![Page 2: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/2.jpg)
Contents
1. Basic Concepts
2. Management Information Base
3. Simple Network Management Protocol
4. SNMP Application Examples
5. Reference
Appendix: ASN.1 Concept
![Page 3: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/3.jpg)
3
1. Basic Concepts
InternetInternet
RMONDevice
UNIX....
FDDI
UNIX PC
Firewall/ Router
ManagementStation
ManagementStation
.......
PollingPolling NotificationNotification
....
...
PC UNIX
PC
NMNMNMNM
![Page 4: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/4.jpg)
4
網路管理標準化
如果每個廠商的網路設備均提供一套獨特專屬 (Proprietary) 的網管方法與介面,網路管理工作將很難執行。
網路管理標準化 每個網路設備必須提供一致的網路管理介面
( 亦即相同的網路管理通信協定 ) 。
![Page 5: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/5.jpg)
5
網路管理相關標準
Internet SNMPv1, SNMPv2, SNMPv3
ISO/ITU-T X.700 Series: CMIP/S (Common Management Information Protocol /
Service)
ITU-T M.3000 Series: TMN (Telecommunication Management Networks)
![Page 6: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/6.jpg)
SNMP Concepts
SNMP: Simple Network Management Protocol De facto standards of network management for TCP/IP
networks (Internet) IAB recommends all IP & TCP implementations should
be network manageable. That is, all TCP/IP network devices should support
SNMP.
IAB: Internet Activities Board
![Page 7: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/7.jpg)
SNMP Architectural Model
Key Components One or more Management Stations
• Perform management applications, i.e, Monitor & Control.
Multiple Network Elements• hosts, routers, gateways, ..., which each contain an Agent.
Network Management Protocol• Exchange network management information.
![Page 8: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/8.jpg)
SNMP Architectural Model (cont.)
Network
網路介面
SNMP
UDP
IP
網路介面
SNMP
UDP
IP
網路介面
SNMP
UDP
IP
Manager Agent Agent
. . .
ManagementStation Host Router
Network Elements (NEs)
Network Management
Protocol
SNMP
![Page 9: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/9.jpg)
9
Management Components
Manager Agent Network Management Protocol Management Information Base (MIB)
![Page 10: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/10.jpg)
10
Management Components
Management Station (Manager) Network management applications. Provide an interface which the human network manager can m
onitor and control the network. Agent
Network devices should be equipped with agent software so that they can be managed from a management station.
Responds to requests for information from managers. Responds to requests for actions from managers. May asynchronously provide managers with important but uns
olicited information.
![Page 11: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/11.jpg)
11
Management Components (cont.)
Network Management Protocol Communication protocol between managers and agents
NM protocol provides a standard way to exchange management information between managers and agents.
Management Information Base (MIB) A collection of Managed Objects.
The resources to be managed are represented as objects, called Managed Objects (MOs).
![Page 12: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/12.jpg)
Management Information Base (MIB)
Each resource to be managed is represented by an object, called managed object (MO).
The MIB is a structured collection of MOs.
Essentially, each MO is a data variable.
Each agent in an NE maintains an MIB.
Monitor: by reading the values of MOs in the MIB.
Control: by modifying the values of MOs in the MIB.
網路介面
SNMP
UDP
IP
AgentAgent
Managed Resources
MIBMIB
NE: Network Element
![Page 13: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/13.jpg)
SNMP Services Four Services
Get, Set, GetNext, Trap
Five SNMP PDUs GetRequest, SetRequest, GetNextRequest, GetResponse, Trap
Manager Agent(s)
Get, Set, GetNext Request
Get Response
Trap
PDU: Protocol Data Unit
![Page 14: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/14.jpg)
14
SNMP Services
Get Request
Get ResponseManager Agent
GetNext Request
Get ResponseManager Agent
Set Request
Get ResponseManager Agent
Trap RequestManager Agent
Get
GetNext
Set
Trap
Get
GetNext
Set
Trap
![Page 15: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/15.jpg)
SNMP Services (cont.)
