You are on page 1of 68

SNMP Network Management (I)*

Chapter 4 from Mani Subramanian Network Management:


Principles and practice, Addison-Wesley, 2000.
*

SNMP Network Management


Organization Model
Communication Model
Information Model
Structure
of
Management
Information (SMI)
Managed Objects
Management
Information Base
(MIB)
SNMP Administrative Model
SNMP Protocol Specs

Organization Model
MDB

Describes components of a

network management system


Focuses on functions and
infrastructure
Objects are network
elements such as hubs,
bridges, routers, etc.
Managed elements have a
process running them called
an agent
Manager queries the agent,
gets information, processes it
and stores it in the MDB

MIB

SNMP Manager

agent

agent

Managed Objects
Unmanaged Objects

A simplified hierarchical
(2-tier) setup

Organization Model
Multiple managers, 1 agent
An agent responds to
any management system
that communicates with
it using SNMP
An NMS provided by a
vendor is in a better
position to manage,
monitor and configure all
NEs coming from that
same vendor

MIB

SNMP Manager

SNMP Manager

Managed
agent

Object
Managed Objects

Managers may have restricted


access to managed objects

Organization Model
Manager receives pre-

processed data
RMON (Remote
Monitoring): acts as an
agent and a manager

RMON gathers data from


MO, analyses the data,
and stores the data
Communicates the
statistics to the manager

MIB

SNMP Manager

SNMP Manager

Managed
agent

Object
Managed Objects

RMON Probe
Managers may have restricted
access to managed objects

3-tier architecture

Organization Model
Proxy server converts

non-SNMP data from


non-SNMP objects to
SNMP compatible
objects and messages

MIB

SNMP Manager

Proxy Server

Managed
agent

Object

Non-SNMP
Managed Objects

SMMP Managed Objects


unmanaged
Objects

SNMP Network Management


Organization Model
Communication Model
Information Model
Structure
of
Management
Information (SMI)
Managed Objects
Management
Information Base
(MIB)
SNMP Administrative Model
SNMP Protocol Specs

Communication Model
MANAGER

M
SN

ing
l
l
Po

p
a
r
T
AGENTS

MIB

Communication Model
Communicate mgnt information between network

mgnt stations and managed elements


Goals:

Management functions maintained by agents are kept


simple
Protocol flexibility (addition of new aspects of
operation and management)
Transparency (should not be affected by the
architecture of particular hosts and gateways)

Operation: 5 messages

get-request, get-next request, set-request


get-response, trap

SNMP messages are exchanged using UDP (connection

less) transport protocol

Communication Model

SNMP Manager

SNMP messages

SNMP agent

UDP

UDP

IP

IP

DLC

DLC

PHY

PHY

Network or
Internet

Physical Medium

Trap

Get-Response

SNMP Agent
Application

Set-Request

Application
Manages objects
Trap

Get-Response

Set-Request

GetNext-Request

Get-Request

SNMP Manager
Application

GetNext-Request

Management
Data

SNMP Agent

Get-Request

SNMP Manager

SNMP Network Management


Organization Model
Communication Model
Information Model
Structure
of
Management
Information (SMI)
Managed Objects
Management
Information
Base
(MIB)
SNMP Administrative Model
SNMP Protocol Specs

Structure of Management
Information
RFC 1155:

Structure of Management

Information
A common representation for data between both
manager and agent
Defines the syntax (using ASN.1) to describe
management information

Data types and


Rules used to define managed objects in a MIB

Generic objects and private (vendor specific)

objects conforming to SMI rules (RFC 1155) can


be managed by SNMP

SMI, Objects and Instances


Objects have: object

types and object


instances
SMI is concerned with
types and not instances
Object type

Name (unique descriptor


and object identifier)
Syntax (ASN.1)
Encoding (BER)

Object
Object
Type
Name:
OBJECT
IDENTIFIER

Syntax:
ASN.1

Object
Instance

Encoding:
BER

Managed Object : Type and Instance

SMI, Objects and Instances


Object

NMS
192.168.252.110

Object
Type

172.17.252.1

Name:
OBJECT
IDENTIFIER

Router 2
Backbone Network

Syntax:
ASN.1

Object
Instance
Encoding:
BER

Managed Object : Type and Instance


Router 1
172.16.46.1
Hub 1
172.16.46.2

Hub 2
172.16.46.3

A Managed LAN Network

A hub is an object type

A hub with IP 172.16.46.3 is an


instance of the object

SMI, Objects and Instances


Title: System Information: 172.16.46.2
Name or IP Address: 172.16.46.2
System Name
System Description
System Contact :
System Location
System Object ID
System Up Time

