Simple Network Management Protocol SNMP

1
Simple Network Management Protocol (SNMP)
2
Contents

• Define and describe the functions of managed
  devices, agents, and NMSs in an SNMP managed
  network
• Describe the four key SNMP commands
• Read, Write, Trap, and Traversal operations
• Define and describe the functions of the MIB,
  managed objects, and object identifiers
• Abstract Syntax Notation One (ASN.1)
• Discuss ASN.1 and its function in network
  management
• Identify the function of ASN.1 in relation to
  SNMP
• Identify the key differences between SNMPv1,
  SNMPv2 and SNMPv3 in the area of protocol
  operations

3
SNMP Overview

• An application layer protocol that facilitates
  the exchange of management information between
  network devices.
• Part of the Transmission Control Protocol/
  Internet Protocol (TCP/IP) protocol suite.
• Allows network administrators to manage network
  performance, find and solve network problems, and
  plan for network growth.
• In 1988, the Internet Activities Board (IAB)
  committee proposed the SNMP as the short-term
  solution for network management.
• Since then, the simple structure and good
  performance of SNMP has make it popular around
  the world. It is likely that SNMP will be a
  long-term solution.

4
Popularity of SNMP

• Simplicity easy to learn and inexpensive to
  implement, no rigid administrative structure
• Wide industry Support support network using
  TCP/IP, because of popularity of Internet,
  hundreds of vendors supports SNMP
• Efficient use of resource requires low memory
  and CPU cycles
• Standardization and stability a standard
  supported by IAB and is a relatively stable
  protocol
• Centralized administration based on
  query-response mechanism, allow administrator to
  manage a large network from one location
• Portability enables transparent management on
  devices which can be hardware and software.

5
SNMP Basic Components

• Key components of a SNMP managed network are
• Management Entity (manager)
• Managed Device
• Agent
• Management database

6
Network Management Entity

• An network management entity (manager) executes
  SNMP client applications that monitor and control
  managed devices.
• They provide the bulk of the processing and
  memory resources required for network management.
  
• One or more NMSs must exist on any managed
  network.
• Many NMS are available in the market
• usually support both Unix and Windows
• support both command line and GUI
• Command line interface Microsoft SNMPUTIL
• GUI SunNet Manager, HP OpenView
• support FCAPS model

7
Common NMS applications

• Popular NMS supporting SNMP
• WhatsUp Gold pupular, low cost, simple. Buddle
  with Cisco NMS
• Scotty popular in Unix/Linux. Written in TCL/TK.
  Support both SNMPv1, SNMPv2 and SNMPv3
• HP OpenView industrial standard. Enterprise
  grade NMS, support 3rd party tools. e.g.
  Synoptics Optivity Tools to improve NM
  functionality of Synoptics devices
• IBM Netview developed in 1986. mainly to support
  IBM mainframes
• SunNet Manager use proxy agent to gather
  information about non-Sun machines.

8
Managed Device

• a network node that contains an agent that run
  SNMP server program.
• collects and stores management information and
  make this information available to network
  management systems (NMSs) using SNMP.
• a.k.a network elements, can be routers and access
  servers, switches and bridges, hubs, computer
  hosts, or printers

9
Agent

• An agent is a network management software module
  that resides in a managed device.
• It is basically a SNMP server program
• keep network information in its database
• translates that information into a form
  compatible with SNMP
• send warning to NM manager if there is an unusual
  situation

10
Versions of SNMP

• SNMP Version 1 (SNMPv1)
• SNMP Version 2 (SNMPv2)
• Both versions have a number of features in
  common.
• SNMPv2 offers such enhancements as additional
  protocol operations

11
SNMP Basic Commands

• Managed devices are monitored and controlled
  using 3 basic SNMP commands

• Read
• GetRequest
• Traversal Operations
• GetNext
• GetBulk (in SNMPv2)
• Write
• SetRequest

12
SNMP Read

• The read command is used by a network management
  system (NMS) to monitor managed devices.
• For instance, application programs in Linux (e.g.
  net-SNMP) such as
• Snmpget specifies a single variable by name,
  i.e. system.sysDescr
• Get at ip X, OID1.3.6.1.2.1.1.1
• Response return value cisco 5505
• Snmpwalk reads a portion of the MIB sub-tree
  from a device