Get Request: Retrieve the values of objects in the MIB of an agent.
Get-Next Request: Retrieve the values of the next objects in the MIB of an agent.
Set Request: Update the values of objects in the MIB of an agent.
Trap Request Report extraordinary events to the manager.
![Page 16: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/16.jpg)
Get-Next Request
:Non-Leaf Object
:Leaf Object1 2 3
4 5 6
MIB Tree :In SNMP, Only leaf objects have values.
*
![Page 17: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/17.jpg)
Default UDP Ports for SNMP
網路介面
SNMP
UDP
IP
Manager
ManagementStation
Network Elements (NEs)
網路介面
SNMP
UDP
IP
Agent
162 Any 161 Any
![Page 18: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/18.jpg)
SNMP Standards
SNMP Protocol (Std 15) RFC1157: Simple Network Management Protocol.
Structure of Management Information (SMI) (Std 16) RFC1155: Structure and Identification of Management
Information for TCP/IP-based Internets. RFC1212: Concise MIB Definitions.
MIB-II (Std 17) RFC1213: Management Information Base for Network
Management of TCP/IP-based Internets: MIB-II.
http://www.isi.edu/rfc-editor/rfc.html
![Page 19: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/19.jpg)
2. Management Information Base
Structure of Management Information (SMI) Set of rules on how managed objects should be defined. Objects are defined using Abstract Syntax Notation One ASN.1
(ITU-T X.208 / ISO 8824)
MIB The collection of all defined objects Contains hierarchically organized variables corresponding to
managed objects. MIB-II, RMON MIB, Bridge MIB, Repeater MIB, X.25 MIB,
FDDI MIB, Token Ring MIB, ...
![Page 20: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/20.jpg)
Object Identifier Object Identifier (OID):
Global identifier for a particular object type. An OID consists of a sequence of integers, which specify the
position of the object in the global object identifier tree. root
ccitt iso joint-iso-ccitt
directory
0 1 2
std regauthority
memberbody
org0
1 2 3
dod
internet
6
1
12 3 4
mgmt experimental private
MIB II
system1
interface2
at3
IP4
ICMP5
TCP6
UDP7
EGP8
Trans.10
SNMP11
1 1enterprises
1.3.6.1.2.1.2 1.3.6.1.4.1
1.3.6.1.2.1
MIB II
interface
enterprises
![Page 21: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/21.jpg)
21
Private MIB Registration
Companies can register their private MIB extensions in the global MIB tree by contacting the Internet Assigned Numbers Authority (IANA). http://www.iana.org/http://www.iana.org/
Currently assigned enterprise subtrees
ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbersftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers
![Page 22: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/22.jpg)
SMI (RFC1155)RFC1155-SMI DEFINITIONS ::= BEGINEXPORTS -- EVERYTHING internet, directory, mgmt, experimental, private, enterprises, OBJECT-TYPE, ObjectName, ObjectSyntax, SimpleSyntax, ApplicationSyntax, NetworkAddress, IpAddress, Counter, Gauge, TimeTicks, Opaque;
internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 }directory OBJECT IDENTIFIER ::= { internet 1 }mgmt OBJECT IDENTIFIER ::= { internet 2 }experimental OBJECT IDENTIFIER ::= { internet 3 }private OBJECT IDENTIFIER ::= { internet 4 }enterprises OBJECT IDENTIFIER ::= { private 1 }
![Page 23: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/23.jpg)
SMI (cont.)OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::=
"SYNTAX" type (TYPE ObjectSyntax) "ACCESS" Access "STATUS" Status VALUE NOTATION ::= value (VALUE ObjectName)
Access ::= "read-only" | "read-write" | "write-only" | "not-accessible" Status ::= "mandatory" | "optional" | "obsolete" END
ObjectName ::= OBJECT IDENTIFIER
ASN.1 Macro
![Page 24: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/24.jpg)
24
OBJECT-TYPE Example
sysDesc OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-only
STATUS mandary
::= { system 1}
![Page 25: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/25.jpg)
ObjectName ::= OBJECT IDENTIFIER ObjectSyntax ::= CHOICE {
simple SimpleSyntax,application-wide
ApplicationSyntax}
SimpleSyntax ::= CHOICE {
number INTEGER,string OCTET STRING,object OBJECT IDENTIFIER,empty NULL} }
ApplicationSyntax ::= CHOICE {
address NetworkAddress,counter Counter,gauge Gauge,ticks TimeTicks,arbitrary Opaque
}
NetworkAddress ::=CHOICE {
internet IpAddress}IpAddress ::=
[APPLICATION 0]IMPLICIT OCTET STRING (SIZE (4))
Counter ::=[APPLICATION 1]IMPLICIT INTEGER (0..4294967295)
Gauge ::=[APPLICATION 2]IMPLICIT INTEGER (0..4294967295)
TimeTicks ::=[APPLICATION 3]IMPLICIT INTEGER (0..4294967295)
Opaque ::=[APPLICATION 4] IMPLICIT OCTET STRING
END
SMI (cont.)
