generic vs specific simple network management tools
play

Generic vs. Specific Simple Network Management Tools J urgen Sch - PowerPoint PPT Presentation

Generic vs. Specific Simple Network Management Tools J urgen Sch onw alder <schoenw@informatik.uni-osnabrueck.de> University of Osnabr uck Germany SANE 2002 p.1 Network Management Standards 1.0 2.0 2.2 2.3 2.4 2.5


  1. Generic vs. Specific Simple Network Management Tools J¨ urgen Sch¨ onw¨ alder <schoenw@informatik.uni-osnabrueck.de> University of Osnabr¨ uck Germany SANE 2002 – p.1

  2. Network Management Standards 1.0 2.0 2.2 2.3 2.4 2.5 2.6 CORBA (OMG) M.30 TMN (ITU) M.3010 M.3100 M.3400 OSI RM.4 CMIP CMIS GDMO CMIP (ISO) SNMPv1 SNMPv2p SNMPv2c SNMPv3 SNMPv3 SNMPv3 [S] [P] [D/E] [P] [D] [S] SNMP (IETF) SMIv1 SMIv2 SMIv2 SMIv2 [S] [P] [D] [S] SMI (IETF) SPPIv1 [P] SPPI (IETF) COPS−PRv1 [P] COPS−PR (IETF) Legend: 1.0 2.0 2.0s [P] Proposed Standard DMI (DMTF) [D] Draft Standard [S] Standard 1.0 2.0 2.2 2.3 2.4 2.5 [E] Experimental CIM (DMTF) LDAP LDAPv2 LDAPv3 [P] [D] [P] LDAP (IETF) 1980 1982 1984 1986 1988 1990 1992 1994 1996 1998 2000 2002 SANE 2002 – p.2

  3. SNMP in a Nutshell - The Simple Network Management Protocol (SNMP) is used to access and manipulate simple typed variables organized in conceptual tables or groups of scalars. SANE 2002 – p.3

  4. SNMP in a Nutshell - The Simple Network Management Protocol (SNMP) is used to access and manipulate simple typed variables organized in conceptual tables or groups of scalars. - The semantics of the variables are specified in MIB modules which are written in the SMI data definition language (Structure of Management Information). SANE 2002 – p.3

  5. SNMP in a Nutshell - The Simple Network Management Protocol (SNMP) is used to access and manipulate simple typed variables organized in conceptual tables or groups of scalars. - The semantics of the variables are specified in MIB modules which are written in the SMI data definition language (Structure of Management Information). - Each variable is uniquely named by an OID value (a sequence of numbers defining a path in a global registration tree). SANE 2002 – p.3

  6. SNMP in a Nutshell - The Simple Network Management Protocol (SNMP) is used to access and manipulate simple typed variables organized in conceptual tables or groups of scalars. - The semantics of the variables are specified in MIB modules which are written in the SMI data definition language (Structure of Management Information). - Each variable is uniquely named by an OID value (a sequence of numbers defining a path in a global registration tree). - SNMP operates on a (lexicographically) ordered list of variables (varbind list). Each element consists of an OID identifying a variable and its value. SANE 2002 – p.3

  7. SNMP v2c/v3 Protocol Operations command command command command notification notification generator responder generator responder originator receiver Get GetNext Trap Response Response command command command command notification notification generator responder generator responder originator receiver Set GetBulk Inform Response Response Response SANE 2002 – p.4

  8. SNMP v2c/v3 Protocol Operations command command command command notification notification generator responder generator responder originator receiver Get GetNext Trap Response Response command command command command notification notification generator responder generator responder originator receiver Set GetBulk Inform Response Response Response Due to the simplicity of the operations, people call SNMP - the peek/poke/trap protocol of the Internet or - the turing machine for network management . SANE 2002 – p.4

  9. SNMP Architecture Traditional Agent MIB Instrumentation Traditional Manager Access Control Subsystem Command Notification Notification Command View-based Notification Proxy Generator Receiver Originator Responder Access Control Originator Forwarder Message Processing Security Subsystem Message Processing Security Subsystem PDU Subsystem PDU Subsystem Dispatcher Dispatcher v1MP Community v1MP Community Security Model Security Model v2cMP v2cMP Message User-based Message User-based Dispatcher Security Model Dispatcher Security Model v3MP v3MP Other Other Transport other MP Security Model Transport other MP Security Model Mappings Mappings UDP IPX UDP IPX Communication Network SANE 2002 – p.5

