• Home

  • Documents

  • TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN
35
1 TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN MANAGEMENT 9 July 1996 Aiko Pras [email protected] http://wwwtios.cs.utwente.nl/~pras http://wwwtios.cs.utwente.nl/ http://wwwsnmp.cs.utwente.nl/ Copyright © 1996 by Aiko Pras, Hengelo, The Netherlands All rights reserved. No part of these sheets may be used, reproduced, stored in a retrieval system or transmitted, in any form or by any means, without obtaining written permission of the author.

TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

Embed Size (px)

Citation preview

Page 1: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

1

TUTORIAL

SNMP:STATUS AND APPLICATION

FORLAN/MAN MANAGEMENT

9 July 1996

Aiko [email protected]

http://wwwtios.cs.utwente.nl/~prashttp://wwwtios.cs.utwente.nl/

http://wwwsnmp.cs.utwente.nl/

Copyright © 1996 by Aiko Pras, Hengelo, The NetherlandsAll rights reserved.

No part of these sheets may be used, reproduced, stored in a retrieval system or transmitted,in any form or by any means, without obtaining written permission of the author.

Page 2: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

2

CONTENTS

• IETF / SNMP INTRO

• SNMP version 2

• COMPARISON TO CMIP / CMOL

• MIBs

• RMON

• NEW DEVELOPMENTS

• FURTHER INFORMATION

Page 3: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

3

IETF STANDARDIZATION

WORKINGDOCUMENT

PROPOSEDSTANDARD

FULLSTANDARD

HISTORICAL

HISTORICAL

implementationexperience

after a maximum

after a maximumof 4 years

of 2 years

several independentimplementationsmust interwork

must be obtained

DRAFTSTANDARD

Page 4: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

4

HISTORY IETF

1987

1988

1989

1990

1991

1992

1993

HEMS/HEMP SGMP CMOT

SNMPv2

SNMPdraft

standard

SNMP security

proposedstandard

1994

1995

fullstandard

SMP

proposedstandard

draftstandard

implementationexperience

1996

majorchanges

Page 5: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

5

SNMPv1 STRUCTURE

MIB

MANAGEMENT

APPLICATION

TRANSPORT SERVICE

manager agent

SET

GET / GET-NEXT

TRAP

Page 6: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

6

SNMPv1 MESSAGE & PDU STRUCTURE

NAME 1 VALUE 1 NAME 2 VALUE 2 ••• ••• NAME n VALUE n

PDU TYPE* ERROR

VARIABLE BINDINGSSTATUSREQUEST

IDERRORINDEX

VERSION COMMUNITY SNMP PDU

variable bindings:

SNMP PDU:

SNMP message:

Page 7: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

7

PROXY MANAGEMENT

MANAGER PROXY AGENT NON-SNMP AGENT

SNMPPROPRIETARY

Page 8: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

8

SNMPv2

APRIL 1993:• PROPOSED STANDARD

• RFC 1441 - RFC1452• PARTY BASED SECURITY MODEL

JUNE 1995:• PARTY BASED MODEL REJECTED

• NEW PROPOSALS APPEARED

JANUARY 1996:• SNMPv2C BECAME DRAFT STANDARD

• RFC 1901 - RFC 1908• COMMUNITY BASED SECURITY MODEL

SECURITY:• SNMPv2 USER SECURITY MODEL (USEC)

• SNMPv2*

MANAGEMENT HIERARCHY:• DISMAN WORKING GROUP

Page 9: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

9

SNMPv2 GOALS

IMPROVED PERFORMANCE• GET-BULK PDU

SECURITY• AUTHENTICATION

• ENCRYPTION• ACCESS CONTROL

MANAGEMENT HIERARCHY• MANAGER TO MANAGER COMMUNICATION

OTHER IMPROVEMENTS

Page 10: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

10

OTHER IMPROVEMENTS

• DEFINITION OF ADDITIONAL DATA TYPESAND FORMALISMS

BASED ON IMPLEMENTATION EXPERIENCE

• TRANSPORT SERVICE INDEPENDENCE:MAPPINGS FOR SNMPV2

OVER SEVERAL TRANSPORTS ARE DEFINED

• RECORDING THE UNWRITTEN RULES OF SNMP- ROW STATUS PLUS OTHER TEXTUAL CONVENTIONS

• REDEFINED TRAP PDU- HAS SAME PDU FORMAT AS OTHER PDUs

- MAY BE SEND TO ZERO, ONE OR MORE MANAGERS

Page 11: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

11

SNMPv2 PDUs

MIB

TRANSPORT SERVICE

SET

GET / GET-NEXT

TRAP / REPORT

GET-BULK

INTERMEDIATELEVEL

MANAGER

TOPLEVEL

MANAGER

TRANSPORT SERVICE

INFORM

Page 12: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

12

USEC:SECURE TRANSFER OF MANAGEMENT PDUs (1)

