Session 08
SNMPv2
MJ08/0704
Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network
Management course at Universitas Bina Nusantara
1
Major Changes
• Bulk data transfer
• Manager-to-manager message
• Enhancements to SMI: SMIv2
• Module definitions: MODULE-IDENTITY macro
• Object definitions: OBJECT-TYPE macro
• Trap definitions: NOTIFICATION-TYPE macro
• Textual conventions
• Conformance statements
• Row creation and deletion in table
• MIB enhancements
• Transport mappings
• Security features, originally to be in SNMPv2 moved to
SNMPv3
• SNMPv2, like SNMPv1, is community-based administrative
framework
MJ08/0704
2
SNMPv2 Internet Group
Internet
{1 3 6 1}
SNMPv2
directory
(1)
mgmt
(2)
experimental
(3)
private
(4)
security
(5)
snmpv2
(6)
• Objects added to System group
• Extensive modification of the SNMP group
• Additional SNMPv2 group added
• Security group is a placeholder
MJ08/0704
3
SNMPv2 NM Architecture
SNMP
UDP
UDP
IP
IP
IP
DLC
DLC
DLC
PHY
PHY
PHY
snmpV2-trap
set-request
response
SNMP
PDU
get-bulk-request
snmpV2-trap
SNMP Agent
Application
SNMP
Physical Medium
MJ08/0704
get-request
get-next-request
get-bulk-request
set-request
response
SNMP
PDU
SNMP Manager
Application
Application
PDU
get-next-request
Application
PDU
inform-request
response
snmpV2-trap
get-bulk-request
set-request
get-request
get-next-request
inform-request
SNMP Manager
Application
SNMP Agent
SNMP Manager
get-request
SNMP Manager
SNMP
UDP
Physical Medium
4
SNMPv2 New Messages
• inform-request
• manager-to-manager message
• get-bulk-request
• transfer of large data
• report
• not used
MJ08/0704
5
OBJECT
• OBJECT IDENTIFIER defines the administrative
identification of a node in the MIB
• OBJECT-IDENTITY macro assigns an object identifier to an
object identifier in the MIB
• OBJECT-TYPE macro defines the type of a managed object
MJ08/0704
6
Table Expansion
• Augmentation of a table (dependent table) adds
additional columns to an existing table (base table)
• Dense table enables addition of more rows to base
table
• Sparse table supplements less rows to a base table
MJ08/0704
7
Textual Convention
• Enables defining new data types
• Makes semantics of data types consistent and
human readable
• Creates new data types using existing ones and
applies restrictions to them
• An important textual convention in SNMPv2,
RowStatus creates and deletes rows
MJ08/0704
8
Conformance: OBJECT-GROUP
• Conformance defined by
• OBJECT-GROUP macro
• NOTIFICATION-GROUP macro
• OBJECT-GROUP
• Compiled during implementation, not at run
time
• OBJECTS clause names each object
• Every object belongs to an OBJECT-GROUP
• Access defined by MAX-ACCESS, the maximum
access privilege for the object
MJ08/0704
9
Conformance: NOTIFICATION-GROUP
• Contains trap entities defined in SMIv1
• NOTIFICATIONS clause identifies the
notifications in the group
• NOTIFICATIONS-GROUP macro compiled
during implementation, not at run time
MJ08/0704
10
Compliance
• Compliance has two classes of groups
• MANDATORY- GROUPS (Required)
• GROUP (Optional)
MJ08/0704
11
Agent Capabilities
• AGENT-CAPABILITIES macro
• SUPPORTS modules and includes groups
• VARIATION identifies additional features
MJ08/0704
12
SNMPv2 MIB
Internet
{1 3 6 1}
directory
(1)
mgmt
(2
experimental
(3)
private
(4)
snmpdomains
(1)
mib-2
(1)
system
(1)
MJ08/0704
security
(5)
snmpProxys
(2)
snmpv2
(6)
snmpModules
(3)
snmpMIB
(1)
snmp
(11)
snmpMIBObjects
(1)
snmpMIBConformance
(2)
13
SNMPv2 MIB
• Security is a placeholder
• System group: A table sysORTable added that
lists resources that the agent controls; NMS
configures NE through the agents.
• Most of the objects in the SNMPv1 obsoleted
• Object Groups and Notification Groups defined
for conformance specifications.
MJ08/0704
14
SNMPv2 System Group (RFC 1907)
system
(mib-2 1)
sysDescr (1)
sysObjectId (2)
sysUpTime (3)
sysContact (4)
sysORLastChange (8)
sysServices (7)
sysLocation (6)
sysORTable (9)
sysName (5)
sysOREntry (1)
sysORIndex (1)
sysORUpTime (4)
sysORID (2)
MJ08/0704
sysORDescr (3)
15
SNMPv2 System Group (RFC 1907)
Entity
OID
sysORLastChang
e
system 8
sysORTable
system 9
sysOREntry
sysORTable 1
An entry in the sysORTable
sysORIndex
sysOREntry 2
Row index, also index for the table
sysORID
sysOREntry 3
ID of the resource module
sysORDescr
sysOREntry 4
Textual description of the resource module
sysORUpTime
sysOREntry 5
System up-time since the object in this row
was last instantiated
MJ08/0704
Description
sysUpTime value at time of most recent
change in state or value of any instance of
sysORID.