![Page 26: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/26.jpg)
26
Object Syntax Summary
Simple Syntax Integer Octet String Object Identifier Null
Application Syntax Network Address Counter Gauge Time Ticks Opaque
![Page 27: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/27.jpg)
Concise MIB Definition (RFC 1212)
OBJECT-TYPE MACRO ::=BEGINTYPE NOTATION ::= "SYNTAX" type(ObjectSyntax) "ACCESS" Access "STATUS" Status
DescrPart ReferPart IndexPart DefValPartVALUE NOTATION ::=
value (VALUE ObjectName)
DescrPart ::="DESCRIPTION" value (description DisplayString)
| emptyReferPart ::=
"REFERENCE" value (reference DisplayString)| empty
IndexPart ::="INDEX" "{" IndexTypes "}" | empty
IndexTypes ::=IndexType | IndexTypes "," IndexType
IndexType ::=value (indexobject ObjectName) | type (indextype)
DefValPart ::="DEFVAL" "{" value (defvalue ObjectSyntax) "}"
| emptyEND
![Page 28: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/28.jpg)
Examples: MIB II (RFC 1213)mib-2 OBJECT IDENTIFIER ::= { mgmt 1 }system OBJECT IDENTIFIER ::= { mib-2 1 }interfaces OBJECT IDENTIFIER ::= { mib-2 2 }at OBJECT IDENTIFIER ::= { mib-2 3 }ip OBJECT IDENTIFIER ::= { mib-2 4 }icmp OBJECT IDENTIFIER ::= { mib-2 5 }
tcp OBJECT IDENTIFIER ::= { mib-2 6 } udp OBJECT IDENTIFIER ::= { mib-2 7 } egp OBJECT IDENTIFIER ::= { mib-2 8 } -- cmot OBJECT IDENTIFIER ::= { mib-2 9 }transmission OBJECT IDENTIFIER ::= { mib-2 10 } snmp OBJECT IDENTIFIER ::= { mib-2 11 }
ifEntry OBJECT-TYPESYNTAX IfEntryACCESS not-accessibleSTATUS mandatoryDESCRIPTION
"An interface entry containing objects at the subnetwork layer and below for a particular interface."
INDEX { ifIndex }::= { ifTable 1 }
ifTable OBJECT-TYPESYNTAX SEQUENCE OF IfEntry
ACCESS not-accessibleSTATUS mandatory
DESCRIPTION"A list of interface entries. The number of entries is givenby the value of ifNumber."
