www.bmc.com 1 © 1999 bmc software, inc. 2/10/00 snmp in patrol eugene golovinsky bmc software, snmp...

www.bmc.com

1© 1999 BMC SOFTWARE, INC.2/10/00

SNMP in Patrol

Eugene GolovinskyBMC Software,SNMP technology group

www.bmc.com

2© 1999 BMC SOFTWARE, INC.2/10/00

SNMPSimple Network Management Protocol

3

© 1999 BMC SOFTWARE, INC.2/11/00

Why was SNMP invented ?

Designed to run on non-OS systems, later used in various ways for monitoring

No “BRAINS”

SNMP Agent

THE “BRAINS”

SNMP Manager

Maybe no (Free) Cpu Maybe no (Free) Memory Must be able to run everywhere

Real OS Contained all intelligence Made all decisions

4

© 1999 BMC SOFTWARE, INC.2/11/00

Protocol, its versions and extentions

What is SNMP About the protocol versions

SNMPv1, SNMPv2 ( c ) and SNMPv3

Some other things:RMON, RMON 2, SMI's and MIB's

SNMPv3 - as a future path for SNMP community ?

5

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP implementations

TransportTransport protocol (UDP/IP)BER (iso 8825) - Basic Encoding Rules

TLV (Type, Length, Value) encoding

VersionsSNMPv1SNMPv2SNMPv3

OSI network management implementationCMIP - CMOT ( used primarily in telephony along with

SNMP)

6

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP Syntax - SMI

ASN.1 (iso 8824 - “abstract notation one”)SMI uses a subset of ASN.1

Well defined syntax for information exchange

comparable in functionality with XML

7

© 1999 BMC SOFTWARE, INC.2/11/00

SNMPv3

New Draft Standard with enhanced SecurityUser Based security model (rfc 2574)

Administration

Security (authentication, privacy and message integrity)

View based access (VACM)

8

© 1999 BMC SOFTWARE, INC.2/11/00

RMON (Remote Network Monitoring)

IETF rfc 1271 / rfc 1757 / rfc 1513Physical Layer Management using probes (HW-SW)Extend SNMP functionality

RMON MIB : contains RMON dataPreventive Management : threshold based notificationStatistics/History of data, Packet capturing, Host tables,…Operation modes

Online Offline On Demand

9

© 1999 BMC SOFTWARE, INC.2/11/00

RMON2

Continued on RMON (rfc 2021)Statistics on network and upper layersAll of the leading probe vendors support it

NetScout, Technically Elite, Solcom, HP, 3Com, Bay, Cisco, Cabletron

Difficult to use all features because of vendor specific implementations

10

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP References

SNMP v1 RFCs 1155 SMI 1157 protocol 1212 Concise MIB 1213 MIB2 1215 traps

SNMP v2 RFCs historical

See also : The Simple Web http://snmp.cs.utwente.nl/

SNMP v2C RFCs 1902-1907

SNMP v3 RFCs 1905-1907 2571-2575 2578-2580

http://www.ietf.org

11

© 1999 BMC SOFTWARE, INC.2/11/00

UDP vs. TCP connection

UDP

RMRM

Agents

Console

Console

Agents

TCP• connectionless• scalable• not reliable

• connection oriented• used to be non-scalable• reliable

12

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP : Underlying Transport

UDP/IP implications unreliable no confirmation or guarantee order uncertain may duplicate

unsecure No authentication on transport layer No verification of origin (message spoofing) No integrity (message can be tampered with)

13

© 1999 BMC SOFTWARE, INC.2/11/00

The SNMP Agent

What is an SNMP agent ? Components :

MIB (the MIB in memory) request handling trap sending

14

© 1999 BMC SOFTWARE, INC.2/11/00

Multiple SNMP Agents on 1 system

Conflict : only 1 process can listen on a portSolutions :SMUX (SNMP Multiplexer)AgentX - Agent Extensibility (rfc 2741)Emanate (proprietary SNMP Research)

161

MasterAgent

Sub agent

Sub agent

Sub agent

Application

Application

Device

15

© 1999 BMC SOFTWARE, INC.2/11/00

MIB (Management Information Base)

The MIB definition textual description of MIB layoutWritten in SMI : Structure of Management Information

SMI (the MIB definition language)Support for multiple datatypesSupport for data definitions : indexed tables, structures,

values,...