:
: 3Com LinkBuilder FMS, SW version:3.02
:
: .iso.org.dod.internet.private.enterprises.43.1.8.5
: (2475380437) 286 days, 12:03:24.37

System Information on 172.16.46.2 Hub

Name:
OBJECT
IDENTIFIER

Title: System Information: 172.16.46.3


Name or IP Address: 172.16.46.3
System Name
System Description
System Contact :
System Location
System Object ID
System Up Time

:
: 3Com LinkBuilder FMS, SW version:3.12
:
: .iso.org.dod.internet.private.enterprises.43.1.8.5
: (3146735182) 364 days,4:55:51.82

System Information on 172.16.46.3 Hub

Object
Object
Type

Syntax:
ASN.1

Encoding:
BER

Object
Instance 3
Object
Instance 2
Object
Instance 1

Managed Object : Type with Multiple Instances

SMI, Names
root

Each managed object is

associated with an
identifier (OBJECT
IDENTIFIER)

Identifiers are used to


name objects and they
are unique for managed
objects
identifier is a sequence
of integers

ccitt(0)

iso(1)

joint-iso-ccitt(2)

org(3)
internet(1)

mgmt(2)
mib-2(1)

dod(6)

private(4)
experimental(3)
enterprise(1)

internet OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) 1 }


::= {1 3 6 1 }
Name of managed object

::= {iso standard dod internet}

SMI, Names
Internet
{1 3 6 1}

directory
(1)

Reserved for
future use

mgmt
(2)

experimental
(3)

private
(4)

To identify objects used


in Internet experiments
Used for objects defined in
IAB-approved documents

Used heavily by
commercial vendors

Sub-nodes under Internet

SMI, Names
Internet
{1 3 6 1}

directory
(1)

mgmt
(2)

experimental
(3)

mib-2
(1)

system (1)
interfaces (2)
at (3)
ip (4)
icmp (5)

snmp (11)
transmission (10)
cmot (9)
egp (8)
udp (7)
tcp (6)

private
(4)

SMI, Names
Internet
{1 3 6 1}

directory
(1)

mgmt
(2)

experimental
(3)

private
(4)

enterprises
(1)

cisco
(9)

hp
(11)

3Com
(43)

Cabletron
(52)

SMI, SNMP Syntax


SNMP ASN.1
Data Type
Tag
Structure

Number
Class
Simple
or
Primitive

Defined
or
Application

Constructor
or
Structured

Universal

Application

Contextspecific

Private

SNMP Primitive Data Types


Data Type
INTEGER

OCTET STRING

OBJECT IDENTIFIER
NULL

Subtype:

Comments

Subtype INTEGER (n1..nN)


Special case: Enumerated INTEGER type
8-bit bytes binary and textual data
Subtypes can be specified by either
range or fixed
Object position in MIB
Placeholder

INTEGER (0..255)
OCTET STRING (SIZE 0..255)
OCTET STRING (SIZE 8)

Special case of INTEGER

data type (enumeration):

error-status INTEGER {
noError(0)
tooBig(1)
genErr(5)
authorizationError(16)
}

Application-Wide SNMP Types


160.85.128.1
IpAddress ::= [APPLICATION 0] IMPLICIT
OCTET STRING (SIZE (4)) A0 55 80 01

Counter

::= [APPLICATION 1] IMPLICIT


INTEGER (0..4294967295)

231

Gauge

::= [APPLICATION 2] IMPLICIT


INTEGER (0..4294967295)

231

0 1 2
TimeTicks ::= [APPLICATION 3] IMPLICIT
INTEGER (0..4294967295)

0 10 20 [ms]

Opaque

::= [APPLICATION 4] IMPLICIT


OCTET STRING

SNMP Structured Types


SEQUENCE,SEQUENCE OF
SET and SET OF of ASN.1 are not included

in SNMP-based management
Used to build lists and tables
SEQUENCE {<type1>, <type2>,.., <typeN>}

1
2
3
4
5
6

Object
ipAdEntAddr
ipAdEntIfIndex
ipAdEntNetMask
ipAdEntBcastAddr
ipAdEntReasmMaxSize
ipAddrEntry

Managed objects

OBJECT IDENTIFIER
{ipAddrEntry 1}
{ipAddrEntry 2}
{ipAddrEntry 3}
{ipAddrEntry 4}
{ipAddrEntry 5}
{ipAddrTable 1}

ObjectSyntax
IpAddress
INTEGER
IpAddress
INTEGER
INTEGER
SEQUENCE

Their location in Their data types


the MIB

SNMP Structured Types


List:

