simple network management protocol part 1the simple network management protocol (snmp) was created...
TRANSCRIPT
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
Wayne M. Pecena, CPBE, CBNETexas A&M University
Educational Broadcast Services – KAMU FM-TV
September 2019
“Fundamentals of SNMP”Advertised Presentation Scope
2
Tutorial Overview
The Simple Network Management Protocol (SNMP) was created as a means to monitor and control devices in an Internet Protocol (IP) network. SNMP is widely used in Information Technology (IT) environments and is becoming popular in broadcast equipment. Wayne Pecena, CPBE, 8-VSB, AMD, DRB, CBNE presents this webinar that will provide a familiarity with SNMP fundamentals beginning with consideration to a Network Management System (NMS) architecture and system components. Part 2 will look at implementation of SNMP in the broadcast environment to provide a robust monitoring and notification alerting environment from IT equipment to the transmitter.
“Fundamentals of SNMP – Part 1”AGENDA
• Introduction:– The SNMP Protocol– Why SNMP?– The SNMP Language
• SNMP System Components:– Agent– Devices– Management Information Base– Manager
• SNMP Command Overview• Securing SNMP• Takeaway Review, Resources, & Questions
4
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
Introduction
SNMP – The ProtocolSimple Network Management Protocol
• A core protocol of the Internet Protocol (IP) family:– Managed device monitoring– Configuring managed networked devices
• Implemented at the Applications Layer (OSI)– UDP utilized for message transport– UDP ports 161 / 162
• IETF defined standard (SNMPv3):– RFC 3411 - 3418
5
Simple Gateway Monitoring
Protocol&
High-level Entity Management
Systems
SNMP Versions
• Version 1 – SNMPv1– Introduced in the late 80’s– Deprecated for practical purposes
• Version 2 – SNMPv2– Incompatible with SNMPv1– Performance improvements / command enhancements– 64-bit counters implemented
• Version 3 – SNMPv3– Maintains compatibility with SNMPv2– Added cryptographic security– Added administrative enhancements
6
ConsideredObsolete
Why SNMP?Simple Network Management Protocol
• Well, its simple!• Simple – just a few commands:
– v1 just 5 commands– v2 & v3 added 4 commands (9 total)– Interfacing – IP connection
• Maybe its not so simple at times:– Understanding the terminology– Configuration of the NMS
• A mature & “open” protocol• It’s flexible & powerful!
7
SNMP Entrenched in IT Infrastructure World
• What can SNMP do?– Monitor server health– Monitor network utilization– Gather error reports (syslog)– Generate fault alerts – Create notifications (email, SMS)– Control devices– Configure devices
8
SNMP Adopted & Becoming Commonplace in the Broadcast Environment
• Transmitter control & monitoring
• Broadcast Infrastructure Devices
9
Common Management & Alerting Platform for the Broadcast Technical Plant
10
Traditional Transmitter Remote Control
11
ON/Raise Command
OFF/Lower Command
Analog Telemetry
Logic Status
X16 channels
Transmitter Remote Controlwith SNMP
12
13
Diversity of DevicesIT Centric & Broadcast Centric Converged
14
Understanding the Language of SNMP
15
• Agent
• Managed Devices
• Managed Object
• MIB
• Object ID
• System Manager
• Traps
• Community Strings
https://www.dpstele.com/snmp/tutorial/glossary.php
Managed Object
• Define the capabilities of an SNMP agent – what can be seen?
• Hierarchical organized group of objects• IETF MIB-2 defined
16
Object ID“OID”
• The Object Identifier • Globally unique ISO identifier or locator• An address to identify a specific device parameter function or status• Hierarchical organized structure – similar to computer file structure
17
NAUTEL OID example:
1.3.6.1.4.1.28142.1.300.256.329.0
The International Standards Organization (ISO) OID is NOT unique to SNMP. The OID is also used in:- Security applications (security certificates)- Database applications- LDAP schemas- DICOM – Digital Imaging & Communications
Deciphering an OID:1.3.6.1.4.1.28142.1.300.256.329.0
18
Universal OID prefix:1 - iso
.3 – org
.6 – dod
.1 – internet
.4 – private
.1 - enterprise
MFG Code
28142=Nautel
Identifies a specific device command / monitor point
Source: Jeff Welton NAUTEL-NUG2018
MIB for the device
root leaf
For practical purposes – every OID will begin with: 1.3.6.1.4.1
Graphical OID DisplayOID / MIB browser
19
Nautel OID Display Example
20
Traps
• Process where a managed device agent communicates an alert to the SNMP management system – “exception” report
• Traps can be:
– Polled – periodic update requested by the SNMP management system – “request/response”
– Autonomous – “alert” sent by the managed device based upon a defined conditional (significant) event
21
Generic SNMP Traps
• coldStart(0)
• warmStart(1)
• linkDown(2)
• linkup(3)
• authenicationFailure(4)
• egpNeighborLoss(5)
• enterpriseSpecific(6)
22
Vendor specific
IT centric