16

© 1999 BMC SOFTWARE, INC.2/11/00

NAMING in SNMP

Naming hierarchyunique identifier, down to the instance of any object1.3.6.1.4.1.1031 is the OID of the BMC Software subtree;Object identifier is the name

iso1

3 org

6 dod

1 internet

2mgmt

4private

1 enterprises

442 1031enterpriseID

peerBMC Company X

Whatever you like

17

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP Management

Remote Management :

From a geographically separate location configure monitor control

a remote system application device OS

Management console

Mgmt info, i.e., interesting info

“application”

Managed system

Mgmt protocol

18

© 1999 BMC SOFTWARE, INC.2/11/00

Management Operations,SNMP requests and responses

Get, Get Next, SetSNMPv1 responses are sent back

Get Bulk (SNMPv2)

Unsolicited Traps from Agent (v1)

Informs (v2 and v3) - confirmed traps

19

© 1999 BMC SOFTWARE, INC.2/11/00

Request handling

SNMP Agent gets request from mgr listens on specific port : typically 161 receives request : request ID + OID

Lookup of OID in memoryPerforms operation if possibleSNMP Agent sends response

request ID OID value error status + index

Similar for get-next operation returns next OID in tree

20

© 1999 BMC SOFTWARE, INC.2/11/00

Trap sending

SNMP Agent sends7 predefined Generic trap types (0-6)

0-5 = Standard traps

6 = Enterprise Specific

Sends to port 162 (default) on trap receiving machine

Trap destinations has to be configuredPatrol : /snmp/piV1m_list

21

© 1999 BMC SOFTWARE, INC.2/11/00

The SNMP Manager

What is an SNMP manager ?

Components :present MIB info (display MIB files)send requests listen for traps

22

© 1999 BMC SOFTWARE, INC.2/11/00

Sending Requests

Timebased pollingUser based requests

Authentication :SNMPv1 : community names for r/w (most of the

times, just private/public)SNMPv3 does it with MD5

23

© 1999 BMC SOFTWARE, INC.2/11/00

Listening for traps

Only one process can listen on a portThat means only one trap listener per system !

Solution :PATROL : trap demultiplexer (Dietmar

Hildebrand)No PATROL : (write your own)

24

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP++

Initial HP initiative, now Open SourceObject oriented development approach to

SNMPv1,v2c,v3High level APIPrimary focus on network management

application developer

References :http://rosegarden.external.hp.com/snmp++

http://www.simple-times.org/pub/simple-times/issues/7-1.html

www.bmc.com

25© 1999 BMC SOFTWARE, INC.2/10/00

??? Questions ???

www.bmc.com

26© 1999 BMC SOFTWARE, INC.2/10/00

PATROL SNMP Functionality

27

© 1999 BMC SOFTWARE, INC.2/11/00

Patrol SNMP Master and Sub Agent

Only needed when accessing PATROL MIB data !!

Patrol MIB data is KM data

Not needed for :receiving trapssending trapsget/set/walk/... operations

28

© 1999 BMC SOFTWARE, INC.2/11/00

Patrol SNMP Master agent configuration

See file ./lib/snmpmagt.cfg default port used to be 1161, community public

No need for BMC master agent if SMUX compatible Master Agent available (eg. AIX)

What about HP ?They use emanate master agent (proprietary from SNMP

Research) Run 2 master agents, one on 161 (default) and one on 1161

(Patrol)

29

© 1999 BMC SOFTWARE, INC.2/11/00

Starting Patrol SNMP sub-agent

PATROL SNMP sub-agent can be manually started and stopped from PSLsnmp_agent_start()

starts SNMP sub-agent

snmp_agent_stop()stops SNMP sub-agent

snmp_agent_config() tells if SNMP agent functionality is active

30

© 1999 BMC SOFTWARE, INC.2/11/00

PATROL Agent as SNMP sub agent

Ability to send traps

Has an accessible MIBTo access MIB, the master agent must be set up correctly

31

© 1999 BMC SOFTWARE, INC.2/11/00

SNMP Traps in Patrol

Automatically :When Patrol event occursTrap destinations : piV1m_List ( + /snmp/trapMibTable=yes)Filter possibility (see config.default for filter options)Through Master Agent or without Master Agent

trapMibTable(yes), trapConfTable (no) - default

From PSL snmp_trap_send : full controlsnmp_trap_raise_std_trap : uses piV1m_List

32

© 1999 BMC SOFTWARE, INC.2/11/00

PATROL Agent MIB

33

© 1999 BMC SOFTWARE, INC.2/11/00

Objects Table

Contains all the “nodes” from thePATROL namespace, starting fromthe PATH defined in objectsCwd(=objects Current Working Dir)

