Network Management

Summer 2016, Corboy 710, TTh 5:30-8:45 pm

Class 3: July 12


Notes on the iReasoning tool and snmpd

Most of you had no trouble installing the iReasoning MIB browser.

Getting snmpd configured and working is usually more complicated.






Review tables


Fundamental SNMP-v1 messages:    
atomic data values only! Note use of GET-NEXT to retrieve these.

Issues:
    data presentation (eg byte order, but much more)
    NAMING for all those possible attributes!
    
ASN.1/BER data representation: defer

data can be subdivided into fields, though it is not for SNMP.

     

ASN.1

AICN 20.6

See also http://luca.ntop.org/Teaching/Appunti/asn1.html.

SNMP uses Abstract Syntax Notation 1 (ASN.1) to define syntax; encoding into UDP packets is then done using the Basic Encoding Rules (BER). Right now it sufficies to note the following:
  1. BER data is tagged with its type.
  2. ASN.1 and BER supports compound data types. However, SNMP does not use these; all data is atomic. (However, SNMP does support tables, which corresponds roughly to record formats and which can be pressed into service to represent, say, arrays.)
  3. SNMP uses the ASN.1 type constructors SEQUENCE (to define lists) and SEQUENCE OF (to define records). A table is a SEQUENCE of records; each record is a SEQUENCE OF a specific list of fields. (ASN.1 also has SET and SET OF constructors, but SNMP does not use these directly.)
  4. ASN.1 also supports CHOICE types, but these are used in SNMP only for very high-level definitions, eg
                      SimpleSyntax ::=
                          CHOICE {
                              number
                                  INTEGER,
                              string
                                  OCTET STRING,
                              object
                                  OBJECT IDENTIFIER,
                              empty
                                  NULL
                          }

  5. SNMP does not use all the available basic ASN.1/BER data types. In fact, only INTEGER, OCTET STRING, OBJECT IDENTIFIER, and NULL are allowed. However, some subtypes of INTEGER are created; these are called defined types. See intronetworks.cs.luc.edu/current/html/netmgmt.html#snmpv1-data-types.
  6. The BER encoding is such that the actual size in bytes of the data can be difficult to predict.
Some defined types from RFC 1155 (AICN 20.5)

ASN.1 has more built-in data types. Every type is either Universal, Application-specific, Private, or Context-specific. Some of the universal types are BITSTRING, UTCTime, and PrintableString.


Some ASN.1:

Some definitions of high-level OID prefixes:

      internet    OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 }


      directory     OBJECT IDENTIFIER ::= { internet 1 }
      mgmt          OBJECT IDENTIFIER ::= { internet 2 }
      experimental  OBJECT IDENTIFIER ::= { internet 3 }
      private       OBJECT IDENTIFIER ::= { internet 4 }

For defining records (eg ifEntry, or other table rows):
      SEQUENCE { <type1>, ..., <typeN> }
Tables are lists of records, defined with
      SEQUENCE OF <entry>
The OBJECT-TYPE macro is ubiquitous in MIB files. It provides a uniform way to specify the value's type (the SYNTAX) field, and also the ACESS and STATUS fields. The notation closes with "::= <OIDvalue>".


      OBJECT-TYPE MACRO ::=
      BEGIN
          TYPE NOTATION ::= "SYNTAX" type (TYPE ObjectSyntax)
                            "ACCESS" Access
                            "STATUS" Status
          VALUE NOTATION ::= value (VALUE ObjectName)

          Access ::= "read-only"
                          | "read-write"
                          | "write-only"
                          | "not-accessible"
          Status ::= "mandatory"
                          | "optional"
                          | "obsolete"
      END


Here are five examples of OBJECT-TYPE in use to define the (now-deprecated) at table (for ARP data). The OID for the at group is 1.3.6.1.2.1.3. It defines atTable as at.1 (that is, 1.3.6.1.2.1.3.1), and atEntry as atTable.1, and the three columns as atEntry.1, atEntry.2, and atEntry.3.

1.                atIndex OBJECT-TYPE
                         SYNTAX  INTEGER
                          ACCESS  read-write
                          STATUS  mandatory
                          ::= { atEntry 1 }

2.                atPhysAddress OBJECT-TYPE
                          SYNTAX  OCTET STRING
                          ACCESS  read-write
                          STATUS  mandatory
                          ::= { atEntry 2 }

3.                atNetAddress OBJECT-TYPE
                          SYNTAX  NetworkAddress
                          ACCESS  read-write
                          STATUS  mandatory
                          ::= { atEntry 3 }

4.                atEntry OBJECT-TYPE
                          SYNTAX  AtEntry
                          ACCESS  read-write
                          STATUS  mandatory
                          ::= { atTable 1 }

5.                atTable OBJECT-TYPE
                          SYNTAX  SEQUENCE OF AtEntry
                          ACCESS  read-write
                          STATUS  mandatory
                          ::= { at 1 }

The first three entries define columns ("fields") of atEntry. The fourth defines atEntry as having OID atTable.1, and with syntax the CAPITALIZED AtEntry. The fifth defines atTable as having OID at.1, and with syntax SEQUENCE OF AtEntry.

Finally there is
                  AtEntry ::= SEQUENCE {
                      atIndex
                          INTEGER,
                      atPhysAddress
                          OCTET STRING,
                      atNetAddress
                          NetworkAddress
                  }
Every table has a row specification like this, with name capitalized by convention. Note that the OBJECT-TYPE is not used here. We could splice AtEntry into the fourth and fifth OBJECT-TYPE entries above, but it's simpler not to.


20.8: SNMP Operations

Get and GetNext
    Multi-attribute Get
    Set

VarBind Lists
Walking the OID tree


20.9: MIB Browsing
20.10: MIB-2



Software-Defined Networking

Mininet and Pox



Look at snmpd.conf on ulam3


Network Implementation Design Analysis – Burke, 2004, p 45

Geographical Distribution

  1. Office
    1. Subnets
    2. LAN
  2. Department (many offices)
    1. Subnets
    2. LAN
  3. Division (many departments)
    1. LAN
    2. WAN
  4. Organization (many divisions)
    1. Local LAN/WAN
    2. National WAN
    3. Global WAN
Subnets
  1. How many
    1. bridges/switches
    2. routers
  2. Ethernet
    1. cabling
    2. speed
    3. IP addresses needed
    4. DHCP
  3. Wireless
    1. number of wireless hubs
    2. authentication

LAN

  1. How many of them
  2. Domain names
  3. DNS configuration
  4. IP address space
  5. Subnets / how many, subnet masks
  6. switched Ethernet v routers
  7. Other LAN technologies

WAN

  1. How sites connect
  2. PSTN, X.25, SONET, ATM, Frame Relay, Carrier Ethernet, etc

Bandwidth requirements

  1. Video needs
  2. Audio needs
  3. Data needs

Service Level Agreements

  1. bandwidth constantly available
  2. peak bandwidth
  3. bandwidth available on demand
  4. burst capacity

Security

  1. firewall configuration
  2. proxy servers
  3. authentication issues
  4. network intrusion detection
  5. virus/malware monitoring


Apply it to:

 
Table 3.2 from Burke, Network Management, 2004: this describes some of the data we want:

Reliability:
Faults
Availability:    MTBF

Performance (response time)
Throughput
Data packet throughput
Voice ordered packet throughput
Video bandwidth, ...
Utilization
Resource use
Policies

Redundancy

User support

Note that this table does NOT have any per-service entries!
Some software services: