SNMP (Simple Network Management Protocol)
Download
Report
Transcript SNMP (Simple Network Management Protocol)
SNMP
(Simple Network Management Protocol)
By Xian
Mihr Gandhi - 005358135
Neehar Athalye - 005314674
Venkatesh Lanke - 005174131
Madhusudhan Sreedhara - 005241900
Supriya Shenai - 005240483
Mohinish Basha Shaikh- 005354300
AGENDA
Introduction.
SNMP Managed Network Technology.
SNMP Basic Commands.
SNMP Management Information Base (MIB).
SNMP VERSION 1 (SNMPv1).
SNMPv1 Message Formats.
SNMP VERSION 2 (SNMPv2).
SNMPv2 Proxy Agents.
SNMP Security.
Conclusion.
INTRODUCTION
Defined in RFC 1157. UDP port 161/162
Application layer protocol that is designed to exchange the
network management information between network devices.
Helps system administrators to monitor network attached
devices, solve network problems and plan for future growth on
network.
3 versions: SNMPv1, SNMPv2, SNMPv3(Standardization
Pending).
Consists of standards for network management, including
Application layer protocol, a database schema and a set of data
objects.
Uses managed systems that exposes management data in the
form of variables.
Managing application can also query these variables.
SNMP MANAGED NETWORK TECHNOLOGY
Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1022816
SNMP MANAGED NETWORK TECHNOLOGY
Consists of 3 key components Network Management System
(NMS), Agents, Managed Devices.
Managed Devices: A node in a network that contains SNMP
agent. Stores and collects management information and provide
it to NMS. Also called as network elements. Can be router,
switch, server.
Agents: Agent is software module. It resides in managed
device. Contains knowledge about management information.
Translates that knowledge into SNMP compatible format.
Consists of Master agents and Sub agents.
NMS: Contains applications that monitors and controls managed
devices. Provides memory and processing resources required for
managing network. Their can be more than 1 NMS in the
managed network.
SNMP BASIC COMMANDS
Four basic commands: read, write, trap, traversal
operations.
Read: Shows variables that are maintained by
managed devices on NMS. (GET, GET-NEXT)
Write: Controls managed devices. Used by NMS to
modify the values of variables stored in managed
devices. (SET)
Trap: Executed by managed devices to
asynchronously report any event to NMS. (TRAP)
Traversal Operation: Used by NMS. Collects
information about variable tables such as routing
tables.
SNMP Management Information Base (MIB)
MIB Tree with hierarchy assigned by different organization
Reference:
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
SNMP Management Information Base (MIB)
MIB: Hierarchically organizes information. Accessed using
SNMP protocol. Consists of managed objects. Identified by
object identifiers.
Managed Objects: Also called as MIB object. One of the
characteristics of managed device. Comprised of one or more
object instances. One of the variable. Consists of 2 managed
objects scalar and tabular. Scalar object defines the instance of
single object. Tabular objects defines the instances of multiple
related objects.
Object Identifier (Object ID): Provides unique identification of
managed object in MIB hierarchy.
MIB hierarchy has a tree with nameless root. Levels are
assigned by different organizations.
The managed object at the input can either be identified by
object name or by equivalent object descriptor.
SNMP VERSION 1
Operates over UDP, IP, CLNS, DDP and IPX.
Widely used in industry.
SMNPv1 and Structure of Management Information (SMI): Defines rules
describing managements information using ASN.1. Consists of 3 specific
data type :
a) ASN.1 data types
b) SMI-specific data types
c) SNMP MIB tables.
ASN.1 data types: Consists of name, syntax and encoding. Name used as
Object Id. Syntax defines data types of object. SMI uses subset of ASN.1
syntax definations. Encoding describes how the information associated with
managed object is formatted as series of data items.
SMI-specific data types: Consists of 2 data types: Simple Data Types,
Application-wide Data Types.
Simple Data Types: Signed integer ranging from . Sequences from 0 to
65,535 octets.
Application-wide Data Types: Consists of network addresses, counters,
gauges, time ticks, opaques, integers and unsigned integers.
SNMP MIB Tables: Defines highly structured tables that are groups
instances of tabular objects. SNMP can retrieve or alter entire row in the
table.
Protocol Operation: NMS issues a request and managed devices return
responses. Get operation is issued by NMS to retrieve the value of one or
more object instances. GetNext retrieves the value of next object instance.
Set is used to modify the value of object instance.
SNMPv1 MESSAGE FORMATS
Consists of Message header and PDU.
Message Header: Contains 2 fields Version
Number and Community Name.
Version Number: Specifies SNMP version.