::= { interfaces 2 }
![Page 29: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/29.jpg)
29
Identification of Managed Objects
Use Object Identifier (OID) OID = Object Type OID . Instance Identifier Object Type OID:
Each Object type has a unique OID
Instance Identifier: Identify instances of object type
E.g .mib-2.interface.ifTable.ifEntry.ifDescr.2
![Page 30: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/30.jpg)
30
Two Kinds of Managed Objects
Type-Specific Objects: sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
::= {system 1}
OID: mib-2.system.1.0 Columnar Objects
OID:mib-2.interface.ifTable.ifEntry.ifDescr.2mib-2.interface.ifTable.ifEntry.ifDescr.6 mib-2.interface.ifTable.ifEntry.ifType.2mib-2.interface.ifTable.ifEntry.ifType.6
![Page 31: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/31.jpg)
31
Columnar Objects
ifTable OBJECT-TYPE SYNTAX SEQUENCE OF IfEntry … ::= { interface 2 }
IfEntry ::= SEQUENCE { ifIndex INTEGER, ifDescr DisplayString, ifType INTEGER, …}
ifEntry OBJECT-TYPE SYNTAX IfEntry … INDEX {ifIndex } ::= { ifTable 1}
ifDescr OBJECT-TYPE SYNTAX DisplayString (SIZE(0..255)) ACCESS read-only STATUS madatory...::= {ifEntry 2}
![Page 32: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/32.jpg)
32
Columnar Objects
ifIndex ifDescr ifType . . .
1 le0 6 . . .
6 llc0 1 . . .
7 lo0 24 . . .
9 le1 6 . . .
.ifTable.ifEntry.1 (1.3.6.1.2.1.2.2.1.1) .ifTable.ifEntry.2 (1.3.6.1.2.1.2.2.1.2)
.ifTable.ifEntry.3 (1.3.6.1.2.1.2.2.1.3)
1.3.6.1.2.1.2.2.1.3.71.3.6.1.2.1.2.2.1.2.6
![Page 33: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/33.jpg)
33
Index in MIB II ifEntry {ifIndex} atEntry {atNetIfIndex, atNetAddress} ipAddrEntry {ipAdEntAddr } ipRouteEntry {ipRouteDest} ipNetToMediaEntry {ipNetToMediaIfIndex,
ipNetToMediaNetAddress} tcpConnEntry
{tcpConnLocalAddress, tcpConnLocalPort, tcpConnRemoteAddress, tcpConnRemotePort}
udpEntry {udpLocalAddress, udpLocalPort} egpNeighEntry {egpNeighAddr}
![Page 34: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/34.jpg)
34
Index Example
To get the state of the TCP connection:10.144.18.118:1200 ===> 10.144.14.40:1600
Use snmp_get_req. to get the “tcpConnState” of the tcpConnTable in MIB II.
tcpConnState ==> .1.3.6.1.2.1.6.13.1.1
.1.3.6.1.2.1.6.13.1.1.10.144.18.118.1200.10.144.14.40.1600
![Page 35: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/35.jpg)
MIB II System Group
Provide general information about the managed system. Interfaces Group
Contains generic information about the physical interfaces. Address-Translation Group
Contains information about the mapping between network addresses and physical addresses for each physical interface.
IP Group Contains information about the implementation and operation of IP at the
managed system. ICMP Group
Contains information about the implementation and operation of ICMP at the managed system.
![Page 36: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/36.jpg)
MIB-II (cont.) TCP Group
Contains information about the implementation and operation of TCP at the managed system.
UDP Group Contains information about the implementation and operation of UDP at
the managed system. EGP Group
Contains information about the implementation and operation of EGP at the managed system.
Transmission Group Provides details about the underlying transmission media for each interface.
SNMP Group Provides the statistics of SNMP operations at the managed system.
![Page 37: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/37.jpg)
IETF MIBs
1213 MIB-II 1316 Character Stream 1317 RS-232-like Hardware 1471 PPP 1513 RMON for Token Ring 1757 RMON 2021 RMON-II .....
![Page 38: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/38.jpg)
3. SNMP SNMP Message
Version Identifier Community Name Protocol Data Unit
The length of SNMP messages should not exceed 484 octets.
Message ::= SEQUENCE {
version INTEGER {version-1(0)},community OCTET STRING,data ANY
}
Version Community SNMP PDU
![Page 39: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/39.jpg)
SNMP Authentication
Community Relationship between an Agent and Managers.
Community Name Used to validate the SNMP messages. SNMP Password. Default ‘Get’ community name: “public”.
