\documentclass{ictlab} % Copyright (c) 2003 by Nick Urbanik . % This material may be distributed only subject to the terms and % conditions set forth in the Open Publication License, v1.0 or later % (the latest version is presently available at % http://www.opencontent.org/openpub/). \RCS $Revision: 1.4 $ \usepackage{verbatim,alltt} \usepackage[hang,bf,nooneline]{caption2} \ifx\pdftexversion\undefined \else \usepackage[pdfpagemode=None,pdfauthor={Nick Urbanik}]{hyperref} \fi \newcommand*{\labTitle}{An Introduction to the SNMP Protocol: The MIB Tree} \providecommand*{\SNMP}{\acro{SNMP}\xspace} \providecommand*{\MIB}{\acro{MIB}\xspace} \providecommand*{\ID}{\acro{ID}\xspace} \providecommand*{\OID}{\acro{OID}\xspace} \renewcommand{\floatpagefraction}{0.75} % default is .5, to increase % density. \renewcommand*{\bottomfraction}{0.6} % default is 0.3 \renewcommand*{\topfraction}{0.85} % default is 0.7 \renewcommand*{\textfraction}{0.1} % default is 0.2 \begin{document} \section{Background:} The Net SNMP programs are available from \url{http://net-snmp.sourceforge.net/}. They implement the \SNMP protocol versions 1, 2 and 3. They also provide an \SNMP library, which you can use in applications, written in a number of languages. There is also a Perl binding to this library, called \texttt{SNMP}. These tools are useful particularly since they implement aspects of the protocol in a simple, understandable way, and are ideal for learning about the \SNMP protocol. \subsection{The MIB Tree} \label{sec:mib-tree} We use \SNMP to get values from, and to set values in \emph{managed objects}. These \emph{managed objects} are arranged so that each has an \emph{Object ID}, or \OID. The \OID has two representations: a series of numbers separated by dots, or a series of names, also separated by dots. These \OID{}s are arranged in a tree structure, called the \emph{MIB tree}. The abbreviation \MIB stands for \emph{Management Information Base}\@. Figure~\vref{fig:smi-object-tree} shows a small part of the tree. The \OID{}s are a little bit like an \IP address in that they uniquely identify a managed object on a particular \emph{agent} (see section~\vref{sec:agent-and-manager}). %% % \enlargethispage{3\baselineskip} %% \begin{figure}[htb] %% %\begin{minipage}[c]{0.48\textwidth} %% \caption{\acro{MIB} tree.} %% \label{fig:smi-object-tree} %% \end{minipage} %% \hspace*{0.04\textwidth}% %% \begin{minipage}[c]{0.48\textwidth} %% \includegraphics[width=40em]{smi-object-tree} %% \end{minipage} %% \end{figure} % \enlargethispage{3\baselineskip} \begin{figure}[htb] \centering% \includegraphics[width=40em]{smi-object-tree} \caption{The \acro{MIB} tree.} \label{fig:smi-object-tree} \end{figure} \subsection{The MIB Files} \label{sec:mib-files} The \MIB tree structure is described in a set of files on your hard disk, in the directory \texttt{/usr/\allowbreak{}share/\allowbreak{}snmp/\allowbreak{}mibs}. We will study the structure of these \MIB files in later exercises. Each of these \MIB files contains descriptions of a set of managed objects that an agent can provide. The tool \texttt{snmptranslate} can query the information in these files, and can show information about the \MIB tree. \subsection{Agent and Manager} \label{sec:agent-and-manager} \begin{figure}[htb] \centering% \includegraphics{request-response} \caption{A manager sends an \SNMP request to an agent, which responds to the manager.