MRS.

RANIA AZAD
DEPARTMENT OF COMPUTER NETWORK
TECHNICAL COLLEGE OF INFORMATICS
SULAIMANI POLYTECHNIC UNIVERSITY
RANIA.AZAD@SPU.EDU.IQ

CHAPTER 03: SNMPV1

PART 1
 GETREQUEST PDU .0 indicates that the scalar value
should be retrieved (scalar objects only)
Agent
• The manager process starts Manager
Process Process

the sequence in Figure with a

GetRequest PDU for the GetRequest (sysDescr.0)
GetResponse (sysDescr .0= "SunOS" )
object sysDescr. GetRequest (sysObjectID.0)

• The agent process returns a GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )

GetResponse PDU with a value GetRequest (sysUpTime.0)

GetResponse (sysUpTime.0=2247349530)
“SunOS.” GetRequest (sysContact.0)

• The manager then sends a GetResponse (sysContact.0=" ")

GetRequest (sysName.0)
request for sysObjectID and GetResponse (sysName.0="noc1 ")

receives the value GetResponse (sysLocation.0=" ")

GetRequest (sysLocation.0)

“enterprises.11.2.3.10.1.2” GetRequest (sysServices.0)

• The exchange of messages GetResponse (sysServices.0=72)

goes on until the value of 72

for the last object in the group
sysServices is received.
 GETNEXTREQUEST PDU
• A get-next-request operation is very
similar to get-request, except that the
requested record is the next one to the
OBJECT IDENTIFIER specified in the
request.
• The first message is a GetRequest PDU
for sysDescr with the response
returning the value “SunOS.”
• The manager process then issues a
GetNextRequest PDU with the
OBJECT IDENTIFIER sysDescr.
• The agent processes the name of the
next OBJECT IDENTIFIER sysObjectID
and its value“enterprises.11.2.3.10.1.2
“ GetNextRequest (sysName.0)
• The sequence terminates when the
manager issues a get-next-request for
the object identifier next to sysServices,
and the agent process returns the error
message “noSuchName.”
Manager Agent
Process Process
GetRequest (sysDescr.0)
GetResponse (sysDescr .0= "SunOS" )
GetNextRequest (sysDescr.0)
GetResponse ( sysObjectID.0=enterprises.11.2.3.10.1.2 )
GetNextRequest (sysObjectID.0)
GetResponse (sysUpTime.0=2247349530)
GetNextRequest (sysUpTime.0)
GetResponse (sysContact.0=" ")
GetNextRequest (sysContact.0)
GetResponse (sysName.0="noc1 ")
GetResponse (sysLocation.0=" ")
GetNextRequest (sysLocation.0)
GetResponse (sysServices.0=72)
GetNextRequest (sysServices.0)
GetResponse (noSuchName)
Error message: no object next
to sysServices
Get-Next-Request Operation for System Group
LEXICOGRAPHIC ORDRING- EXAMPLE
start end
1
1.1
1.1.5
1.1.18
1.2 1 2 3 9
1.2.6
2
2.2
2.10
2.10.9 2 2 10 4 21
1
3
3.4
3.21
9
6 9
5 18
• Complex scenario of a MIB that
contains both scalar and aggregate
GENERALIZED CASE
objects. A generalized case of a
conceptual MIB comprising three
scalar objects and a table is shown in
Manager Agent
Figure . Process Process
• The first two objects A and B are A
single valued scalar objects. and they
are followed by an aggregate object GetRequest ( A )

represented by the table T with an GetResponse ( A ) B

GetRequest ( B )
entry E and two rows of three GetResponse ( B )
columnar objects, T.E.1.1. through GetRequest (T.E.1.1) T
T.E.3.2. GetResponse ( T.E.1.1 )
• The MIB group ends with a scalar GetRequest (T.E.1.2)
object Z. GetResponse ( T.E.1.2 ) E

• we need to know all the elements in GetRequest (T.E.2.1)

GetResponse ( T.E.2.1 )
the MIB including the number of GetRequest (T.E.2.2)
columns and rows in the table. GetResponse ( T.E.2.2 )
T.E.1.1 T.E.2.1 T.E.3.1
Second,, we retrieved the data in the GetRequest (T.E.3.1 )
table by traversing all the instances of a GetResponse ( T.E.3.1 ) T.E.1.2 T.E.2.2 T.E.3.2
columnar object. The number of GetRequest (T.E.3.2 )

instances or rows in a table could be GetResponse ( T.E.3.2 )

GetRequest (Z )
dynamic and is not always known to Z
GetResponse ( Z )
the management process.
 GETNEXTREQUEST PDU Manager Agent
Process Process
A

