SNMPv2

1
SNMPv2

• Yen-Cheng Chen
• Department of Information Management
• National Chi Nan University
• Puli, Nantou, Taiwan

2
SNMPv1

• SNMPv1 Protocol
• RFC 1157 Simple Network Management Protocol
• SMIv1 Data Definition Language
• Full Standards
• RFC 1155 - Structure of Management Information
• RFC 1212 - Concise MIB Definitions
• Informational
• RFC 1215 - A Convention for Defining Traps
• SMIv1 MIB Modules
• Full Standards
• RFC 1213 - Management Information Base II
• RFC 1643 - Ethernet-Like Interface Types MIB

3
SNMPv2

• SMIv2 Data Definition Language
• Full Standards
• RFC 2578 - Structure of Management Information
• RFC 2579 - Textual Conventions
• RFC 2580 - Conformance Statements
• SMIv2 MIB Modules
• Full Standards
• RFC 2819 - Remote Network Monitoring MIB
• RFC 3411 - SNMP Framework MIB
• RFC 3412 - SNMPv3 MPD MIB
• RFC 3413 - SNMP Applications MIBs
• RFC 3414 - SNMPv3 USM MIB
• RFC 3415 - SNMP VACM MIB
• RFC 3418 - SNMP MIB

4
SNMPv3

• SNMPv3 Protocol
• Full Standards
• RFC 3411 - Architecture for SNMP Frameworks
• RFC 3412 - Message Processing and Dispatching
• RFC 3413 - SNMP Applications
• RFC 3414 - User-based Security Model
• RFC 3415 - View-based Access Control Model
• RFC 3416 - Protocol Operations Version 2
• RFC 3417 - Transport Mappings for SNMP
• RFC 3418 - SNMP MIB

5
Major Changes

• Bulk data transfer
• Manager-to-manager message
• Enhancements to SMI SMIv2 (RFC 2578)
• Module definitions MODULE-IDENTITY macro
• Object definitions OBJECT-TYPE macro
• Trap definitions NOTIFICATION-TYPE macro
• Textual conventions (RFC 2579)
• Conformance statements (RFC 2580)
• Row creation and deletion in table
• MIB enhancements
• Transport mappings
• Security Feature

6
Structure of Management Information (SMI)
7
SMIv1, SMIv2

• SMIv1
• SMI (RFC 1155)
• Concise MIB (RFC 1212)
• Trap-Type (RFC 1215)
• SMIv2
• SMIv2 (RFC 2578)
• Textual Conventions (RFC 2579)
• Conformance Statements (RFC 2580)

8
Three Parts of SMIv2

• Module definitions
• MODULE-IDENTITY
• Object definitions
• OBJECT-TYPE
• Notification difinitions
• NOTIFICATION-TYPE

9
1. MODULE-IDENTITY
10
MODULE-IDENTITY Example
11
2. OBJECT-TYPE
OBJECT-TYPE MACRO BEGIN TYPE NOTATION
"SYNTAX" Syntax UnitsPart "MAX-ACCESS"
Access "STATUS" Status "DESCRIPTION"
Text ReferPart IndexPart DefValPart VALUE
NOTATION value(VALUE ObjectName)
12
"SYNTAX" Syntax
Syntax -- Must be one of the
following -- a base type (or its
refinement), -- a textual convention (or its
refinement), or -- a BITS pseudo-type type
"BITS" "" NamedBits " NamedBits
NamedBit NamedBits "," NamedBit NamedBit
identifier "(" number ") -- number
is nonnegative
13
(Example) SYNTAX BITS
protocolDirType OBJECT-TYPE SYNTAX BITS
extensible(0),
addressRecognitionCapable(1)
MAX-ACCESS read-only STATUS
current DESCRIPTION
protocolDirEntry 5
14
UnitsPart UNITS
UnitsPart "UNITS" Text empty

