I HC VINH KHOA CNTT ----O0O----

N MN AN TON MNG

ti:

TM HIU GIAO THC QUN L MNG N GIN SNMP

Gio vin hng dn: Nhm sinh vin thc hin:

ThS. Nguyn Cng Nht Nhm VII lp 49B-tin Kiu Th Xim Cao Th Cnh Phm Th Din

LI NI U

Vi s phat trin cac may tram, cac may chu va mang LAN a lam thay i mang may tinh lin tuc. Mc khac vi s phat trin manh m cua cac h thng va thit bi, phn mm cua cac nha san xut khac nhau. Mt khc do s mua bn cc h thng v thit b, phn mm ca cc nh sn xut khc nhau. Do vy cc nh sn xut thit b hoc phn mm phi cung cp phn mm giao tip vi thit b c th cu hnh v qun l chng. V nh vy, mi mt nh sn xut t nht l phi c mt phn mm qun l ring vi nguyn tc hot ng ring cho sn phm ca mnh. iu ny gy ra nhiu bt tin. Do vy, ngi ta xy dng cc giao thc qun l thit b chung cho tt c cc nh sn xut. Internet Khung tiu chun qun l bao gm tt c cc cng ngh bao gm cc gii php qun l mng TCP / IP. Di y chng mnh mun gii thiu ti cc bn mt s giao thc qun tr mng n gin SNMP .

Vinh, ngy 24 thng 4 nm 2012

MC LC
2

Mt s thut ng v ch vit tt c s dng

Tn thut ng NNM SNMP MIB NMS RFC SMI OID IP ICMP

ngha Network Node Manager (nt qun l mng) Simple Network Management (giao thc qun l mng n gin) Protocol

Management Information Base (Qun l kho thng tin) Network Management Station (Trm qun l mng) Request for Comments (Yu cu cho kin) The Structure of Management Information (C cu qun l thng tin) Object identifier (i tng nh danh) Internet Protocol (giao thc internet) Internet Control Message Protocol (giao thc tin
3

nhn kim sot) TCP UDP HP RME Tranmisson Control Protocol (giao User Datagram Protocol Hewlett-Packard Resource Manager Essentials

I.Giao thc qun l mng n gin SNMP 1. Gii thiu v giao thc Trong th gii hin ti vi mt mng li gm cc b nh tuyn (Router), b chuyn mch (Switch), my ch (Server) v cc my trm (Workstation), dng nh l mt vn kh khn cho vic qun l tt c cc thit b mng v m bo chng lm vic tt cng nh hot ng ti u. h tr cho qu trnh qun l qun l ngi ta cho pht trin giao thc qun tr mng n gin (Simple Network Management Protocol) vit tt l SNMP. SNMP c gii thiu vo nm 1988 p ng cho nhu cu ngy cng tng ca vic qun tr cc thit b s dng giao thc internet (Internet Protocol). SNMP cung cp mt tp cc lnh n gin cho php vic qun l cc thit b t xa. Giao thc SNMP c thit k cung cp mt phng thc n gin nhm qun l tp trung mng TCP/IP. Ngi qun tr c th thng qua giao thc ny qun l cc hot ng hay thay i cc trng thi h thng mng.

Giao thc SNMP c s dng qun l cc h thng Unix, Window, cc thit b mng nh router, gateway, firewall, switch, thng qua mt s phn mm cho php qun tr vi SNMP. Mt thit b hiu c v hot ng tun theo giao thc SNMP c gi l c h tr SNMP (SNMP supported) hoc tng thch SNMP (SNMP compartible). SNMP dng qun l, ngha l c th theo di, c th ly thng tin, c th c thng bo, v c th tc ng h thng hot ng nh mun. VD mt s kh nng ca phn mm SNMP : + Theo di tc ng truyn ca mt router, bit c tng s byte truyn/nhn. + Ly thng tin my ch ang c bao nhiu cng, mi cng cn trng bao nhiu. + T ng nhn cnh bo khi switch c mt port b down. + iu khin tt (shutdown) cc port trn switch. 2. u i m cu a thi t k SNMP SNMP c thit k n gin ha qu trnh qun l cc thnh phn trong mng. Nh cc phn mm SNMP c th c pht trin nhanh v tn t chi ph. SNMP c thit k c th m rng cc chc nng qun l, gim st. Khng c gii hn rng SNMP c th qun l c ci g. Khi c mt thit b mi vi cc thuc tnh, tnh nng mi th ngi ta c th thit k custom SNMP phc v cho ring mnh. SNMP c thit k c th hot ng c lp vi cc kin trc v c ch ca cc thit b h tr SNMP. Cc thit b

khc nhau c hot ng khc nhau nhng p ng SNMP l ging nhau. 3. Cc thnh phn trong SNMP H thng qun l mng da trn SNMP gm ba thnh phn: b phn qun l (manager), i l (agent) v c s d liu gi l C s thng tin qun l (MIB). Mc d SNMP l mt giao thc qun l vic chuyn giao thng tin gia ba thc th trn, song n cng nh ngha mi quan h client-server (ch t). y, nhng chng trnh client l b phn qun l, trong khi client thc hin cc thit b t xa c th c coi l server. Khi , c s d liu do agent SNMP qun l l i din cho MIP ca SNMP.

