Embed Size (px)
Citation preview
POSTECH DP&NM Lab
1
Net-SNMP
J. Won-Ki Hong
Dept. of Computer Science and Engineering
POSTECH
Tel: 054-279-2244
Email: [email protected]
POSTECH DP&NM Lab
2
Contents
• Net-SNMP Package
• History of Net-SNMP
• Applications of Net-SNMP
• Trap Daemon
• Architecture of Net-SNMP Agent
• How to extend SNMP agents with Net-SNMP
• Net-SNMP URL: www.net-snmp.org
POSTECH DP&NM Lab
3
Net-SNMP Package (1/2)• Net-SNMP is a suite of applications used to
implement SNMPv1, SNMPv2c and SNMPv3 using both IPv4 and IPv6 and includes
• Command-line applications to: – retrieve information from an SNMP-capable device, either
using single requests (snmpget, snmpgetnext), or multiple requests (snmpwalk, snmptable, snmpdelta).
– manipulate configuration information on an SNMP-capable device (snmpset).
– retrieve a fixed collection of information from an SNMP-capable device (snmpdf, snmpnetstat, snmpstatus).
– convert between numerical and textual forms of MIB OIDs, and display MIB content and structure (snmptranslate).
POSTECH DP&NM Lab
4
Net-SNMP Package (2/2)
• A graphical MIB browser (tkmib), using Tk/perl.
• A daemon application for receiving SNMP notifications (snmptrapd).
• An extensible agent for responding to SNMP queries for management information (snmpd).
• A library for developing new SNMP applications, with both C and perl APIs.
POSTECH DP&NM Lab
5
History of Net-SNMP
• Originally based on the Carnegie Mellon University implementation (1992)
• University of California at Davis SNMP extends CMU-SNMP, calls UCD-SNMP (1995)
• UCD-SNMP moves to Net-SNMP in April, 2002 (Web sites also moves from www.ucd-snmp.net to www.net-snmp.net)
• Now, Net-SNMP 5.7 released• More detailed history can be found at
http://www.net-snmp.org/about/history.html
POSTECH DP&NM Lab
6
Applications (1)• Common Options
-c community -v 1 | 2c | 3 -r retries -t timeout -p port
• snmpget [COMMON OPTIONS] [-Cf] OID [OID]... – SNMP application that uses the SNMP GET request to query
for information on a network entity – e.g., snmpget -c public localhost system.sysDescr.0 – Result) system.sysDescr.0 = Linux enterflex2.postech.ac.kr …
POSTECH DP&NM Lab
7
Applications (2)• snmpset [COMMON OPTIONS] OID TYPE VALUE
– SNMP application that uses the SNMP SET request to set information on a network entity
– Type: i (INTEGER), u (UNSIGNED), s (STRING)…– e.g., snmpset -c private -v 1 localhost system.sysContact.0 s
• snmpwalk [APPLICATION OPTIONS] [COMMON OPTIONS] [OID] – SNMP application that uses SNMP GETNEXT requests to
query a network entity – Retrieves lots of data, a part of MIB tree (subtree) at once– e.g., snmpwalk -c public localhost system– Result) system.sysDescr.0 = …
system.sysObjectID.0 = … system.sysUpTime.0 = …
POSTECH DP&NM Lab
8
Applications (3)• snmpstatus [COMMON OPTIONS]
– SNMP application that retrieves several important statistics from a network entity.