• hrDiskStorageCapacity OBJECT-TYPE
• SYNTAX KBytes
• UNITS "KBytes"
• MAX-ACCESS read-only
• STATUS current
• DESCRIPTION "The total size for this long-term
  storage device. If the media is removable
  and is currently removed, this value should
  be zero."
• hrDiskStorageEntry 4

Back to OBJECT-TYPE
15
"MAX-ACCESS" Access
Access "not-accessible"
"accessible-for-notify" "read-only"
"read-write" "read-create"
ordered from least to greatest
"not-accessible" indicates an auxiliary object
"accessible-for-notify" accessible only via a
notification "read-only" read only
"read-write" read and write, but create does
not. "read-create" read, write and create
16
"STATUS" Status
Status "current"
"deprecated" "obsolete"
current the definition is current and
valid. deprecated indicates an obsolete
definition, it permits new/continued
implementation. obsolete the definition is
obsolete and should not be implemented.
17
ReferPart
ReferPart "REFERENCE" Text empty
ipForwardTable OBJECT-TYPE SYNTAX
SEQUENCE OF IpForwardEntry MAX-ACCESS
not-accessible STATUS obsolete
DESCRIPTION "This entity's IP Routing
table." REFERENCE "RFC 1213
Section 6.6, The IP Group ipForward 2
18
3. NOTIFICATION-TYPE

• NOTIFICATION-TYPE MACRO BEGIN
• TYPE NOTATION
• ObjectsPart
• "STATUS" Status
• "DESCRIPTION" Text
• ReferPart
• VALUE NOTATION
• value(VALUE NotificationName)
• ObjectsPart "OBJECTS" "" Objects " empty
• Objects Object Objects "," Object
• Object value(ObjectName)
• Status "current" "deprecated" "obsolete"
• ReferPart "REFERENCE" Text empty
• Text value(IA5String)
• END

NotificationName OBJECT IDENTIFIER
19
NOTIFICATION-TYPE Example
Reference SNMPv2-MIB (RFC 1907)
20
OBJECT ??

• OBJECT IDENTIFIER defines the administrative
  identification of a node in the MIB
• OBJECT-IDENTITY macro assigns an object
  identifier to an object identifier in the MIB
• OBJECT-TYPE macro defines the type of a
  managed object

21
OBJECT-IDENTITY / OBJECT-TYPE

• OBJECT-IDENTITY is high level description
• OBJECT-TYPE details description needed for
  implementation

22
OBJECT-TYPE
23
Table Expansion

• Augmentation of a table (dependent table) adds
  additional columns to an existing table(base
  table)
• Dense table enables addition of more rows to
  base table
• Sparse table supplements less rows to a base table

24
Augmentation of Tables
25
(No Transcript)
26
Appending a Spare Table
hrDiskStorageTable OBJECT-TYPE SYNTAX
SEQUENCE OF HrDiskStorageEntry MAX-ACCESS
not-accessible STATUS current
DESCRIPTION "The (conceptual) table of
long-term storage devices contained by
the host..." hrDevice 6 hrDiskStorageEntr
y OBJECT-TYPE SYNTAX HrDiskStorageEntry
MAX-ACCESS not-accessible STATUS
current DESCRIPTION "A (conceptual)
entry for one long-term storage devices
contained by the host..." INDEX
hrDeviceIndex hrDiskStorageTable 1
hrDeviceTable OBJECT-TYPE SYNTAX SEQUENCE
OF HrDeviceEntry MAX-ACCESS not-accessible
STATUS current DESCRIPTION "The
(conceptual) table of devices" hrDevice 2
hrDeviceEntry OBJECT-TYPE SYNTAX
HrDeviceEntry MAX-ACCESS not-accessible
STATUS current DESCRIPTION "A
(conceptual) entry for one device
contained by the host. " INDEX
hrDeviceIndex hrDeviceTable 1
27
Textual Convention

• Enables defining new data types
• Makes semantics of data types consistent and
  human readable
• Creates new data types using existing ones and
  applies restrictions to them
• An important textual convention in SNMPv2,
  RowStatus creates and deletes rows