} \label{fig:request-response} \end{figure} Figure~\vref{fig:request-response} shows how a \emph{manager} (the network management station, or \NMS) sends a request to the \emph{agent} running on the managed device (say, a router, or switch, or server), and how the agent sends back a response. The request contains one or more object \ID{}s (\OID{}s). The agent sends back the information relating to the \OID{}s. \section{Procedure:} \label{sec:procedure} You can either boot your own copy of Linux, or boot the Linux that is installed on the internal hard disk of the computers in the laboratory for this exercise, since we are not modifying any \SNMP objects today. \subsection{Learning about the SNMP MIB Tree with \texttt{snmptranslate}} \label{sec:snmptranslate} \begin{enumerate} \item Open a command prompt, and type: \begin{alltt} $ \textbf{snmptranslate .1.3.6.1.2.1.1.3.0} \end{alltt}%$ You will see the text form of this object \ID (\OID). \item \texttt{snmptranslate} can also translate into numerical form as well, by adding the \texttt{-On} flag to its options (that is the letter ``Oh'', not a zero). Type this at your command prompt: \begin{alltt} $ \textbf{snmptranslate -On SNMPv2-MIB::system.sysUpTime.0} \end{alltt}%$ \item You can mix text and numbers when you describe an \OID; the \texttt{-On} flag just \emph{toggles} which type of output is displayed. Compare the output of each of: \begin{alltt} $ \textbf{snmptranslate .iso.3.6.1.private.enterprises.2021.2.1.prNames.0} \end{alltt}%$ and \begin{alltt} $ \textbf{snmptranslate -On .iso.3.6.1.private.enterprises.2021.2.1.prNames.0} \end{alltt}%$ % enterprises.ucdavis.procTable.prEntry.prNames.0 \item Normally the \OID output is abbreviated (shorter). You can change this behaviour with \texttt{-Of}: \begin{alltt} $ \textbf{snmptranslate -Of .iso.3.6.1.private.enterprises.2021.2.1.prNames.0} \end{alltt}%$ % .iso.org.dod.internet.private.enterprises.ucdavis.procTable.prEntry.prNames.0 \item The problem with the above commands is that you have to remember the entire \OID for what you're looking for. The \texttt{-IR} option (``random access lookup'') searches the \MIB tree for the node you want: \begin{alltt} $ \textbf{snmptranslate sysUpTime.0} Invalid object identifier: sysUpTime.0 \end{alltt}%$ So try this instead: \begin{alltt} $ \textbf{snmptranslate -IR sysUpTime.0} \end{alltt}%$ % system.sysUpTime.0 \item You can use regular expressions to find the exact node you want given only a piece of its name by using the \texttt{-Ib} (best match) option: % \begin{alltt} $ \textbf{snmptranslate -Ib 'sys.*ime'} \end{alltt}%$ % system.sysUpTime \item To get a list of \emph{all} the nodes that match a given pattern, use the \texttt{-TB} flag: \begin{alltt} $ \textbf{snmptranslate -TB 'vacm.*table'} \end{alltt}%$ %% SNMP-VIEW-BASED-ACM-MIB::vacmViewTreeFamilyTable %% SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable %% SNMP-VIEW-BASED-ACM-MIB::vacmSecurityToGroupTable %% SNMP-VIEW-BASED-ACM-MIB::vacmContextTable \item To get extended information about a \MIB node, use the \texttt{-Td} (description) flag: \begin{alltt} $ \textbf{snmptranslate -On -Td -Ib 'sys.*ime'} \end{alltt}%$ %% 1.3.6.1.2.1.1.3 %% sysORUpTime OBJECT-TYPE %% -- FROM SNMPv2-MIB %% -- TEXTUAL CONVENTION TimeStamp %% SYNTAX TimeTicks %% MAX-ACCESS read-only %% STATUS current %% DESCRIPTION "The value of sysUpTime at the time this conceptual row was %% last instanciated." %% ::= { iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) system(1) sysORTable(9) sysOREntry(1) 4 } \item To see a diagram of a section of the \MIB tree, use the \texttt{-Tp} flag: \begin{alltt} $ \textbf{snmptranslate -Tp SNMPv2-MIB::system} \end{alltt}%$ This is useful to explore the \MIB tree. \item Run \texttt{snmptranslate -Tp} without an \OID argument. This prints the entire \MIB tree from all the \MIB files. I suggest pipe the output into \texttt{less}. \end{enumerate} \end{document}