7/17/2019 Chap-24.ppt
1/51
TCP/IP Protocol Suite 1Copyright The McGraw-Hill Companies, Inc. Permission required or reproduction or display.
Chapter 24
Network
Management:
SNMP
7/17/2019 Chap-24.ppt
2/51
TCP/IP Protocol Suite 2
OBJECTIVES:OBJECTIVES: To discuss SNMP as a framework for managing devices in an
internet using the TCP/IP protocol suite. To define a manager as a host that runs SNMP client and any
agents as a router or host that runs a server program.
iscuss SMI and MI!" which are used #y SNMP.
To show how SMI names o#$ects" defines the type of data" and
encodes data.
To show how data types are defined using %SN.&.
To show how SMI uses !'( to encode data.
To show the functionality of SNMP using three methods.
7/17/2019 Chap-24.ppt
3/51
TCP/IP Protocol Suite 3
OBJECTIVES:OBJECTIVES: To show how SNMP uses two different ports of )P.
To show how SNMPv* has enhanced security features overprevious versions.
7/17/2019 Chap-24.ppt
4/51
TCP/IP Protocol Suite 4
ChapterChapter
OutlineOutline24.1 Concept24.1 Concept
24.2 Management Compo24.2 Management Compon
24.3 SMI24.3 SMI
24.4 MIB24.4 MIB
24.5 SNMP24.5 SNMP
24.6 UDP Ports24.6 UDP Ports
24.7 Securit24.7 Securit
7/17/2019 Chap-24.ppt
5/51
TCP/IP Protocol Suite 5
24-1 CONCEPT
SNMP uses the concept of manager anagent! That is" a manager" usuall# a host"controls an monitors a set of agents"
usuall# routers or ser$ers %see &igure'(!)*!
7/17/2019 Chap-24.ppt
6/51
TCP/IP Protocol Suite 6
Topics Discussed in the SectionTopics Discussed in the Section
Managers and %gents
7/17/2019 Chap-24.ppt
7/51
TCP/IP Protocol Suite 7
+igure ,-.& SNMP concept
7/17/2019 Chap-24.ppt
8/51
TCP/IP Protocol Suite 8
24-2 MANAGEMENT COMPONENTS
To o management tas+s" SNMP uses t,oother protocols: Structure ofManagement Information %SMI* an
Management Information Base %MIB*! Inother ,ors" management on theInternet is one through the cooperationof three protocols: SNMP" SMI" an MIB"
as sho,n in &igure '(!'!
7/17/2019 Chap-24.ppt
9/51
TCP/IP Protocol Suite 9
Topics Discussed in the SectionTopics Discussed in the Section
(ole of SNMP
(ole of SMI(ole of MI!
%n %nalogy
%n verview
7/17/2019 Chap-24.ppt
10/51
TCP/IP Protocol Suite 10
+igure ,-., Companion of network management on the Internet
7/17/2019 Chap-24.ppt
11/51
TCP/IP Protocol Suite 11
SNMP defines the format of packets
exchanged between a manager and an
agent. It reads and changes the statusof objects (values of variables in SNMP
packets.
Note
7/17/2019 Chap-24.ppt
12/51
TCP/IP Protocol Suite 12
SMI defines the general rules for naming
objects! defining object t"pes (including
range and length! and showing how toencode objects and values.
Note
7/17/2019 Chap-24.ppt
13/51
TCP/IP Protocol Suite 13
MI# creates a collection of named
objects! their t"pes! and their
relationships to each other in an entit"to be managed.
