Documente Academic
Documente Profesional
Documente Cultură
Consider a managed lan that was discovered by network management system. An NMS can automatically discover any component in the network as long as the component has a management agent. The Managed subnetwork here is Ethernet Lan and is below the backbone cloud. It consists of a router and two hubs and is connected to the backbone cloud. The Lan IP Address is 172.16.46.1 and the two hub addresses have been configured as 172.16.46.2 and 172.16.46.3. The Lan IP address is the address assigned to the interface card in the router.4 The Network Management System whose IP address is 192.168.252.1, is physically and logically located remotely from the 172.16.46.1 LAN. Information System Managers establish conventions to designate a network and a subnetwork. A 0 in the fourth decimal position of an IP address designates a network, and a subnetwork is designated with a 1 in the fourth decimal position. Thus 172.16.46.1 is a LAN subnetwork in the network 172.16.46.0. Once the network components have been discovered and mapped by the NMS ,we can query and acquire information on system parameters and statistics on the network elements.
UNIT 2
Page 1
Title: System Information: router1.gatech.edu Name or IP Address: 172.16.252.1 System Name System Description : router1.gatech.edu : Cisco Internetwork Operating System Software : IOS() 7000 Software (C7000-JS-M) , Version : 11.2(6),RELEASE SOFTWARE(gel) : Copyright 1986-1997 by Cisco Systems ,Inc : Compiled Tue 06-May-97 19:11 by Kuong System Contact : System Location : System Object ID : .iso.org.dod.internet.private.enterprises.cisco.ciscoProducts.cisco 7000 System Up Time : (315131795) 36 days, 11:21:57.95 Figure 4.2(c) System Information on Router
Figure 4.2
This is the system information of the three network elements in the managed LAN that the NMS gathered by sending specific queries about the system parameters.
Managed Hub:
Port Addresses Title : Addresses : 172.16.46.2 Name or IP address: 172.16.46.2
Index
Interface
IP address
Network Mask
Network Address
Link Address
1 2
3Com 3Com
172.16.46.2 192.168.101.1
255.255.255.0 255.255.255.0
0x08004E07C25C <none>
UNIT 2
Page 2
Index
Interface
IP address
Network Mask
Network Address
Link Address
1 2
3Com 3Com
172.16.46.3 192.168.101.1
255.255.255.0 255.255.255.0
0x08004E091904 <none>
Information acquired by the NMS on hub interfaces Index refers to the interface on the hub Link address is the MAC address
Managed Router:
Port Addresses Title: System Information: router1.gatech.edu Name or IP Address : 172.16.252.1
Index Interface IP address Network Mask Network Address Link Address
23 25 13 16 17 9 2 15 8 14
LEC.1.0 LEC.3.9 Ethernet2/0 Ethernet2/3 Ethernet2/4 Ethernet1/2 Ethernet 0/1 Ethernet2/2 Ethernet1/1 Ethernet2/1
192.168.3.1 192.168.252.15 172.16..46.1 172.16.49.1 172.16.52.1 172.16.55.1 172.16.56.1 172.16.57.1 172.16.58.1 172.16.60.1
255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
192.168.3.0 192.168.252.0 172.16..46.0 172.16.49.0 172.16.52.0 172.16.55.0 172.16.56.0 172.16.57.0 172.16.58.0 172.16.60.0
0x00000C3920B4 0x00000C3920B4 0x00000C3920AC 0x00000C3920AF 0x00000C3920B0 0x00000C3920A6 0x00000C39209D 0x00000C3920AE 0x00000C3920A5 0x00000C3920AD
UNIT 2
Page 3
Each row is a collection of various addresses associated with an interface. Second column describes the port id . The IP address of the Interface card is presented in the third column. The IP address in the third column and the network mask address in the fourth column are anded in modula-2 arithmetic to obtain the network address presented in the fifth column.
numbers, management information base object identifiers and many others. Internet Documents
The early RFCs were messages between the ARPANET. Over the years, the RFC became formal. There are two subseries of RFC: STD and FYI. The FYI RFC was created to document overviews and topics that are newly introduced. The STD RFC was created to identify the RFC of specific Internet Standards. Every RFC , including STDs and FYI s , have an RFC number by which they can be indexed and retrieved.
