snmp simple network management protocol
DESCRIPTION
SNMP Simple Network Management Protocol. Team: Matrix CMPE-208 Fall 2006. What is Network Management?. Maintenance and administration of networks at the top level Configuration Management Keeping track of network device settings Fault Management - PowerPoint PPT PresentationTRANSCRIPT
SNMPSNMPSimple Network Management Simple Network Management
ProtocolProtocol
SNMPSNMPSimple Network Management Simple Network Management
ProtocolProtocol
Team: MatrixTeam: Matrix
CMPE-208 CMPE-208
Fall 2006Fall 2006
What is Network What is Network Management?Management?Maintenance and administration of networks at the top levelMaintenance and administration of networks at the top level
• Configuration ManagementConfiguration Management– Keeping track of network device settingsKeeping track of network device settings
• Fault ManagementFault Management– Detect, isolate and correct problems in the network Detect, isolate and correct problems in the network
(alerts)(alerts)
• Performance ManagementPerformance Management– Provide data for statistic and network performanceProvide data for statistic and network performance
• Security ManagementSecurity Management- protect network against unauthorized access- protect network against unauthorized access
• Bandwidth ManagementBandwidth Management--measuring and controlling communications on a network measuring and controlling communications on a network
What is SNMP?What is SNMP?What is SNMP?What is SNMP?
• SNMP (Simple Network Management SNMP (Simple Network Management protocol): A protocol that enables a protocol): A protocol that enables a management station to configure, monitor, management station to configure, monitor, and receive trap (alarm) messages from and receive trap (alarm) messages from network devicesnetwork devices
SNMP & Network Management SNMP & Network Management HistoryHistorySNMP & Network Management SNMP & Network Management HistoryHistory
• 19831983 - TCP/IP replaces ARPANET at U.S. DoD, effective birth - TCP/IP replaces ARPANET at U.S. DoD, effective birth of Internetof Internet
• 19871987 - - CMIPCMIP - Common Management Information Protocol - Common Management Information Protocol CMOTCMOT - CMIP over TCP - CMIP over TCP
SGMPSGMP - Simple Gateway Monitoring protocol ( - Simple Gateway Monitoring protocol (RFC RFC 10281028))
• 19891989 - - SNMPSNMP working group formed working group formed
• 19901990 – – SNMPSNMP promoted to a promoted to a recommended statusrecommended status ( (RFC RFC 11571157))
• 19911991 – – SNMPv1SNMPv1 defined with format of MIBs and traps defined with format of MIBs and traps ((RFCs 1212, 1215RFCs 1212, 1215))
SNMP CharacteristicsSNMP Characteristics• Widespread adoptionWidespread adoption
-de facto standard for inter-network management.-de facto standard for inter-network management.
• SimpleSimple -requires little code to implement-requires little code to implement -vendors can easily build SNMP agents to their products-vendors can easily build SNMP agents to their products
• ExtensibleExtensible-easy for vendors to add network management functions to -easy for vendors to add network management functions to products.products.
• Clean architectureClean architecture -separates management architecture from hardware devices’ -separates management architecture from hardware devices’
architecturearchitecture -broadens the base of multi-vendor support-broadens the base of multi-vendor support
Comprised of mainly Comprised of mainly agentsagents and and managersmanagers
Major Components of Major Components of SNMPSNMPMajor Components of Major Components of SNMPSNMP
•Agent - process (software) running on each managed device collecting information about the device it is running on.
•Manager - process (software) running on a management workstation that requests information about devices on the network.
SNMP Architectural SNMP Architectural ModelModel
SNMP Architectural SNMP Architectural ModelModel
SNMP network managed devices are dictated SNMP network managed devices are dictated by:by:
SNMP: Inside the SNMP: Inside the AgentsAgentsSNMP: Inside the SNMP: Inside the AgentsAgents
• Structure of Management Information (SMI)• Structure of Management Information (SMI)•Rules specifying the format used to define objects managed on the network that the SNMP protocol accesses
• Management Information Base (MIB)• Management Information Base (MIB)•A map of the hierarchical order of all managed objects •Leaves represent individual data items
• Abstract Syntax Notation One (ASN.1)• Abstract Syntax Notation One (ASN.1)
•Dictates how MIB variables must be defined and referenced
MIBs and Object MIBs and Object IdentifiersIdentifiersMIBs and Object MIBs and Object IdentifiersIdentifiers
Let’s have a detailed look at MIBs ...Let’s have a detailed look at MIBs ...
