Network Management
Summer 2016, Corboy 710, TTh 5:30-8:45 pm
Class 3: July 12
Notes on the iReasoning tool and snmpd
Most of you had no trouble installing the iReasoning MIB browser.
Getting snmpd configured and working is usually more complicated.
Review tables
Fundamental SNMP-v1 messages:
- SET
- GET
- GET-NEXT
- response to above
- TRAP
atomic data values only! Note use of GET-NEXT to retrieve these.
Issues:
data presentation (eg byte order, but much more)
NAMING for all those possible attributes!
ASN.1/BER data representation: defer
data can be subdivided into fields, though it is not for SNMP.
AICN 20.6
See also http://luca.ntop.org/Teaching/Appunti/asn1.html.
SNMP uses Abstract Syntax Notation 1 (ASN.1) to define syntax; encoding into
UDP packets is then done using the Basic Encoding Rules (BER). Right now it
sufficies to note the following:
- BER data is tagged with its
type.
- ASN.1 and BER supports compound data types. However, SNMP does not use
these; all data is atomic. (However, SNMP does support tables,
which corresponds roughly to record formats and which can be pressed
into service to represent, say, arrays.)
- SNMP uses the ASN.1 type constructors SEQUENCE (to define lists) and
SEQUENCE OF (to define records). A table is a SEQUENCE of records; each
record is a SEQUENCE OF a specific list of fields. (ASN.1 also has SET
and SET OF constructors, but SNMP does not use these directly.)
- ASN.1 also supports CHOICE types, but these are used in SNMP only for
very high-level definitions, eg
SimpleSyntax ::=
CHOICE
{
number
INTEGER,
string
OCTET
STRING,
object
OBJECT
IDENTIFIER,
empty
NULL
}
- SNMP does not use all the available basic ASN.1/BER data types. In
fact, only INTEGER, OCTET STRING, OBJECT IDENTIFIER, and NULL are
allowed. However, some subtypes of INTEGER are created; these are called
defined types. See intronetworks.cs.luc.edu/current/html/netmgmt.html#snmpv1-data-types.
- The BER encoding is such that the actual size in bytes of the data can
be difficult to predict.
Some defined types from RFC 1155 (AICN
20.5)
- IpAddress: (a 4-byte OCTET
STRING in network byte order)
- Counter: (a non-negative
INTEGER which increases monotonically to 2^32-1 until it wraps around)
- Gauge: a nonnegative integer
which "latches at a maximum value". This generally means that if it ever
hits the maximum, it sticks there and will not decrease. Thus, if it
hits the maximum, you will know.
- TimeTicks: an INTEGER
representing time measured in 10ms (0.01 sec) units.
- Opaque: an arbitrary byte
string, encoded as an OCTET STRING.
ASN.1 has more built-in data types. Every type is either Universal,
Application-specific, Private, or Context-specific. Some of the universal
types are BITSTRING, UTCTime, and PrintableString.
Some ASN.1:
Some definitions of high-level OID prefixes:
internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 }
directory OBJECT IDENTIFIER ::= { internet 1 }
mgmt OBJECT IDENTIFIER ::= { internet 2 }
experimental OBJECT IDENTIFIER ::= { internet 3 }
private OBJECT IDENTIFIER ::= { internet 4 }
For defining records (eg ifEntry, or other table rows):
SEQUENCE { <type1>, ..., <typeN> }
Tables are lists of records, defined with
SEQUENCE OF <entry>
The OBJECT-TYPE macro is ubiquitous in MIB files. It provides a uniform way
to specify the value's type (the SYNTAX) field, and also the ACESS and
STATUS fields. The notation closes with "::= <OIDvalue>".
OBJECT-TYPE MACRO ::=
BEGIN
TYPE NOTATION ::= "SYNTAX" type (TYPE ObjectSyntax)
"ACCESS"
Access
"STATUS"
Status
VALUE NOTATION ::= value (VALUE ObjectName)
Access ::= "read-only"
|
"read-write"
|
"write-only"
|
"not-accessible"
Status ::= "mandatory"
|
"optional"
|
"obsolete"
END
Here are five examples of OBJECT-TYPE in use to define the (now-deprecated)
at table (for ARP data). The OID for the at
group is 1.3.6.1.2.1.3. It defines atTable as at.1 (that is,
1.3.6.1.2.1.3.1), and atEntry as atTable.1, and the three columns as
atEntry.1, atEntry.2, and atEntry.3.
