chap-24.ppt

7/17/2019 Chap-24.ppt

1/51

TCP/IP Protocol Suite 1Copyright The McGraw-Hill Companies, Inc. Permission required or reproduction or display.

Chapter 24

Network

Management:

SNMP

7/17/2019 Chap-24.ppt

2/51

TCP/IP Protocol Suite 2

OBJECTIVES:OBJECTIVES: To discuss SNMP as a framework for managing devices in an

internet using the TCP/IP protocol suite. To define a manager as a host that runs SNMP client and any

agents as a router or host that runs a server program.

iscuss SMI and MI!" which are used #y SNMP.

To show how SMI names o#$ects" defines the type of data" and

encodes data.

To show how data types are defined using %SN.&.

To show how SMI uses !'( to encode data.

To show the functionality of SNMP using three methods.

7/17/2019 Chap-24.ppt

3/51


OBJECTIVES:OBJECTIVES: To show how SNMP uses two different ports of )P.

To show how SNMPv* has enhanced security features overprevious versions.

7/17/2019 Chap-24.ppt

4/51


ChapterChapter

OutlineOutline24.1 Concept24.1 Concept

24.2 Management Compo24.2 Management Compon

24.3 SMI24.3 SMI

24.4 MIB24.4 MIB

24.5 SNMP24.5 SNMP

24.6 UDP Ports24.6 UDP Ports

24.7 Securit24.7 Securit

7/17/2019 Chap-24.ppt

5/51


24-1 CONCEPT

SNMP uses the concept of manager anagent! That is" a manager" usuall# a host"controls an monitors a set of agents"

usuall# routers or ser$ers %see &igure'(!)*!

7/17/2019 Chap-24.ppt

6/51


Topics Discussed in the SectionTopics Discussed in the Section

Managers and %gents

7/17/2019 Chap-24.ppt

7/51


+igure ,-.& SNMP concept

7/17/2019 Chap-24.ppt

8/51


24-2 MANAGEMENT COMPONENTS

To o management tas+s" SNMP uses t,oother protocols: Structure ofManagement Information %SMI* an

Management Information Base %MIB*! Inother ,ors" management on theInternet is one through the cooperationof three protocols: SNMP" SMI" an MIB"

as sho,n in &igure '(!'!

7/17/2019 Chap-24.ppt

9/51



(ole of SNMP

(ole of SMI(ole of MI!

%n %nalogy

%n verview

7/17/2019 Chap-24.ppt

10/51


+igure ,-., Companion of network management on the Internet

7/17/2019 Chap-24.ppt

11/51


SNMP defines the format of packets

exchanged between a manager and an

agent. It reads and changes the statusof objects (values of variables in SNMP

packets.

Note

7/17/2019 Chap-24.ppt

12/51


SMI defines the general rules for naming

objects! defining object t"pes (including

range and length! and showing how toencode objects and values.

Note

7/17/2019 Chap-24.ppt

13/51


MI# creates a collection of named

objects! their t"pes! and their

relationships to each other in an entit"to be managed.

Note

7/17/2019 Chap-24.ppt

14/51


+igure ,-.* Comparing computer programming and network management

7/17/2019 Chap-24.ppt

15/51


+igure ,-.- Management overview

&

,

*

Get Request

SNMP packet

-

Response

SNMP packet/

0

7/17/2019 Chap-24.ppt

16/51


24-3 SMI

The Structure of ManagementInformation is a component for net,or+management! Its functions are:

)!To name o-.ects!'!To ene the t#pe of ata that can -estore in an o-.ect!0! To sho, ho, to encoe ata for

transmission o$er the net,or+!SMI is a guieline for SNMP! Itemphasi1es three attri-utes to hanle an

o-.ect: name" ata t#pe" an encoing

7/17/2019 Chap-24.ppt

17/51



Name

Type'ncoding Method

7/17/2019 Chap-24.ppt

18/51


+igure ,-. Object identifier

7/17/2019 Chap-24.ppt

19/51


$ll objects managed b" SNMP are given

an object identifier.

%he object identifier alwa"s starts with

&.'..&.).&.

Note

7/17/2019 Chap-24.ppt

20/51


7/17/2019 Chap-24.ppt

21/51


+igure ,-.0 Conceptual data types

7/17/2019 Chap-24.ppt

22/51


+igure ,-.1 ncoding format

7/17/2019 Chap-24.ppt

23/51


' l ,- &

7/17/2019 Chap-24.ppt

24/51


&igure '(!2 sho,s ho, to ene INTE3E4 )(!Note that ,e ha$e use -oth -inar#

representation an he5aecimal representationfor the tag! The si1e of the length el is fromTa-le '(!)!

'2ample'2ample ,-.&

7/17/2019 Chap-24.ppt

25/51


+igure ,-.3 !ample "#$%& IN'() %#

' l ,- ,

7/17/2019 Chap-24.ppt

26/51


&igure '(!6 sho,s ho, to ene the OCTETST4IN3 78I!9

'2ample'2ample ,-.,

7/17/2019 Chap-24.ppt

27/51


+igure ,-.4 !ample "#$"& OC'' S')IN( *+I,

' l' l ,- *

7/17/2019 Chap-24.ppt

28/51


&igure '(!) sho,s ho, to ene O-.ectIentier)!0!;!) %iso!org!o!internet*!

