Snmp Paper Patrol

  • Published on
    20-Jul-2016

  • View
    15

  • Download
    7

Embed Size (px)

Transcript

<ul><li><p>Integrating PATROL with SNMP</p><p>February 2000</p></li><li><p>Contents</p><p>SNMP an IntroductionThe SNMP Standard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3</p><p>Standard Message Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3PDU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Standard Set of Managed Objects . . . . . . . . . . . . . . . . . . . . . . . . 4</p><p>MIB Structure and Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5MIB Object Access Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5MIB Tree Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Discrete MIB Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Table Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7</p><p>MIB Object Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Compiling MIB Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9</p><p>Standard Addition of Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . 9SNMP Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10</p><p>SNMP Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10SNMP Master Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11SNMP Sub-agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Instrumenting Applications for Management . . . . . . . . . . . . . . 11</p><p>PATROL SNMP ImplementationPATROL SNMP Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12</p><p>PATROL SNMP Master Agent . . . . . . . . . . . . . . . . . . . . . . . . . 12PATROL SNMP Sub-agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12PATROL SNMP ImplementationWindows NT . . . . . . . . . . . 13PATROL SNMP ImplementationUnix . . . . . . . . . . . . . . . . . . 14PATROL as an SNMP Manager . . . . . . . . . . . . . . . . . . . . . . . . 14MIB to KM Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Third-party SNMP Managers . . . . . . . . . . . . . . . . . . . . . . . . . . 15The PATROL SNMP Toolkit . . . . . . . . . . . . . . . . . . . . . . . . . . 15Integrating PATROL with SNMP ii</p></li><li><p>Configuring PATROL for SNMPConfiguring the PATROL SNMP Master Agent . . . . . . . . . . . . . . . 17The PATROL Agent SNMP Support Variables . . . . . . . . . . . . . . . . 19PATROL Agent SNMP Interested Managers . . . . . . . . . . . . . . . . . 20</p><p>Variables for Configuring the Agent with SNMP . . . . . . . . . . . 21When Configuration Changes Take Effect . . . . . . . . . . . . . . . . 21</p><p>Testing Agent SNMP Trap Sending . . . . . . . . . . . . . . . . . . . . . . . . 22The PATROL MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23</p><p>PATROL MIB TreeObjects Table . . . . . . . . . . . . . . . . . . . . . . 24PATROL MIB TreeVariables Table . . . . . . . . . . . . . . . . . . . . . 25PATROL MIB TreeApplications Table . . . . . . . . . . . . . . . . . . 26PATROL MIB TreeInstances Table . . . . . . . . . . . . . . . . . . . . . 28PATROL MIB TreeTrap Table . . . . . . . . . . . . . . . . . . . . . . . . 30</p><p>Using PSL to Control PATROL and SNMPListening for SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Sending SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Starting and Stopping the SNMP Sub-Agent . . . . . . . . . . . . . . . . . 34Getting and Setting MIB Variables . . . . . . . . . . . . . . . . . . . . . . . . . 35Using PSL to Change the Registered SNMP Manager List . . . . . . 36Debugging PSL Functions for SNMP . . . . . . . . . . . . . . . . . . . . . . . 36Interpreting Error Messages from PSL Functions . . . . . . . . . . . . . . 37</p><p>Using SNMP to Send TrapsMethods of Sending SNMP Traps . . . . . . . . . . . . . . . . . . . . . . . . . . 38PATROL Event Manager and SNMP Traps . . . . . . . . . . . . . . . . . . 39Standard Event Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40</p><p>Configuring the Event Catalog for SNMP Traps . . . . . . . . . . . 42Altering Event Classes for Trap Notification . . . . . . . . . . . . . . . . . 43Configuring the List of Recipients for SNMP Traps . . . . . . . . . . . . 43Configuring the Agent for SNMP Trap Sending . . . . . . . . . . . . . . . 44</p><p>PATROL Agent SNMP Configuration VariablesItems That Cannot Be Changed . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Changing the PATROL Master Agent Directory and Start Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Changing the Events That Trigger SNMP Traps . . . . . . . . . . . . . . . 50Changing Whether PSL Supports SNMP . . . . . . . . . . . . . . . . . . . . 51Changing SNMPV1 Managers That Get SNMP Traps from the Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Changing the MIB File That the Agent Uses for SNMP . . . . . . . . . 52Changing Port Information for PSL SNMP Functions . . . . . . . . . . 52Changing Community Names for SNMP Operations . . . . . . . . . . . 53Changing Retry and Timeout for PSL and SNMP Operations . . . . 