Simple Network Management Protocol - Internet - Lecture Slides, Slides of Internet and Information Access

These lecture slides are very easy to understand the internet.The major points in these lecture slides are:Simple Network Management Protocol, Agents, Managers, Management Information Bases, Protocol, Agent, Equipment, Maintains Information, Management Information Bases, Manager

Typology: Slides

2012/2013

Uploaded on 04/25/2013

bageshri
bageshri 🇮🇳

4.3

(24)

175 documents

1 / 16

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
SNMP
Simple Network Management
Protocol
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download Simple Network Management Protocol - Internet - Lecture Slides and more Slides Internet and Information Access in PDF only on Docsity!

SNMP

Simple Network Management

Protocol

Simple Network Management Protocol

  • SNMP is a framework that provides facilities for managing and monitoring network resources on the Internet.
  • Components of SNMP:
    • SNMP agents
    • SNMP managers
    • Management Information Bases (MIBs)
    • SNMP protocol itself

SNMP

IP

UDP

SNMP

SNMP ManagerProcess QueriesRepliesTraps

IP

UDP

SNMP

SNMP AgentProcess objectsAccessData

IP Network

Management Station

SNMP messages

Traps

Managed System

MIB

• Interactions in SNMP

MIBS

  • A MIB specifies the managed objects
  • MIB is a text file that describes managed objects using the syntax of ASN.1 (Abstract Syntax Notation 1)
  • ASN.1 is a formal language for describing data and its properties
  • In Linux, MIB files are in the directory /usr/share/snmp/mibs - Multiple MIB files - MIB-II (defined in RFC 1213) defines the managed objects of TCP/IP networks

Organization of managed objects

  • Managed objects are organized in a tree-like hierarchy and the OIDs reflect the structure of the hierarchy.
  • Each OID represents a node in the tree.
  • The OID 1.3.6.1.2. ( iso.org.dod.internet.mgmt.m ib-2) is at the top of the hierarchy for all managed objects of the MIB-II.
  • Manufacturers of networking equipment can add product specific objects to the hierarchy.

iso(1) org (3) dod (6) internet (1)

mib-2 (1) system (1) (^) at (3) icmp (5) udp (7) snmp (11)

ipForwDatagrams (6)

directory (1) mgmt (2) experimental (3) private (4)

interface (2) ip (4) tcp (6) egp (8) transmiss

. root

Definition of managed objects in a MIB

  • Specification of ipForwDatagrams in MIB-II.

ipForwDatagrams OBJECT-TYPE SYNTAX Counter ACCESS read-only STATUS mandatory DESCRIPTION "The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt was made to find a route to forward them to that final destination. In entities which do not act as IP Gateways, this counter will include only those packets which were Source-Routed via this entity, and the Source- Route option processing was successful." ::= { ip 6 }

SNMP Protocol

  • Get-request. Requests the values of one or more objects
  • Get-next-request. Requests the value of the next object, according to a lexicographical ordering of OIDs.
  • Set-request. A request to modify the value of one or more objects
  • Get-response. Sent by SNMP agent in response to a get-request, get-next-request, or set-request message.
  • Trap. An SNMP trap is a notification sent by an SNMP agent to an SNMP manager, which is triggered by certain events at the agent.

Traps

  • Traps are messages that asynchronously sent by

an agent to a manager

  • Traps are triggered by an event
  • Defined traps include:
    • linkDown: Even that an interface went donw
    • coldStart - unexpected restart (i.e., system crash)
    • warmStart - soft reboot
    • linkUp - the opposite of linkDown
    • (SNMP) AuthenticationFailure

Format of SNMP Packets

• SNMPv1 Get/Set messages:

Version Community (^) SNMP PDU

PDU Type Request ID Error Status Object 1, Value 1 Object 2, Value 2

Error Index

...

Cleartext string that is used as a password PDU type, e.g.: 32: SNMPv1 Get 64: SNMPv2 Get

Unique ID to match requests with replies

Sequence of name-value pairs

SNMP Security

• SNMPv1 uses plain text community strings for

authentication as plain text without

encryption

• SNMPv2 was supposed to fix security

problems, but effort de-railed (The “c” in

SNMPv2c stands for “community”).

• SNMPv3 has numerous security features:

  • Ensure that a packet has not been tampered with ( integrity ), Docsity.com

Security levels in SNMPv

SNMP has three security levels:

• noAuthNoPriv : Authentication with matching

a user name.

• authNoPriv : Authentication with MD5 or SHA

message digests.

• authPriv: Authentication with MD5 or SHA

message digests, and encryption with DES

encryption