13
SNMP Write

• The write command is used by an NMS to control
  managed devices.
• The NMS changes the values of variables stored
  within managed devices.
• Snmpset
• /opt/OV/bin/snmpset -c private orarouter1
  .1.3.6.1.2.1.1.4.0 \
• octetstring "Meg A. Byte 555-1212"
• system.sysContact.0 DISPLAY STRING- (ascii)
  Meg A. Byte 555-1212

14
SNMP Traps

• The trap command is used by managed device to
  asynchronously report events to the NMS.
• When certain types of events occur, a managed
  device sends a trap to the NMS
• 7 Trap Types are defined
• coldStart (0) authenticationFailure (4)
• warmStart (1) egpNeighborLoss (5)
• linkDown (2) enterpriseSpecific (6)
• linkUp (3)

15
SNMP Traps (2)

• agent send the trap in the following situation
• coldStart (0)
• Agent send the trap when initializing itself
• warmStart (1)
• agent send the trap when re-initalizing itself
• linkDown (2)
• specific link on the source device has failed
• linkUp (3)
• specific link on the source device has come up

16
SNMP Traps (3)

• authenticationFailure (4)
• agent determines that a request does not provide
  proper authentication (e.g. wrong SNMP community
  string)
• egpNeighborLoss (5)
• agent report the loss of an EGP neighbor
• enterpriseSpecific (6)
• implemented by a vendor to provide additional
  functionality that complements the generic traps.

17
SNMP - Traversal Operations

• Traversal operations are used by the NMS to
  determine which variables a managed device
  supports and to sequentially gather information
  in variable tables (such as a routing table).
• Snmpget-next specifies OID, but value returned
  is next lexicographic OID and its value
• Get-next sysDescr, and you get sysObjectId
• Get-next sysObjectId and you get sysUpTime

18
Structure of Management Information (SMI)
19
SMI overview

• For manager / agent paradigm, managed network
  objects must be logically accessible
• Management information must be stored in such a
  way it can be easily retrievable and modifiable
• SNMP performs the retrieval and modification
• SMI determine the way information is organized
• SMI is a master document explains how the name,
  structure, and encode SNMP management information
• SMI states each managed object must satisfy the
  following requirements
• must have a name, syntax and encoding

20
SMI functions

• to name objects
• Name MIB composes of a sequence of identifier
  which can uniquely identifies the object
• to define the type of data that can be stored in
  an object
• Syntax defines the data type (or grammar) of a
  object, such as an integer, a string of a octets
• to show how to encode data for transmission over
  the network
• Encoding describe how information associated
  with the managed objects is serialized for
  transmission between machines

21
SNMP and SMI

• SMIs implementation in SNMP
• The names used for called object identifier (OID)
  a human readable format
• The syntax used for SNMP is called ASN.1
• The encoding used for SNMP is called BER (Basic
  Encoding Rules)

22
Object Name OID and OID tree

• An object identifier (or object ID) uniquely
  identifies a managed object in the MIB hierarchy.
  
• The MIB hierarchy can be depicted as a tree, with
  a nameless root, the levels of which are assigned
  by different organizations.
• MIB is a collection of OID that is organized
  hierarchically.
• define the properties of the managed object
• iso.org.dod.internet.mgmt.mib ltgt1.3.6.1.2.1

root (unamed)
23
Data type - ASN.1

• The 2nd attribute of an object is the data type.
• SMI uses some fundamental of ASN.1 definitions
  but also adds some new definitions
• Abstract Syntax Notation One (ASN.1) is a
  language that consistently represents the managed
  objects of a Management Information Base (MIB) in
  a machine-independent format.
• ASN.1 uses variables and statement similar to
  that other programming language.
• can be considered as a meta-language
• provide a vendor-neutral, cross-platform
  standard-based languages that allows developers
  to describe the workings of protocols, systems
  and machines.
• ASN.1 is the basis for a human-readable syntax of
  MIB tree
• The use of a consistent language like ASN.1
  allows different types of computers to
  successfully share information between computers
  more efficient

24
ASN.1 (2)

• ASN.1 is a data representation format used by
  SNMP to create actual MIB object
• ASN.1 existed long before SNMP, MIB of SNMP was
  developed to make the full advantages of ASN.1
• ASN.1 is defined as part of the Open Systems
  Interconnection (OSI) specification described in
  the ISO 8824 standard.
• Management protocols, such as the SNMP, use ASN.1
  to define both the packets exchanged by the
  management protocol and the objects that are to
  be managed.