3.1

B phn qun l (managers)

B phn qun l l mt chng trnh vn hnh trn mt hoc nhiu my tnh trm. Ty thuc vo cu hnh, mi b phn qun l c th c dng qun l mt mng con, hoc nhiu b phn qun l c th c dng qun l cng mt mng con hay mt mng chung. Tng tc thc s gia mt ngi s dng cui (end-user) v b phn qun l c duy tr qua vic s dng mt hoc nhiu chng trnh ng dng m cng vi b phn qun l, bin mt bng phn cng thnh Trm qun l mng (NMS). Qua b phn qun l, nhng yu cu c chuyn ti mt hoc nhiu thit b chu s qun l. Ban u SNMP c pht trin s dng trn mng TCP/IP v nhng mng ny tip tc lm mng vn chuyn cho phn ln cc sn phm qun l mng da trn SNMP. Tuy nhin SNMP cng c th c chuyn qua NetWare IPX v nhng c cu vn chuyn khc.
6

3.2

Agent

Thit b chu s qun l (Managed device): L mt nt mng h tr giao thc SNMP v thuc v mng b qun l. Thit b c nhim v thu thp thng tin qun l v luu tr phc v cho h thng qun l mng. Nhng thit b chu s qun l, i khi c gi l nhng phn t mng, c th l nhng b nh tuyn v my ch truy cp-Access Server, switch v bridge, hub, my tnh hay l nhng my in trong mng. Mi thit b chu s qun l bao gm phn mm hoc phn sn (firmware) di dng m phin dch nhng yu cu SNMP v p ng ca nhng yu cu . Phn mm hoc phn sn ny c coi l mt agent. Mc d mi thit b bt buc bao gm mt agent chu qun l trc tip, nhng thit b tng thch khng theo SNMP cng c th qun l c nu nh chng h tr mt giao thc qun l c quyn. thc hin c iu ny, phi ginh c mt agent y nhim (proxy agent). Proxy agent ny c th c xt nh mt b chuyn i giao thc v n phin dch nhng yu cu SNMP thnh giao thc qun l c quyn ca thit b khng hot ng theo giao thc SNMP. Mc d SNMP ch yu l giao thc p ng thm d (pollrespond) vi nhng yu cu do b phn qun l to ra dn n nhng p ng trong agent, agent cng c kh nng xng ra mt p ng t nguyn. p ng t nguyn ny l iu kin cnh bo t vic gim st agent vi hot ng c nh ngha trc v ch ra rng ti ngng nh trc. Di s iu khin ca SNMP, vic truyn cnh bo ny c coi l ci by (trap).

3.3

C s thng tin qun l (MIB)

Mi thit b chu s qun l c th c cu hnh, trng thi v thng tin thng k rt a dng, nh ngha chc nng v kh nng vn hnh ca thit b. Thng tin ny c th bao gm vic thit lp chuyn mch phn cng, nhng gi tr khc nhau lu tr trong cc bng ghi nh d liu, b h s hoc cc trng thng tin trong h s lu tr cc file v nhng bin hoc thnh phn d liu tng t. Nhn chung, nhng thnh phn d liu ny c coi l c s thng tin qun l ca thit b chu s qun l. Xt ring, mi thnh phn d liu bin i c coi l mt i tng b qun l v bao gm tn, mt hoc nhiu thuc tnh, v mt tp cc hat ng (operation) thc hin trn i tng . V vy MIB nh ngha loi thng tin c th khi phc t mt thit b chu s qun l v nhng b tr (settings) thit b m c th iu khin t h thng qun l. 4. Cu trc thng tin qun l (SMI) SMI (Structure Management Information) i nh nghi a m t c c u t ch c chung cho thng tin qua n ly . SMI nh n da ng ca c ki u d li u trong MIB va chi ro ca ch th c miu ta va t tn ca c ta i nguyn trong MIB. SMI duy tri ti nh n gia n va kha nng m r ng trong MIB, vi th MIB chi lu tr nh ng loa i d li u n gia n ch a ca c loa i d li u do nha cung c p ta o ra. cung c p phng th c tiu chu n bi u di n thng tin qua n tri SMI c n nh ngcng vi c sau: + Cung c p ki thu t tiu chu n i nh nghi a c u tru c MIB c bi t. + Cung c p ki thu t tiu chu n i nh nghi a ca c i t ng n le , bao g m cu pha p va gia tri m i i t ng . + Cung c p ki thu t tiu chu n ma ho a ca c gia tri i t ng.S m ta ca c i t ng qua n ly c SMI th c hi n
8