28

• SNMPV1

DisplayString OCTET STRING -- This data type
is used to model textual information taken --
from the NVT ASCII character set. By convention,
objects -- with this syntax are declared as
having -- SIZE (0..255)

• SNMPv2

Also see Page 251
29
InterfaceIndex TEXTUAL-CONVENTION
DISPLAY-HINT "d" STATUS current
DESCRIPTION "A unique value, greater
than zero, for each interface or
interface sub-layer in the managed system. It
is recommended that values are
assigned contiguously starting from
1. The value for each interface sub-layer must
remain constant at least from one
re-initialization of the entity's
network management system to the next
re-initialization." SYNTAX Integer32
(1..2147483647)
30
Creation of Row RowStatus
31
(No Transcript)
32
Create-and-Go Row Creation
Manager
Agent
Managed
Process
Process
Entity
SetRequest (
status.3 4,
index.3 3,
Create Instance
data.3 DefData )
Response (
Instance Created
status.3 1,
index.3 3,
data.3 DefData )
33
Create-and-Wait Row Creation
34
Row Deletion
35
SNMPv2 MIB
36
Conformance Statements for SMIv2 (RFC 2580)
37

• MIB MODULE
• IMPORTS
• EXPORTS
• MODULE-IDENTITY
• TEXTUAL-CONVENTION
• OBJECT IDENTIFIER
• Application Data Types
• OBJECT-TYPE
• NOTIFICATION-TYPE
• OBJECT-GROUP
• NOTIFICATION-GROUP
• MODULE-COMPLIANCE

I E MI TCs OIs OTs NTs OGs NGs MCs
38
OI
OI
data types
TC
E
data types
TC
I
MI
MC
OG
OG
NG
NG
MC
39
Four Macros in SNMPv2-CONF

• OBJECT-GROUP macro
• NOTIFICATION-GROUP macro
• MODULE-COMPLIANCE macro
• AGENT-CAPABILITIES macro

40
Conformance OBJECT-GROUP

• Conformance defined by
• OBJECT-GROUP macro
• NOTIFICATION-GROUP macro
• OBJECT-GROUP
• Compiled during implementation, not at run time
• OBJECTS clause names each object
• Every object belongs to an OBJECT-GROUP
• Access defined by MAX-ACCESS, the maximum
  access privilege for the object

41
OBJECT-GROUP
OBJECT-GROUP MACRO BEGIN TYPE NOTATION
ObjectsPart
"STATUS" Status "DESCRIPTION"
Text ReferPart VALUE
NOTATION value(VALUE OBJECT
IDENTIFIER) ObjectsPart "OBJECTS" ""
Objects "" Objects Object Objects ","
Object Object value(ObjectName)
Status "current" "deprecated" "obsolete"
ReferPart "REFERENCE" Text empty
Text value(IA5String) END
42
OBJECT-GROUP Example
hrSWRunGroup OBJECT-GROUP OBJECTS
hrSWOSIndex, hrSWRunIndex, hrSWRunName,
hrSWRunID, hrSWRunPath,
hrSWRunParameters, hrSWRunType,
hrSWRunStatus STATUS current
DESCRIPTION "The Host Resources
Running Software Group."
hrMIBGroups 4
43
Conformance NOTIFICATION-GROUP

• NOTIFICATION-GROUP
• Contains trap entities defined in SMIv1
• NOTIFICATIONS clause identifies the
  notifications in the group
• NOTIFICATIONS-GROUP macro compiled during
  implementation, not at run time

44
NOTIFICATION-GROUP
NOTIFICATION-GROUP MACRO BEGIN TYPE
NOTATION NotificationsPart
"STATUS" Status
"DESCRIPTION" Text ReferPart
VALUE NOTATION
value(VALUE OBJECT IDENTIFIER)
NotificationsPart "NOTIFICATIONS" ""
Notifications "" Notifications
Notification Notifications "," Notification
Notification value(NotificationName)
Status "current" "deprecated"
"obsolete" ReferPart "REFERENCE" Text
empty Text value(IA5String) END
45
NOTIFICATION-GROUP Example
linkUpDownNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS linkUp, linkDown STATUS
current DESCRIPTION "The
notifications which indicate specific changes in
the value of ifOperStatus."
ifGroups 14
46
Compliance