•MIBS•MIBS
•Object Identifiers (Ids)•Object Identifiers (Ids)•Uniquely identify or named the MIB objects
•Like telephone number--they are organized hierarchically with specific digits assigned by different organizations
•Uniquely identify or named the MIB objects
•Like telephone number--they are organized hierarchically with specific digits assigned by different organizations
•An abstract tree with an unnamed root, individual data items make up the leaves of the tree
•Tree is extensible by virtue of experimental and private branches (Vendors can define their own private branches to include instances of their own products)
MIBMIB Sample Sample
TreeTree
MIBMIB Sample Sample
TreeTree
BEA Object IDBEA Object ID
=1.3.6.1.4.1.140=1.3.6.1.4.1.140
Four Basic CommandsFour Basic CommandsFour Basic CommandsFour Basic Commands
•Get
•GetNext
•Set
•Trap
Retrieves the value of a MIB variable stored on the agent machine
Retrieves the next value of the next lexical MIB variable
Changes the value of a MIB variable
An Event/Alarm notification sent by an agent to a management application
• SNMP OperationsSNMP Operations
agent data
Managed device
managingentity
response
agent data
Managed device
managingentity
traprequest
Request/Response Mode Trap Mode
SNMP Transport SNMP Transport MessagesMessagesSNMP Transport SNMP Transport MessagesMessages
•SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages
•UDP Port 161 - SNMP Messages
•UDP Port 162 - SNMP Trap Messages
•Like FTP, SNMP uses two well-known ports to operate:
Ethernet Frame IP
PacketUDP
Datagram
SNMP Message CRC
SNMP Basic Message SNMP Basic Message FormatFormat
SNMP Basic Message SNMP Basic Message FormatFormat
Message Length
Message Version
Community String
PDU Header
PDU Body
Message Preamble
SNMP Protocol Data Unit
• Community names are used to define where an SNMP message is destined for.
Message Length
Message Version
Community String
PDU Type
PDU Length
Request IDError Status
Error Index
Length of Variable Bindings
Length of First Binding
Additional Variable Bindings
OID of First BindingType of First Binding
Value of First Binding
Length of Second Binding
OID of Second BindingType of Second Binding
Value of Second Binding
Message Length
Message Version
Community String
PDU Type
PDU Length
Enterprises MIB OIDAgent IP Address
Standard Trap Type
Length of Variable Bindings
Length of First Binding
Additional Variable Bindings
OID of First BindingType of First Binding
Value of First Binding
Length of Second Binding
OID of Second BindingType of Second Binding
Value of Second Binding
Specific Trap TypeTime Stamp
PDU Body
SNMP Message Preamble
PDU Header
SNMP Message FormatsSNMP Message Formats
NAME 1 VALUE 1 NAME 2 VALUE 2 ••• ••• NAME n VALUE n
PDU TYPE* ERROR
VARIABLE BINDINGSSTATUSREQUEST
IDERRORINDEX
VERSION COMMUNITY SNMP PDU
variable bindings:
SNMP PDU:
SNMP message:SNMP MESSAGE
SNMP PDU
VARIABLE BINDINGS
SNMP VersionsSNMP VersionsSNMP VersionsSNMP Versions
• SNMP v1:RFC 1155 and RFC 1157.
• SNMP v2c: RFC 1901, RFC 1905, and RFC 1906
• SNMP v3: RFC 1905, RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.
SNMP v1SNMP v1SNMP v1SNMP v1
• Most widely used of all versions
• Support GET GETNEXT SET TRAP
• Security based on Read-only and Read-Write community strings
• Defined in RFC 1157
SNMP v2cSNMP v2cSNMP v2cSNMP v2c
• Same PDU structure for Trap and Get/Set request
• Updated protocol operations: Getbulk, Inform
• Updated data types: Counter32, Counter64,…
• Used the same community-based security from v1
• Support Get, Get next, Get bulk, set, trap, inform
• Defined in RFCs 1901, 1905, and 1906
New Commands in New Commands in SNMPv2cSNMPv2c
• Get Bulk RequestGet Bulk Request– Retrieve N objects with simple get-next Retrieve N objects with simple get-next
operationoperation
• InformInform– Enable manager to send some information to Enable manager to send some information to
another mangeranother manger
SNMP v3SNMP v3SNMP v3SNMP v3
• SNMPv2 protocol operations and data types
• Proxy support
• User-based security
• Defined in RFCs 2571, 2572, 2573, 2574, and 2575
SNMP v3 Protocol SNMP v3 Protocol OperationsOperationsSNMP v3 Protocol SNMP v3 Protocol OperationsOperations
•GetBulk
•Report
•InformUsed by a manager to send an alert to another manager
Contain Security information from Agent to Manager for connection establishment.