54Changing Whether SNMP Is Started with Agent . . . . . . . . . . . . . . 54</p><p>Appendix A: ASN.1Branch Object Identifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Leaf Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56</p><p>Object Syntax Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57Integrating PATROL with SNMP iii</p></li><li><p>Integrating PATROL with SNMP 1</p><p>This paper introduces SNMP, provides an overview of SNMP architecture, provides an overview of the PATROL SNMP architecture, and provides information on implementing SNMP in your PATROL environment. </p><p>This paper explains what components of the PATROL Agent are required to implement SNMP, why these components are required, and how to access the PATROL MIB and other MIBs using the PATROL Agent. </p><p>The following topics are covered:</p><p>SNMP an Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2PATROL SNMP Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Configuring PATROL for SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Using PSL to Control PATROL and SNMP . . . . . . . . . . . . . . . . . . . 33Using SNMP to Send Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38PATROL Agent SNMP Configuration Variables . . . . . . . . . . . . . . . 46Appendix A: ASN.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Integrating PATROL with SNMP 1</p></li><li><p>SNMP an Introduction 2</p><p>SNMP was born out of the U.S&gt; Department of Defenses Advanced Research Projects Agencys efforts to manage their expanding network of systems from different vendors. Three solutions were proposed:</p><p> High-level Entity Management System (HEMS) Simple Network Management Protocol (SNMP) CMIP</p><p>CMIP was chosen as the preferred solution, but SNMP evolved out of CMIP as a short-term solution.</p><p>SNMP has been very successful because it is light and flexible. Since SNMP is a light-weight communications protocol, it adds very little traffic to a network that it is managing. Additionally, SNMPs simple design allows users to expand the applications that are monitored by SNMP very easily.</p><p>The original specification for SNMP (V1) caught on quickly but exposed a few deficiencies:</p><p> bugs security</p><p>To address these deficiencies SNMP V2 was introduced, but disagreements about security methods led to V2 dropping its security solution. However, V2 did manage to fix some bugs and introduce new data types and message formats. Recently, V3 has been proposed and provides a security solution. </p><p>This paper address SNMP V1 with little reference to V2 tolerance.Integrating PATROL with SNMP 2</p></li><li><p>The SNMP StandardSNMP can be viewed in many different ways, but the perspective presented here will be that SNMP is actually three distinct standards:</p><p> a standard message format a standard set of managed objects a standard way of adding objects</p><p>Standard Message Format</p><p>SNMP has a standard communication protocol that defines a message format. The messages are encoded into a protocol called Protocol Data Units (PDU). PDU messages are exchanged by SNMP devices. While the format of the PDU messages is very complex, it is generally hidden by the network management software. This part of the standard is highly involved and of little interest to users, but on the other hand PDU is of great interest to SNMP programmers.</p><p>Message Types</p><p>Four types of SNMP messages are defined that allow you to get values from the managed object, set values on the managed object, and allow the managed object to communicate with the network manager:</p><p> get request get next request set request trap message</p><p>PDU</p><p>SNMP works very simply. It exchanges network information through messages (technically known as protocol data units (or PDUs)). From a high-level perspective, the message (PDU) can be looked at as an object that contains variables that have both titles and values. </p><p>There are four basic PDUs that SNMP employs to monitor a network: two deal with reading terminal data, one deals with setting terminal data, and one is used for monitoring network events such as terminal start-ups or shut-downs. </p><p>Therefore, if you want to see if a terminal is attached to the network, you would use SNMP to send out a read PDU to that terminal. If the terminal was attached to the network, you would receive back the PDU, its value being yes, the terminal is attached. If the terminal was shut off, you would receive a packet sent out by the terminal being shut off informing you of the shutdown. In this instance a trap PDU would have been dispatched by the terminal. Integrating PATROL with SNMP 3</p></li><li><p>Get Request</p><p>Specific vales can be obtained from a device using the get request. Typically, many different values can be obtained from a device using SNMP without the overhead associated with logging into the device, or establishing a TCP connection with the device.