1

Network Management: SNMP

The roots of education are bitter, but the fruit is sweet.

- Aristotle

2

Objectives

• Describe the basic network management architecture

• Explain the role that Simple Network Management Protocol plays in an IP-based network

• Describe the 5 layers (or, components) of the OSI Network Management model

• Explain the types of PDUs used by SNMP v3

3

Network Management Architecture

• The basic network management architecture consists of a set of devices being managed (known as managed devices or agents), and a centralized management station (known as a management entity or a manager)

• At each managed device, a piece of software called a management agent collects data about the managed device (e.g. received and sent traffic, errors, link utilization levels, etc.) and stores them in a management database

• The management entity periodically requests (or, polls) managed devices to send recent data about themselves. Management agents in managed devices respond to these requests by sending data stored in their database

4

Network Management Architecture

1. Management entity acts as a repository for data collected over time from managed devices. Using third party software, these received data can be processed to present information to network managers in various forms (such as graphs) showing trends over time.

2. In addition to responding to periodical requests for data from the management entity, managed devices may report abnormal events on their own (called alerts or traps)

3. When alerts are received, management entity generates appropriate responses (such as operator notification, event logging, system shutdown or restart, and other kinds of automated attempts to repair affected systems)

5

Network Management Architecture

• Management entities (Manager) and managed devices (Agents) use SNMP - Simple Network Management Protocol to communicate and exchange data

6

OSI Network Management Model

• OSI network management model defines a common frame of reference for network management, and provides a framework for major functions that network management systems perform

• The OSI network management model incorporates the following five layers:

– Accounting management

– Configuration management

– Fault management

– Performance management

– Security management

7

OSI Network Management Model

• Accounting management:

– focuses on using network and service utilization parameters to assign usage charges back to various divisions within an organization

• Configuration management:

– focuses on documenting network and system configuration data about operating system or firmware, network interfaces, protocols and related settings, etc.

– provides centralized access to and control over configuration data

• Fault management:

– focuses on detecting, logging and repairing network and system problems

8

OSI Network Management Model

• Performance management:

– focuses on measuring and monitoring network traffic levels, utilization, and other statistical metrics (such as throughput, response times, error rates) to help maintain network and system performance at acceptable levels

– helps identifying abnormal performance

• Security management:

– focuses on controlling access to network resources to avoid various intrusions and attacks

– restricts access to resources based on proper authentication and authorization

9

Management Components

• SNMP: defines the format of messages exchanged between a manager and an agent.

• SMI (Structure of Management Information): defines general rules for:

– naming objects (“objects” are variables within the management database that holds data)

– their types (including range and length)

– how to encode objects and their values

– SMI v1 - RFC 1155, SMI v2 - RFC 2578

10

Management Components

• MIB (Management Information Base): creates a set of named objects, their types, and their relationships to each other in a managed device (such as a router), similar to meta data in a database

• SMI requires that each object (such as: udpInDatagrams) in a managed device have a unique name.

• To name objects globally, SMI uses an object identifier, which is a hierarchical identifier based on a tree structure

11

Figure 21.3 Management overview

12

Figure 21.5 Object identifier

13

Management Information Base (MIB)

• Currently, MIB-2 (RFC 1213) is the popular general MIB supported by most SNMP-managed devices

• MIB-2 provides general TCP/IP management info including interface statistics (interface speed, MTU size, bytes sent, bytes received, etc.) and various other things pertaining to the system itself (location, contact, etc.)

14

SNMP Messages• SNMP managers and agents communicate over

UDP with a specific set of Protocol Data Units

• SNMP v3 defines 8 types of PDUs:

– GetRequest

– GetNextRequest

– GetBulkRequest

– SetRequest

– Response

– Trap

– InformRequest

– Report

15

Figure 21.19 SNMP PDUs

16

SNMP PDUs

• GetRequest: sent from a manager to the agent to read the value of a variable (object) in the MIB

• GetNextRequest: mostly used by a manager to get values of the entries in a MIB table

• GetBulkRequest: sent by a manager to retrieve a large amount of data from an agent

• SetRequest: sent from a manager to the agent to set (or, write) a value in a MIB variable

• Trap: sent from an agent to a manager unsolicited to report an event

17

SNMP PDUs

• Response: sent from an agent to a manager in response to a GetRequest or GetNextRequest. It contains value(s) of the variable(s) requested by the manager

• InformRequest: sent from one manager to a remote manager to get the value(s) of some variable(s) from agents under the control of the remote manager

• Report: to report errors between managers. Not in use yet.