thng qua ngn ng ASN. 1 Vi c i nh nghi a i t ng g m 5 tr ng: + Object: Tn i t ng + Systax: Cu pha p cho loa i i t ng + Definition : Ca c i nh nghi a + Truy c p (Access): Co th la chi o c, o c ghi, khng th truy c p .+ Tra ng tha i (Status): Co th c ng ch , tu y cho n hay khng co n hi u l c 5. Cc lnh c bn trong SNMP SNMP s dng cc dch v chuyn ti d liu c cung cp bi cc giao thc UDP/IP. Mt ng dng ca Manager phi nhn dng c Agent cn thng tin vi n. Mt ng dng ca Agent c nhn dng bi da ch IP ca n v mt cng UDP. SNMP s dng 3 lnh c bn l Read, Write, Trap v mt s lnh ty bin qun l thit b. Lnh Read: c SNMP dng dc thng tin t thit b. Cc thng tin ny c cung cp qua cc bin SNMP luu tr trn thit b v c cp nht bi thit b. Lnh Write: c SNMP dng ghi cc thng tin iu khin ln thit b bng cch thay i gi tr cc bin SNMP. Lnh Trap: Dng nhn cc s kin gi t thit b n SNMP. Mi khi c mt s kin xy ra trn thit b mt lnh Trap s c gi ti NMS. SNMP iu khin, theo di thit b bng cch thay i hoc thu thp thng tin qua cc bin gi tr lu trn thit b. Cc
9

Agent ci t trn thit b tng tc vi nhng chip iu khin h tr SNMP ly ni dung hoc vit li ni dung 6. Cc phng thc ca SNMP

GetRequest : Bn tin GetRequest c manager gi n agent ly mt thng tin no . Trong GetRequest c cha ID ca object mun ly. V d: Mun ly thng tin tn ca Device1 th manager gi bn tin GetRequest ID=1.3.6.1.2.1.1.5 n Device1, tin trnh SNMP agent trn Device1 s nhn c bn tin v to bn tin tr li. Trong mt bn tin GetRequest c th cha nhiu OID, ngha l dng mt GetRequest c th ly v cng lc nhiu thng tin. GetNextRequest: Bn tin GetNextRequest cng dng ly thng tin v cng c cha OID, tuy nhin n dng ly thng tin ca object nm k tip object c ch ra trong bn tin. Chu ng ta bit khi c qua nhng phn trn: mt MIB bao gm nhiu OID c sp xp th t nhng khng lin tc, nu bit mt OID th khng xc nh c OID k tip. Do ta cn GetNextRequest ly v gi tr ca OID k tip. Nu thc hin GetNextRequest lin tc th ta s ly c ton b thng tin ca agent. SetRequest: Bn tin SetRequest c manager gi cho agent thit lp gi tr cho mt object no . V d: C th t li
10

tn ca mt my tnh hay router bng phn mm SNMP manager, bng cch gi bn tin SetRequest c OID l 1.3.6.1.2.1.1.5.0 (sysName.0) v c gi tr l tn mi cn t. GetResponse: Mi khi SNMP agent nhn c cc bn tin GetRequest, GetNextRequest hay SetRequest th n s gi li bn tin GetResponse tr li. Trong bn tin GetResponse c cha OID ca object c request v gi tr ca object . Trap: Bn tin Trap c agent t ng gi cho manager mi khi c s kin xy ra bn trong agent, cc s kin ny khng phi l cc hot ng thng xuyn ca agent m l cc s kin mang tnh bin c. V d: Khi c mt port down, khi c mt ngi dng login khng thnh cng, hoc khi thit b khi ng li, agent s gi trap cho manager. Tuy nhin khng phi mi bin c u c agent gi trap, cng khng phi mi agent u gi trap khi xy ra cng mt bin c. Vic agent gi hay khng gi trap cho bin c no l do hng sn xut device/agent quy nh.

11

7. An ninh v bo mt SNMP.

Mt SNMP management station c th qun l/gim st nhiu SNMP element, thng qua hot ng gi request v nhn trap. Tuy nhin mt SNMP element c th c cu hnh ch cho php cc SNMP management station no c php qun l/gim st mnh. Cc c ch bo mt n gin ny gm c: community string, view v SNMP access control list. Community string: Community string l mt chui k t c ci t ging nhau trn c SNMP manager v SNMP agent, ng vai tr nh mt khu gia 2 bn khi trao i d liu. Community string c 3 loi: Read-community, WriteCommunity v Trap-Community. Khi manager gi GetRequest, GetNextRequest n agent th trong bn tin gi i c cha ReadCommunity. Khi agent nhn c bn tin request th n s so snh Read-community do manager gi v Read-community m n c ci t. Nu 2 chui ny ging nhau, agent s tr li; nu 2 chui ny khc nhau, agent s khng tr li. View: Khi manager c read-community th n c th c ton b OID ca agent. Tuy nhin agent c th quy nh ch cho php c mt s OID c lin quan nhau, tc l ch c c mt phn ca MIB. Tp con ca MIB ny gi l view, trn agent c th nh ngha nhiu view.
12

SNMP access control list: SNMP ACL l mt danh sch cc a ch IP c php qun l/gim st agent, n ch p dng ring cho giao thc SNMP v c ci trn agent. Nu mt manager c IP khng c php trong ACL gi request th agent s khng x l, d request c community string l ng. a s cc thit b tng thch SNMP u cho php thit lp SNMP ACL.

13