34

© 1999 BMC SOFTWARE, INC.2/11/00

variablesTable

Contains all the “leaves” from thePATROL namespace, starting fromthe PATH defined in objectsCwd(=objects Current Working Dir)

35

© 1999 BMC SOFTWARE, INC.2/11/00

Browsing PATROL namespace

Set objectCwd to the tree you want to inspect for example “/”

Go to the desired “node” get the “objectsTable”, you see NT_CPU set objectCwd to “/NT_CPU” … pick inst from objectsTable set objectCwd to “/NT_CPU/CPU_0”… pick param from objectsTable set objectCwd to “/NT_CPU/CPU_0/CPUCpuUtil”

Read the wanted values get the “variablesTable” to find all the attributes

including its value

Problem : No way to protect objectsCwd : other PSL script can change its value in the same time !

36

© 1999 BMC SOFTWARE, INC.2/11/00

applicationsTable

Contains all the applicationsloaded in the agent and indexed by application ID

37

© 1999 BMC SOFTWARE, INC.2/11/00

applInstTable

Contains all the instancesdiscovered in the agent.Indexed application ID andinstance ID

38

© 1999 BMC SOFTWARE, INC.2/11/00

parametersTable

Contains all the parametersin the agent.Indexed by application ID,instance ID and parameter OID

39

© 1999 BMC SOFTWARE, INC.2/11/00

Table relationshipsapplicationsTable

id name state ….

0 SOLARIS 0 ….1 CPU 0 ….

2 DISK 0 ….

3 KERNEL 0 ….

4 NFS 0 ….

... …. …. ….

applInstTable

id name status ….

... …. …. ….1.50 CPU 0 ….

2.60 sd5 0 ….

2.61 nfs1 0 ….

2.70 idehd01 0 ….

... …. …. ….

parametersTable

id name value ….

... …. …. ….2.60.150 DSKTps 0 ….

2.61.270 DSKTps 0 ….

2.61.289 DSKBps 0 ….

2.70.300 DSKAvgS.. 0 ….

... …. …. ….

40

© 1999 BMC SOFTWARE, INC.2/11/00

Accessing PATROL namespace

Look for the application in “applicationTable”Use that index to get the instances from the

application in “applInstTable”Use both indexes to get the parameters from the

“parametersTable”Get the required attribute from your parameter

This method is “safe” but requires some processing

41

© 1999 BMC SOFTWARE, INC.2/11/00

Direct namespace access

“Hooked” on OID of : .variablesTable.variableEntry.variableValue

Need conversion of namespace variable<length> = length of namespace variable<conv> = ascii to value conversion of namespace variable

for example : /CPU = 47.67.80.85

Simply get : bmc.1.1.1.5.1.4.<len>.<conv>

Result :Fastest Namespace accessnot useful for namespace “discovery”Not “walk-able”

42

© 1999 BMC SOFTWARE, INC.2/11/00

Execute PSL through SNMP

Set variable “agentExecuteCommand”

Agent will execute immediately

Fail/Success from return value of snmp_set()

43

© 1999 BMC SOFTWARE, INC.2/11/00

PATROL Agent as SNMP Manager

Receiving traps

Getting information from SNMP agents

No Master Agent is needed for this !

44

© 1999 BMC SOFTWARE, INC.2/11/00

Using PSL to Receive traps

PSL functions :snmp_trap_listen : start listening for traps (open socket)

starts accumulating traps

snmp_trap_ignore : close all listeners (close socket)

snmp_trap_receive : process incoming traps (block/poll based) only 1 per agent

45

© 1999 BMC SOFTWARE, INC.2/11/00

Using PSL to Get info from SNMP Agents

What is an SNMP session in PATROL ?snmp_open() : opens an SNMP sessionsnmp_close() : closes an SNMP sessionsnmp_config() : lists the SNMP sessions

No real session (like TCP session) because SNMP = connectionless / stateless

just a memory structure, so ...Easier for the developer … open session once, reuse the

session with the session attributes !Allows you to set timeouts/retries/port Faster

46

© 1999 BMC SOFTWARE, INC.2/11/00

PSL functions for SNMP managers

SNMPv1 management functionssnmp_(h_)...snmp_...

Plussnmp_walk

No support for v3 !!Security and administration, get bulk, more

datatypes

47

© 1999 BMC SOFTWARE, INC.2/11/00

Q & A

concerns and problems

future