Authentication Failure Agent sends “Authentication Failure Trap” to
Manager.
![Page 40: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/40.jpg)
SNMP PDUPDU ::= SEQUENCE {
request-id INTEGER,error-status INTEGER {
noError(0),tooBig(1),noSuchName(2),badValue(3),readOnly(4)genErr(5)},
error-index INTEGER,variable-bindings
SEQUENCE OF {name ObjectName,value
ObjectSyntax}
}
GetRquest :GetNextRequest :
GetResponse :SetRequest :
Trap :
[0] PDU[1] PDU[2] PDU[3] PDU[4] Trap-PDU
Five SNMP PDUs:
PDU: Protocol Data Unit
![Page 41: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/41.jpg)
SNMP PDU (cont.)
PDU type request-id 0 0 variable-bindings
GetRequest, GetNextRequest, SetRequest
PDU type request-id error-status error-index variable-bindings
GetResponse
variable-bindings
name value name value name value. . .
![Page 42: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/42.jpg)
Trap-PDUTrap-PDU ::= [4]
IMPLICIT SEQUENCE {enterprise OBJECT IDENTIFIER,agent-addr NetworkAddress,
generic-trap INTEGER { coldStart(0), warmStart(1), linkDown(2), linkUp(3), authenticationFailure(4), egpNeighborLoss(5), enterpriseSpecific(6)},
specific-trap INTEGER,time-stamp TimeTicks,variable-bindings VarBindList
}
Enterprise: Type of Object generating trap.
Agent Address:Address of object generating trap.
Generic Trap:Generic trap type.
Specific Trap:Enterprise specific trap.
Time Stamp:Time elapsed between the last initialization of the network entity andthe generation of the trap.
Variable Bindings“Interesting” information
PDU type enterprise agent-addr generic-trap variable-bindingsspecific-traptime-stamp
![Page 43: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/43.jpg)
How does a Manager do?
Translates Internal Data to
ASN.1 Format
Sends RequestPDU to Agent
Translates ASN.1 Package to Internal
Data Format
Received ResponsePDU from Agent
NMApplication
NMApplication
Agent
Agent
Manager
![Page 44: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/44.jpg)
How does an Agent do?
Received SNMP Request PDU from Manager
Translates ASN.1Structure to
Internal Data
Maps MIB Variables to
Internal Variables
Sends SNMP Response PDU
to Manager
Translates ResponsePDU to ASN.1
Format
Implement SNMP Request to Set orGet MIB Value
From Manager
To Manager
Agent
![Page 45: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/45.jpg)
Main Loop of Agent Agent waits for an incoming datagram in Port 161 Reads the datagram from UDP and notes the transport
address of the sending entity. Increments the QUANTUM to keep track of the logical
request-id being processed by agent De-serializes the datagram into an ASN.1 structure. If
error occurs, log error and discard packet. The ASN.1 structure is translated into SNMP message. If
error occurs, log error and discard packet. Check on VERSION-NUMBER field. If error occurs, log
error and discard packet.
![Page 46: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/46.jpg)
Main Loop of Agent (cont.) Community name is looked up.
If community is unknown to agent, agent send AUTHENTICATION trap to Manager station in Port 162; log error and discard packet.
Agent loops through list of variables in the request.
If no prototype is found, return a GET-RESPONE with error noSuchName and discard package.
Once prototype is fund, operation is checked against community profile. If mismatch occurs, return get-respone with error noSuchName or readOnly and discard package.
Otherwise, agent invokes access routine to perform the desired operation.
![Page 47: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/47.jpg)
What's New in SNMPv2
No more Trap PDU, 3 New PDUs: getBulkReq, InformReq, SNMPv2-Trap
Added Security 18 Error Status Values SNMPv2 SMI / SNMPv2 MIB M-to-M Communications Table Operations ...
![Page 48: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/48.jpg)
4. SNMP Application Examples SNMP Commands
snmpget [options] node variable [...]• query a node using SNMP Get request
snmpnext [options] node variable [...]• query a node using SNMP GetNext request
snmpwalk [options] node variable • query a node repeatedly using SNMP GetNext/GetBulk requests
snmptrap [-d] [-p port] [-c community] node enterprise agent-addr generic-trap specific-trap time-stamp variable type value [variable type value...]