1.
atIndex OBJECT-TYPE
SYNTAX
INTEGER
ACCESS
read-write
STATUS
mandatory
::=
{ atEntry 1 }
2.
atPhysAddress OBJECT-TYPE
SYNTAX
OCTET STRING
ACCESS
read-write
STATUS
mandatory
::=
{ atEntry 2 }
3.
atNetAddress OBJECT-TYPE
SYNTAX
NetworkAddress
ACCESS
read-write
STATUS
mandatory
::=
{ atEntry 3 }
4.
atEntry OBJECT-TYPE
SYNTAX
AtEntry
ACCESS
read-write
STATUS
mandatory
::=
{ atTable 1 }
5.
atTable OBJECT-TYPE
SYNTAX
SEQUENCE OF AtEntry
ACCESS
read-write
STATUS
mandatory
::=
{ at 1 }
The first three entries define columns ("fields") of atEntry. The fourth
defines atEntry as having OID atTable.1, and with syntax the CAPITALIZED
AtEntry. The fifth defines atTable as having OID at.1, and with syntax
SEQUENCE OF AtEntry.
Finally there is
AtEntry ::= SEQUENCE {
atIndex
INTEGER,
atPhysAddress
OCTET
STRING,
atNetAddress
NetworkAddress
}
Every table has a row specification like this, with name capitalized by
convention. Note that the OBJECT-TYPE is not
used here. We could splice AtEntry into the fourth and fifth OBJECT-TYPE
entries above, but it's simpler not to.
20.8: SNMP Operations
Get and GetNext
Multi-attribute Get
Set
VarBind Lists
Walking the OID tree
20.9: MIB Browsing
20.10: MIB-2
Software-Defined Networking
Mininet and Pox
Look at snmpd.conf on ulam3
Network Implementation Design Analysis –
Burke, 2004, p 45
Geographical Distribution
- Office
- Subnets
- LAN
- Department (many offices)
- Subnets
- LAN
- Division (many departments)
- LAN
- WAN
- Organization (many divisions)
- Local LAN/WAN
- National WAN
- Global WAN
Subnets
- How many
- bridges/switches
- routers
- Ethernet
- cabling
- speed
- IP addresses needed
- DHCP
- Wireless
- number of wireless hubs
- authentication
LAN
- How many of them
- Domain names
- DNS configuration
- IP address space
- Subnets / how many, subnet masks
- switched Ethernet v routers
- Other LAN technologies
WAN
- How sites connect
- PSTN, X.25, SONET, ATM, Frame Relay, Carrier Ethernet, etc
Bandwidth requirements
- Video needs
- Audio needs
- Data needs
Service Level Agreements
- bandwidth constantly available
- peak bandwidth
- bandwidth available on demand
- burst capacity
Security
- firewall configuration
- proxy servers
- authentication issues
- network intrusion detection
- virus/malware monitoring
Apply it to:
- a set of offices on 10 floors of one building
- a multi-city company with web servers
Table 3.2 from Burke, Network Management,
2004: this describes some of the data we want:
Reliability:
- transmission error rates
- dropped packets
- link failures
Faults
- proactive prevention
- detection
- location
- correction time
- link v node
Availability: MTBF
Performance (response time)
- processor total use
- interrupts/sec
- queue length
- etc
Throughput
- bytes per second we're actually achieving
- guaranteed throughput via our Service Level Agreement
Data packet throughput
Voice ordered packet throughput
Video bandwidth, ...
Utilization
- packets/sec
- transactions/sec
Resource use
- application software
- network devices (switches, routers, etc)
- services
- disk storage
- cpu
Policies
Redundancy
User support
Note that this table does NOT have any per-service entries!
Some software services:
- Windows Server Active Directory authentication
- Windows file sharing: file access time
- Web server
- database server
- integrated web/database
- DNS
- DHCP