25
Types of Managed Objects

• simple type
• scalar object
• define a single object instance.
• 1st three taken directly from ASN.1, the four
  other added by SMI
• Integer (4 bytes)
• String (variable)
• ObjectIdentifier (variable)
• IPAddress (4 bytes)
• Counter (4 bytes)
• Gauge (4 bytes)
• TimeTicks (4 bytes)

• structured type
• combine simple and structured data types
• SMI define TWO structured data types sequence
  and sequence of
• Sequence A sequence data type is a combination
  of simple data types. (c.f. a record used in C)
• Sequence of A sequence of data type is a
  combination of simple type (of the same types).
  (c.f. array in C)

26
Simple data type

• Simple Data Type three simple data types
  defined in the ASN.1, all of which are unique
  values, the other four defined by SMI
• Integers These values are signed integers in
  the range of -2,147,483,648 to 2,147,483,647.
• Octet strings These strings are an ordered
  sequence of zero to 65,535 octets.
• Object IDs These values are from the set of all
  object identifiers allocated according to the
  rules specified in ASN.1.
• Network addresses - A Network addresses represent
  an address from a particular protocol family.
  SNMPv1 supports only 32-bit IP addresses.
• Counters - Counters are nonnegative integers that
  increase until they reach a maximum value, and
  then return to zero. In SNMPv1, a 32-bit counter
  size is specified.
• Gauges - Gauges are nonnegative integers that can
  increase or decrease, but retain the maximum
  value reached.
• Time ticks - A time tick represents a hundredth
  of a second since some event.

27
Encoding method

• SMI user Basic Encoding Rules (BER), to encode
  data to be transmitted over the network.
• Data encoded into 3 parts
• Tag (1 byte) - 3 sub-field
• class (2 bit), format (1 bit), and number (5 bit)
• Length
• one or more bytes
• Value
• code the value of data according to rules defined
  in BER

28
Encoding Tag

• Tag 1 byte
• Class (2bit) format (1bit) Number (5 bit)

• Data type class format Number Tag (bin)
  Tag(Hex)
• Integer 00 0 00010 00000010 02
• String 00 0 00100 00000100 04
• OID 00 0 00110 00000110 06
• Sequence, 00 1 10000 00110000 30
• sequence of
• IPAddress 01 0 00000 01000000 40
• Counter 01 0 00001 01000001 41
• Gauge 01 0 00010 01000010 42
• TimeTics 01 0 00011 01000011 43

29
SMI encoding method for Tag

• based on Basic Encoding Rule (BER), to encode
  data to be transmitted over the network
• format
• tag 1 byte. Class (2bit) format (1bit)
  Number (5 bit)
• length 1 or more byte.
• value depends of the object

30
Encoding length

• The length field is one or more bytes.
• If it is one byte, the most significant bit must
  be 0. The other 7 bits define the length of the
  data
• If it is more than one byte, the MSB of the first
  byte must be 1. The other 7 bits of the first
  byte define the number of bytes needed to be
  define the length. sequence of

31
Encoding Value

• The value field codes the value of the data
  according to the rules defined in BER
• The followings are examples that show how these 3
  fields tag, length and value are encoded

32
SMI encoding method examples

• For example integer 14
• 02 04 0 0 0 0E Integer 4 byte value 0
  0 0 14
• For example message HI
• 04 02 48 49 String 2 byte value H
  I
• format OID 1.3.6.1
• 06 04 01 03 06 01
• format IPAddress 131.21.14.8
• 40 04 83 15 0E 08

tag
length
value
33
Encoding exercise

• Show how the following array (sequence of)
  integer is encoded
• 2345
• 1236
• 122
• 1236
• See note page for answer

34
Encoding exercise 2

• Show how following record (sequence) is encoded
• Integer String IP Address
• 2345 COMPUTER 185.32.1.5
• See answer in note page

35
MIB

• MIB is another key component used in network
  management
• Object Name / Descriptor
• objects in MIB are categorized under 11 different
  group (only 8 in SNMPv1)

