SNMP Simple Network Management Protocol - TCIL

beansproutscompleteΛογισμικό & κατασκευή λογ/κού

13 Δεκ 2013 (πριν από 3 χρόνια και 5 μήνες)

117 εμφανίσεις

SNMP

(
Simple Network Management Protocol
)
based

Network Management





Network

Management: What is it?


Network

management

includes

deployment,integration

and

coordination

of

the

hardware,

software,

and

human

elements

to

monitor,

test,

poll,

configure,

analyze,

evaluate

and

control

the

network

and

element

resources

to

meet

the

real
-
time,

operational

performance,

and

Quality

of

service

requirements

at

a

reasonable

cost
.

Network Management: Why is it needed?


Lowers

costs

by

eliminating

the

need

for

many

administrators

at

multiple

locations

performing

the

same

function


Makes

network

administration

and

monitoring

easier

and

more

convenient


Coherent

presentation

of

data

OSI Network Management Model


ISO/OSI

network

management

model

defines

a

common

frame

of

reference

for

network

management,

and

provides

an

excellent

framework

for

understanding

the

major

functions

that

NMSs

perform
.


The

OSI

network

management

model

incorporates

the

following

five

layers
:


Performance management


Fault management


Configuration management


Accounting management


Security management


Functional Areas of Network Management

(According to OSI Network Management Model)



Performance

Management



how

smoothly

is

the

network

running


Fault

Management

-

reactive

and

proactive

network

fault

management

(deals

with

problems

and

emergencies

in

the

network)

Configuration

Management



keeping

track

of

device

settings

and

how

they

function

Accounting

Management

-

cost

management

and

charge

back

assessment

Security

Management

-

SNMP

(Version

1

and

2
)

doesn’t

provide

much

here


In
-
Band Versus

Out
-
of
-
Band Management


When

planning

a

distributed

management

solution
,

consider

the

path

that

the

management

data

must

take


There

are

two

path

options

for

network

management

information

in
-
band

and

out
-
of
-
band


In
-
band

management

traffic

travels

along

the

network

data

path


Out
-
of
-
band

management

traffic

alerts

travel

on

a

separate

non
-
data

path
.

An

out
-
of
-
band

management

solution

supports

communications

between

management

agents

and

the

manager

device,

regardless

of

the

status

of

the

data

network


In band/Out band Management

Out
-
of
-
Band

Management

In Band Management

N/w Management arch.

Network Management Architectures

1
)

Management

Entity


On

the

data

collection

end,

two

kinds

of

activities

occur

within

a

management

utility

or

facility,

called

a

management

entity
,

whose

job

is

to

provide

access

to

management

data,

controls,

and

behaviors
:

1.
Regular

polling

or

sampling

of

management

data

occurs,

whereby

the

management

entity

requests

updates

from

managed

devices

to

reflect

recent

status

of

the

network

being

managed
.

2.
When

alerts

are

received,

appropriate

responses

must

be

generated



Network Management Architectures (contd.)

2
)

Managed

Device


A

Managed

device

is

a

piece

of

network

equipment

that

resides

on

a

managed

network
.


At

each

managed

device,

a

special

piece

of

software(process)

called

a

management

agent

responds

to

polls

for

collected

data,

where

the

management

agent

itself

has

custody

of

a

management

database

(MDB)

of

information

that

it

collects

and

maintains

over

time

Network Management Architectures (contd.)

3
)

N/w

Management

Protocol


The

protocol

runs

between

managing

entity

and

the

managed

device
.


Allows

the

managing

entity

to

query

the

status

of

the

managed

devices

.


Agents

can

use

the

network

management

protocol

to

inform

the

managing

entity

of

exceptional

events
.


SNMP & The OSI Model



Management and Agent APIs
7
Application Layer
SNMP
6
Presentation Layer
ASN.1 and BER
5
Session Layer
RPC and NetBIOS
4
Transport Layer
TCP and UDP
3
Network Layer
IP and IPX
2
Data Link Layer
1
Physical Layer
Ethernet, Token Ring, FDDI
Versions




Two major versions
SNMPv1
,
SNMPv2


SNMPv1

is the recommended standard


SNMPv2

has become split into:


SNMPv2u

-

SNMPv2 with user
-
based security


SNMPv2
*
-

SNMPv2 with user
-
based security and additional features


SNMPv2c
-

SNMPv2 without security


SNMPv3

-

Future

Client Pull & Server Push


SNMP is a “client pull” model


SNMP is a “server push” model

The

management

system

(client)

“pulls”

data

from

the

agent

(server)
.