– The IP address of the entity. sysDescr.0 / sysUpTime.0 /…– e.g., snmpstatus -c public -v 1 localhost– Result) [127.0.0.1] [Linux enterflex2 .postech . ac .kr 2.4.7-10
#1 Thu Sep 6 17 :27:27 EDT 2001 i386 ]…
• snmptranslate [OPTIONS] OID [OID]... – Application that translates SNMP object identifier values from
their symbolic (textual) forms into their numerical forms– e.g., snmptranslate system.sysUpTime.0 – Result) .1.3.6.1.2.1.1.3.0
POSTECH DP&NM Lab
9
Applications (4)• snmptrap [COMMON OPTIONS] [-Ci] enterprise-oid
agent generic-trap specific-trap uptime [OID TYPE VALUE]– SNMP application that uses the SNMP TRAP operation to send
information to a network manager – Definition)
TRAP-TEST-MIB DEFINITIONS ::= BEGINIMPORTS ucdExperimental FROM UCD-SNMP-MIB;demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 }demo-trap TRAP-TYPE
STATUS current ENTERPRISE demotraps VARIABLES { sysLocation } DESCRIPTION "This is just a demo" ::= 17
END – e.g., snmptrap –v 1 -c public host TRAP-TEST-MIB::demotraps
localhost 6 17 '' SNMPv2-MIB::sysLocation.0 s "Just here"
POSTECH DP&NM Lab
10
Applications (5)
• Other SNMP applications: – snmpgetnext: retrieving unknown indexed data. – snmpbulkwalk: uses SNMP GETBULK requests to
query a network entity – snmptable: displaying table.– snmpnetstat: symbolically displays the values of
various network-related information retrieved from a remote system using the SNMP protocol
POSTECH DP&NM Lab
11
Trap Daemon
• snmptrapd [OPTIONS][LISTENING ADDRESSES] – SNMP application that receives and logs SNMP
TRAP – the default is to listen on UDP port 162 – snmptrapd is displayed as follows – Result) 1999-11-12 23:26:07 localhost
[127.0.0.1] TRAP-TEST-MIB::demotraps: Enterprise Specific Trap (demo-trap) Uptime: 1 day, 5:34:06 SNMPv2-MIB::sysLocation.0 = "Just here"
POSTECH DP&NM Lab
12
Architecture of SNMP Agent
SNMP
MANAGER
SNMP
MANAGER
Managed System
Mgmt.BackendInterface
Mgmt.BackendInterface
EmbeddedSystem
Application
EmbeddedSystem
Application
SNMP Agent
BER Decoder & Encoder
BER Decoder & Encoder
Message Parser
Message Parser
Operation ProcessorOperation Processor
Message GeneratorMessage Generator
TrapMonitor
TrapMonitor
ConnectionListener
ConnectionListener
Request
Response/ Trap
POSTECH DP&NM Lab
13
How to Extend (1)1. Define a private MIB: Example of Cluster MIB
POSTECH DP&NM Lab
14
How to Extend (2)2. Download net-snmp-5.7.1.tar.gz
3. Decompress the file in your home directory command: gtar xvfz net-snmp-5.7.1.tar.gz
4. Compile default SNMP agent– cd net-snmp-5.7.1– ./configure --prefix=“/usr/local/net-snmp”– make– umask 022– make install
POSTECH DP&NM Lab
15
How to Extend (3)6. Install SNMP perl module for using mib2c
• cd net-snmp-5.7.1• cd perl• perl Makefile.PL -NET-SNMP-CONFIG=“sh ../net-
snmp-config” -NET-SNMP-IN-SOURCE=true • make • make test• make install
POSTECH DP&NM Lab
16
How to Extend (4)7. Compile the private MIB file using mib2c
• cd net-snmp-5.7.1• cd local• mkdir cluster• copy the private mib in the current directory
ex) cp ~mjchoi/cluster.my ./cluster.my• export MIBS=ALL• MIBS=./cluster.my• mib2c -c mib2c.scalar.conf generalInfo• mib2c -c mib2c.scalar.conf currentStatus• mib2c -c mib2c.array-user.conf loadBalancer• mv generalInfo.* cluster• mv currentStatus.* cluster• mv loadBalancer.* cluster• cp –r cluster ../agent/mibgroup/.