GOALS

PROTECTION AGAINST:

• MODIFICATION OF INFORMATION

• MASQUERADE

• MESSAGE STREAM MODIFICATION(REORDERING, DELAY, REPLAY)

• DISCLOSURE

NO PROTECTION AGAINST:

• DENIAL OF SERVICE ATTACKS

• TRAFFIC ANALYSIS ATTACKS

Page 13: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

13

USEC: SECURE TRANSFER OF MANAGEMENT PDUs (2)

MIB

AGENT IDAGENT BOOTS

AGENT TIME

USER NAMEAUTH. KEYPRIV. KEY

MANAGEMENT

APPLICATION

TRANSPORT SERVICE

manager agent

SET

GET / GET-NEXT / GET-BULK

TRAP / REPORT

Page 14: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

14

USEC: SECURE TRANSFER OF MANAGEMENT PDUs (3)

MIB

AGENT IDAGENT BOOTS

AGENT TIME...

USER NAMEAUTH. KEYPRIV. KEY

...

MANAGEMENT

APPLICATION

TRANSPORT SERVICE

manager agent

SET

GET / GET-NEXT / GET-BULK

TRAP / REPORT

Page 15: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

15

USEC: SECURE TRANSFER OF MANAGEMENT PDUs (4)

USER NAMEAUTH. KEYPRIV. KEY

...

manager SNMP PDU

SNMPVERSION

SECURITYMODEL

QoSAGENTID

AGENTBOOTS

AGENTTIME

USERNAME

DIGESTENCRYPTEDSNMP PDU

AGENT IDAGENT BOOTS

AGENT TIME

Page 16: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

16

USEC:SECURE TRANSFER OF MANAGEMENT PDUs (5)

MECHANISMS

MODIFICATION OF INFORMATION• DIGEST

• MD5

MASQUERADE• USER NAME

(DIGEST)

MESSAGE STREAM MODIFICATION• AGENT BOOTS, AGENT TIME

(DIGEST)

DISCLOSURE• SNMP PDU ENCRYPTION

• DES

Page 17: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

17

USEC: ACCESS CONTROL

ACL

MIB

USER NAMEMIB VIEW

x

AGENT IDAGENT BOOTS

AGENT TIME...

USER NAMEAUTH. KEYPRIV. KEY

...

MANAGEMENT

APPLICATION

TRANSPORT SERVICE

manager agent

SET

GET / GET-NEXT / GET-BULK

TRAP / REPORT

Page 18: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

18

CMIP versus SNMP - 1

CMIP SNMP

model event based polling based

information approach object oriented variable oriented

complexity agent is complex agent is simple

state information kept by agent kept by manager

underlying service CO - reliable CL - unreliable

efficiency good acceptable

implementation difficult simple(V2 is more difficult)

Page 19: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

19

CMIP versus SNMP - 2

CMIP SNMP

retrieves objects scalars

many items multiple replies error: tooBIG

object selection scoping & filtering -

synchronization atomic & best effort atomic

events / traps confirmed &unconfirmed unconfirmed

actions possible via ‘trick’

Page 20: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

20

CMIP versus SNMP - 3

CMIP SNMP

security via underlying services-

authentication / encryption /ACL-lists

management functions many none

approach object oriented variable oriented

ASN.1 full support subset

naming structure flexible simple

Page 21: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

21

CMOL versus SNMP

CMOL IS COMPARIBLE TO CMIP

CMOL OPERATES OVER LLC

CMOL CAN NOT OPERATE OVER ROUTERS

CMOL: FEW IMPLEMENTATIONS-

Page 22: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

22

MIBs

MIB-II

SYSTEM (1)

INTERFACES (2)

AT (3)

IP (4)

ICMP (5)

TCP (6)

UDP (7)

EGP (8)

TRANSMISSION (10)

SNMP (11)

