SNMP Basics, Continued - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

SNMP Basics, Continued

Description:

... defer most coverage of traps, RMON, and SNMPv3 until later. ... Speed. Some ... for polling, 162 for traps. Wireshark Capture Options. Wireshark Capture ... – PowerPoint PPT presentation

Number of Views:78
Avg rating:3.0/5.0
Slides: 19
Provided by: robertp153
Category:

less

Transcript and Presenter's Notes

Title: SNMP Basics, Continued


1
SNMP Basics, Continued
  • SMI, OIDs, data types
  • MIBs
  • MIB-II/RFC1213-MIB
  • Host Resources/RFC2790 MIB
  • Net-SNMP commands help
  • SNMP messages in UDP datagrams

Note Well defer most coverage of traps, RMON,
and SNMPv3 until later.
2
SMI
  • http//www.faqs.org/rfcs/rfc1155.html

Managed objects are accessed via a virtual
information store, termed the Management
Information Base or MIB. Objects in the MIB are
defined using Abstract Syntax Notation One
(ASN.1) 1. Each type of object (termed an
object type) has a name, a syntax, and an
encoding. The name is represented uniquely as an
OBJECT IDENTIFIER. An OBJECT IDENTIFIER is an
administratively assigned name. The
administrative policies used for assigning names
are discussed later in this memo. The syntax for
an object type defines the abstract data
structure corresponding to that object type. For
example, the structure of a given object type
might be an INTEGER or OCTET STRING.
3
An OBJECT IDENTIFIER is a sequence of integers
which traverse a global tree. The tree consists
of a root connected to a number of labeled nodes
via edges. Each node may, in turn, have children
of its own which are labeled. In this case, we
may term the node a subtree. This process may
continue to an arbitrary level of depth. Central
to the notion of the OBJECT IDENTIFIER is the
understanding that administrative control of the
meanings assigned to the nodes may be delegated
as one traverses the tree. A label is a pairing
of a brief textual description and an
integer. The root node itself is unlabeled, but
has at least three children directly under it
one node is administered by the International
Organization for Standardization, with label
iso(1) another is administrated by the
International Telegraph and Telephone
Consultative Committee, with label ccitt(0) and
the third is jointly administered by the ISO and
the CCITT, joint-iso-ccitt(2). Under the iso(1)
node, the ISO has designated one subtree for use
by other (inter)national organizations, org(3).
Of the children nodes present, two have been
assigned to the U.S. National Institutes of
Standards and Technology. One of these subtrees
has been transferred by the NIST to the U.S.
Department of Defense, dod(6).
4
itu0
iso-itu2
iso1
org3
Part of the SMI tree
dod6
internet1
mgmt2
private4
experimental3
direct.1
security5
mib-21
enterprises1
system1
at3
interf.2
ip4
icmp5
sysDescr1
sysUpTime3
sysObjectID.2
sysContact4
sysName5
5
Primitive Data Types
  • INTEGER (32-bit)
  • OCTET STRING (text)
  • OBJECT IDENTIFIER (e.g., 1.3.6.1.2.1)
  • NULL

From RFC 1155 3.2.1. Primitive Types Only the
ASN.1 primitive types INTEGER, OCTET STRING,
OBJECT IDENTIFIER, and NULL are permitted. These
are sometimes referred to as non-aggregate types.
6
Application-Wide Data Types
  • NetworkAddress (generic, not used in v2)
  • IpAddress
  • Counter (32-bit, gt0, wraps)
  • Gauge (32-bit, gt0, goes up down)
  • TimeTicks (1/100ths of a second)

3.2.3. Defined Types In addition, new
application-wide types may be defined, so long as
they resolve into an IMPLICITly defined ASN.1
primitive type, . . .
7
Example Interfaces Group Objects
8
SNMPv1 vs SNMPv2
9
Counter Wrap Times
10
Some Bad News
  • Some devices dont implement some counters (such
    as ifInErrors) but still respond with a value of
    0.
  • Various devices may count things based on
    different assumptions, or even incorrectly

11
MIB-II/RFC1213 MIB
  • http//www.faqs.org/rfcs/rfc1213.html
  • Most useful groups
  • system
  • interfaces
  • ip
  • icmp
  • tcp
  • udp
  • egp
  • snmp

.1.3.6.1.2.1
12
Host Resources/RFC2790 MIB
  • http//www.faqs.org/rfcs/rfc2790.html
  • Most useful groups
  • hrSystem
  • hrStorage
  • hrDevice
  • hrSWRun
  • hrSWRunPerf
  • hrSWInstalled
  • Consult the MIB and vendor documentation because
    implementation and interpretation are critical.

.1.3.6.1.2.1.25
13
Question
  • There is a
  • sysUpTime
  • hrSystemUptime
  • So . . .
  • Where do they come from
  • What do they mean?
  • Must they be the same?
  • Are they the same on ntcommlinux?

14
Net-SNMP Commands
  • snmpget
  • snmpwalk
  • snmpbulkget
  • snmpset
  • snmptranslate
  • (More latersee Appendix C for more information
    and man snmpcmd, man snmpget, etc. Dont forget q
    to quit man.)

15
SNMP Messages
  • Usually carried in UDP datagrams
  • Port 161 for polling, 162 for traps

16
Wireshark Capture Options
17
Wireshark Capture Example
18
Exercises
  • Capture and interpret your own SNMP traffic
  • More as we decide in class
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SNMP Basics, Continued" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!