www.bmc.com
1© 1999 BMC SOFTWARE, INC.2/10/00
SNMP in Patrol
Eugene GolovinskyBMC Software,SNMP technology group
www.bmc.com
2© 1999 BMC SOFTWARE, INC.2/10/00
SNMPSimple Network Management Protocol
3
© 1999 BMC SOFTWARE, INC.2/11/00
Why was SNMP invented ?
Designed to run on non-OS systems, later used in various ways for monitoring
No “BRAINS”
SNMP Agent
THE “BRAINS”
SNMP Manager
Maybe no (Free) Cpu Maybe no (Free) Memory Must be able to run everywhere
Real OS Contained all intelligence Made all decisions
4
© 1999 BMC SOFTWARE, INC.2/11/00
Protocol, its versions and extentions
What is SNMP About the protocol versions
SNMPv1, SNMPv2 ( c ) and SNMPv3
Some other things:RMON, RMON 2, SMI's and MIB's
SNMPv3 - as a future path for SNMP community ?
5
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP implementations
TransportTransport protocol (UDP/IP)BER (iso 8825) - Basic Encoding Rules
TLV (Type, Length, Value) encoding
VersionsSNMPv1SNMPv2SNMPv3
OSI network management implementationCMIP - CMOT ( used primarily in telephony along with
SNMP)
6
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP Syntax - SMI
ASN.1 (iso 8824 - “abstract notation one”)SMI uses a subset of ASN.1
Well defined syntax for information exchange
comparable in functionality with XML
7
© 1999 BMC SOFTWARE, INC.2/11/00
SNMPv3
New Draft Standard with enhanced SecurityUser Based security model (rfc 2574)
Administration
Security (authentication, privacy and message integrity)
View based access (VACM)
8
© 1999 BMC SOFTWARE, INC.2/11/00
RMON (Remote Network Monitoring)
IETF rfc 1271 / rfc 1757 / rfc 1513Physical Layer Management using probes (HW-SW)Extend SNMP functionality
RMON MIB : contains RMON dataPreventive Management : threshold based notificationStatistics/History of data, Packet capturing, Host tables,…Operation modes
Online Offline On Demand
9
© 1999 BMC SOFTWARE, INC.2/11/00
RMON2
Continued on RMON (rfc 2021)Statistics on network and upper layersAll of the leading probe vendors support it
NetScout, Technically Elite, Solcom, HP, 3Com, Bay, Cisco, Cabletron
Difficult to use all features because of vendor specific implementations
10
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP References
SNMP v1 RFCs 1155 SMI 1157 protocol 1212 Concise MIB 1213 MIB2 1215 traps
SNMP v2 RFCs historical
See also : The Simple Web http://snmp.cs.utwente.nl/
SNMP v2C RFCs 1902-1907
SNMP v3 RFCs 1905-1907 2571-2575 2578-2580
http://www.ietf.org
11
© 1999 BMC SOFTWARE, INC.2/11/00
UDP vs. TCP connection
UDP
RMRM
Agents
Console
Console
Agents
TCP• connectionless• scalable• not reliable
• connection oriented• used to be non-scalable• reliable
12
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP : Underlying Transport
UDP/IP implications unreliable no confirmation or guarantee order uncertain may duplicate
unsecure No authentication on transport layer No verification of origin (message spoofing) No integrity (message can be tampered with)
13
© 1999 BMC SOFTWARE, INC.2/11/00
The SNMP Agent
What is an SNMP agent ? Components :
MIB (the MIB in memory) request handling trap sending
14
© 1999 BMC SOFTWARE, INC.2/11/00
Multiple SNMP Agents on 1 system
Conflict : only 1 process can listen on a portSolutions :SMUX (SNMP Multiplexer)AgentX - Agent Extensibility (rfc 2741)Emanate (proprietary SNMP Research)
161
MasterAgent
Sub agent
Sub agent
Sub agent
Application
Application
Device
15
© 1999 BMC SOFTWARE, INC.2/11/00
MIB (Management Information Base)
The MIB definition textual description of MIB layoutWritten in SMI : Structure of Management Information
SMI (the MIB definition language)Support for multiple datatypesSupport for data definitions : indexed tables, structures,
values,...