• Compliance has two classes of groups
• MANDATORY-GROUPS ... Required
• GROUP Optional

47
MODULE-COMPLIANCE
48
ModulePart
ModulePart Modules Modules Module
Modules Module Module "MODULE" ModuleName
MandatoryPart
CompliancePart ModuleName identifier
ModuleIdentifier empty ModuleIdentifier
value(OBJECT IDENTIFIER) empty MandatoryPart
"MANDATORY-GROUPS" "" Groups "
empty Groups Group Groups "," Group Group
value(OBJECT IDENTIFIER)
49
CompliancePart (1/2)
CompliancePart Compliances
empty Compliances Compliance Compliances
Compliance Compliance ComplianceGroup
Object ComplianceGroup "GROUP" value(OBJECT
IDENTIFIER) "DESCRIPTION" Text Object
"OBJECT" value(ObjectName) SyntaxPart Write
SyntaxPart AccessPart "DESCRIPTION" Text
50
CompliancePart (2/2)
51
MODULE-COMPLIANCE Example
hrMIBCompliance MODULE-COMPLIANCE STATUS
current DESCRIPTION "The requirements
for conformance to the Host Resources MIB."
MODULE -- this module MANDATORY-GROUPS
hrSystemGroup, hrStorageGroup, hrDeviceGroup
OBJECT hrSystemDate MIN-ACCESS
read-only DESCRIPTION
"Write access is not required. GROUP
hrSWRunGroup DESCRIPTION
"The Running Software Group. Implementation of
this group is mandatory only when
the hrSWRunPerfGroup is implemented."
hrMIBCompliances 1
52
OBJECT ifAdminStatus SYNTAX
INTEGER up(1), down(2) MIN-ACCESS
read-only DESCRIPTION "Write
access is not required, nor is support for the
value testing(3)."
53
OBJECT-GROUP
54
Agent Capabilities

• AGENT-CAPABILITIES macro
• SUPPORTS modules and includes groups
• VARIATION identifies additional features

55
AGENT-CAPABILITIES
56
SNMPv2 Internet Group
57
(No Transcript)
58
SNMPv2 New Messages

• inform-request
• manager-to-manager message
• get-bulk-request
• transfer of large data
• SNMPv2-Trap
• transfer of notifications
• Report
• not used

59
SNMPv2 PDU
60
SNMPv2 PDU
61
SNMPv2 Error Status
62
SNMPv2 GetBulkRequest PDU

• Error status field replaced by Non-repeaters
• Error index field replaced by Max repetitions
• No one-to-one relationship between request and
  response

63
Get-Bulk-Request
64
Manager Process
65
Get-Bulk-Request Operation
66
(No Transcript)
67
(No Transcript)
68
The response is fragmented to five IP datagrams.
69
(No Transcript)
70
2
1
3
71
1
2
72
snmpbulkget (net-snmp)
Non-repeaters
Max repetitions

• snmpbulkget -v 2c -c public -Cn1 -Cr5
  163.22.32.77 sysUpTime ifDescr ifType ifSpeed
• DISMAN-EVENT-MIBsysUpTimeInstance Timeticks
  (216992003) 25 days, 24520.03
• IF-MIBifDescr.1 STRING Software Loopback
  Interface 1
• IF-MIBifType.1 INTEGER softwareLoopback(24)
• IF-MIBifSpeed.1 Gauge32 1073741824
• IF-MIBifDescr.2 STRING WAN Miniport (SSTP)
• IF-MIBifType.2 INTEGER tunnel(131)
• IF-MIBifSpeed.2 Gauge32 1073741824
• IF-MIBifDescr.3 STRING WAN Miniport (L2TP)
• IF-MIBifType.3 INTEGER tunnel(131)
• IF-MIBifSpeed.3 Gauge32 1073741824
• IF-MIBifDescr.4 STRING WAN Miniport (PPTP)
• IF-MIBifType.4 INTEGER tunnel(131)
• IF-MIBifSpeed.4 Gauge32 1073741824
• IF-MIBifDescr.5 STRING WAN Miniport (PPPOE)
• IF-MIBifType.5 INTEGER ppp(23)
• IF-MIBifSpeed.5 Gauge32 1073741824

