Network Management

Summer 2017, Corboy 205, TTh 5:30-8:45 pm

Class 3: July 11

Mininet Assignment

Run the lineNstandalone.py Mininet program together with the Pox l2_pairs module.

Have each of h1, h2 and h3 ping h4.

Give me the ovs-ofctl dump-flows result for each of s1-s4. (See the example in the l2_pairs section).

Readings

Here are some references to IntroNetworks:

Ethernet switching: intronetworks.cs.luc.edu/current/html/ethernet.html#ethernet-switches
Spanning Tree: intronetworks.cs.luc.edu/current/html/ethernet.html#spanning-tree-algorithm-and-redundancy
Overview of distance-vector route-discovery (especially intronetworks.cs.luc.edu/current/html/routing.html#distance-vector-update-rules).

Could we implement DV on an Ethernet? Why not?

Demo of mininet3 and lxde

See also ../mininet

Running Mininet
switchline -N 3

Discussion of SDN and openflow: intronetworks.cs.luc.edu/current/html/ethernet.html#software-defined-networking.

The Pox section of AICN: intronetworks.cs.luc.edu/current/html/mininet.html#the-pox-controller.

Brief intro to SNMP

Read intronetworks.cs.luc.edu/current/html/netmgmt.html, sections 21.1-21.7

SNMP, for Simple Network Monitor Protocol, is a way to get information from each node on your network. Each device must run an SNMP "agent" module; for example, workstations must run an SNMP software package in order to respond. SNMP can be used readonly to poll the agents and retrieve data, or in readwrite mode to update and configure the devices via their agents.

SNMP started as SGNP: Simple Gateway Monitoring Protocol, in 1987 ("gateway" is an old term for "router"). It conflicted with the OSI approach known as CMIP (Common Management Information Protocol). At the time CMIP was too large and complex for practical implementation.

In 1988 the Internet Activities Board decided to pursue both SGMP and CMOT: CMIP over TCP/IP. This failed within a year: CMOT was dropped and SGMP had evolved into SNMPv1.

Perhaps the first issue for SNMP is how are we going to NAME all the possible attributes? Remember that many devices will have manufacturer-specific attributes

One important manufacturer-specific attribute is the Device Temperature.

SNMP defines an enormous tree-structured naming hierarchy, using strings of digits known as Object IDentifiers, or OIDs. A diagram appears in Mauro & Schmidt, page 24. Here are some upper levels:

1   iso
3   standard
6   dod
1   internet
2   mgmt       4: private
1   mib-2

Thus, the prefix 1.3.6.1.2.1 is would be the OID prefix for the mib-2 data; mib-2 was an early standardization of the SNMP data that would "usually" be available. The prefix 1.3.6.1.4.1 is for "private", or manufacturer-specific, data.

Here are some of the next mib-2 levels; we will use "mib2" to represent "1.3.6.1.2.1"; thus mib2.5 denotes "1.3.6.1.2.1.5"
   mib2.1   system
   mib2.2   interfaces
   mib2.3   arp
   mib2.4   ip
   mib2.5   icmp
   mib2.6   tcp
   mib2.7   udp
   mib2.8   egp (obsolete)
   mib2.9   unimplemented [?]
   mib2.10   unimplemented [?]
   mib2.11   snmp server
   mib2.25   host resources
There are more.

SET GET GET-NEXT, response, TRAP
atomic values only! Note use of GET-NEXT
The "base" MIB is MIB-2

Issues:
   data presentation (eg byte order, but much more)
   NAMING for all those possible attributes!

ASN.1/BER data representation: defer

data can be subdivided into fields, though it is not for SNMP.

A MIB is an assignment to each of a set of OIDs a specific attribute name and type. (MIBs also define tabular data forms.) The OIDs name the general attributes, not a specific instance. In that sense, OIDs are like Java class definitions, not class instances.

Questions:

given an OID, how do we find a MIB file that defines it?
given a piece of hardware, how do we find a MIB that defines its SNMP responses?

The first case corresponds to our seeing 1.3.6.1.2.1.1.9 in the output of the system snmp walk; we did not, however, know how to interpret the responses.

The second case is probably more common: you have a new switch, and need to find out what kinds of SNMP data it submits in the private (1.3.6.1.4.1) subtree.

If we run a MIB browser such as iReasoning, we can see the OIDs. Sometimes googling for the OID will turn something up. Sometimes searching the mib files for, say, the string "system 9" to figure out the OIDs of form system.9, will find what we want.

Demos using iReasoning tool and snmpwalk

We will use host ulam3 (10.38.2.42) and/or my laptop for these demos

(/etc/default/snmpd by default binds snmpd only to localhost!)

   snmpwalk -v 2c -c public ulam3 .1.3.6.1.2.1.1

    snmpwalk -v 2c -c public ulam3 1.3.6.1.4.1
    End of MIB

    snmpwalk -v 2c -c tengwar ulam3 1.3.6.1.4.1
    gads of data

    snmpwalk -v 1 -c tengwar ulam3 1.3.6.1.4.1.42
    gads of data

As of 2016, the ulam3 SNMP community strings are "public", "futhark" and "tengwar".

You can put .1.3.6.1.4.1.42 into the upper-right box of the iReason tool [at least for ulam3]

Other ways of polling devices:

   ssh: limitations: lack of "universal" account
              lack of "limited" account
              doesn't work for most hubs/switches/non-hosts