The

agent

(server)

“pushes”

out

a

trap

message

to

a

(client)

management

system

The Internet
-

Standard Management
Framework


SNMP

is

a

tool

(protocol)

that

allows

for

remote

and

local

management

of

items

on

the

network

including

servers,

workstations,

routers,

switches

and

other

managed

devices
.


Comprised of
agents

and
managers



Agent

-

process

running

on

each

managed

node

collecting

information

about

the

device

it

is

running

on
.


Manager

-

process

running

on

a

management

workstation

that

requests

information

about

devices

on

the

network
.

SNMP network management consists of four parts:

The Internet
-

Standard Management
Framework (contd.)


Structure

of

Management

Information

(SMI)


Rules

specifying

the

format

used

to

define

objects

managed

on

the

network

that

the

SNMP

protocol

accesses


Management Information Base (MIB)


A

map

of

the

hierarchical

order

of

all

managed

objects

and

how

they

are

accessed


SNMP

Protocol



Defines

format

of

messages

exchanged

by

management

systems

and

agents
.


Specifies

the

Get,

GetNext,

Set,

and

Trap

operations



Security and administration capabilities


The

addition

of

these

capabilities

represents

the

major

enhancement

in

SNMPv
3

over

SNMPv
2

Registered Tree

MIB
-
2

MIB
-
II Standard Internet MIB


Definition follows structure given in SMI


MIB
-
II (RFC 1213) is current standard
definition of the virtual file store for SNMP
manageable objects


Has 10 basic groups


system


interfaces


at


ip


icmp


tcp


udp


egp


transmission


snmp


If agent implements any group then is has to
implement all of the managed objects within
that group

Ports & UDP




SNMP uses User Datagram Protocol (UDP) as the
transport mechanism for SNMP messages




UDP Port 161

-

SNMP Messages


UDP Port 162

-

SNMP Trap Messages


Like FTP, SNMP uses two well
-
known ports to operate:

Ethernet

Frame

IP
Packet

UDP
Datagram

SNMP Message

CRC

Four Basic Operations




Get


GetNext


Set


Trap

Retrieves the value of a MIB variable stored on the agent machine

(integer, string, or address of another MIB variable)

Retrieves the next value of the next lexical MIB variable

Changes the value of a MIB variable

An unsolicited notification sent by an agent to a management
application
(typically a notification of something unexpected, like an error)

Basic operations contd..

Manager

Agent

get_request

get_next_request

get_response

port 161

port 161

port 161

port 161

port 162

get_response

get_response

set_request

trap

Traps




Traps are unrequested event reports that are sent to a
management system by an SNMP agent process


When a trappable event occurs, a trap message is generated
by the agent and is sent to a trap destination (a specific,
configured network address)


Many events can be configured to signal a trap, like a
network cable fault, failing NIC or Hard Drive, a “General
Protection Fault”, or a power supply failure


Traps can also be throttled
--

You can limit the number of
traps sent per second from the agent


Traps have a priority associated with them
--

Critical, Major,
Minor, Warning, Marginal, Informational, Normal, Unknown


Trap Receivers




Traps are received by a management application.


Management applications can handle the trap in a few ways:


Poll the agent that sent the trap for more information about the event, and
the status of the rest of the machine.


Log the reception of the trap.


Completely ignore the trap.



Languages of SNMP




Structure of Management Information (SMI)


Abstract Syntax Notation One (ASN.1)


Basic Encoding Rules (BER)

specifies the format used for defining managed objects that are
accessed via the SNMP protocol

used to define the format of SNMP messages and managed
objects (MIB modules) using an unambiguous data description
forma

used to encode the SNMP messages into a format suitable for
transmission across a network


SNMP MESSAGE ENCODING


THE DESCRIPTION OF MIBS AND MESSAGE FORMATS IS
BASED ON THE
ASN.1

SYNTAX


THE MAPPING FROM AN ABSTRACT SYNTAX UPON A
TRANSFER SYNTAX IS DEFINED BY THE BASIC ENCODING

RULES (BER)

MANAGER
UDP
IP
LINK
AGENT
UDP
IP
LINK
MIB
BER
BER
ABSTRACT SYNTAX
TRANSFER SYNTAX
Basic Message Format



Message Length

Message Version

Community String

PDU Header

PDU Body

Message Preamble

SNMP Protocol
Data Unit

NAME
1
VALUE
1
NAME
2
VALUE
2
•••
•••
NAME
n
VALUE
n
PDU TYPE
*
ERROR
VARIABLE BINDINGS
STATUS
REQUEST
ID
ERROR
INDEX
VERSION
COMMUNITY
SNMP PDU
variable bindings:
SNMP PDU:
SNMP message:
SNMP MESSAGE

SNMP PDU

VARIABLE BINDINGS

SNMP Agents

Two basic designs of agents



Extendible Agents


Monolithic Agents


not extendible


optimized for specific hardware platform and OS


Open, modular design allows for adaptations to new
management data and operational requirements


Remote Monitoring (RMON)


The RMON MIB is used to monitor and administer remote segments
of a distributed network


Within an RMON network monitoring data is defined by a set of
statistics and functions and exchanged between various different
monitors and console systems. Resultant data is used to monitor
network utilization for network planning and performance
-
tuning, as
well as assisting in network fault diagnosis.