Page 4
UNIT 2
Along with RFC numbers both STD and FYI also have unique numbers, because if an FYI or STD is revised its RFC number will change , but its FYI or STD number will remain constant for ease of reference. It also helps the new Internet user to find all the helpful, informational documents. Source for RFCs o o ftp://nic.mil/rfc ftp://ftp.internic.net/rfc
o http://nic/internet.net/
SNMP Model
Organization Model Relationship between network element, agent, and manager Hierarchical architecture
Information Model Uses ASN.1 syntax SMI (Structure of Management Information MIB ( Management Information Base)
Communication Model Transfer syntax SNMP over TCP/IP Communication services addressed by messages Security framework community-based model.
The initial organization model of SNMP management is a simple two-tier model. It consists of network agent process , which resides in the managed object, and a network manager process, which resides in the NMS and manages the managed object.
SNMP Manager SNMP Manager SNMP Manager
(a) One M anage r - One Age nt M ode ( b) M ultiple M anage rs - One Age nt M ode l l
UNIT 2
Page 5
Managed object comprises network element and management agent. RMON acts as an agent and a manager . RMON (Remote Monitoring) gathers data from Managed Object, analyses the data, and stores the data. Communicates the statistics to the manager.
SNMP Manager
Proxy Server
Proxy server converts non-SNMP data from non-SNMP objects to SNMP compatible objects and messages.
UNIT 2
Page 6
System Architecture
SNMP Manager SNMP Agent
Management Data
Get-Response
Get-Request
Get-Request
Set-Request
Set-Request
Get-Response
Trap
It shows the data path between manager application process and agent application process using the four transport function protocols: UDP, IP , DLC (Data link control), PHY(physical). The three application layers above the transport layers are integrated in the SNMP process. The communication of management information among management entities is realized through exchange of five protocol messages.
Get-Next-Request Sent by manager requesting data on the next Managed Object to the one specified
Get-Response Agent responds with data for get and set requests from the manager
Page 7
UNIT 2
Trap
Trap A trap is an unsolicited message generated by an agent process with out a message or event arriving from the manager process.
The SNMP manager which resides in the NMS, has a database that polls the managed objects for management data. It contains two sets of data: (i) (ii) One on the information about the objects, MIB and Second on the values of the objects.
Information Models
The Information Models deals with Structure of Management Information(SMI) and Management Information Base(MIB). Structure of Management Information mainly deals with the Specification and Organizational aspects of managed objects. SMI is defined in RFC 1155. The specification of managed objects and the grouping of , and relationship between, managed objects are addressed in Management Information Base.
Object Type
Object Instance
Syntax: ASN.1
Encoding: BER
Example: All 3 Com hubs of the same version have identical identifier; they are distinguished by the IP address . The object types associated with both hubs are represented by identical object ID , iso.org.dod.internet.private.enterprisses.43.1.8.5. The hub1 with an IP address 172.16.46.2 is an instance of the object.
The hub1 with an IP address 172.16.46.2 and hub2 with an IP address 172.16.46.3 are two instances of the object.
UNIT 2
Object Type
Object
Page 8
Object Instance 3 Object Instance 2
Name:
Syntax:
Encoding:
Object
Object type which is a data type, has a name , syntax and an encoding scheme. The name is represented uniquely by a descriptor and object Identifier. The syntax of an object type is defined using the Abstract Syntax Notation ASN.1. Basic Encoding Rules(BER) have been adopted as the encoding scheme for transfer of data types agent and manager processes, as well as between manager processes. Uniquely defined by DESCRIPTOR AND OBJECT IDENTIFIER internet OBJECT IDENTIFIER ::= {iso org(3) dod(6) 1 }. The information inside the curly brackets can be represented in various ways. internet OBJECT IDENTIFIER ::= {iso(1) standard(3) dod(6) internet(1)} internet OBJECT IDENTIFIER ::= {1 3 6 1} internet OBJECT IDENTIFIER ::= {iso standard dod internet } internet OBJECT IDENTIFIER ::= { iso standard dod(6) internet(1) } internet OBJECT IDENTIFIER ::= { iso(1) standard(3) 6 1 } Fig: Different Formats of Declaration of OBJECT IDENTIFIER
Names:
Internet Subnodes
Internet {1 3 6 1}
directory (1)
mgmt (2)
experimental (3)
private (4)
directory
UNIT 2
OBJECT IDENTIFIER ::= {internet 2} OBJECT IDENTIFIER ::= {internet 3} OBJECT IDENTIFIER ::= {internet 4} Private MIB Example
Internet {1 3 6 1}
private (4)
enterprises (1)
cisco (9)
hp (11)
3Com (43)
Cabletron (52)
private MIB intended for vendor equipment IANA (Internet Assigned Numbers Authority) assigns identifiers. SNMP ASN.1 Data Type
SNMP ASN.1 Data Type Tag Structure
Universal
Application
Contextspecific
Private
OCTET STRING
8-bit bytes binary and textual data Subtypes can be specified by either
UNIT 2
Page 10
get-request message has NULL for value fields and get-response from agent has the values filled in subtype: INTEGER (0..255) OCTET STRING (SIZE 0..255) OCTET STRING (SIZE 8)
Defined data types are Application-specific data types. These are defined using Primitive types.