• issue an SNMP Version 1 Trap options:[-d] [-t timeout] [-r retries] [-p port] [-c community] [-v version]
![Page 49: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/49.jpg)
Example for snmpget>>snmpget -d 10.144.18.118 .1.3.6.1.2.1.1.1.0Transmitted 41 bytes to camry (10.144.18.118) port 161:Initial Timeout: 0.80 seconds 0: 30 27 02 01 00 04 06 70 75 62 6c 69 63 a0 1a 02 0'.....public... 16: 02 18 bc 02 01 00 02 01 00 30 0e 30 0c 06 08 2b .........0.0...+ 32: 06 01 02 01 01 01 00 05 00 -- -- -- -- -- -- -- ................ 0: SNMP MESSAGE (0x30): 39 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public" 13: GET-REQUEST-PDU (0xa0): 26 bytes 15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332 19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0) 22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0 25: SEQUENCE VARBIND-LIST (0x30): 14 bytes 27: SEQUENCE VARBIND (0x30): 12 bytes 29: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0 39: NULL (0x5) 0 bytes
![Page 50: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/50.jpg)
Example for snmpget (cont.)Received 69 bytes from camry (10.144.18.118) port 161: 0: 30 43 02 01 00 04 06 70 75 62 6c 69 63 a2 36 02 0C.....public.6. 16: 02 18 bc 02 01 00 02 01 00 30 2a 30 28 06 08 2b .........0*0(..+ 32: 06 01 02 01 01 01 00 04 1c 53 75 6e 20 53 4e 4d .........Sun SNM 48: 50 20 41 67 65 6e 74 2c 20 53 55 4e 57 2c 55 6c P Agent, SUNW,Ul 64: 74 72 61 2d 31 -- -- -- -- -- -- -- -- -- -- -- tra-1........... 0: SNMP MESSAGE (0x30): 67 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public" 13: RESPONSE-PDU (0xa2): 54 bytes 15: INTEGER REQUEST-ID (0x2) 2 bytes: 6332 19: INTEGER ERROR-STATUS (0x2) 1 bytes: noError(0) 22: INTEGER ERROR-INDEX (0x2) 1 bytes: 0 25: SEQUENCE VARBIND-LIST (0x30): 42 bytes 27: SEQUENCE VARBIND (0x30): 40 bytes 29: OBJ-ID (0x6) 8 bytes: .1.3.6.1.2.1.1.1.0 39: OCTET-STR (0x4) 28 bytes: "Sun SNMP Agent, SUNW,Ultra-1"system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1
![Page 51: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/51.jpg)
Example of snmpwalk
snmpwalk 10.144.18.118 .1.3.6.1.2.1.1system.sysDescr.0 : DISPLAY STRING- (ascii): Sun SNMP Agent, SUNW,Ultra-1
system.sysObjectID.0 : OBJECT IDENTIFIER: .iso.org.dod.internet.private.enterprises.42.2.1.1
system.sysUpTime.0 : Timeticks: (198219958) 22 days, 22:36:39.58
system.sysContact.0 : DISPLAY STRING- (ascii): [email protected]
system.sysName.0 : DISPLAY STRING- (ascii): camry
system.sysLocation.0 : DISPLAY STRING- (ascii): Information Technology Laboratory 3F
system.sysServices.0 : INTEGER: 72 (01001000)B
![Page 52: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/52.jpg)
Example of snmptrap snmptrap -d manager .1.3.6.1.4.1.612.1.1 10.144.18.116 6 99999 0