IpAddrEntry ::=
SEQUENCE {
ipAdEntAddr
IpAddress
ipAdEntIfIndex
INTEGER
ipAdEntNetMask
IpAddress
ipAdEntBcastAddr
INTEGER
ipAdEntReasmMaxSize
INTEGER (0..65535)
}
Managed Object IpAddrEntry as a list

Object Name
ipAddrTable

Table: ipAddrTable ::=


SEQUENCE OF

OBJECT IDENTIFIER
{ip 20}

Syntax
SEQUENCE OF

IpAddrEntry

Managed Object ipAddrTable as a table

ipAddrTable is made up of instances of idAddrEntry object

SMI, Encoding
Basic Encoding Rules, BER
Data Types and Tags
Type

Tag

OBJECT IDENTIFIER

UNIVERSAL 6

SEQUENCE

UNIVERSAL 16

IpAddress

APPLICATION 0

Counter

APPLICATION 1

Gauge
TimeTicks
Opaque

APPLICATION 2
APPLICATION 3
APPLICATION 4

Encoding of Object Identifiers: Packs the first two

integers into a single sub-identifier

SMI, Encoding
enterprise OBJECT IDENTIFIER ::=
{iso(1) org(3) dod(6) internet(1) private(4) 1}
X
Y
Z = 40X + Y
43
0

06

05

2B

06

4
0

01

04

1
0

01

Managed Objects
system(1)

sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4)

Textual name: mnemonic; always begins with lower case


o

OBJECT IDENTIFIER: unique position of the managed


object in the MIB

Syntax: the ASN.1 definition of the object type


Access: read-only, read-write, not-accessible (e.g., tables)
Status: mandatory, optional, obsolete
Definition: textual description of the object type

Managed Objects
system(1)

sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4)


OBJECT:
sysDescr:
Syntax:
Definition:

Access:
Status:

{ system 1 }
OCTET STRING
"A textual description of the entity. This value
should include the full name and version
identification of the system's hardware type,
software operating-system, and networking
software. It is mandatory that this only contain
printable ASCII characters."
read-only
mandatory

Specifications for System Description

Macros for Managed Objects


A formal definition for managed objects

SMI Definitions

Macros for Managed Objects


Using OBJECT-TYPE MACRO to define a managed object

of the system group in the MIB

sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
ACCESS read-only
STATUS mandatory
DESCRIPTION
A textual description of the entity. This
value should include the full name and version
identification of the systems hardware type,
software operating-system, and networking software.
It is mandatory that this only contain printable
ASCII characters.
::= { system 1 }

Macros for Managed Objects


system(1)

sysDescr(1) sysObjectID(2) sysUpTime(3) sysContact(4)

sysUpTime OBJECT-TYPE
SYNTAX TimeTicks
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The time (in hundredths of a second)
since the network management portion of
the system was last re-initialized."
::= { system 3 }

Aggregate Objects
A group of related objects (also called tabular objects)
Represented by a table with
o
o

Columns of objects
Rows of instances

Example: IP address table


Consists of objects:

IP address
Interface
Subnet mask (which subnet this address belongs to)
Broadcast address (value of l.s.b. in IP broadcast address)
Largest IP datagram that can be assembled

Multiple instances of these objects associated with the node

Aggregate Object Macro-ipAddrTable (RFC 1155)


ipAddrTable OBJECT-TYPE
Syntax SEQUENCE OF IpAddrEntry
Access not-accessible
STATUS mandatory
Definition "The table of addressing information
relevant to this entity's IP addresses."
::={ip 20}
ipAddrEntry OBJECT-TYPE
Syntax IpAddrEntry
Access not-accessible
STATUS mandatory
Definition "The addressing information for one of this
entity's IP addresses..
INDEX {ipAdEntAddr}
::={ipAddrTable 1}
IpAddrEntry ::= SEQUENCE {
ipAdEntAddr
ipAdEntIfIndex
ipAdEntNetMask
ipAdEntBcastAddr
ipAdEntReasmMaxSize

IpAddress,
INTEGER,
IpAddress,
INTEGER,
INTEGER (0..65535)}

Aggregate Object Macro-ipAddrTable (RFC 1155)


ipAdEntAddr OBJECT-TYPE
Syntax IpAddress
Access read-only
STATUS mandatory
Definition "The IP address to which this entry's
addressing information pertains."
::={ipAddrEntry 1}
ipAdEntIfIndex OBJECT-TYPE
Syntax INTEGER
Access read-only
STATUS mandatory
Definition "The index value that uniquely identifies the
interface to which this entry is applicable. The interface identified
by a particular value of this index is the same interface as
identified by the same value of IfIndex."