POSTECH DP&NM Lab
17
How to Extend (5)8. Code the extension agent
• Header file: add necessary definitions• C file
(1) Module definition: the code defining the contents of the MIB
e.g., static oid clusterName_oid[] = { 1, 3, 6, 1, 3, 1, 1, 1, 0 }; (2) Module initialization: initialization before they can start
providing the necessary information
e.g., netsnmp_register_instance(netsnmp_create_handler_registration
("clusterName", do_clusterName, clusterName_oid,
OID_LENGTH(clusterName_oid),
HANDLER_CAN_RWRITE));
POSTECH DP&NM Lab
18
How to Extend (6)8. Code the extension agent
(3) Variable handling: actually handles a request for a particular variable instance e.g., char clusterName[NAME_LEN];
int *var_len; (4) Non-table-based modules: the request handling routine is to
retrieve any necessary scalar data e.g.,
switch (reqinfo->mode) { case MODE_GET: snmp_set_var_typed_value(requests->requestvb, ASN_OCTET_STR, (u_char *) clusterName, var_len); break;
… }
POSTECH DP&NM Lab
19
How to Extend (7)8. Code the extension agent
(5) Simple tables: process a simple table with limited table indexe.g., int serviceTable_handler(netsnmp_mib_handler *handler, netsnmp_handler_registration *reginfo, netsnmp_agent_request_info *reqinfo, netsnmp_request_info *requests) { … switch (reqinfo->mode) { case MODE_GET: switch (table_info->colnum) { case COLUMN_SRINDEX: snmp_set_var_typed_value(var, ASN_INTEGER, …);
break; … } … } …}
POSTECH DP&NM Lab
20
How to Extend (8)8. Code the extension agent
(6) General tables: process a general table, which the maximum index is not determinable e.g., Init_{Name}_Entry(); // Perform any necessary initialization while (( index = Get_Next_{Name}_Entry() ) != EndMarker ) { construct OID from vp->name and index compare new OID and request if valid { save current data if finished // exact match, or ordered table break; // so don't look at any more entries } … } …
POSTECH DP&NM Lab
21
How to Extend (9)8. Code the extension agent (7) Set-able object: the handling of SNMPSET
e.g., switch (reqinfo->mode) {… case MODE_SET_ACTION: // XXX: perform the value change here if ( /* XXX: error? */ ) { netsnmp_set_request_error(reqinfo, requests, “error_msg.”); } break; case MODE_SET_COMMIT: // XXX: delete temporary storage if ( /* XXX: error? */ ) { netsnmp_set_request_error(reqinfo, requests, SNMP_ERR_COMMITFAILED); } break; }…
POSTECH DP&NM Lab
22
How to Extend (10)9. Compile the MIB extension and generate SNMP
daemon• ./configure --with-mib-modules=“cluster/generalInfo,
cluster/currentStatus, cluster/loadBalancer”• cd agent• make • ./snmpd –c config_file (ex) ./snmpd –c /etc/snmp/snmpd.conf
– snmpd [OPTIONS] [LISTENING ADDRESSES]
– SNMP agent which binds to a port and awaits requests from SNMP management software.
– collects the requested information and/or performs the requested operations and returns the information to the sender.
– By default, snmpd listens for SNMP requests on UDP port 161.
POSTECH DP&NM Lab
23
How to Extend (11)10.Modify snmpd.conf for SNMP community
# First, map the community name
# sec.name source community
com2sec clusterUser default postech
# Second, map the security name into a group name:
# groupName securityModel securityName
group clusterGroup v1 clusterUser
# Third, create a view for us to let the group have rights to:
# name incl/excl subtree mask(optional)
view mibview included .iso.org.dod.internet
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access clusterGroup "" any noauth exact mibview mibview none
POSTECH DP&NM Lab
24
Good-Luck &
Have Fun!
![Faculty of Science25/2/2563 Mail — opinter@mahidol.ac.th [POSTECH 2020 FALL] Call for Exchange Nomination Monica No (POSTECH) Mon 17/02/2020 07:16](https://img.pdfslide.us/doc/110x75/60985a1f7206ed2cd729e9c9/faculty-of-science-2522563-mail-a-opintermahidolacth-postech-2020-fall.jpg)