36
MIB-I

• MIB-I
• developed in 1988 (RFC1156 and RFC1212).
• defined more than 100 configurable managed
  objects
• 8 object groups
• system object group (1.3.6.1.2.1.1)
• Interface object group (1.3.6.1.2.1.2)
• Address translation object group (1.3.6.1.2.1.3)
• IP object group (1.3.6.1.2.1.4)
• ICMP object group (1.3.6.1.2.1.5)
• TCP object group (1.3.6.1.2.1.6)
• UDP object group (1.3.6.1.2.1.7)
• EGP object group (1.3.6.1.2.1.8)

37
MIB-II

• developed in 1990 (RFC 1158 and RFC 1213)
• A total of 11 object groups and contains 171
  objects
• superset of MIB-I and provide additional
  functionality required SNMPv2
• New object group in MIB-II
• Transmission object group (1.3.6.1.2.1.10)
• SNMP object group (1.3.6.1.2.1.11)

38
MIB-II (2)
39
Details of MIB objects

• Here are some example of key groups (5 other are
  not described here)
• System Group 1.3.2.1.2.1.1
• Give information about the whole system
• sysDesc, SysObjectID, sysUpTime, sysContact,
  sysName, SysLocation, sysService
• Interface Group 1.3.2.1.2.1.2
• Give infomration about the interface
• inNumber -gt ifIndex, ifDescr InOutLen,
  ifSpecific (total 22)
• IP Group 1.3.2.1.2.1.4
• Defines the pieces of information kept by the IP
  packet
• ipForwarding, ipDefaultTTL, ipInReceive,
  ipInHdrErrors ipFragCreates, ipRoutingDiscards
  (total 20) ipAddrTable (5 sub varables)
  ipRouteTable (13 sub-variables)ipNetMedia (3 sub
  variables)
• ICMP Group 1.3.2.1.2.1.5
• ICMP group stores information about the ICMP
  package
• icmpInMsgs, icmpInErrors, icmpOutAddrMaskReps
  (total 26)
• TCP Group 1.3.2.1.2.1.6
• TCP group stores information about the TCP
  segments
• tcpRtoAlgroithm, tcpRtoMin, tcpOutRsts (total
  14) tcpConnState (5 sub-variables)
• UDP Group 1.3.2.1.2.1.7
• UDP group stores information about the UDP
  datagram
• udpInDatagram, UdpNoPorts, udpInErrors,
  udpOutDatagrams (total 4) udpTables (2 sub
  variables)

40
Access MIB variables from udp group
41
Access MIB variables from udp group (2)

• Use UDP group (1.3.6.1.2.1.7) as an example
• 4 simple variables
• 1 sequence of (table)
• udpInDatagram 1.3.6.1.2.1.7.1
• udpNoPort 1.3.6.1.2.1.7.2
• udpInError 1.3.6.1.2.1.7.3
• udpOutDatagram 1.3.6.1.2.1.7.4
• udpTable 1.3.6.1.2.1.7.5
• udpEntry 1.3.6.1.2.1.7.5.1
• udpLocal Address 1.3.6.1.2.1.7.5.1.1
• udpLocal Port 1.3.6.1.2.1.7.5.1.2

1.3.6.1.2.1.7.1
1.3.6.1.2.1.7.2
1.3.6.1.2.1.7.3
1.3.6.1.2.1.7.4
1.3.6.1.2.1.7.5
42
Access MIB instance

• OID only define variable, not the instance
  (contents)
• to show the instance or the contents of each
  variable
• add instance suffix
• for simple variable add a zero
• To access the instance (or the contents) of udp
  group, use the following
• udpInDatagrams.0 gt 1.3.6.1.2.1.7.1.0
• udpNoPort.0 gt 1.3.6.1.2.1.7.2.0
• udpInError.0 gt 1.3.6.1.2.1.7.3.0
• udpOutDatagram.0 gt 1.3.6.1.2.1.7.4.0

43
Access MIB instance (2)

• To identify a udp table
• udpTable gt 1.3.6.1.2.1.7.5
• udpEntry gt 1.3.6.1.2.1.7.5.1
• udpLocalAddress gt 1.3.6.1.2.1.7.5.1.1
• udpLocalPoart gt 1.3.6.1.2.1.7.5.1.2
• There are many udp entries, to access to each of
  these entries, use the index.
• In MIB, the index is not an integer. The indexes
  are based on the value of one or more fields in
  the entries.
• Show figure
• To access the instance of the local address for
  the 1st row, use the OID
• udpLocalAddress.181.23.45.14.23

44
Index for updTable

• updTable 1.3.6.1.2.1.7.5
• udpEntry 1.3.6.1.2.1.7.5.1
• udpLocalAddress
• udplocalPort
• Each of these are with same OID
• How to resolve which is which?