Table listing system resources that the agent
controls; manager can configure these
resources through the agent
16
SNMPv2 SNMP MIB
snmp
(mib-2 11)
snmpInPkts(1)
snmpProxyDrops (32)
snmpInBadVersions (3)
snmpSilentDrops (31)
snmpInBadCommunityNames (4)
snmpInBadCommunityUses (5)
snmpEnableAuthenTraps (30)
snmpInASNParseErrors (6)
SNMP Group Objects
1,3,6,30,31,32 snmpGroup
4,5
snmpCommunity Group
7,23
not used
2,8-23, 24-29
snmpObsoleteGroup
MJ08/0704
17
snmpMIBObjects MIB
snmpMIBObjects
(snmpMIB 1)
snmpTrap
(4)
snmpTrapOID
(1)
snmpTraps
(5)
snmpTrapEnterprise
(3)
coldStart (1)
snmpSet
(6)
snmpSetSerialNo
(1 )
authenticationFailure (5)
warmStart (2)
linkUp (4)
linkDown (3)
MJ08/0704
18
SNMPv2 PDU
PDU
RequestID
Type
Error
Status
Error
Index
VarBind 1
name
VarBind 1
value
...
VarBind n
name
VarBind n
value
• Standardized format for all messages
• Interpretation of error status and error index fields; in
v1, if error occurs status and index field filled, but
varBindList blank
Interpretation
varBindList ignored
varBind of index field ignored
MJ08/0704
Status
x
x
Index
x
19
SNMPv2 Error Status
Field
PDU
MJ08/0704
Type
0
1
2
3
4
5
6
7
14
15
16
17
18
Value
Get-Request-PDU
GetNextRequest-PDU
Response-PDU
Set-Request- PDU
obsolete
GetBulkRequest-- PDU
InformRequest- PDU
SNMPv2 - Trap- PDU
commitFailed
undoFailed
authorizationError
notWritable
inconsistentName
20
SNMPv2 PDU
Field
PDU
MJ08/0704
Type
0
1
2
3
4
5
6
7
Value
Get-Request-PDU
GetNextRequest-PDU
Response-PDU
Set-Request- PDU
obsolete
GetBulkRequest-- PDU
InformRequest- PDU
SNMPv2 - Trap- PDU
21
SNMPv2 GetBulkRequest PDU
PDU
Type
RequestID
NonRepeaters
Max
Repetitions
VarBind 1
name
VarBind 1
value
...
VarBind n
name
VarBind n
value
• Error status field replaced by Non-repeaters
• Error index field replaced by Max repetitions
• No one-to-one relationship between request and response
MJ08/0704
22
SNMPv1 SNMP MIB
snmp
(mib-2 11)
snmpInPkts(1)
snmpEnableAuthenTraps (30)
snmpOutPkts (2)
snmpOutTraps (29)
snmpInBadVersions (3)
snmpOutGetResponses (28)
snmpInCommunityNames (4)
snmpInBadCommunityUses (5)
snmpInASNParseErrors (6)
-- not used (7)
snmpOutSetRequests (27)
snmpOutGetNexts (26)
snmpOutGetRequests (25)
snmpOutGenErrs (24)
snmpInTooBigs (8)
snmpInNoSuchNames (9)
snmpInBadValues (10)
snmpInReadOnlys (11)
snmpInGenErrs (12)
snmpInTotalReqVars (13)
snmpInTotalSetVars (14)
snmpInGetRequests (15)
MJ08/0704
-- not used (23)
snmpOutBadValues (22)
snmpOutNoSuchNames (21)
snmpOutTooBigs (20)
snmpInTraps (19)
snmpInGetResponses
(18)
snmpInSetRequests (17)
snmpInGetNexts (16)
23
SNMPv2 Trap
PDU
Type
RequestID
Error
Status
Error
Index
VarBind 1
sysUpTime
VarBind 1
value
VarBind 2
snmpTrapOID
VarBind 2
value
..
.
• Addition of NOTIFICATION-TYPE macro
• OBJECTS clause, if present, defines order of variable
bindings
• Positions 1 and 2 in VarBindList are sysUpTime and
snmpTrapOID
MJ08/0704
24
Inform-Request
PDU
Type
RequestID
Error
Status
Error
Index
VarBind 1
sysUpTime
VarBind 1
value
VarBind 2
snmpTrapOID
VarBind 2
value
..
.
• Inform-Request behaves as trap in that the message goes from
one manager to another unsolicited
• The receiving manager sends response to the sending manager
MJ08/0704
25
Bilingual Manager
Bilingual Manager
SNMPv1
Interpreter
SNMPv1
Agents
MJ08/0704
Agent
Profile
SNMPv2
Interpreter
SNMPv2
Agents
26
Bilingual Manager
• Compatibility with SNMPv1
• Bilingual Manager
• Proxy Server
• Bilingual Manager expensive in
resource
and operation
MJ08/0704
27
SNMP Proxy Server
SNMPv2 Manager
Proxy
Server
SNMPv1
Agents
MJ08/0704
SNMPv2
Agents
28
SNMP Proxy Server
SNMPv2 Manager
GetRequest
GetNextRequest
SetRequest
GetBulkRequest
Response
SNMPv2-Trap
MJ08/0704
SNMP v2-v1 Proxy Server
SNMPv1 Agent
Pass-Through
GetRequest
Pass-Through
GetNextRequest
Pass-Through
Set: 1. non-repeaters = 0
2. max-repetitions = 0
SetRequest
GetNextRequest
Pass-Through
Exception: For 'tooBig' error, contents of variable-bindings GetResponse
field removed.
Prepend VarBind: 1. sysUpTime.0
2. snmpTrapOID.0
Trap
29