•••

Page 23: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

23

MIB

-II ifTable

n 2 1

ifIndexifDescrifTypeifMtuifSpeedifPhysAddressifAdminStatusifOperstatusifLastChangeifInOctetsifInUcastPktsifInNUcastPktsifInDiscardsifInErrorsifInUnknownProtosifOutOctetsifOutUcastPktsifOutNUcastPktsifOutDiscardsifOutErrorsifOutQLenifSpecific

Page 24: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

24

MIB-II IF PACKET COUNT

ifInUcastPkts+

ifInNUcastPkts

ifInDiscards

ifInUnknownProtos

ifInErrors

ifOutUcastPkts+

ifOutNUcastPkts

ifOutErrors

ifOutDiscards

Page 25: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

25

OVERVIEW LAN SPECIFIC MIBs

NAME SMI RFC STATUS WORKING GROUP

ETHERNET-LIKE INTERFACES v1v2

16431650

STANDARDPROPOSED INTERFACE

802.3 MAU v1 1515 PROPOSED HUB

802.3 REPEATER DEVICES v1 1516 DRAFT HUB

802.4 TOKEN BUS v1 1230 HISTORIC -

802.5 v2 1748 DRAFT INTERFACE

802.5 STATION SOURCE ROUTING v2 1749 PROPOSED INTERFACE

802.12 v2 - WORKING DOC. 100VG-AnyLAN

802.12 REATER DEVICES v2 - WORKING DOC. 100VG-AnyLAN

REMOTE NETWORK MONITORING (RMON) v1v2

1757-

DRAFTWORKING DOC. RMON

TOKEN RING EXTENSIONS TO RMON v1 1513 PROPOSED RMON

BRIDGES v1v2

1493-

DRAFTWORKING DOC. BRIDGE

SOURCE ROUTING BRIDGES v1v2

1525-

PROPOSEDWORKING DOC. BRIDGE

Page 26: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

26

IEEE - IETF WORKING GROUPS

802.1802.2802.3802.4802.5802.6802.7802.6802.7802.8802.9

802.10802.11802.12802.14

IEEE IETF

Bridge MIB

Hub MIB

Interfaces MIB

100VG-AnyLAN

RMON

Page 27: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

27

REMOTE NETWORK MONITORING

RMON

RFC 1757

WAN ETHERNET

MANAGER

RMON

Page 28: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

28

RMON GROUPS

NINE GROUPS:

• STATISTICS

• HISTORY

• HOST TABLE

• HOST TOP N

• TRAFFIC MATRIX

• ALARMS

• FILTERS

• PACKET CAPTURE

• EVENTS

Page 29: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

29

STATISTICS GROUP

KEEPS STATISTICS PER ETHERNET SEGMENT

SHOWS:• PACKETS• OCTETS

• BROADCASTS• MULTICASTS• COLLISIONS

• ERRORS

KEEPS TRACK OF PACKET SIZE DISTRIBUTION:• 65 - 127 OCTETS

• 128 - 255 OCTETS• 256 - 511 OCTETS

• 512 - 1023 OCTETS• 1024 - 1518 OCTETS

< 64 Bytes 64 to 1518 >1518 bytes

WELL-FORMEDPACKETS

undersize GOOD! oversize

BAD FCSERRORS fragments

CRC oralignment

errorsjabber

Page 30: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

30

HISTORY GROUP

STORES INFORMATION OF STATISTICS GROUPEXCEPT PACKET SIZE DISTRIBUTION

USES A CIRCULAR BUFFER• BUCKETS

• SIZE MAY BE SET BY MANAGER

SAMPLING INTERVALMAY BE SET BY MANAGER

Page 31: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

31

ALARM GROUP

ABSOLUTE OR DELTA VALUES

900

800

700

600

500

400

300

200

100

RISING TRESHOLD

FALLING TRESHOLD

NOTIFICATION

NOTIFICATION

NOTIFICATION

Page 32: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

32

HOST INFORMATION

• HOST GROUP• HOST TOP N

IN / OUT:PACKETS / OCTETS

OUT:BROADCASTSMULTICASTS

ERRORS

INFORMATION INDEXED BY:

• INTERFACE AND MAC ADDRESShostTable

• CREATION TIMEhostTimetable

• SORTED ON SOME VARIABLE VALUEhostTopN

Page 33: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

33

OTHER GROUPS

• TRAFFIC MATRIXFOR EACH SOURCE & DESTINATION

• PACKETS• OCTETS• ERRORS

• FILTER GROUPTO COUNT PACKETS

THAT CARRY A SPECIFIC BIT-PATTERN

• PACKET CAPTURE GROUPTO STORE SPECIFIC PACKETS

• EVENT GROUPTO DEFINE THE VARIOUS EVENTS

DETERMINE TRANSMISSION OF TRAPS

Page 34: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

34

NEW DEVELOPMENTS

WEB BASED MANAGEMENT!