181.23.45.14
23
192.13.5.10
161
227.2.45.18
180
230.20.5.24
212
45
Index for updTable (2)

• To access the instance of the local address for
  the 1st row, we use the OID augmented with the
  instance index
• udpLocalAddress.181.23.45.14.23
• That is 1.3.6.1.2.1.7.5.1.1.181.23.45.14.23
• Note that not all tables are indexed the same
  way. Some tables are indexed using the value of
  one field, some suing the value of two fields,
  and so on.

1.3.6.1.2.1.7.5.1.1.181.23.45.14.23
181.23.45.14
23
1.3.6.1.2.1.7.5.1.1.192.13.5.10.161
192.13.5.10
161
1.3.6.1.2.1.7.5.1.1.227.2.45.18.180
227.2.45.18
180
1.3.6.1.2.1.7.5.1.1.230.20.5.24.212
230.20.5.24
212
46
Index for updTable (3)

• Tables are ordered according to column-row rules,
  which means one should go column by column as
  shown in figure

1.3.6.1.2.1.7.5.1.1.181.23.45.14.23
181.23.45.14
23
1.3.6.1.2.1.7.5.1.1.192.13.5.10.161
192.13.5.10
161
1.3.6.1.2.1.7.5.1.1.227.2.45.18.180
227.2.45.18
180
1.3.6.1.2.1.7.5.1.1.230.20.5.24.212
230.20.5.24
212
47
SNMP ver 1
48
SNMP Version 1

• SNMPv1 is the initial implementation of the SNMP
  protocol.
• Based on 4 RFCs
• RFC-1155 Structure of Management Information
• RFC-1157 Simple Network Management Protocol
• RFC-1212 Concise MIB Definitions
• RFC-1213 Management Information Base II
• Operates over such protocols
• User datagram Protocol (UDP)
• Internet Protocol (IP)
• OSI Connectionless Network Service (CLNS)
• Apple Talk Datagram Delivery Protocol (DDP)
• Novell Internet Packet Exchange (IPX).

49
SNMPv1 Protocol Operation

• SNMP is a simple request-response protocol.
• The network management system issues a request,
  and managed devices return responses.
• This behavior is implemented using protocol
  operations.

• SNMP message has the format
• Version Number
• Community Name - kind of a password
• One or more SNMP PDUs - assuming trivial
  authentication
• SNMPv1 defines five protocol operations
• Get (Request)
• GetNext (Request)
• Set (Request)
• Get (Response)
• Trap

50
SNMPv1 message
51
SNMPv1 Protocol Operation (2)

• Get (Request)
• This operation is used by the NMS to retrieve the
  value of one or more object instances from an
  agent.
• If the agent responding to Get operation cannot
  provide values for all of the object instances in
  a list, it does not provide any values.
• GetNext (Request)
• This operation is used by the NMS to retrieve the
  value of the next object instance in a table or
  list within an agent.
• It is useful for NMS when it does not know the
  indexes of entries.

52
SNMPv1 Protocol Operation (3)

• Set (Request)
• This operation is used by the NMS to set the
  values of object instances within an agent.
• Get (Response)
• This operation is also used by agents to response
  to Get (Request) and GetNext (Request) from
  manager
• Trap
• This operation is used by agents to
  asynchronously inform the NMS of a significant
  event.
• For example, if the agent is rebooted, it informs
  the manager and reports the time of rebooting.