16
© 1999 BMC SOFTWARE, INC.2/11/00
NAMING in SNMP
Naming hierarchyunique identifier, down to the instance of any object1.3.6.1.4.1.1031 is the OID of the BMC Software subtree;Object identifier is the name
iso1
3 org
6 dod
1 internet
2mgmt
4private
1 enterprises
442 1031enterpriseID
peerBMC Company X
Whatever you like
17
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP Management
Remote Management :
From a geographically separate location configure monitor control
a remote system application device OS
Management console
Mgmt info, i.e., interesting info
“application”
Managed system
Mgmt protocol
18
© 1999 BMC SOFTWARE, INC.2/11/00
Management Operations,SNMP requests and responses
Get, Get Next, SetSNMPv1 responses are sent back
Get Bulk (SNMPv2)
Unsolicited Traps from Agent (v1)
Informs (v2 and v3) - confirmed traps
19
© 1999 BMC SOFTWARE, INC.2/11/00
Request handling
SNMP Agent gets request from mgr listens on specific port : typically 161 receives request : request ID + OID
Lookup of OID in memoryPerforms operation if possibleSNMP Agent sends response
request ID OID value error status + index
Similar for get-next operation returns next OID in tree
20
© 1999 BMC SOFTWARE, INC.2/11/00
Trap sending
SNMP Agent sends7 predefined Generic trap types (0-6)
0-5 = Standard traps
6 = Enterprise Specific
Sends to port 162 (default) on trap receiving machine
Trap destinations has to be configuredPatrol : /snmp/piV1m_list
21
© 1999 BMC SOFTWARE, INC.2/11/00
The SNMP Manager
What is an SNMP manager ?
Components :present MIB info (display MIB files)send requests listen for traps
22
© 1999 BMC SOFTWARE, INC.2/11/00
Sending Requests
Timebased pollingUser based requests
Authentication :SNMPv1 : community names for r/w (most of the
times, just private/public)SNMPv3 does it with MD5
23
© 1999 BMC SOFTWARE, INC.2/11/00
Listening for traps
Only one process can listen on a portThat means only one trap listener per system !
Solution :PATROL : trap demultiplexer (Dietmar
Hildebrand)No PATROL : (write your own)
24
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP++
Initial HP initiative, now Open SourceObject oriented development approach to
SNMPv1,v2c,v3High level APIPrimary focus on network management
application developer
References :http://rosegarden.external.hp.com/snmp++
http://www.simple-times.org/pub/simple-times/issues/7-1.html
www.bmc.com
25© 1999 BMC SOFTWARE, INC.2/10/00
??? Questions ???
www.bmc.com
26© 1999 BMC SOFTWARE, INC.2/10/00
PATROL SNMP Functionality
27
© 1999 BMC SOFTWARE, INC.2/11/00
Patrol SNMP Master and Sub Agent
Only needed when accessing PATROL MIB data !!
Patrol MIB data is KM data
Not needed for :receiving trapssending trapsget/set/walk/... operations
28
© 1999 BMC SOFTWARE, INC.2/11/00
Patrol SNMP Master agent configuration
See file ./lib/snmpmagt.cfg default port used to be 1161, community public
No need for BMC master agent if SMUX compatible Master Agent available (eg. AIX)
What about HP ?They use emanate master agent (proprietary from SNMP
Research) Run 2 master agents, one on 161 (default) and one on 1161
(Patrol)
29
© 1999 BMC SOFTWARE, INC.2/11/00
Starting Patrol SNMP sub-agent
PATROL SNMP sub-agent can be manually started and stopped from PSLsnmp_agent_start()
starts SNMP sub-agent
snmp_agent_stop()stops SNMP sub-agent
snmp_agent_config() tells if SNMP agent functionality is active
30
© 1999 BMC SOFTWARE, INC.2/11/00
PATROL Agent as SNMP sub agent
Ability to send traps
Has an accessible MIBTo access MIB, the master agent must be set up correctly
31
© 1999 BMC SOFTWARE, INC.2/11/00
SNMP Traps in Patrol
Automatically :When Patrol event occursTrap destinations : piV1m_List ( + /snmp/trapMibTable=yes)Filter possibility (see config.default for filter options)Through Master Agent or without Master Agent
trapMibTable(yes), trapConfTable (no) - default
From PSL snmp_trap_send : full controlsnmp_trap_raise_std_trap : uses piV1m_List
32
© 1999 BMC SOFTWARE, INC.2/11/00
PATROL Agent MIB
33
© 1999 BMC SOFTWARE, INC.2/11/00
Objects Table
Contains all the “nodes” from thePATROL namespace, starting fromthe PATH defined in objectsCwd(=objects Current Working Dir)
34
© 1999 BMC SOFTWARE, INC.2/11/00
variablesTable
Contains all the “leaves” from thePATROL namespace, starting fromthe PATH defined in objectsCwd(=objects Current Working Dir)
35
© 1999 BMC SOFTWARE, INC.2/11/00
Browsing PATROL namespace
Set objectCwd to the tree you want to inspect for example “/”
Go to the desired “node” get the “objectsTable”, you see NT_CPU set objectCwd to “/NT_CPU” … pick inst from objectsTable set objectCwd to “/NT_CPU/CPU_0”… pick param from objectsTable set objectCwd to “/NT_CPU/CPU_0/CPUCpuUtil”
Read the wanted values get the “variablesTable” to find all the attributes
including its value
Problem : No way to protect objectsCwd : other PSL script can change its value in the same time !