INDEX {ipAdEntAddr}
::={ipAddrEntry 2}
.
.
.
.

Columnar Objects
Aggregate objects type contains one or more subtypes

each could have multiple instances, with a value associated with


each instance
It is convenient to conceptually define a tabular structure for objects
with multiple values
o e.g., IP address table
o

The objects TABLE T and ENTRY E are

logical objects
o

TABLE
T
ENTRY
E

define grouping, are not accessible

Columnar objects are objects that

represent the attributes


o

hence are accessible

Each instance of E is a row of columnar

COLUMNAR COLUMNAR COLUMNAR COLUMNAR COLUMNAR


OBJECT 1
OBJECT 4 OBJECT 5
OBJECT 2 OBJECT 3

objects 1 through 5
Multiple instances of E are represented
by multiple rows

Multiple Instance Managed Object

Columnar Objects
T

Object ID

Not accessible

{Table, Entry, Object, Index}

Row 3:
the third
instance of
the object

T.E

T.E.1.1

T.E.2.1

T.E.3.1

T.E.4.1

T.E.5.1

T.E.1.2

T.E.2.2

T.E.3.2

T.E.4.2

T.E.5.2

T.E.1.3

T.E.2.3

T.E.3.3

T.E.4.3

T.E.5.3

T.E.1.4

T.E.2.4

T.E.3.4

T.E.4.4

T.E.5.4

Example of 5 Columnar Object with 4 Instances (rows)

Notice that the column-row numeric designation is


reverse of that used in matrix representation (row-column)

Columnar Objects - Example


ipAddrTable {1.3.6.1.2.1.4.20}
ipAddrEntry (1)
ipAdEntAddr (1)
ipAdEntIfIndex (2)
ipAdEntNetMask (3)
ipAdEntBcastAddr (4)
ipAdEntReasmMaxSize (5)
Columnar object ID of ipAdEntBcastAddr is (1.3.6.1.2.1.4.20.1.4):
iso org dod internet mgmt mib ip ipAddrTable ipAddrEntry ipAdEntBcastAddr
1 3 6
1
2 1 4
20
1
4
Columnar objects under ipAddrEntry
Row

ipAdEntAddr

ipAdEntIfIndex

IpAdEntNetMask

IpAdEntBcastAddr

IpAdEntReasmMaxSize

123.45.2.1

255.255.255.0

12000

123.45.3.4

255.255.0.0

12000

165.8.9.25

255.255.255.0

10000

9.96.8.138

255.255.255.0

15000

4 instances of the
Columnar object

Index of table
Object instances of ipAddrTable (1.3.6.1.2.1.4.20)

Columnar Objects - Example


Row

ipAdEntAddr

ipAdEntIfIndex

IpAdEntNetMask

IpAdEntBcastAddr

IpAdEntReasmMaxSize

123.45.2.1

255.255.255.0

12000

123.45.3.4

255.255.0.0

12000

165.8.9.25

255.255.255.0

10000

9.96.8.138

255.255.255.0

15000

Node 1 under
ipAddrEntry

Object instances of ipAddrTable (1.3.6.1.2.1.4.20)

Columnar Object

Object ID for
ipAddrEntry

Row #

Object Identifier

ipAdEntAddr
1.3.6.1.2.1.4.20.1.1

{1.3.6.1.2.1.4.20.1.1.123.45.3.4}

ipAdEntIfIndex
1.3.6.1.2.1.4.20.1.2

{1.3.6.1.2.1.4.20.1.2.165.8.9.25}

ipAdEntBcastAddr
1.3.6.1.2.1.4.20.1.4

{1.3.6.1.2.1.4.20.1.4.123.45.2.1}

IpAdEntReasmMaxSize
1.3.6.1.2.1.4.20.1.5

{1.3.6.1.2.1.4.20.1.5.9.96.8.138}

Object Id for specific instances

Index of the
object instance

Management Information Base


(MIB)
RFC 1213
MIB is a database containing information about

elements to be managed
For SNMP, the MIB is a structured database
(tree)
Each resource to be managed is represented by an
object
Each system (e.g., a router) maintains a MIB that
reflects the status of its managed resources
A NMS monitors/controls the resources by
reading/modifying the values of objects in the
MIB

MIB, RFC1213
Internet
{1 3 6 1}

Implementation can be

done as needed (e.g.,


objects essential for fault
or configuration
management are added)
If a group is implemented
by a vendor, all its
components are
implemented (e.g. OSPF
and all its group objects)

directory
(1)

mgmt
(2)

experimental
(3)

mib-2
(1)

system (1)
interfaces (2)
at (3)
ip (4)
icmp (5)

snmp (11)
transmission (10)
cmot (9)
egp (8)
udp (7)
tcp (6)