EMBEDDED MANAGEMENT APPLICATIONS:

• MANAGER IS A STANDARD WWW BROWSER

• DEVICE VENDORS CAN SELLMANAGEMENT CAPABILITIES

• AGENT BECOMES MORE COMPLEX

• USE OF JAVA

HTTP AS MANAGEMENT PROTOCOL:

• CONNECTION ORIENTED TRANSPORT

• USE OF HTTP SECURITY

APPLICATIONS:

• DEVICE MANAGEMENT

• CUSTOMER NETWORK MANAGEMENT

Page 35: TUTORIAL SNMP: STATUS AND APPLICATION FOR LAN/MAN

35

FURTHER INFORMATION

• http://wwwtios.cs.utwente.nl/~prasSHEETS OF THIS PRESENTATION

• http://wwwsnmp.cs.utwente.nl/‘THE SIMPLEWEB’

WWW SERVER FOR NETWORK MANAGEMENT(STANDARDS, SOFTWARE, ARTICLES, ...)

• WILLIAM STALLINGSSNMP, SNMPv2 AND RMON

ADDISON WESLEYISBN: 0-201-63479-1

JUNE 1996

• MARSHALL ROSETHE SIMPLE BOOK

PRENTICE HALLISBN: 0-13-451659-1

APRIL 1996


Application Dependency Discovery Managern · 2. 2 () UI 284 LAN SNMP LanManagerSnmpSensor 340 Linux LinuxComputerSystemSensor 289 NetScreen SNMP NetscreenSnmpSensor

Application Dependency Discovery Managern · 2. 2 () UI 284 LAN SNMP LanManagerSnmpSensor 340 Linux LinuxComputerSystemSensor 289 NetScreen SNMP NetscreenSnmpSensor

Documents
Temperature Alert LAN-based Temperature and · PDF fileTemperature Alert LAN-based Temperature and Humidity Data Logger. ... Configure SNMP Traps SNMP traps allow a base station to

Temperature Alert LAN-based Temperature and · PDF fileTemperature Alert LAN-based Temperature and Humidity Data Logger. ... Configure SNMP Traps SNMP traps allow a base station to

Documents
UPS SNMP Card · SNMP-SSL UPS SNMP Card (Web-Based monitoring SNMP Card) User’s Manual

UPS SNMP Card · SNMP-SSL UPS SNMP Card (Web-Based monitoring SNMP Card) User’s Manual

Documents
ViewPower Pro...3.3. SNMP Manager SNMP Manager is a plug-in utility for ViewPower Pro to search and operate all SNMP devices in the LAN. Click the “SNMP Manager” to access SNMP

ViewPower Pro...3.3. SNMP Manager SNMP Manager is a plug-in utility for ViewPower Pro to search and operate all SNMP devices in the LAN. Click the “SNMP Manager” to access SNMP

Documents
Tutorial konfigurasi kabel jaringan LAN

Tutorial konfigurasi kabel jaringan LAN

Documents
Implementing SNMP€¦ · Implementing SNMP SimpleNetworkManagementProtocol(SNMP)isanapplication-layerprotocolthatprovidesamessage formatforcommunicationbetweenSNMPmanagersandagents

Implementing SNMP€¦ · Implementing SNMP SimpleNetworkManagementProtocol(SNMP)isanapplication-layerprotocolthatprovidesamessage formatforcommunicationbetweenSNMPmanagersandagents

Documents
Tutorial sharing data menggunakan jaringan lan

Tutorial sharing data menggunakan jaringan lan

Internet
SNMP Tutorial: The Fast Track Introduction to SNMP Alarm

SNMP Tutorial: The Fast Track Introduction to SNMP Alarm

Documents
Simple Network Management Protocol Part 2“Fundamentals of SNMP” Advertised Presentation Scope 2 Tutorial Overview The Simple Network Management Protocol (SNMP) was created as a

Simple Network Management Protocol Part 2“Fundamentals of SNMP” Advertised Presentation Scope 2 Tutorial Overview The Simple Network Management Protocol (SNMP) was created as a