53
SNMP message format

• SNMP message divided into four parts version,
  header, security parameter and data
• SNMP version
• version number (SNMPv1, SNMPv2 or SNMPv3)
• SNMP Header
• community string
• SNMP security parameter
• SNMP Data
• Context Engine ID
• Context Name
• PDU (see next page)

54
SNMP PDU

• Each SNMP PDU (except trap) has the following
  format
• PDU type
• request id - request sequence number
• error status - zero if no error otherwise one of
  a small set
• error index - if non zero indicates which of the
  OIDs in the PDU caused the error2
• variable bind-list
• variable name - OIDs
• values - values are null for get and get next

55
SNMP PDU (trap)

• SNMP Trap PDUs have the following format
• enterprise - identifies the type of object
  causing the trap
• agent address - IP address of agent which sent
  the trap
• generic trap id - the common standard traps
• specific trap id - proprietary or enterprise trap
  
• time stamp - when trap occurred in time ticks
• variable bind-list
• variable name - OIDs
• values - values are null for get and get next

56
Encoding SNMP message

• To encode a message, SNMP also uses the BER
  standard
• Message are defined using tags
• class
• format
• number gt for different type of message

Data class format Number Tag (bin)
Tag(Hex) GetRequest 10 1 00010 10100010
A0 GetNextRequest 10 1 00001
10100001 A1 GetResponse 10 1 00010
10100010 A2 SetRequest 10 1 00011
10100011 A3 Trap 11 1 00100 11100100 A4
57
Examples for GetRequest Message

• a manager station (snmp client) uses the
  GetRequest message to retrieve the number of UDP
  datagrams that a router has received.
• The agent (SNMP server) of the router responses
  with a GetResponse message

58
Example encoding GetRequest

• GetRequest (from NM station to router)
• 30 34 sequence of length 34
• (30 is tag for sequence of)
• 02 04 00 00 00 00 integer of length 4, ver 0
• (02 is tag for integer)
• 04 06 70 75 62 6C 69 63 string of length 6,
  public
• (04 is tag for string)
• A0 24 GetRequest (A0), length24
• 02 04 00 01 06 11 integer of length 4, request
  00010611
• 02 04 00 00 00 00 integer of length 4, error
  status0
• 02 04 00 00 00 00 integer of length 4, error
  index0
• 30 0F sequence of length 15
• 30 0D sequence of length 13
• 06 09 010306010201070100 objectID of length 9,
  udpInDatagram (1.3.6.1.2.1.7.1.0)
• 05 00 null entity of length 0

59
Example encoding GetResponse

• GetResponse (from router to NM Station)
• 30 37 sequence of length 37(hex), 55(dec)
• 02 04 00 00 00 00 integer of length 4, ver 0
• 04 06 70 75 62 6C 69 63 string of length 6,
  public
• A2 21 GetResponse (A2), length21h
• 02 04 00 01 06 11 integer of length 4, request
  00010611
• 02 04 00 00 00 00 integer of length 4, error
  status0
• 02 04 00 00 00 00 integer of length 4, error
  index0
• 30 13 sequence of length 13(hex)
• 30 11 sequence of length 11(hex)
• 06 09 010306010201070100 objectID of length 9,
  udpInDatagram (1.3.6.1.2.1.7.1.0)
• 41 04 00 00 12 11 counter of length 04 with
  value 12 11

60
Encoding message exercise

• Decode the following
• 02 04 01 02 14 32
• 30 0C 02 04 00 00 00 11 02 04 00 00 00 14
• 30 0B 04 03 41 43 42 02 04 00 00 14 14
• 30 0C 40 04 23 51 62 71 02 04 00 00 14 12
• See answer in note page

61
SNMP Version 2

• An evolution of the initial version of SNMPv1.
• SNMPv2 functions within the specifications of the
  Structure of Management Information (SMI).
• In theory, SNMPv2 offers a number of improvements
  to SNMPv1, including additional protocol
  operations.
• SNMPv2 never become a standard because vendors
  could not agree on security
• Different version of SNMPv2 are in use
• SNMPv2c lt most popular
• SNMPv2u
• SNMP2

62
SNMPv2 and SMI

• SMI defines the rules for describing management
  information, using ASN.1.
• Bit strings
• Bit strings are defined only in SNMPv2. They
  comprise zero or more named bits that specify a
  value.
• Network addresses
• represent an address from a particular protocol
  family. SNMPv1 supports only 32-bit IP addresses.
  SNMPv2 can support other types of addresses as
  well.
• Counters
• nonnegative integers that increase until they
  reach a maximum value, and then return to zero.
  In SNMPv1, a 32-bit counter size is specified. In
  SNMPv2, 32-bit and 64-bit counters are defined.