<module name>
<imports>
<definitions>

END

DEFINITIONS ::= BEGIN


Internet MIB-II Group

private
(4)

MIB, RFC1213
-- groups in MIB-II

RFC1213-MIB DEFINITIONS ::= BEGIN


IMPORT mgmt, NetworkAddress, IpAddress,
Counter, Gauge, TimeTicks
FROM RFC1155-SMI
OBJECT-TYPE
FROM RFC-1212;
-- This MIB module uses the extended
-- OBJET-TYPE macro as defined in [14];
--

MIB-II (same prefix as MIB-I)


mib-2
OBJECT IDENTIFIER ::= { mgmt 1 }
-- textual conventions
DisplayString ::=
OCTET STRING
-- This data type is used to model textual
-- information taken from the NVT ASCII
character -- set. By convention, objects
-- with this syntax are declared as having
--SIZE (0..255)

system
interfaces

OBJECT IDENTIFIER ::= { mib-2 1}


OBJECT IDENTIFIER ::= { mib-2 2 }

at

OBJECT IDENTIFIER ::= { mib-2 3 }

ip

OBJECT IDENTIFIER ::= { mib-2 4 }

icmp

OBJECT IDENTIFIER ::= { mib-2 5 }

tcp

OBJECT IDENTIFIER ::= { mib-2 6 }

udp

OBJECT IDENTIFIER ::= { mib-2 7 }

egp

OBJECT IDENTIFIER ::= { mib-2 8 }

cmot

OBJECT IDENTIFIER ::= { mib-2 9 }

transmission OBJECT IDENTIFIER ::= {mib-2 10}


PhysAddress ::=
OCTET STRING
-- This data type is used to model media
-----

snmp
.
.
addresses. For many types of media, this will .
.
be in a binary representation. For example,
END
an ethernet address would be represented as
a string of 6 octets.

OBJECT IDENTIFIER ::= { mib-2 11 }

MIB, System Group


-- the System group
-----

Implementation of the System group is


mandatory for all systems. If an agent is not
configured to have a value for any of these
variables, a string of length 0 is returned.
sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-only
STATUS mandatory

DESCRIPTION
entity. ."
::= { system 1 }

"A textual description of the

system
(mib-2 1)

sysDescr (1)
sysObjectId
(2)
sysUpTime (3)

sysServices (7)
sysLocation (6)
sysName (5)

sysContact (4)

sysObjectID OBJECT-TYPE
sysUpTime OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
SYNTAX TimeTicks
ACCESS read-only
ACCESS read-only
STATUS mandatory
STATUS mandatory
DESCRIPTION "The vendor's
DESCRIPTION
authoritative identification of the network
"The time (in hundredths of
management subsystem contained in the
a
second)
since
the
network management
entity."
portion of the system was last
::= { system 2 }
reinitialized."
::= { system 3 }

MIB, System Group


Fault monitoring:
By periodically polling each agent for this value; if the current
value is less than the most recent value, then the agent has
been restarted since last poll!

Entity
sysDescr
sysObjectID
sysUpTime
sysContact
sysName
sysLocation
sysServices

OID
system 1
system 2
system 3
system 4
system 5
system 6
system 7

Description (brief)
Textual description
OBJECT IDENTIFIER of the entity
Time (in hundredths of a second since last reset)
Contact person for the node
Administrative name of the system
Physical location of the node
Value designating the layer services provided by the
entity

Programmed by vendor of
objects during
manufacturing time

MIB, Interface Group


interfaces
(mib-2 2)

It specifies the number of

interfaces in a network
component and the
managed objects
associated with each
interface

E.g., Ethernet bridge with


many network interface
cards

Implementation:

mandatory

ifNumber
(1)

ifTable
(2)

ifEntry
(1)
ifIndex (1)
ifDescr (2)
ifType (3)
ifMtu (4)
ifSpeed (5)
ifPhysAddress (6)
ifAdminstatus (7)
ifOperStatus (8)
ifLastChange (9)
ifInOctets (10)
ifInUcastPkts (11)

interfaces OBJECT IDENTIFIER ::= { mib-2 2 }

ifSpecific (22)
ifOutQLen (21)
ifOutErrors (20)
ifOutDiscards (19)
ifOutNUcastPkts (18)
ifOutUcastPkts (17)
ifOutOctets (16)
ifUnknownProtos (15)
ifInErrors (14)
ifInDiscards (13)
ifInNUcastPkts (12)