</p><p>Get Next Request</p><p>With the get next request, SNMP managers can walk through all the SNMP values of a device to discover all the names and values that the device supports. This is accomplished by starting with the value of the first SNMP object and then using the get net request until there are no more SNMP objects to get. The process of using the get next request to obtain the values of all the SNMP objects is referred to as walking the objects.</p><p>Set Request</p><p>The set request provides a mechanism by which devices can managed using SNMP. With the set request, SNMP can be used to accomplish activities such as disabling interfaces, disconnecting users, clearing registers, and more on the managed device.</p><p>Trap Message</p><p>The trap message allows the SNMP managed device to communicate with the manager. This allows the device to notify the manager of specific problems. Typically, the use of traps requires each device on the network to be configured to issue SNMP traps to one or more network devices that are awaiting or listening for the traps.</p><p>Standard Set of Managed ObjectsSNMP is a standard set of values (SNMP objects) that can be queried from a device. Specifically, the standard includes values for monitoring TCP, IP, UDP, and device interfaces. Each manageable object is identified with an official name, and also with a numeric identifier expressed in dot notation.</p><p>The list of SNMP objects and their values is often referred to as the SNMP Management information Base (MIB). The MIB is simply an abstraction like database that represents all the SNMP objects or any portion of the data associated with the network. </p><p>The various SNMP values in the standard MIB are defined in RFC-1213 (one of the governing specifications for SNMP). The standard MIB includes various objects to measure and monitor IP activity, TCP activity, UDP activity, IP routes, TCP connections, interfaces, and general system information. Each of these values is associated with an official name and a numeric value in dot notation. For example, the elapsed time since a managed object was booted is represented as one of the following values:</p><p> sysUpTime 1.3.6.1.2.1.1.3.0Integrating PATROL with SNMP 4</p></li><li><p>Usually, the tendency is to use the name of the MIB object instead of the numerical identifier. much like the way host names are used instead of IP addresses on the Web.</p><p>See MIB Structure and Objects on page 5 for more information on the description of MIB objects.</p><p>MIB Structure and ObjectsTo use SNMP effectively, users need to become acquainted with the SNMP MIB which defines all the values that SNMP is capable of reading or setting. Each SNMP object is defined to have a particular access, either read-only, read-write, or write-only that determines what can be done to the object. </p><p>MIB Object Access ValuesBefore any object can be manipulated the SNMP community name must be known. Community names are configured into the system by the administrator, and can be viewed as passwords required for to SNMP objects to be manipulated. Community names exist to allow portions of the MIB and object subsets to be referenced. As the term community implies, the true purpose of these values is to identify commonality between SNMP object sets. Is is common to make the community strings obscure to limit access to SNMP capability by outside users.</p><p>MIB Tree Structure</p><p>The SNMP MIB is arranged in a tree-structure, similar to the directory structure of files on a disk. The top-level SNMP branch begins with the ISO internet directory that contains four branches:</p><p> mgmtthis branch contains the standard SNMP objects that are supported by most network devices.</p><p> privatethis branch contains the extended SNMP objects that are defined by network equipment vendors.</p><p> experimentalthis branch usually contains no meaningful data or objects. directorythis branch usually contains no meaningful data or objects.</p><p>The MIB is a tree structure much like a file directory structure. The top five levels of the MIB tree are constant, and all other MIBs are added to those branches. Figure 3 on page 6 shows the top of the MIB object tree:Integrating PATROL with SNMP 5</p></li><li><p>Figure 3 MIB Object Tree</p><p>The tree structure is an integral part of the SNMP standard. and the most important parts of the tree are the leaf objects that provide actual management data regarding the devices. Generally, the leaf objects are divided into two groups that reflect the organization of the tree structure.</p><p> discrete MIB objects contain one piece of information table MIB objects contain multiple pieces of information</p><p>Discrete and table objects are identified by their extensions. Discrete objects have a .0 (dot-zero) extension added to their name indicating that they are discrete objects...</p></li></ul>