63
SMI Information Models

• SNMPv2 SMI also specifies information modules.
  SMI information modules specify a group of
  related definitions.
• There are three types of SMI information modules
  
• MIB modules
• Compliance statements for MIB modules
• Capability statements for agents

64
SMI Information Models (II)

• MIB modules
• contain definitions of interrelated managed
  objects.
• Compliance statements for MIB modules
• provide a systematic way to describe a group of
  managed objects that must be implemented for
  conformance to a standard.
• Capability statements for agents
• indicate the precise level of support that an
  agent claims with respect to a MIB group. An NMS
  can adjust its behavior toward agents according
  to the capabilities statements associated with
  each agent

65
SNMPv2 Protocol Operation

• The Get, GetNext, and Set operations used in
  SNMPv1 are exactly the same as those used in
  SNMPv2.
• SNMPv2 Trap operation serves the same function as
  that used in SNMPv1. However, it uses a different
  message format and is designed to replace the
  SNMPv1 Trap.

66
New Protocol Operations in SNMPv2

• GetBulk (Request)
• This operation is used by the NMS to efficiently
  retrieve large blocks of data, such as multiple
  rows in a table. GetBulk fills a response message
  with as much of the requested data as will fit.
• Inform
• This operation allows one NMS to send Trap
  information to another NMS and receive a
  response.

67
SNMPv3

• SNMPv1 and SNMPv2c do not have any security (that
  is, authentication or privacy) mechanisms to keep
  SNMP packet traffic on the wire confidential. As
  a result, packets on the wire can be detected and
  SNMP community strings compromised.
• Development of SNMPv3 began in late 1997, first
  draft was completed in 1998
• Important features of SNMPv3
• Address the need for security
• Inexpensive to deploy a minimal conforming
  implementation
• new architecture to extend the useful life of SNMP

68
SNMPv3 (II)

• The following security features are provided in
  SNMPv3
•   Message integrity
• Ensures that nothing has interfered with a packet
  during transmission.
•   Authentication
• Determines that the message is from a valid
  source.
•   Encryption
• Scrambles the contents of a packet to prevent it
  from being seen by an unauthorized source.

69
SNMPv3 (III)

• The SNMPv3 agent can be used in the following
  modes
• noAuthNoPriv mode
• no security mechanisms turned on for packets,
  same as SNMPv1 and SNMPv2c
• AuthNoPriv mode
• for packets that do not need to be encrypted
  using the privacy algorithm DES 56
• AuthPriv mode
• for packets that must be encrypted privacy
  requires that authentication be performed on the
  packet

70
Summary

• Components of network management NMS, managed
  devices (agent, MIB)
• Client NMS (or manager)
• Managed device (agent program executed (server),
  and database (MIB)
• SNMP features, versions and basic command
• Features protocol specifics the process of
  management in TCP/IP
• Versions SNMPpv1, SNMPv2, SNMPv3
• SNMPv1 command GetRequest, GetNextRequest.
  GetResponse, SetReponse, Trap
• SNMPv2 command GetBulk, Inform

71
Summary (2)

• NMS (manager) sends Request message GetRequest,
  GetNextRequest and SetRequest
• to retrieve single or multiple object variables
• to establish the value of a single variable
• managed agent (server) sends
• a Response message to complete the request
  GetResponse
• managed agent sends
• an event notification, called a trap to the NMS
  to identify the occurrence of conditions
• Network Management application using SNMP
• Provide FCAPS functions
• MIB MIB-1, MIB-II
• MIB-1 8 types
• sys, if, at, ip, icmp, tcp, udp, egp
• MIB-2 11 types (in total)
• Trans, snmp

72
Further exercise

• A manager wants to know the value of
  icmpInParmProbs (OID is 1.3.6.1.2.1.5.5) in a
  router.
• Show the encoding of GetRequest and GetResponse
  message if the value is 167.
• Note icmpInParmProbs define numbers of
  parameter0problem messages received (with Counter
  type 41)
• Assume the request ID is 67092(dec)

73
Quiz

• An OID define variable. Add a zero suffix is to
  define _________
• Ans variable contents

74
Quiz

• What are the roles of the following fields?
• Community
• Request ID
• Error Status
• Error Index
• VarBindlist
• See answer in note page