'2ample'2ample ,-.*

+i ,- &5 l "# - Obj I d ifi % - . %

7/17/2019 Chap-24.ppt

29/51


+igure ,-.&5 !ample "#$-& ObjectIndentifier %$-$.$%

' l' l ,- -

7/17/2019 Chap-24.ppt

30/51


&igure '(!)) sho,s ho, to ene IP

7/17/2019 Chap-24.ppt

31/51


+igure ,-.&& !ample "#$#& IP/ddress %-%$"%$%#$0

7/17/2019 Chap-24.ppt

32/51


24-4 MIB

The Management Information Base"$ersion ' %MIB'* is the seconcomponent use in net,or+

management! Each agent has its o,nMIB'" ,hich is a collection of all theo-.ects that the manager can manage!The o-.ects in MIB' are categori1e

uner ) i=erent groups: s#stem"interface" aress translation" ip" icmp"tcp" up" egp" transmission" an snmp!These groups are uner the mi->' o-.ect

in the o-.ect ientier tree %see &igure

7/17/2019 Chap-24.ppt

33/51



%ccessing MI! 6aria#les

7e2icographic rdering

+igure ,- &, mib "

7/17/2019 Chap-24.ppt

34/51


+igure ,-.&, mib1"

+igure ,- &* udp group

7/17/2019 Chap-24.ppt

35/51


+igure ,-.&* udp group

+igure ,- &- udp variables and tables

7/17/2019 Chap-24.ppt

36/51


+igure ,-.&- udp variables and tables

+igure ,- & Inde!es for udp'able

7/17/2019 Chap-24.ppt

37/51


+igure ,-.& Inde!es for udp'able

+igure ,- &0 2e!icographic ordering

7/17/2019 Chap-24.ppt

38/51


+igure ,-.&0 2e!icographic ordering

7/17/2019 Chap-24.ppt

39/51


24-5 SNMP

SNMP uses -oth SMI an MIB in Internetnet,or+ management! It is anapplication program that allo,s:

)!< manager to retrie$e the $alue of ano-.ect ene in an agent!

'! < manager to store a $alue in an

o-.ect ene in an agent!0!

7/17/2019 Chap-24.ppt

40/51



P)s

+ormatMessages

+igure ,- &1 SNMP P34s

7/17/2019 Chap-24.ppt

41/51


+igure ,-.&1 SNMP P34s

+igure ,-.&3 SNMP P34 format

7/17/2019 Chap-24.ppt

42/51


+igure ,-.&3 SNMP P34 format

7/17/2019 Chap-24.ppt

43/51


7/17/2019 Chap-24.ppt

44/51


+igure ,-.&4 SNMP message

7/17/2019 Chap-24.ppt

45/51


+igure ,-.&4 SNMP message

'2ample'2ample ,- -

7/17/2019 Chap-24.ppt

46/51


In this e5ample" a manager station %SNMP client*uses a message ,ith 3et4e?uest P@A to retrie$e

the num-er of A@P atagrams that a router hasrecei$e %&igure '(!'*! There is onl# oneVarBin se?uence! The corresponing MIB$aria-le relate to this information is

upIn@atagrams ,ith the o-.ect ientier)!0!;!)!'!)!!)!! The manager ,ants to retrie$ea $alue %not to store a $alue*" so the $alueenes a null entit#! The -#tes to -e sent aresho,n in he5aecimal representation!

'2ample'2ample ,-.-

+igure ,-.,5 !ample "#$5

7/17/2019 Chap-24.ppt

47/51


g p

+igure ,-.,& /ctual message sent for !ample "#$5

7/17/2019 Chap-24.ppt

48/51


g g f p

7/17/2019 Chap-24.ppt

49/51


24-6 UDP PORTS

SNMP uses the ser$ices of A@P on t,o,ell>+no,n ports" );) an );'! The ,ell>+no,n port );) is use -# the ser$er%agent*" an the ,ell>+no,n port );' isuse -# the client %manager*!

+igure ,-., Port numbers for SNMP

7/17/2019 Chap-24.ppt

50/51


g f

7/17/2019 Chap-24.ppt

51/51

24-7 SECURITY

SNMP$0 has ae t,o ne, features tothe pre$ious $ersion: securit# anremote aministration! SNMP$0 allo,s amanager to choose one or more le$els of

securit# ,hen accessing an agent!@i=erent aspects of securit# can -econgure -# the manager to allo,message authentication" conentialit#"

an integrit#!SNMP$0 also allo,s remote

conguration of securit# aspects ,ithoutre?uiring the aministrator to actuall#

chap-24.ppt

Documents

snmp smi

snmp client

snmp concept7172019

functionality of snmp

y snmp

management compon24

management overview

management compo24