MIB, Interface Group

interfaces
(mib-2 2)

ifNumber OBJECT-TYPE
SYNTAX INTEGER
ifNumber
ifTable
ACCESS read-only
(1)
(2)
STATUS mandatory
DESCRIPTION "The number of network
interfaces (regardless of their current
ifEntry
(1)
state) present on this system."
::= { interfaces 1 }
ifEntry OBJECT-TYPE
SYNTAX IfEntry
ifTable OBJECT-TYPE
ACCESS not-accessible
SYNTAX SEQUENCE OF IfEntry
STATUS mandatory
ACCESS not-accessible
DESCRIPTION "An interface entry
STATUS mandatory
containing objects at the sub-network
layer and below for a particular
DESCRIPTION "A list of interface
interface."
entries. The number of entries is
given by the value of ifNumber."
INDEX
{ ifIndex }
::= { interfaces 2 }
::= { ifTable 1 }

IfEntry ::= SEQUENCE {ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER,


ifMtu INTEGER, ifSpeed Gauge, ifPhysAddress PhysAddress, ifAdminStatus INTEGER,
ifOperStatus INTEGER, ifLastChange TimeTicks, ifInOctets Counter, }

MIB, Interface Group

Basic information useful for


network management such as
performance monitoring and
fault control

Examples
1)-measuring the queue length
or the total number of octets
into/out of the system-

indicators for detecting


congestion

2)- measuring the traffic


rate on a given interface!

ifInUcastPkts/second,
ifOutUcastPkts/second
Counter data types, always
incrementing!

interfaces
(mib-2 2)

ifNumber
(1)

ifTable
(2)

ifEntry
(1)
ifIndex (1)
ifDescr (2)
ifType (3)
ifMtu (4)
ifSpeed (5)
ifPhysAddress (6)
ifAdminstatus (7)
ifOperStatus (8)
ifLastChange (9)
ifInOctets (10)
ifInUcastPkts (11)

ifSpecific (22)
ifOutQLen (21)
ifOutErrors (20)
ifOutDiscards (19)
ifOutNUcastPkts (18)
ifOutUcastPkts (17)
ifOutOctets (16)
ifUnknownProtos (15)
ifInErrors (14)
ifInDiscards (13)
ifInNUcastPkts (12)

MIB, IP Group

ip
(mib-2 4)

Contains information

relevant to the
implementation and
operation of IP at a node

ipForwarding (1)

ipRoutingDiscards (23)

ipDefaultTTL (2)

Routers periodically

execute routing algorithms


and update routing tables

ipNetToMediaTable (22)

ipInReceives (3)

ipRouteTable (21)

ipInHdrErrors (4)

ipAddrTable (20)

ipInAddrErrors (5)

ipFragCreates (19)
ipFragFails (18)

ipForwDatagrams (6)
ipInUnknownProtos (7)

IP Address Table contains


table of IP addresses
IP Route Table contains an
entry for each route
IP Network-to-Media
Table is address
translation table
mapping IP addresses to
physical addresses

ipFragOKs (17)

ipInDiscards (8)

ipReasmFails (16)

ipInDelivers (9)
ipOutRequests(10)
ipOutDiscards (11)

ipReasmOKs (15)
ipReasmReqds (14)
ipReasmTimeout (13)

ipOutNoRoutes (12)

MIB, IP Group
ip
(mib-2 4)

Gateway or router
TTL in IP header
Total # packets
received from interfaces
# of discarded datagrams
due to header errors

ipForwarding (1)

ipRoutingDiscards (23)

ipDefaultTTL (2)

ipNetToMediaTable (22)

ipInReceives (3)

ipRouteTable (21)

ipInHdrErrors (4)

ipAddrTable (20)

ipInAddrErrors (5)

ipFragCreates (19)
ipFragFails (18)

ipForwDatagrams (6)
ipInUnknownProtos (7)

ipFragOKs (17)

ipInDiscards (8)

ipReasmFails (16)

ipInDelivers (9)
ipOutRequests(10)
ipOutDiscards (11)

ipReasmOKs (15)
ipReasmReqds (14)
ipReasmTimeout (13)

ipOutNoRoutes (12)

MIB, IP Group
ipAddrTable
(ip 20)
ipAddrEntry
(ipAddrTable 1)

ipAdEntReasmMaxSize (5)

ipAdEntAddr (1)
ipAdEntIfIndex (2)

ipAdEntBcastAddr (4)

ipAdEntNetMask
(3)
Entity
ipAddrTable
ipAddrEntry

OID
ip 20
IpAddrTable 1

ipAdEntAddr

IpAddrEntry 1

ipAdEntIfIndex

IpAddrEntry 2

ipAdEntNetMask

IpAddrEntry 3

ipAdEntBcastAddr
ipAdEntReasmMaxSize

IpAddrEntry 4
IpAddrEntry 5

Description (brief)
Table of IP addresses
One of the entries in the IP address
table
The IP address to which this entry's
addressing information pertains
Index value of the entry, same as
ifIndex
Subnet mask for the IP address of
the entry
Broadcast address indicator bit
Largest IP datagram that can be
reassembled on this interface

