enterprises.42.2.1.1
system.sysUpTime.0system.sysUpTime.0 : Timeticks: (198219958) : Timeticks: (198219958) 22 days, 22:36:39.5822 days, 22:36:39.58
system.sysContact.0system.sysContact.0 : DISPLAY STRING- (ascii): : DISPLAY STRING- (ascii): lino@ms.chttl.com.twlino@ms.chttl.com.tw
system.sysName.0system.sysName.0 : DISPLAY STRING- (ascii): : DISPLAY STRING- (ascii): camrycamry
system.sysLocation.0system.sysLocation.0 : DISPLAY STRING- (ascii): : DISPLAY STRING- (ascii): Information Information Technology Laboratory 3FTechnology Laboratory 3F
system.sysServices.0system.sysServices.0 : INTEGER: : INTEGER: 72 72 (01001000)B(01001000)B
SNMP Trap Example
Transmitted 64 bytes to 10.144.18.100 port 162:Transmitted 64 bytes to 10.144.18.100 port 162: 0: 30 3e 02 01 00 04 06 70 75 62 6c 69 63 a4 31 06 0: 30 3e 02 01 00 04 06 70 75 62 6c 69 63 a4 31 06
0>.....public.1.0>.....public.1. 16: 09 2b 06 01 04 01 84 64 01 01 40 04 0a 90 12 74 .16: 09 2b 06 01 04 01 84 64 01 01 40 04 0a 90 12 74 .
+.....d..@....t+.....d..@....t 32: 02 01 06 02 03 01 86 9f 43 01 00 30 13 30 11 06 ........C..0.0..32: 02 01 06 02 03 01 86 9f 43 01 00 30 13 30 11 06 ........C..0.0.. 48: 04 2b 06 01 01 04 09 54 72 61 70 20 74 65 73 74 .+.....Trap 48: 04 2b 06 01 01 04 09 54 72 61 70 20 74 65 73 74 .+.....Trap
testtest 0: SNMP MESSAGE (0x30): 62 bytes0: SNMP MESSAGE (0x30): 62 bytes 2: INTEGER VERSION (0x2) 1 bytes: 2: INTEGER VERSION (0x2) 1 bytes: 00 (SNMPv1) (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "5: OCTET-STR COMMUNITY (0x4) 6 bytes: "publicpublic"" 13: V1-TRAP-PDU (0xa4): 49 bytes13: V1-TRAP-PDU (0xa4): 49 bytes 15: 15: OBJ-ID ENTERPRISE (0x6) 9 bytes: OBJ-ID ENTERPRISE (0x6) 9 bytes: .1.3.6.1.4.1.612.1.1.1.3.6.1.4.1.612.1.1 26: 26: IPADDRESS AGENT-ADDR (0x40) 4 bytes: IPADDRESS AGENT-ADDR (0x40) 4 bytes: 10.144.18.11610.144.18.116 32: 32: INTEGER GENERIC-TRAP (0x2) 1 bytes:INTEGER GENERIC-TRAP (0x2) 1 bytes: 6 6 35: 35: INTEGER SPECIFIC-TRAP (0x2) 3 bytes: INTEGER SPECIFIC-TRAP (0x2) 3 bytes: 9999999999 40: 40: TIMETICKS TIME-STAMP (0x43) 1 bytes: TIMETICKS TIME-STAMP (0x43) 1 bytes: 00 (0x0) (0x0) 43: 43: SEQUENCE VARBIND-LIST (0x30): 19 bytesSEQUENCE VARBIND-LIST (0x30): 19 bytes 45: 45: SEQUENCE VARBIND (0x30): 17 bytesSEQUENCE VARBIND (0x30): 17 bytes 47: 47: OBJ-ID (0x6) 4 bytes: OBJ-ID (0x6) 4 bytes: .1.3.6.1.1.1.3.6.1.1 53: 53: OCTET-STR (0x4) 9 bytes: "OCTET-STR (0x4) 9 bytes: "Trap testTrap test""
net-snmp (Windows) Download:
http://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.5-binaries/
Choose net-snmp-5.5.0-2.x64.exe or net-snmp-5.5.0-1.x86.exe Installation:
if php-snmp or GetIf has been installed before net-snmp, the mib directory will be C:\usr\mibs Copy "C:\Program Files\net-snmp\usr\share\snmp\mibs" to C:\usr\mibs Unzip http://ycchen.im.ncnu.edu.tw/nm/macroRemoved.zip to C:\usr\
mibs Commands:
snmpget, snmpgetnext, snmpset, snmpwalk, ... See http://www.net-snmp.org/wiki/index.php/Tutorials
Examples: snmpget -v 1 -c public 10.32.10.84 .1.3.6.1.2.1.1.1.0 snmpget -v 1 -c public 10.32.10.84 ifNumber.0 sysUpTime.0 snmpget -v 2c -c public 10.32.10.84 SNMPv2-MIB::sysUpTime.0 snmpwalk -v 1 -c public 10.32.10.84 system snmpgetnext -d -v 1 -c public 10.32.10.84 ifInOctets.1
snmptrapd, snmptrap snmptrapd -L o snmptrapd.conf
"\usr\etc\snmp\snmptrapd.conf"authCommunity log comm
logOption o
或logOption f C:\logs\snmptraps.log
snmptrapsnmptrap -v 1 -c comm 10.10.1.15 .1.3.6.1.4.1.19652 10.34.11.78 2 0 "" ifIndex.3 i
3
snmptrap -v 1 -c comm 10.10.1.15 .1.3.6.1.4.1.19652 10.34.11.78 6 99 ""snmptrap -v 1 -c comm managerIP enterpriseOID agentAddress genericTrap SpecificTrap timeStamp oid type value oid type value …
TYPE: i INTEGER u UNSIGNED c COUNTER32 s STRING x HEX STRING d DECIMAL STRING n NULLOBJ o OBJID t TIMETICKS a IPADDRESS b BITS
注意事項 Windows 作業系統本身也有 snmptrap指令,但
與 net-snmp 之 snmptrap指令不同。 在 Command Line模式下,執行 snmptrap後,若
snmptrapd沒收到 trap,可能是執行Windows 的snmptrap。
解決之道 將 net-snmp 之 snmptrap.exe改名
snmptrap.exe位於目錄 "usr\bin\" "snmptrap.exe" "netsnmptrap.exe"
netsnmptrap -v 1 -c comm …
Get System Information Get “System Group” of MIB II Use get_request or get_next_request
sysDescr .1.3.6.1.2.1.1.1.0sysObjectID .1.3.6.1.2.1.1.2.0sysUptime .1.3.6.1.2.1.1.3.0sysContact .1.3.6.1.2.1.1.4.0sysName .1.3.6.1.2.1.1.5.0sysLocation .1.3.6.1.2.1.1.6.0
Get Interface Information Get “Interface Group” of MIB II Repeatedly Use “get_next_request” Note: We don’t know the ifIndex
values in ifTable. First get the next object
of .ifTable.ifEntry.0 Then repeatedly “get_next” Until the whole subtree is visited.
Traffic Monitoring
Get “ifInOctets” and “ifOutOctets” of MIB II Interface Group
t1: C1 t2: C2
(C2 - C1 ) 8
(t2 - t1) Bandwidth 100%Utilization (%) =
SNMP MIB GroupSNMP MIB Group
Recommended