36
© 1999 BMC SOFTWARE, INC.2/11/00
applicationsTable
Contains all the applicationsloaded in the agent and indexed by application ID
37
© 1999 BMC SOFTWARE, INC.2/11/00
applInstTable
Contains all the instancesdiscovered in the agent.Indexed application ID andinstance ID
38
© 1999 BMC SOFTWARE, INC.2/11/00
parametersTable
Contains all the parametersin the agent.Indexed by application ID,instance ID and parameter OID
39
© 1999 BMC SOFTWARE, INC.2/11/00
Table relationshipsapplicationsTable
id name state ….
0 SOLARIS 0 ….1 CPU 0 ….
2 DISK 0 ….
3 KERNEL 0 ….
4 NFS 0 ….
... …. …. ….
applInstTable
id name status ….
... …. …. ….1.50 CPU 0 ….
2.60 sd5 0 ….
2.61 nfs1 0 ….
2.70 idehd01 0 ….
... …. …. ….
parametersTable
id name value ….
... …. …. ….2.60.150 DSKTps 0 ….
2.61.270 DSKTps 0 ….
2.61.289 DSKBps 0 ….
2.70.300 DSKAvgS.. 0 ….
... …. …. ….
40
© 1999 BMC SOFTWARE, INC.2/11/00
Accessing PATROL namespace
Look for the application in “applicationTable”Use that index to get the instances from the
application in “applInstTable”Use both indexes to get the parameters from the
“parametersTable”Get the required attribute from your parameter
This method is “safe” but requires some processing
41
© 1999 BMC SOFTWARE, INC.2/11/00
Direct namespace access
“Hooked” on OID of : .variablesTable.variableEntry.variableValue
Need conversion of namespace variable<length> = length of namespace variable<conv> = ascii to value conversion of namespace variable
for example : /CPU = 47.67.80.85
Simply get : bmc.1.1.1.5.1.4.<len>.<conv>
Result :Fastest Namespace accessnot useful for namespace “discovery”Not “walk-able”
42
© 1999 BMC SOFTWARE, INC.2/11/00
Execute PSL through SNMP
Set variable “agentExecuteCommand”
Agent will execute immediately
Fail/Success from return value of snmp_set()
43
© 1999 BMC SOFTWARE, INC.2/11/00
PATROL Agent as SNMP Manager
Receiving traps
Getting information from SNMP agents
No Master Agent is needed for this !
44
© 1999 BMC SOFTWARE, INC.2/11/00
Using PSL to Receive traps
PSL functions :snmp_trap_listen : start listening for traps (open socket)
starts accumulating traps
snmp_trap_ignore : close all listeners (close socket)
snmp_trap_receive : process incoming traps (block/poll based) only 1 per agent
45
© 1999 BMC SOFTWARE, INC.2/11/00
Using PSL to Get info from SNMP Agents
What is an SNMP session in PATROL ?snmp_open() : opens an SNMP sessionsnmp_close() : closes an SNMP sessionsnmp_config() : lists the SNMP sessions
No real session (like TCP session) because SNMP = connectionless / stateless
just a memory structure, so ...Easier for the developer … open session once, reuse the
session with the session attributes !Allows you to set timeouts/retries/port Faster
46
© 1999 BMC SOFTWARE, INC.2/11/00
PSL functions for SNMP managers
SNMPv1 management functionssnmp_(h_)...snmp_...
Plussnmp_walk
No support for v3 !!Security and administration, get bulk, more
datatypes
47
© 1999 BMC SOFTWARE, INC.2/11/00
Q & A
concerns and problems
future