Documents
SNMP web card · b) Enter specific IP address to search all SNMP devices in LAN. (The SNMP Web Manager will automatically collect the IP address from sever by default via a DHCP server

SNMP web card · b) Enter specific IP address to search all SNMP devices in LAN. (The SNMP Web Manager will automatically collect the IP address from sever by default via a DHCP server

Documents
Tutorial LAN WLAN Eng

Tutorial LAN WLAN Eng

Documents
SNMP - Cisco · SNMP Overview SNMPisanapplication ... (NNM)orOpenSystemsInterconnection(OSI)NetExperttobeutilized ... SNMP 4 OL-25029-01 SNMP SNMP External Interface

SNMP - Cisco · SNMP Overview SNMPisanapplication ... (NNM)orOpenSystemsInterconnection(OSI)NetExperttobeutilized ... SNMP 4 OL-25029-01 SNMP SNMP External Interface

Documents
November 2006 IEEE 802.15.5 Tutorial - LMSC, LAN/MAN Standards

November 2006 IEEE 802.15.5 Tutorial - LMSC, LAN/MAN Standards

Documents
Tutorial Sharing Data Dengan Kabel LAN

Tutorial Sharing Data Dengan Kabel LAN

Documents
DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN

DCCN 2016 - Tutorial 1 - Communication with LAN/WLAN

Technology
Tutorial Lan(Fileminimizer)

Tutorial Lan(Fileminimizer)

Documents
LAN Tutorial

LAN Tutorial

Documents
opnet lan tutorial

opnet lan tutorial

Documents
Tutorial lan

Tutorial lan

Internet
Simple Network Management Protocol (SNMP) - … · Simple Network Management Protocol (SNMP) Este tutorial apresenta os conceitos básicos e as características do protocolo SNMP

Simple Network Management Protocol (SNMP) - … · Simple Network Management Protocol (SNMP) Este tutorial apresenta os conceitos básicos e as características do protocolo SNMP

Documents
Tutorial Instalasi Moodle Di Komputer LAN

Tutorial Instalasi Moodle Di Komputer LAN

Documents
SNMP 1. SNMP Versions SNMP version 1 (SNMPv1) SNMP version 2 (SNMPv2) SNMP version 3 (SNMPv3) 2

SNMP 1. SNMP Versions SNMP version 1 (SNMPv1) SNMP version 2 (SNMPv2) SNMP version 3 (SNMPv3) 2

Documents
SNMP - POSTECHdpnm.postech.ac.kr/thesis/01/jungseok/PowerPoint.pdf · POSTECH DP&NM Lab. (5) SNMP SNMP-based NMS (1) SNMP agent SNMP Managed Devices NMS Console

SNMP - POSTECHdpnm.postech.ac.kr/thesis/01/jungseok/PowerPoint.pdf · POSTECH DP&NM Lab. (5) SNMP SNMP-based NMS (1) SNMP agent SNMP Managed Devices NMS Console

Documents
Tutorial it Framework- Masuk System LaN

Tutorial it Framework- Masuk System LaN

Documents
Tutorial Membuat Jaringan LAN

Tutorial Membuat Jaringan LAN

Documents
SNMP Overview (SNMP 소개)

SNMP Overview (SNMP 소개)

Technology
Tutorial SNMP

Tutorial SNMP

Documents
Software Platform WEBs–AX System Integration AX™ System Integration Web Browser Internet/Intranet Mobile FIREWALL Ethernet/LAN HTTP, BACnet, oBIX, SNMP, XML, Fox Ethernet/LAN Software

Software Platform WEBs–AX System Integration AX™ System Integration Web Browser Internet/Intranet Mobile FIREWALL Ethernet/LAN HTTP, BACnet, oBIX, SNMP, XML, Fox Ethernet/LAN Software

Documents
Wireless LAN IEEE802.11 Tutorial

Wireless LAN IEEE802.11 Tutorial

Documents
UPS WEB/SNMP MANAGER - AEG PS€¦ · UPS WEB/SNMP MANAGER SNMP / SNMP Pro Serie Benutzerhandbuch – Deutsch . 2 ... über das LAN 14 1.8 Überprüfung der CS121-Anschlüsse 14 2.1

UPS WEB/SNMP MANAGER - AEG PS€¦ · UPS WEB/SNMP MANAGER SNMP / SNMP Pro Serie Benutzerhandbuch – Deutsch . 2 ... über das LAN 14 1.8 Überprüfung der CS121-Anschlüsse 14 2.1

Documents