  10. SNMPv3 Message Encoding 0x30 - sequence tag len SNMPv3Message 0x02 - integer 0x30 - sequence 0x04 - octet string 0x30 or 0x04 - sequence or octet string tag len msgVersion tag len msgGlobalData tag len msgSecurityParameters tag len msgData 0x02 - integer 0x02 - integer 0x04 - octet string 0x02 - integer 0x30 - sequence tag len msgID tag len msgMaxSize tag len msgFlags tag len msgSecurityModel tag len UsmSecurityParameters 0x04 - octet string 0x02 - integer 0x02 - integer 0x04 - octet string 0x04 - octet string 0x04 - octet string tag len msgAuthEngineID tag len msgAuthEngBoots tag len msgAuthEngTime tag len msgUserName tag len msgAuthParam tag len msgPrivParam 0x04 - octet string 0x04 - octet string depends on PDU type tag len contextEngineID tag len contextName tag len PDU 0x02 - integer 0x02 - integer 0x02 - integer 0x30 - sequence tag len request-id tag len error-status / non-repeaters tag len error-index / max-repetitions tag len variable-bindings 0x30 - sequence 0x30 - sequence tag len VarBind tag len VarBind 0x08 - object identifier depends on type of value 0x08 - object identifier depends on type of value tag len name tag len value / exception tag len name tag len value / exception SANE 2002 – p.6

  11. Observations SANE 2002 – p.7

  12. Observations - The protocol operations are simple while the protocol itself is everything else than simple. SANE 2002 – p.7

  13. Observations - The protocol operations are simple while the protocol itself is everything else than simple. - You need good tools/libraries to invoke the rather simplistic SNMP operations. SANE 2002 – p.7

  14. Observations - The protocol operations are simple while the protocol itself is everything else than simple. - You need good tools/libraries to invoke the rather simplistic SNMP operations. - Once you can invoke SNMP operations, you need to write meaningful management procedures to overcome the peek/poke/trap abstraction level. SANE 2002 – p.7

  15. Observations - The protocol operations are simple while the protocol itself is everything else than simple. - You need good tools/libraries to invoke the rather simplistic SNMP operations. - Once you can invoke SNMP operations, you need to write meaningful management procedures to overcome the peek/poke/trap abstraction level. - Since humans can’t remember OIDs, you need tools/libraries which help to avoid dealing with OIDs. SANE 2002 – p.7

  16. What can be done? SANE 2002 – p.8

  17. � What can be done? Approach #1: Extend scripting languages with SNMP APIs to allow people to easily script their own useful management applications on top of the simplistic SNMP operations. SANE 2002 – p.8

  18. � � � � What can be done? Approach #1: Extend scripting languages with SNMP APIs to allow people to easily script their own useful management applications on top of the simplistic SNMP operations. - Perl extensions ( snmp-perl , snmp-session ) - Tcl extensions ( Tnm ) - SANE 2002 – p.8

  19. � � � � � What can be done? Approach #1: Extend scripting languages with SNMP APIs to allow people to easily script their own useful management applications on top of the simplistic SNMP operations. - Perl extensions ( snmp-perl , snmp-session ) - Tcl extensions ( Tnm ) - Approach #2: Build compilers that generate C stubs from MIB specifications which are easier to program with to create specific management applications. SANE 2002 – p.8

  20. � � � � � What can be done? Approach #1: Extend scripting languages with SNMP APIs to allow people to easily script their own useful management applications on top of the simplistic SNMP operations. - Perl extensions ( snmp-perl , snmp-session ) - Tcl extensions ( Tnm ) - Approach #2: Build compilers that generate C stubs from MIB specifications which are easier to program with to create specific management applications. - SNMP Command Line Interface ( scli ) SANE 2002 – p.8

  21. Tnm extension for Tcl - Tnm provides a generic SNMP API for Tcl - Written entirely in C for good performance - Tightly integrated into the Tcl event mechanism - Scripts can talk to many devices simultaneously - Traffic shaping for smoothing bulky message streams - Several (generic) applications exist on top of Tnm ( tkined , sgmospy , sbrowser , ...) - Used by several companies to drive test suites - Available since 1994, relative few changes since 1999 SANE 2002 – p.9

  22. Retrieving Interface Status with Tnm package require Tnm 3.0 proc walkproc {s stat vbl} { if {$stat == "noError"} { set i [Tnm::mib unpack [Tnm::snmp oid $vbl 0]] set o [Tnm::snmp value $vbl 0] set a [Tnm::snmp value $vbl 1] puts "[$s cget -address]\t$i\t$o\t$a" } } puts "ADDRESS\t\tIFACE\tOPER\tADMIN" foreach host $argv { set s [Tnm::snmp generator -address $host] $s walk {ifOperStatus ifAdminStatus} { walkproc %S %E "%V" } } Tnm::snmp wait exit SANE 2002 – p.10

Recommend


More recommend