Note
7/17/2019 Chap-24.ppt
14/51
TCP/IP Protocol Suite 14
+igure ,-.* Comparing computer programming and network management
7/17/2019 Chap-24.ppt
15/51
TCP/IP Protocol Suite 15
+igure ,-.- Management overview
&
,
*
Get Request
SNMP packet
-
Response
SNMP packet/
0
7/17/2019 Chap-24.ppt
16/51
TCP/IP Protocol Suite 16
24-3 SMI
The Structure of ManagementInformation is a component for net,or+management! Its functions are:
)!To name o-.ects!'!To ene the t#pe of ata that can -estore in an o-.ect!0! To sho, ho, to encoe ata for
transmission o$er the net,or+!SMI is a guieline for SNMP! Itemphasi1es three attri-utes to hanle an
o-.ect: name" ata t#pe" an encoing
7/17/2019 Chap-24.ppt
17/51
TCP/IP Protocol Suite 17
Topics Discussed in the SectionTopics Discussed in the Section
Name
Type'ncoding Method
7/17/2019 Chap-24.ppt
18/51
TCP/IP Protocol Suite 18
+igure ,-. Object identifier
7/17/2019 Chap-24.ppt
19/51
TCP/IP Protocol Suite 19
$ll objects managed b" SNMP are given
an object identifier.
%he object identifier alwa"s starts with
&.'..&.).&.
Note
7/17/2019 Chap-24.ppt
20/51
TCP/IP Protocol Suite 20
7/17/2019 Chap-24.ppt
21/51
TCP/IP Protocol Suite 21
+igure ,-.0 Conceptual data types
7/17/2019 Chap-24.ppt
22/51
TCP/IP Protocol Suite 22
+igure ,-.1 ncoding format
7/17/2019 Chap-24.ppt
23/51
TCP/IP Protocol Suite 23
' l ,- &
7/17/2019 Chap-24.ppt
24/51
TCP/IP Protocol Suite 24
&igure '(!2 sho,s ho, to ene INTE3E4 )(!Note that ,e ha$e use -oth -inar#
representation an he5aecimal representationfor the tag! The si1e of the length el is fromTa-le '(!)!
'2ample'2ample ,-.&
7/17/2019 Chap-24.ppt
25/51
TCP/IP Protocol Suite 25
+igure ,-.3 !ample "#$%& IN'() %#
' l ,- ,
7/17/2019 Chap-24.ppt
26/51
TCP/IP Protocol Suite 26
&igure '(!6 sho,s ho, to ene the OCTETST4IN3 78I!9
'2ample'2ample ,-.,
7/17/2019 Chap-24.ppt
27/51
TCP/IP Protocol Suite 27
+igure ,-.4 !ample "#$"& OC'' S')IN( *+I,
' l' l ,- *
7/17/2019 Chap-24.ppt
28/51
TCP/IP Protocol Suite 28
&igure '(!) sho,s ho, to ene O-.ectIentier)!0!;!) %iso!org!o!internet*!
'2ample'2ample ,-.*
+i ,- &5 l "# - Obj I d ifi % - . %
7/17/2019 Chap-24.ppt
29/51
TCP/IP Protocol Suite 29
+igure ,-.&5 !ample "#$-& ObjectIndentifier %$-$.$%
' l' l ,- -
7/17/2019 Chap-24.ppt
30/51
TCP/IP Protocol Suite 30
&igure '(!)) sho,s ho, to ene IP
7/17/2019 Chap-24.ppt
31/51
TCP/IP Protocol Suite 31
+igure ,-.&& !ample "#$#& IP/ddress %-%$"%$%#$0
7/17/2019 Chap-24.ppt
32/51
TCP/IP Protocol Suite 32
24-4 MIB
The Management Information Base"$ersion ' %MIB'* is the seconcomponent use in net,or+
management! Each agent has its o,nMIB'" ,hich is a collection of all theo-.ects that the manager can manage!The o-.ects in MIB' are categori1e
uner ) i=erent groups: s#stem"interface" aress translation" ip" icmp"tcp" up" egp" transmission" an snmp!These groups are uner the mi->' o-.ect
in the o-.ect ientier tree %see &igure
7/17/2019 Chap-24.ppt
33/51
TCP/IP Protocol Suite 33
Topics Discussed in the SectionTopics Discussed in the Section
%ccessing MI! 6aria#les
7e2icographic rdering
+igure ,- &, mib "
7/17/2019 Chap-24.ppt
34/51
TCP/IP Protocol Suite 34
+igure ,-.&, mib1"
+igure ,- &* udp group
7/17/2019 Chap-24.ppt
35/51
TCP/IP Protocol Suite 35
+igure ,-.&* udp group
+igure ,- &- udp variables and tables
7/17/2019 Chap-24.ppt
36/51
TCP/IP Protocol Suite 36
+igure ,-.&- udp variables and tables
+igure ,- & Inde!es for udp'able
7/17/2019 Chap-24.ppt
37/51
TCP/IP Protocol Suite 37
+igure ,-.& Inde!es for udp'able
+igure ,- &0 2e!icographic ordering
7/17/2019 Chap-24.ppt
38/51
TCP/IP Protocol Suite 38
+igure ,-.&0 2e!icographic ordering
7/17/2019 Chap-24.ppt
39/51
TCP/IP Protocol Suite 39
24-5 SNMP
SNMP uses -oth SMI an MIB in Internetnet,or+ management! It is anapplication program that allo,s:
)!< manager to retrie$e the $alue of ano-.ect ene in an agent!