73
snmpgetbulk.java
http//www.im.ncnu.edu.tw/ycchen/nm/snmpgetbulk.ja
va

• java snmpgetbulk -m MIB_files -c community
• -nr non-repeaters -mr max-repetitions
• host OID OID ...
• Example
• java snmpgetbulk -m RFC1213-MIB -c comm123
• -nr 2 -mr 20 10.10.20.73 sysDescr sysUpTime
  ifIndex ifDescr ifType

74
C\snmpgtjava snmpgetbulk -m RFC1213-MIB -c public
-nr 2 -mr 9 10.10.32.84 sysDescr sysUpTime
ifIndex ifDescr ifType gt 84bulk.txt
84bulk.txt sysDescr.0--gtDES-3526 Fast-Ethernet
Switch sysUpTime.0--gt15 days, 18 hours, 57
minutes, 11 seconds. Repeaters ifIndex.1--gt1
ifDescr.1--gtRMON Port 1 on Unit 1
ifType.1--gtethernet-csmacd(6) ifIndex.2--gt2
ifDescr.2--gtRMON Port 2 on Unit 1
ifType.2--gtethernet-csmacd(6) ifIndex.3--gt3
ifDescr.3--gtRMON Port 3 on Unit 1
ifType.3--gtethernet-csmacd(6) ifIndex.4--gt4
ifDescr.4--gtRMON Port 4 on Unit 1
ifType.4--gtethernet-csmacd(6) ifIndex.5--gt5
ifDescr.5--gtRMON Port 5 on Unit 1
ifType.5--gtethernet-csmacd(6) ifIndex.6--gt6
ifDescr.6--gtRMON Port 6 on Unit 1
ifType.6--gtethernet-csmacd(6) ifIndex.7--gt7
ifDescr.7--gtRMON Port 7 on Unit 1
ifType.7--gtethernet-csmacd(6) ifIndex.8--gt8
ifDescr.8--gtRMON Port 8 on Unit 1
ifType.8--gtethernet-csmacd(6) ifIndex.9--gt9
ifDescr.9--gtRMON Port 9 on Unit 1
ifType.9--gtethernet-csmacd(6)
75
C\snmpgtjava snmpgetbulk -m RFC1213-MIB -c public
-nr 2 -mr 9 10.10.34.169 sysDescr sysUpTime
ifIndex ifDescr ifType gt 169bulk.txt
169bulk.txt sysDescr.0--gtHardware x86 Family
15 Model 3 Stepping 4 AT/AT COMPATIBLE sysUpTime.
0--gt12 days, 8 hours, 12 minutes, 10
seconds. Repeaters fIndex.1--gt1
ifDescr.1--gtLoopback interface
ifType.1--gtsoftwareLoopback(24) ifIndex.2--gt2
ifDescr.2--gtIntel(R) PRO/100
ifType.2--gtethernet-csmacd(6) ifDescr.1--gtLoopba
ck interface ifType.1--gtsoftwareLoopback(24)
ifMtu.1--gt1520 ifDescr.2--gtIntel(R) PRO/100
ifType.2--gtethernet-csmacd(6)
ifMtu.2--gt1500 ifType.1--gtsoftwareLoopback(24)
ifMtu.1--gt1520 ifSpeed.1--gt1000000
0 ifType.2--gtethernet-csmacd(6)
ifMtu.2--gt1500 ifSpeed.2--gt100000000
ifMtu.1--gt1520
ifSpeed.1--gt10000000
ifPhysAddress.1--gt ifMtu.2--gt1500
ifSpeed.2--gt100000000
ifPhysAddress.2--gt00 11 2f c9 b1
9f ifSpeed.1--gt10000000 ifPhysAddress.1--gt
ifAdminStatus.1--gtup(1)
76
snmpgetbulk.java
SnmpTarget target new SnmpTarget() target.setLo
adFromCompiledMibs(true) target.setSnmpVersion(
SnmpTarget.VERSION2C ) target.setTargetHost(
"10.10.20.73") target.setCommunity( "public"
) target.setNonRepeaters(2) int nonRepeaters
2 target.setMaxRepetitions(20) target.loadMibs("
RFC1213-MIB") String oids "sysDescr","sysUpT
ime","ifIndex", "ifType", "ifSpeed" SnmpVarBind
result target.snmpGetBulkVariableBindings()
for (int i0iltnonRepeatersi)
System.out.println(target.getMibOperations().toStr
ing(resulti0)) StringBuffer sb new
StringBuffer("\nRepeaters\n") for (int
j0jltresult0.lengthj) for (int
inonRepeatersiltoids.lengthi)
sb.append(target.getMibOperations().toStri
ng(resultij)" \t ") sb.append("\n") Sy
stem.out.println(sb.toString())
77
Issues in Bulk Data Transfer