MIB, IP Group
Contains information used for
Internet routing
ipRouteTable information is
useful for: configuration
monitoring, controlling the
routing process as well as fault
isolation

ipRouteTable
(ip 21)
ipRouteEntry
ipRouteTable (1)

ipRouteDest (1)
ipRouteInfo (13)
ipRouteMetric5
ipRouteIfIndex (2)
(12)
ipRouteMetric1 (3)
ipRouteMask 11)
ipRouteMetric2 (4)
ipRouteAge (10)
ipRouteMetric3 (5)
ipRouteProto (9)
ipRouteMetric4 (6)
ipRouteType (8)
ipRouteNextHop (7)

MIB, TCP Group


Contains info. relevant to the implementation/operation of

connection-oriented TCP

Timeout algorithm for retransmission

tcp
(mib-2 6)

tcpOutRsts (15)
tcpRtoAlgorithm (1)
tcpInErrors (14)
tcpRtoMin (2)
tcpConnTable 13)
tcpRtoMax (3)
tcpRetranSegs (12)
tcpMaxConn (4)
tcpOutSegs (11)
tcpActiveOpens (5)
tcpPassiveOpens (6)
tcpInSegs (10)
Minimum value for
tcpAttemptFails (7)
tcpCurrEstab (9)
retransmission timer
tcpEstabResets (8)
# segments
retransmitted

Maximum value for


retransmission timer
Maximum nb of
TCP connections

# segments
received

# segments
sent

MIB, TCP Group


tcpConnTable
(tcp 13)
tcpConnEntry
(1)

tcpConnState (1)
tcpConnLocalAddress (2)

tcpCommRemPort (5)
tcpConnRemAddress(4)

tcpConnLocalPort (3)

SNMP Network Management


Organization Model
Communication Model
Information Model
Structure
of
Management
Information (SMI)
Managed Objects
Management
Information
Base
(MIB)
SNMP Administrative Model
SNMP Protocol Specs

SNMPv1 Administrator Model


SNMP Entities:

SNMP application entities

Reside in management
stations and network
elements
Manager and agent
Pairing of both entities
forms SNMP community

Administrative model

defines administrative
relationship between
communicating entities

Management stations, each

manages all or a subset of


the managed stations in
the configuration
o

SNMP protocol entities

Communication processes
(PDU handlers)
Peer processes that support
application entities

Subsets may overlap

Each managed station

controls its local MIB


o

control the use of MIB by


a number of management
stations

SNMPv1 Administrator Model


SNMP Community
It is a relation:
between one SNMP
agent and a set of
managers
defines authentication,
access control and
proxy charct.

SNMP Manager

SNMP Manager

SNMP Manager

Authentication Scheme

Authentication Scheme

Authentication Scheme

Authentic Messages
Authentication Scheme
SNMP Agent

Multiple pairs can belong to the same community


A community name is a string of octets

Two application entities in the same community can

communicate with each other

This essentially defines a filter module or authentication


scheme between manager and agent

Security in SNMPv1 is therefore community-based

no encryption

SNMPv1 Administrator Model


SNMP Community Profile
only get, and trap are
performed on objects 2,3,4

READONLY

READWRITE

read-only

write-only

read-write

Object 1

Object 2

Object 3

Object 4

SNMP access mode

SNMP Access Mode

not-accessible

Community profile: MIB view +

Operations such as get, set and trap


can be performed on objects 2,3,4

SNMP Agent

SNMP MIB View

Operations on an object is

MIB View: a subset of the managed


objects an agent is permitted to
manage/view
A community name is also assigned
an SNMP access mode
READ ONLY, READ-WRITE

MIB Access

determined by community profile


and the access mode of the
object
o Total of four access privileges
Read-only, write-only, readwrite, not-accessible

Some objects, such as table and

table entry, are non-accessible

SNMPv1 Administrator Model


SNMP Access Policy
Manager

Community
Agent 1

Community Profile 1
Community Profile 2

Agent 2

Pair of SNMP community and community profile define SNMP

access policy

Access policy allow a managed agent to give different access privileges to


different managers

Manager manages network components of communities 1 and 2 via

Agents 1 and 2

Agent 1 has only view of Community Profile 1, e.g. Cisco components


Agent 2 has only view of Community Profile 2, e.g. 3Com components
Manager has total view of both Cisco and 3Com components