'! < manager to store a $alue in an
o-.ect ene in an agent!0!
7/17/2019 Chap-24.ppt
40/51
TCP/IP Protocol Suite 40
Topics Discussed in the SectionTopics Discussed in the Section
P)s
+ormatMessages
+igure ,- &1 SNMP P34s
7/17/2019 Chap-24.ppt
41/51
TCP/IP Protocol Suite 41
+igure ,-.&1 SNMP P34s
+igure ,-.&3 SNMP P34 format
7/17/2019 Chap-24.ppt
42/51
TCP/IP Protocol Suite 42
+igure ,-.&3 SNMP P34 format
7/17/2019 Chap-24.ppt
43/51
TCP/IP Protocol Suite 43
7/17/2019 Chap-24.ppt
44/51
TCP/IP Protocol Suite 44
+igure ,-.&4 SNMP message
7/17/2019 Chap-24.ppt
45/51
TCP/IP Protocol Suite 45
+igure ,-.&4 SNMP message
'2ample'2ample ,- -
7/17/2019 Chap-24.ppt
46/51
TCP/IP Protocol Suite 46
In this e5ample" a manager station %SNMP client*uses a message ,ith 3et4e?uest P@A to retrie$e
the num-er of A@P atagrams that a router hasrecei$e %&igure '(!'*! There is onl# oneVarBin se?uence! The corresponing MIB$aria-le relate to this information is
upIn@atagrams ,ith the o-.ect ientier)!0!;!)!'!)!!)!! The manager ,ants to retrie$ea $alue %not to store a $alue*" so the $alueenes a null entit#! The -#tes to -e sent aresho,n in he5aecimal representation!
'2ample'2ample ,-.-
+igure ,-.,5 !ample "#$5
7/17/2019 Chap-24.ppt
47/51
TCP/IP Protocol Suite 47
g p
+igure ,-.,& /ctual message sent for !ample "#$5
7/17/2019 Chap-24.ppt
48/51
TCP/IP Protocol Suite 48
g g f p
7/17/2019 Chap-24.ppt
49/51
TCP/IP Protocol Suite 49
24-6 UDP PORTS
SNMP uses the ser$ices of A@P on t,o,ell>+no,n ports" );) an );'! The ,ell>+no,n port );) is use -# the ser$er%agent*" an the ,ell>+no,n port );' isuse -# the client %manager*!
+igure ,-., Port numbers for SNMP
7/17/2019 Chap-24.ppt
50/51
TCP/IP Protocol Suite 50
g f
7/17/2019 Chap-24.ppt
51/51
24-7 SECURITY
SNMP$0 has ae t,o ne, features tothe pre$ious $ersion: securit# anremote aministration! SNMP$0 allo,s amanager to choose one or more le$els of
securit# ,hen accessing an agent!@i=erent aspects of securit# can -econgure -# the manager to allo,message authentication" conentialit#"
an integrit#!SNMP$0 also allo,s remote
conguration of securit# aspects ,ithoutre?uiring the aministrator to actuall#
Top Related