• Latency
• End-to-end delay caused by a number of
  request/response message exchanges
• Network overhead
• Amount of non-data octets carried in each PDU
• Table retrieval problems
• holes in tables
• table consistency
• GetBulk overshoot

78
Improvements

• SNMP over TCP
• OID compression
• Other encoding methods
• Mobile agent
• GetCols
• GetBulkBumper
• GetSubtree
• GetPrev
• GetModify

79
SNMPv2 Trap

• Addition of NOTIFICATION-TYPE macro
• OBJECTS clause, if present, defines order of
  variable bindings
• Positions 1 and 2 in VarBindList are sysUpTime
  and snmpTrapOID

80
NOTIFICATION-TYPE
81
NOTIFICATION-TYPE
82
Inform-Request

• Inform-Request behaves as trap in that the
  message goes from one manager to another
  unsolicited
• The receiving manager sends response to the
  sending manager

83
Counter64
ObjectSyntax CHOICE simple
SimpleSyntax, application-wide
ApplicationSyntax SimpleSyntax CHOICE
integer-value INTEGER (-2147483648..214748
3647), string-value OCTET STRING
(SIZE (0..65535)), objectID-value
OBJECT IDENTIFIER ApplicationSyntax CHOICE
ipAddress-value IpAddress,
counter-value Counter32,
timeticks-value TimeTicks,
arbitrary-value Opaque,
big-counter-value Counter64,
unsigned-integer-value Unsigned32
Counter64 APPLICATION 6 IMPLICIT INTEGER
(0..18446744073709551615)
84
SNMPv2-MIB- RFC 3418
Obsoletes 1907

• Yen-Cheng Chen
• IM, NCNU
• April, 2006

85
SNMPv2 SNMP MIB
86
(No Transcript)
87
system group mib-2 1

• sysDescr
• sysObjectID
• sysUpTime
• sysContact
• sysName
• sysLocation
• sysServices

• Object Resources
• - describe the SNMP entity's support of various
  MIB modules.
• sysORLastChange
• sysORTable
• sysOREntry
• sysORIndex
• sysORID
• sysORDescr
• sysORUpTime

88
sysORTable Example
89
snmp group mib-2 11
snmp 1 snmp 3 snmp 4 snmp 5
snmp 6 snmp 31 snmp 32 snmp 30
snmpset 1

• snmpInPkts
• snmpInBadVersions
• snmpInBadCommunityNames
• snmpInBadCommunityUses
• snmpInASNParseErrs
• snmpSilentDrops
• snmpProxyDrops
• snmpEnableAuthenTraps
• snmpSetSerialNo

enabled(1), disabled(2)
- for atomic operations
90
Object Types for SNMPv2 Traps
91
Notification Types coldStart, warmStart
92
authenticationFailure
93
LinkDown, LinkUp (RFC 2233)