SNMPv1 Administrator Model

SNMP Access Policy


Manager 1
(Community 1)

Manager 1 manages

community 1, manager 2
community 2,and manager
3 (MoM) both
communities 1 and 2

Community 1
Agent 1

Community Profile 1
Community Profile 2

Agent 2

Example: Enterprise

management

Manager 3
(Community 1, Community 2)

Community 2
Agent 3

Community Profile 3
Community Profile 4

Manager 2
(Community 2)

Agent 4

SNMPv1 Administrator Model


Proxy agent enables non-

SNMP Proxy Access Policy

SNMP community
elements to be managed
by an SNMP manager

An SNMP MIB is
created to handle the
non-SNMP objects

SNMP Manager
(Community 1)

SNMP
Agent

Proxy Agent

SNMP Community

non-SNMP
Community

SNMP Network Management


Organization Model
Communication Model
Information Model
Structure
of
Management
Information (SMI)
Managed Objects
Management
Information
Base
(MIB)
SNMP Administrative Model
SNMP Protocol Specs

Message Format
version

community

Protocol entities support

application entities
Communication between
remote peer processes
Message consists of :

Version identifier
Community name

Protocol Data Unit


Message encapsulated in UDP
datagrams and transmitted

data

Like FTP, SNMP uses two well-

known ports to operate:

UDP Port 161 - SNMP


Messages
UDP Port 162 - SNMP Trap
Messages

Message Format
version

community

data

SNMP message format is defined using ASN.1,

encoded for transmission over UDP using BER


Message ::= SEQUENCE {
version
INTEGER {version-1(0)},
community OCTET STRING,
data
PDUs
}

3 different versions:
SNMPv1, SNMPv2, SNMPv3

Message Format-Set/Get PDU


version

community

data

Message ::= SEQUENCE {


version
INTEGER {version-1(0)},
community OCTET STRING,
data
PDUs
}
PDUs::= CHOICE {
get-request
[0] IMPLICIT PDU,
get-next-request [1] IMPLICIT PDU,
get-response
[2] IMPLICIT PDU,
set-request
[3] IMPLICIT PDU,
trap
[4] IMPLICIT Trap-PDU
}

Message Format-Set/Get PDU


PDUtype

requestid

errorstatus

errorindex

PDU ::= SEQUENCE {


request-id
INTEGER,
error-status
INTEGER {
noError
(0),
tooBig
(1),
noSuchName(2),
badValue (3),
readOnly (4),
genErr
(5)
},
error-index
INTEGER,
variable-bindings VarBindList
}

variable-bindings
request-id:

track a message and


indicate loss of a message
(e.g., timeout, etc.)
error-status: indicate the
occurrence of error
error-index: indicate the
occurrence of error (position
in the list of variables)
variable-bindings: grouping of
number of operations in a
single message:

e.g., one request to get all


values and one response listing
all values

Message Format-variable bindings


var-bind 1

name

value

VarBindList

var-bind 2

name

value

...

::= SEQUENCE OF VarBind

VarBind
::= SEQUENCE {
name ObjectName,
value ObjectSyntax
}
ObjectName

::= OBJECT IDENTIFIER

ObjectSyntax ::= CHOICE {


simple
SimpleSyntax,
application-wide ApplicationSyntax
}

var-bind n

name

value

Message Format-variable bindings


SimpleSyntax ::= CHOICE {
number INTEGER,
string OCTET STRING,
object OBJECT IDENTIFIER,
empty NULL
}
ApplicationSyntax::= CHOICE {
address
NetworkAddress,
counter
Counter,
gauge
Gauge,
ticks
TimeTicks,
arbitrary Opaque
}
NetworkAddress::= CHOICE {
internet IpAddress
}

Message Format-Trap PDU


PDUAgent
Generic
Specific
Entreprise
type
Address Trap Type Trap Type

Time
Stamp

variable-bindings

Trap-PDU ::= SEQUENCE {


- Pertain to the system generating
enterprise
OBJECT IDENTIFIER, the trap (sysObjectID)
agent-addr
NetworkAddress,
-IP address of the objetc
generic-trap
INTEGER {
coldStart
(0),
warmStart
(1),
linkDown
(2),
linkUp
(3),
authenticationFailure(4),
egpNeighborLoss
(5),
enterpriseSpecific
(6)
},
Specific code to identify the
specific-trap
INTEGER,
trap cause
time-stamp
TimeTicks,
Elapsed time since last re-initialization
variable-bindings VarBindList
}