Académique Documents
Professionnel Documents
Culture Documents
SNMP
• Application layer protocol
Simple Network Management Protocol • Runs over UDP, CLNS, DDP, IPX
Jerry Martin
• Basic Components:
– Managed devices
– Agents
– Network-management systems (NMS)
1
Management Information Base
(MIB)
• Information hierarchy
2
SNMPv3 Engine SNMPv3 Messages
• Unique ID for each engine on the network • Composed of 3 parts:
• Each managed device/NMS has its own – Message header
engine • Contains Version, ID, Size, Flags
SNMPv3 Message
msgFlags
• reportableFlag
– If set to 1, Report PDU must be returned
– This is always set to 1 in Get,Set, Inform
– Only used when PDU can’t be decoded, send back an
error message
• privFlag
– Apply encryption if 1.
• authFlag
– Apply Authorization if 1.
3
Authentication Authentication
• Secret-Key Authentication • Timeliness Verification
– Two communicating entities share an – Protects against replay attacks
authentication key – Uses snmpEngineBoots, snmpEngineTime
– Uses msgAuthenticationParameters field fields
– The code is a function of message contents, the – If boot values match and time values are within
ID of principal and engine, time of 150 seconds, then it is a timely message
transmission, and secret key
References
• http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/
snmp.htm
• http://www.cisco.com/warp/public/759/ipj_3.pdf
• http://www.ibr.cs.tu-bs.de/ietf/snmpv3/
• http://www.cisco.com/warp/public/535/3.html