RMON places agents, called
network probes
, at various locations on
the distributed network


Probes are standalone devices that contain a NIC, a processor,
memory, and software


Community Names




A community string is a password that allows access to a network device.
It defines what "community of people" can access the SNMP information
that is on the device.


Community names are used to define where an SNMP message is
destined for.


Set up your agents to belong to certain communities.


Set up your management applications to monitor and receive traps from
certain community names.


There are actually three community strings for SNMP
-
speaking devices:


The SNMP Read
-
only community string


The SNMP Read
-
Write community string


The SNMP Trap community string


PROXY MANAGEMENT


A
NODE MAY NOT SUPPORT SNMP, BUT MAY BE MANAGEABLE BY SNMP
THROUGH A PROXY AGENT RUNNING ON ANOTHER MACHINE



TERM HAS TRADITIONALLY BEEN USED FOR DEVICES THAT :


TRANSLATE BETWEEN DIFFERENT TRANSPORT DOMAINS


TRANSLATE BETWEEN DIFFERENT SNMP VERSIONS


TRANSLATE BETWEEN SNMP AND OTHER MANAGEMENT PROTOCOLS


AGGREGATE LOW LEVEL MANAGEMENT INFO INTO HIGH LEVEL INFO ETC



NOWADAYS THE TERM DENOTES A DEVICE THAT FORWARDS SNMP MESSAGES,


BUT DOESN’T LOOK AT THE INDIVIDUAL OBJECTS

MANAGER
PROXY
AGENT
SNMP Consoles,

Tools, Utilities, and Key Files


There are many of these available, the lion’s share
of the market belongs to three products:


HP Open View’s Network Node Manager
(NNM)


IBM’s Tivoli Net View


Computer Associates’ Unicenter TNG


There are also many smaller utilities that are
helpful when supporting a management system
(
Novell ManageWise, Sun MicroSystems Solstice, Microsoft SMS Server, Compaq Insight
Manger, SnmpQL
-

ODBC Compliant,Empire Technologies,CincoNetworks NetXray,SNMP
Collector Win9X/NT,Observer
)


Architecture of NSM Products

NSM products are made up of three layers:


WorldView Layer
: repository for the graphical visualization of
the enterprise.


COR


Real World Interface


Worldview Application Interface


Manager Layer
:


Agent Technology: Contains the agent facilities that monitor and
determine the state of enterprise


Enterprise Management: A collection of integrated managers that
control and automate a variety of functions and responses within the
enterprise


Agent Technology Layer
: Agents gather information from
enterprise through remote access monitoring and control
resource. Agents reside on or near managed objects and
provide information to a management application.

Following steps outline what occurs architecturally when an
agent detects a threshold breach on the device it is monitoring:



Agent identifies a threshold has been crossed for a resource it is
monitoring. It passes this information to the SNMP administrator by way of
the Distributed Services Bus.


The SNMP administrator takes the information from the Agent, encodes an
SNMP Trap Protocol Data Unit and send it to the Manager.


The SNMP Gateway receives the Trap PDU, decodes it, and sends it to
the Manager by way of DSB.


The Manager determines if the alert represents a change in status for the
resource and, if so, passes the status update to the WorldView Gateway by
way of DSB.


The WorldView Gateway then updates the status of the managed object in
the COR.



Supports management of multiple distributed domains. Each server can import
the map of one or more servers.


Provides both local and remote access using the Remote Console Component.


Polling agents perform discovery of locally attached devices.

About NSM Products


Supports a multi
-
level hierarchy map. Each hierarchy can represent
cities, buildings or sub networks.


Automatically lays out each map network as a tree, ring, or snaked bus
topology.


Each map object uses a device specific or user selected icon, and the
object color indicates the device status


Automatically generates scheduled daily, weekly and monthly statistic
reports. Report format include graph, bar chart, distribution,and
summary and can be exported to a variety of destinations.

EXAMPLE NETWORK

Advantages of using SNMP


Standardized


universally supported


extendible


portable


allows distributed management access


lightweight protocol

THANK YOU