Community Name: Provides access
environment for group of NMS. NMS in the
community are said to be in the same
administrative domain.
PDU: Contains specific command and the
operand that are involved in the transactions.
PDU fields are variable in length.
SNMPv1 Get, GetNext, Response and Set PDU’s contains same fields
Reference: ttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
SNMPv1 MESSAGE FORMATS
PDU Types: Specifies the type of PDU
transmitted.
Request ID: Associates SNMP request and
responses.
Error Status: Indicates number of errors and
error types. Set by response operation.
Error Index: Associates error with a particular
object instances. Set by response operation.
Variable Bindings: Acts as a data field for
SNMPv2 PDU. Associates object instance with
its current value.
SNMPv1 MESSAGE FORMATS
TRAP PDU FORMAT
Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm#wp1020570
SNMPv1 MESSAGE FORMATS
TRAP PDU FORMAT
Enterprise: Identifies the type of object generating
trap.
Agent Address: Provides the address of managed
object generating trap.
Generic Trap Types: Indicates one of a number of
generic trap types.
Specific trap codes: Indicates one of number of
specific trap codes.
Time Stamp: Provides a amount of time that has
elapsed between the last network reinitialization and
generation of the trap.
Variable Bindings: Acts as a data field in SNMPv2PDU.
Each variable binding associates a particular object
instance with its current value.
SNMP VESION 2
Evolution of version 1.
Provides additional protocol operation over SNMPv1.
SNMPv2 and Structure Management information: Bit
strings are defined only in SNMPv2 and comprise of zero
or more named bits that specify a value. Supports all
types of address as compared to SMNPv1 which offers
support only for 32-bit IP address.SNMPv2 supports 32 bit
and 64 bit counters as well.
SMI Information Modules: Specifies a group of related
definitions. 3 types SMI information modules like MIB
modules, compliance statements and capability
statements. MIB modules contains definitions of
interrelated managed objects. Compliance statements
provide a systematic way to describe a group of managed
objects that must be implemented for conformance to a
standard. Capability statements are used to indicate the
precise level of support that an agent claims with respect
to a MIB group.
SNMP VESION 2
SNMPv2 protocol Operation: SNMPv2 offers 2 new
protocol operations like GetBulk and Inform. Also
includes protocol operations of SNMPv1.
Inform : Allows one NMS to send the TRAP to other
NMS.
GetBulk PDU Format: Efficiently retrieves large blocks of
data such as multiple rows in the table. GetBulk PDU
format shown below.
Reference:http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm
SNMP VESION 2
GetBulk Format
PDU Type: identifies PDU as a GetBulk operation.
Request ID: Associates SNMP requests and
responses.
Non repeaters: Specifies the number of object
instances in the variable bindings. Used when some
instances are scalar objects.
Max repetitions: maximum number of times that
other variables beyond those specified by the Non
repeaters field should be retrieved.
Variable Bindings: Acts as a data field in
SNMPv2PDUEach variable binding associates a
particular object instance with its current value
SNMPv2 PROXY AGENTS
SNMPv2 can act as a proxy agent for SNMPv1 managed devices.
SNMPv2 issues commands that are intended for an SNMPv1
agent.
NMS then sends messages to the SNMPv2 proxy agents.
Proxy agent then forwards Get, GetNext, and Set messages to
the SNMPv1 agent unchanged.
Proxy agent converts the GetBulk messages to the GetNext
messages and then forward it to SNMPv1 agent.
Proxy agent maps SNMPv1 trap messages to the SNMPv2 trap
messages.
SNMP SECURITY
Lacks authentication. Vulnerable to the variety of
security threats.
Vulnerable to masquerading, modification of
information, time modifications, message sequencing
and disclosures.
Message sequence and timing modifications occurs
when an entity who is unauthorized reorders, delays,
or copies and later replays a message generated by
an authorized entity.
As SNMP does not implement any authentication Set
operations are not implemented by many vendors.
CONCLUSION
SNMP is an attractive solution for
network management because it is a
standard protocol and ubiquitous.
Its simple and well known.
Firewalls can be easily configured to
pass the SNMP traffic through it.
It goes on UDP so it has lightweight
network resource consumption.
REFERNCES
http://en.wikipedia.org/wiki/SNMP
http://www.cisco.com/warp/public/535/3.html
http://faqs.org/rfcs/rfc1157.html
http://blogs.sun.com/jmxetc/entry/don_t_fell_in_the
#Conclusion
http://www.dpstele.com/layers/l2/snmp_l2_tut_part1
.php
Q &A ?
THANK YOU