List:
IpAddrEntry
SEQUENCE
Table:
Encoding
Basic Encoding Rules (BER)
UNIT 2
Page 12
SNMP Data Types and Tags Type OBJECT IDENTIFIER SEQUENCE IpAddress Counter Gauge TimeTicks Opaque Tag UNIVERSAL 6 UNIVERSAL 16 APPLICATION 0 APPLICATION 1 APPLICATION 2 APPLICATION 3 APPLICATION 4
Object Identifier is encoded with each subidentifier value encoded as an octet and concatenated in the same order as in the object identifier. For example ,iso(1) and standard(3) {1,3}, are coded as 43 in the first octet of the value. Consider the object identifier of internet {1 3 6 1}. The first octet of the TLV is the UNIVERSAL 6 tag, and the second octet defines the length of the value , which consists of three octets (43,6, and 1). Thus the encoded format is: 00000110 00000011 00101011 00000110 00000001
UNIT 2
Page 13
Managed Object:
Structure of Managed Object: Managed Object has five parameters which are defined in RFC 1155. They are (i) (ii) (iii) (iv) (v) Example: sysDescr is a data type in the MIB that escribes a system. The specifications for the object that describes a system are Textual name Syntax Definition Access and Status
OBJECT:
sysDescr: Syntax: Definition: { system 1 } OCTET STRING "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters."0 read-only mandatory
Access: Status:
Syntax: Syntax is the ASN.1 definition of the object type. The syntax of sysDescr is OCTET STRING.
Definition: A definition is the accepted textual description of the object type. It is used to avoid confusion in the exchange of information between the managed object and the management system and between various network management systems.
Access: Access is the specification for the type of privilege associated with accessing the information , readonly, read-write, or not-accessible.
Status:
UNIT 2
Page 14
Status specifies whether the managed object is current or obsolete. A managed object once defined can only be made obsolete and not removed or deleted. If it is current, the implementation of it is specified as either mandatory or optional. The three choices for status are: (i) Mandatory (ii) Optional and (iii) Obsolete
Macros for Managed Object: Macros are used to encode the information on a managed object in a more formalized manner.
OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= SYNTAX type(TYPE ObjectSyntax) ACCESS Access STATUS Status VALUE NOTATION ::= value(VALUE ObjectName) Access ::= read-only | write-only | not-accessible Status ::= mandatory | optional | obsolete
END
This is the Macro where an object type is represented in a formal way. A macro always starts with the name of the type, followed by the keyword MACRO, and then the definition symbol. The right side of the macro definition always starts with BEGIN and ends with END. The body of the macro module consists of three parts. They are: (i) Type notation (ii) Value notation and (iii) Supporting productions Type Notation defines the object types in the module. Value Notation defines the name of the object. The notations SYNTAX, ACCESS, STATUS define the data types ObjectSyntax, Access, and Status. Supporting productions define the allowed values for access and status.
UNIT 2
Page 15
sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) ACCESS read-only STATUS mandatory DESCRIPTION A textual description of the entity. This value should include the full name and version identification of the systems hardware type, software operating-system, and networking software. It is mandatory that this only contain printable ASCII characters. ::= {system 1 } Figure 4.18(b) Scalar or Single Instance Macro: sysDescr [RFC 1213]
Aggregate Object:
An aggregate object is a group of related objects. Also called tabular objects Can be represented by a table with Columns of objects Rows of instances
Example: IP address table Consists of objects: IP address Interface Subnet mask (which subnet this address belongs to) Broadcast address (value of l.s.b. in IP broadcast address) Largest IP datagram that can be assembled
Multiple instances of these objects associated with the node. Aggregate Managed object Macro :Entry Object
ipAddrEntry OBJECT-TYPE SYNTAX IpAddrEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The addressing information for one of this entity's IP addresses." INDEX { ipAdEntAddr } ::= { ipAddrTable 1 } IpAddrEntry ::=
UNIT 2
Page 16
SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr INTEGER, ipAdEntReasmMaxSize INTEGER (0..65535)
Index ipAdEntAddr uniquely identifies an instance. May require more than one object in the instance to uniquely identify it.