Same as a v1 notification, except the PDU has the same structure as Get, GetNext, and Set
Retrieves a potentially large amount MIB values without having the manager to send successive GetNext requests
•Get, GetNext, Set
•v2Trap
SNMP v3 User-Based SNMP v3 User-Based SecuritySecuritySNMP v3 User-Based SNMP v3 User-Based SecuritySecurity
User Security Model (USM) is designed to secure against the following principle threats:
• Modification of Information
• Masquerade
• Message Stream Modification
• Disclosure
SNMP v3 User-Based SNMP v3 User-Based SecuritySecuritySNMP v3 User-Based SNMP v3 User-Based SecuritySecurity
USM Message Processing
SNMP v3 User-Based SNMP v3 User-Based SecuritySecuritySNMP v3 User-Based SNMP v3 User-Based SecuritySecurity
USM authentication protocols:
USM encryption:
• HMAC-MD5-96
• HMAC-SHA-96
• Cipher Block Chaining (CBC) mode of the Data Encryption Standard (DES)
SNMPSNMPRFC’sRFC’sSNMPSNMPRFC’sRFC’s
RFC Description Published Current Status1155 SMIv1 May-90 Standard1156 SNMPv1 MIB May-90 Historic1157 SNMPv1 May-90 Standard1212 SNMPv1 MIB definitions Mar-91 Standard1213 SNMPv1 MIB-II Mar-91 Standard1215 SNMPv1 traps Mar-91 Informational1351 Secure SNMP administrative model Jul-92 Proposed Standard1352 Secure SNMP managed objects Jul-92 Proposed Standard1353 Secure SNMP security protocols Jul-92 Proposed Standard1441 Introduction to SNMPv2 Apr-93 Proposed Standard1445 SNMPv2 administrative model Apr-93 Historic1446 SNMPv2 security protocols Apr-93 Historic1447 SNMPv2 party MIB Apr-93 Historic1451 Manger-to-manger MIB Apr-93 Historic1901 Community-Based SNMPv2 Jan-96 Experimental1902 SMIv2 Jan-96 Draft Standard1903 Textual conventions for SNMPv2 Jan-96 Draft Standard1904 Conformance statements for SNMPv2 Jan-96 Draft Standard1905 Protocol operations for SNMPv2 Jan-96 Draft Standard1906 Transport mapping for SNMPv2 Jan-96 Draft Standard1907 SNMPv2 MIB Jan-96 Draft Standard1908 Coexistence of SNMPv1 and SNMPv2 Jan-96 Draft Standard1909 Administrative infrastructure for SNMPv2 Feb-96 Experimental1910 User-based security for SNMPv2 Feb-96 Experimental2270 Introduction to SNMPv3 Apr-99 Informational2271 SNMP Management Frameworks Apr-99 Draft Standard
2272 SNMPv3 Msg Dispatching & Processing Apr-99 Draft Standard
2273 SNMP Applications Apr-99 Draft Standard2274 USM for SNMPv3 Apr-99 Draft Standard2275 VACM for SNMPv3 Apr-99 Draft Standard2576 Coexistance between SNMP v1, v2, & v3 Mar-00 Proposed Standard3411 Manamgement SNMP Protocol Framework Dec-02 Proposed Standard3780 Next Generation Structure of Management May-04 Experimental4181 Guidelines for MIB Documents Sep-05 Informational
SNMP ReferencesSNMP ReferencesSNMP ReferencesSNMP References____________________________________________________________
•WEBSITES:
•“Simple Network Management Protocol (SNMP)”
•http://www.cisco.com/warp/public/535/3.html
•“The Simple Times” Volume 5, Number 1; December, 1997
•http://www.simple-times.org/pub/simple-times/issues/5-1.html#alternative
•“SNMPv3: A Security Enhancement for SNMP”, William Stallings
•http://www.comsoc.org/pubs/surveys/4q98issue/stallings.html
•BOOKS:
•.”Understanding SNMP MIBs”, David Perkins Evan McGinnis
•“SNMP, SNMPv2, and RMON”, William Stallings, 1996, ISBN#0-201-63479-1
•“Internetworking with TCP/IP”, 4th edition, Douglas E. Comer, 2000, ISBN#0-13-018380-6
Thank YouThank YouThank YouThank You
SUGGESTIONS and SUGGESTIONS and QUESTIONSQUESTIONS
SUGGESTIONS and SUGGESTIONS and QUESTIONSQUESTIONS