.1.3.6.1.1 octetstringascii "Trap test"Transmitted 64 bytes to manager (10.144.18.100) port 162: 0: 30 3e 02 01 00 04 06 70 75 62 6c 69 63 a4 31 06 0>.....public.1. 16: 09 2b 06 01 04 01 84 64 01 01 40 04 0a 90 12 74 [email protected] 32: 02 01 06 02 03 01 86 9f 43 01 00 30 13 30 11 06 ........C..0.0.. 48: 04 2b 06 01 01 04 09 54 72 61 70 20 74 65 73 74 .+.....Trap test 0: SNMP MESSAGE (0x30): 62 bytes 2: INTEGER VERSION (0x2) 1 bytes: 0 (SNMPv1) 5: OCTET-STR COMMUNITY (0x4) 6 bytes: "public" 13: V1-TRAP-PDU (0xa4): 49 bytes 15: OBJ-ID ENTERPRISE (0x6) 9 bytes: .1.3.6.1.4.1.612.1.1 26: IPADDRESS AGENT-ADDR (0x40) 4 bytes: 10.144.18.116 (manager2) 32: INTEGER GENERIC-TRAP (0x2) 1 bytes: 6 35: INTEGER SPECIFIC-TRAP (0x2) 3 bytes: 99999 40: TIMETICKS TIME-STAMP (0x43) 1 bytes: 0 (0x0) 43: SEQUENCE VARBIND-LIST (0x30): 19 bytes 45: SEQUENCE VARBIND (0x30): 17 bytes 47: OBJ-ID (0x6) 4 bytes: .1.3.6.1.1 53: OCTET-STR (0x4) 9 bytes: "Trap test"
![Page 53: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/53.jpg)
53
Get System Information
Get “System Group” of MIB II Use get_request or get_next_request
sysDescr .1.3.6.1.2.1.1.1.0
sysObjectID .1.3.6.1.2.1.1.2.0
sysUptime .1.3.6.1.2.1.1.3.0
sysContact .1.3.6.1.2.1.1.4.0
sysName .1.3.6.1.2.1.1.5.0
sysLocation .1.3.6.1.2.1.1.6.0
![Page 54: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/54.jpg)
54
Get Interface Information
Get “Interface Group” of MIB II Repeatedly Use “get_next_request” Note: We don’t know the ifIndex values in i
fTable.First get the next object of .ifTable.ifEntry.0Then repeatedly “get_next”Until the whole subtree is visited.
![Page 55: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/55.jpg)
55
![Page 56: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/56.jpg)
56
Traffic Monitoring
Get “ifInOctets” and “ifOutOctets” of MIB II Interface Group
t1: C1 t2: C2
(C2 - C1 ) 8
(t2 - t1) Bandwidth 100%Utilization (%) =
![Page 57: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/57.jpg)
57
![Page 58: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/58.jpg)
6. Reference
The Simple Book, marshall T.Rose, Prentice-Hall Inc. SNMP, SNMPv2 and RMON: The Practical Guide to Network
Management, Willeam Stallings SMI; http://ds.internic.net/rfc/rfc1155.txt Concise MIB Format; http://ds.internic.net/rfc/rfc1212.txt SNMP; http://ds.internic.net/rfc/rfc1157.txt MIB II; http://ds.internic.net/rfc/rfc1213.txt Trap Format; http://ds.internic.net/rfc/rfc1215.txt ASN.1 and BER; ITU-T X.208, X.209
![Page 59: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/59.jpg)
59
Development of SNMP Standards
SNMPv2 SNMPv3 RMON I RMON II
![Page 60: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/60.jpg)
60
SNMPv3 An Architecture for Describing Internet Management
Frameworks Local Processing Model for version 3 of the Simple
Network Management Protocol (SNMPv3) Message Processing and Control Model for version 3 of
the Simple Network Management Protocol (SNMP) User-based Security Model for version 3 of the Simple
Network Management Protocol (SNMPv3) View-based Access Control Model (VACM) for version 3
of the Simple Network Management Protocol (SNMP) User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)
![Page 61: Introduction to SNMP Yen-Cheng Chen ycchen/ ycchen@ncnu.edu.tw](https://reader035.vdocuments.mx/reader035/viewer/2022062321/56649dab5503460f94a9a9fc/html5/thumbnails/61.jpg)
61
RMON I & II