TABLE T ENTRY E
COLUMNAR OBJECT 1
COLUMNAR OBJECT 2
COLUMNAR OBJECT 3
COLUMNAR OBJECT 4
COLUMNAR OBJECT 5
The objects TABLE T and ENTRY E are objects that are logical objects. They define the grouping and are not accessible.
Page 17
UNIT 2
Columnar objects are objects that represent the attributes and hence are accessible. Each instance of E is a row of columnar object 1 through 5. Multiple instances of E are represented by multiple rows. Tabular Representation of Aggregate Object
T.E
T.E.1.1
T.E.2.1
T.E.3.1
T.E.4.1
T.E.5.1
T.E.1.2
T.E.2.2
T.E.3.2
T.E.4.2
T.E.5.2
T.E.1.3
T.E.2.3
T.E.3.3
T.E.4.3
T.E.5.3
T.E.1.4
T.E.2.4
T.E.3.4
T.E.4.4
T.E.5.4
The columnar objects are denoted by the concatenation of the object identifier of the table, the entry , and then the object , and by the row number.
UNIT 2
Page 18
Row
ipAdEntAddr
ipAdEntIfInde x
IpAdEntNetMask
IpAdEntBcastAddr
IpAdEntReasmMaxSize
1 2 3 4
1 3 2 4
0 1 0 0
{1.3.6.1.2.1.4.20.1.1.123.45.3.4}
{1.3.6.1.2.1.4.20.1.2.165.8.9.25}
{1.3.6.1.2.1.4.20.1.4.123.45.2.1}
{1.3.6.1.2.1.4.20.1.5.9.96.8.138}
Internet {1 3 6 1}
directory (1)
mgmt (2)
experimental (3)
private (4)
mib-2 (1)
system (1) interfaces (2) at (3) ip (4) icmp (5) tcp (6)
snmp (11) transmission (10) cmot (9) egp (8) udp (7)
UNIT 2
Page 19
MIB is a virtual information base. Managed objects are accessed via the virtual information base. Objects in the MIB are defined using ASN.1. MIB-II has an additional attribute to the status of a managed object. i.e,. deprecated. Deprecated means , the implementation of the object in the current version is mandatory, but it is most likely to be removed in future versions.
System Group
The system group contains objects that describe system administration.
system (mib-2 1)
OID system 1 system 2 system 3 system 4 system 5 system 6 system 7 Textual description
Description (brief)
OBJECT IDENTIFIER of the entity Time (in hundredths of a second since last reset) Contact person for the node Administrative name of the system Physical location of the node Value designating the layer services provided by the entity
Interfaces Group
The Interfaces group contains managed objects associated with the interfaces of a system.
interfaces (mib-2 2)
ifNumber (1)
ifTable (2)
ifEntry (1) ifInde x (1) ifDescr (2) ifType (3) ifMtu (4) ifSpeed (5) ifPhysAddress (6) ifAdminstatus (7) ifOperStatus (8) ifLastChange (9) ifInOctets (10) ifInUcastPkts (11) ifSpecific (22) ifOutQLen (21) ifOutErrors (20) ifOutDiscards (19) ifOutNUcastPkts (18) ifOutUcastPkts (17) ifOutOctets (16) ifUnknownProtos (15) ifInErrors (14) ifInDiscards (13) ifInNUcastPkts (12)
UNIT 2
Page 20
ifEntry
IfEntry OBJECT-TYPE SYNTAX IfEntry
ACCESS not-accessible STATUS mandatory DESCRIPTION "An interface entry containing objects at the subnetwork layer and below for a particular interface." INDEX {ifIndex} ::= {ifTable 1}
ifEntry specifies the objects in a row in the ifTable . Each interface is defined as a row in the table.
IP Group
The Ip group defines all the parameters needed for the node to handle network layer IP protocol, as either a host or a router. The implementation is mandatory.
ip (mib-2 4)
ipForw arding (1) ipDefaultTTL (2) ipInReceives (3) ipInHdrErrors (4) ipInAddrErrors (5)
ipForwDatagrams (6)
ipInUnknownProtos (7)
ipRoutingDiscards (23) ipNetToMediaTable (22) ipRouteTable (21) ipAddrTable (20) ipFragCreates (19) ipFragFails (18) ipFragOKs (17) ipReasmFails (16) ipReasmOKs (15)
ipReasmReqds (14) ipReasmTimeout (13)
ipOutNoRoutes (12)
The group contains three tables: IP Address table IP routing table and IP address translation table IP MIB is used to acquire any information associated with the IP layer. IP Address Table contains table of IP addresses. IP Route Table contains an entry for each route. IP Network-to-Media Table is address translation table mapping IP addresses to physical addresses.