Community Strings• The “password” of SNMP• Community string types:
– Read-only “RO”– Read-write “RW”– Trap
• SNMPv1 & SNMPv2 use “public” as default read-only “RO”• SNMPv3 requires username/password with encryption key
23
24
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
SNMP System Components
SNMP System ComponentsThe SNMP Community
• Agent• Devices• Management Information Base• System Manager
25
Agent• Enabler of network management
features• Software within the managed device• Collects information• Communicates with the manager• Sends information to the MIB
– Polled info– Alert info
26
Managed Device
• Simply, a device that is managed by SNMP:
– Resides on managed network
– Executes an SNMP Agent
– Communicates with Network Management Station
27
Management Information Base (MIB)
• Collection of Object Identifiers (OID) arranged in a hierarchized manner – Definitions define properties of the managed object within the managed
device– Top level OID’s belong to standard organizations– Equipment mfg(s) define “branch's” for specific equipment
• MIB’s can be structured as:– Scalar (single object)– Tabular (group of objects)
28
IETF MIB-II (MIB-2) Structure
29
root
leaf
MIB Example
30
Viewing a MIB
31
GUI based MIB viewer:
MIB browserMIB viewer
MIB importer
System ManagerNMS – Network Management Station
• Heart of the SNMP System• Polls managed devices for information
– Status– Telemetry
• Sends commands to managed devices• Receives ‘traps” from managed devices• Sends email or SMS notifications• Provides a “Graphical User Interface” or “GUI dashboard”
32
SNMP System Structure
33
SNMP SystemManager
SNMP Agent SNMP AgentSNMP Agent
MIB1
MIB2
MIB3
MIB(s)1,2,3
34
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
SNMP Command Overview
Core CommandsSNMPv3 PDU’s
• GET• GET BULK• GET NEXT• GET RESPONSE• INFORM• NOTIFICATION• REPORT• SET• TRAP
35
command syntax:“get” command example
% snmpget –v1 –c <community> <host name/IP> OID
IPHeader
UDPHeader
VersionCommunity
NameSNMPPDU
Commands in Detail
36
• GET – Request to managed device initiated by the NMS -retrieves single MIB object variable (or variables) identified by OID
• GET BULK – Multiple iterations of the get next request (more efficient)
• GET NEXT – Returns to next variable in the MIB (useful to return table variables)
• GET RESPONSE – Return variables based upon get, get next, get bulk requests
Commands in Detail
37
• INFORM (inform request) – An asynchronous acknowledgment notification (provides ACK over UDP)
• NOTIFICATION – Agent to manager notification – unsolicited message
• REPORT – Indicates that a “core” SNMP stack communications error has occurred
• SET – Changes a managed device managed object value• TRAP – Alert message initiated by a managed device
agent to the NMS
38
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
Securing SNMP
Securing SNMP
• Implement SNMPv3!• The SNMP community string is essentially a “password”• Change the device default community string• Use “strong” password creation rules to create community strings:
– 20 character minimum– Contains uppercase characters– Contains lowercase characters– Contains numbers– Contains special characters– Not based upon a dictionary word– No similarity between public & private community strings
• Use different community strings for different devices• Use “RO” community strings whenever possible• USE “ACL” to limit access
39
SNMP & Firewalls
• Remember SNMP uses UDP for transport• Firewalls (default) often block all UDP ports <50,000• Some may block all UDP by default• Firewall must pass UDP ports 161 & 162
40
SNMP NMS
SNMP Managed Device
UDP 161
UDP 162
41
“Fundamentals of SNMP”Simple Network Management Protocol
Part 1
Takeaway Review, Resources, & Questions
Takeaway Review
• Look to SNMP for monitoring the converged broadcast technical infrastructure:– Mature & open-protocol technology– One management platform to support – one “dashboard”– System monitoring & fault/threshold alerting
• Seek SNMP capable products:– Not likely a problem with IT centric devices– Gaining popularity in broadcast centric devices
• SNMP can be a entrance gateway to your infrastructure - Don’t overlook SNMP cybersecurity precautions:– Use SNMPv3 – Change default community strings– Use unique community strings for devices– Use RO community strings never possible
42
43
SNMPAGENTSNMP Trap
Receiver
SNMP Community Architecture
SNMPManager
MIB MIB
GET / SET Request
GET / SET Response
Trap
ManagementInformationBase
Reference Texts (IT centric)For Further Study:
44
Don’t Miss“Fundamentals of SNMP – Part 2”Wednesday, November 13, 2019
• Brief Part 1 Review• SNMP Manager Options:
– Commercial Offerings– Open-Source Options
• Obtaining MIB’s• Agent Configuration• Takeaway Review, Resources, & Questions
Distinguished Lecturer
Vice President, National Board of Directors
Executive Committee Member
Chair, Education Committee
Wayne M. Pecena
Texas A&M University
979.845.5662