UNIT 2
Page 21
IP Address Table
OID
Description (brief) Table of IP addresses One of the entries in the IP address table The IP address to which this entry's addressing information pertains Index value of the entry, same as ifIndex Subnet mask for the IP address of the entry Broadcast address indicator bit Largest IP datagram that can be reassembled on this interface
IpAddrTable 1 IpAddrEntry 1
IP Routing Table
ipRouteTable (ip 21) ipRouteEntry ipRouteTable (1)
ipRoute De st(1) ipRouteIfIndex (2) ipRouteMetric1 (3) ipRouteMetric2 (4) ipRouteMetric3 (5) ipRouteMetric4 (6)
ipRouteInfo (13) ipRouteMetric5 (12) ipRouteMask 11) ipRouteAge (10) ipRouteProto (9) ipRouteType (8)
ipRouteNextHop (7)
Description (brief)
ipRouteTable 1 ipRouteEntry 1
UNIT 2
Page 22
ipRouteIfIndex ipRouteMetric1 ipRouteMetric2 ipRouteMetric3 ipRouteMetric4 ipRouteNextHop ipRouteType ipRouteProto ipRouteAge ipRouteMask
ipRouteEntry 2 ipRouteEntry 3 ipRouteEntry 4 ipRouteEntry 5 ipRouteEntry 6 ipRouteEntry 7 ipRouteEntry 8 ipRouteEntry 9 ipRouteEntry 10 ipRouteEntry 11
Index of interface, same as ifIndex Primary routing metric for this route An alternative routing metric for this route An alternative routing metric for this route An alternative routing metric for this route IP address of the next hop Type of route Routing mechanism by which this route was learned Number of seconds since routing was last updated Mask to be logically ANDed with the destination address before comparing with the ipRouteDest field An alternative metric for this route Reference to MIB definition specific to the routing protocol
ipRouteMetric5 ipRouteInfo
ipRouteEntry 12 ipRouteEntry 13
ipNetToMediaEntry (1)
ipNetToMediaType (4)
OID
Description (brief) Table mapping IP addresses to physical addresses IP address to physical address for the particular interface Interfaces on which this entry's equivalence is effective; same as ifIndex Media dependent physical address IP address Type of mapping
IpNetToMediaTable 1
ipNetToMediaIfIndex
IpNetToMediaEntry 1
UNIT 2
Page 23
ICMP Group
icmp (mib-2 5)
icmpInMsgs (1) icmpInErrors (2) icmpInDestUnreachs (3) icmpInTimeExcds (4) icmpInParmProbe (5) icmpInSrcQuenchs (6) icmpInRedirects (7) icmpInEchos (8) icmpInEchoReps (9) icmpInTimestamps (10) icmpInTimestampReps (11) icmpInAddrMasks (12) icmpInAddrMaskReps (13)
icmpOutAddrMaskReps (26) icmpOutAddrMasks (25) icmpOutTimestampReps (24) icmpOutTimestamps (23) icmpOutEchoReps (22) icmpOutEchos (21) icmpOutRedirects (20) icmpOutSrcQuenchs (19) icmpOutParmProbe (18) icmpOutTimeExcds (17) icmpOutDestUnreachs (16) icmpOutErrors (15) icmpInMsgs (14)
Objects associated with ping icmpOutEchos # ICMP echo messages sent icmpInEchoReps # ICMP echo reply messages received. Objects associated with traceroute/tracert icmpInTimeExcs # ICMP time exceeded messages received.
TCP Group
tcp (mib-2 6)
tcpRtoMax (3) tcpMaxConn (4) tcpActiveOpens (5) tcpOutSegs (11) tcpPassiveOpens (6) tcpInSegs (10) tcpAttemptFails (7) tcpCurrEstab (9) tcpEstabResets (8)
tcpConnLocalPort (3)
UNIT 2
Page 24
Entity
OID
Description (brief)
TCO connection table Information about a particular TCP connection State of the TCP connection Local IP address Local port number Remote IP address Remote port number
UDP Group
udp (mib-2 7)
udpInDatagrams (1)
udpNoPorts (2)
udpInErrors (3)
udpOutDatagrams (4)
udpTable (5)
udpEntry (1)
udpLocalPort (2)
UNIT 2
Page 25