Advantages of Get-Next-Request GetRequest ( A )

GetResponse ( A )
B
GetNextRequest ( A )
GetResponse ( B )
1)- no need to know the object ID of GetNextRequest ( B )
T
the next entity to retrieve its value GetResponse ( T.E.1.1 )
GetNextRequest (T.E.1.1 )
2)- issues with dynamic table resolved GetResponse ( T.E.1.2 )
E
GetNextRequest (T.E.1.2 )
¡ 3)- allows NMS to discover the GetResponse ( T.E.2.1 )
GetNextRequest (T.E.2.1 )
structure of a MIB view dynamically GetResponse ( T.E.2.2 ) T.E.1.1 T.E.2.1 T.E.3.1
GetNextRequest (T.E.2.2 )
¡ 4)- provides an efficient mechanism GetResponse ( T.E.3.1 )
T.E.1.2 T.E.2.2 T.E.3.2
for searching a table whose entries GetNextRequest (T.E.3.1 )
GetResponse ( T.E.3.2 )
are unknown GetNextRequest (T.E.3.2 )
Z
GetResponse ( Z )
¡ There are several advantages in using GetNextRequest ( Z )

get-next-request. GetResponse ( noSuchName )

 Internet
{1 3 6 1}

directory mgmt experimental private

(1) (2) (3) (4)

Internet
mib-2 {1 3 6 1}
(1)

private
system (1) snmp (11) (4)
interfaces (2) transmission (10)
at (3) cmot (9)
ip (4) egp (8) enterprises
(1)
icmp (5) udp (7)
tcp (6)

cisco hp 3Com Cabletron

(9) (11) (43) (52)
TWO KINDS OF MANAGED OBJECTS

¡ Scalar Object
¡ SysDescr.0

system
(mib-2 1)

sysDescr (1) sysServices (7)

sysObjectId
sysLocation (6)
(2)
sysUpTime (3) sysName (5)

sysContact (4)
 INTERFACE GROUP

¡ Columnar Objects
¡ OID: mib-
2.interface.ifTable.ifEntry.ifDescr.2
 TABULAR REPRESENTATION OF TABLE
T

COLUMNAR OBJECT ENTRY

E

T COLUMNAR COLUMNAR COLUMNAR COLUMNAR COLUMNAR

OBJECT 1 OBJECT 2 OBJECT 3 OBJECT 4 OBJECT 5

T.E

T.E.1.1 T.E.2.1 T.E.3.1 T.E.4.1 T.E.5.1

T.E.1.2 T.E.2.2 T.E.3.2 T.E.4.2 T.E.5.2

T.E.1.3 T.E.2.3 T.E.3.3 T.E.4.3 T.E.5.3

T.E.1.4 T.E.2.4 T.E.3.4 T.E.4.4 T.E.5.4

 interfaces
(mib-2 2)

INTERFACE GROUP
¡ The IP group defines all the
parameters needed for the node to ifNumber ifTable
handle a network layer IP protocol (1) (2)
either as a host or as a router
¡ ifIndex: is the index of each interface
Deprecated
¡ ifDescr: human-readable string containing ifEntry
information about the interface. (1)
¡ ifType: The type of interface
ifIndex (1) ifSpecific (22)
¡ ifMTU:
the size of the largest packet which can be s ifDescr (2) ifOutQLen (21)
ent/received on the interface ifType (3) ifOutErrors (20)
¡ ifSpeed: An estimate of the interface's ifMtu (4) ifOutDiscards (19)
current bandwidth in bits per second. ifSpeed (5) ifOutNUcastPkts (18)
¡ ifPhyAddress: The physical layer address of ifPhysAddress (6) ifOutUcastPkts (17)
this interface ifAdminstatus (7) ifOutOctets (16)
¡ ifAdminStatus: The desired state of the ifOperStatus (8) ifUnknownProtos (15)
interface: up, down, testing, ifLastChange (9) ifInErrors (14)
¡ ifOperstatus: this value reflects the ifInOctets (10) ifInDiscards (13)
operational or actual state of the interface ifInUcastPkts (11) ifInNUcastPkts (12)
as determined by the device's hardware or
operating system: up, down,
 ip
(mib-2 4)

IP •ipForwarding:
GROUP
•forwarding(1)
•not-forwarding(2)
ipForwarding (1) ipRoutingDiscards (23)
•ipInAddrErrors
ipDefaultTTL (2) ipNetToMediaTable (22)
ipInReceives (3) ipRouteTable (21)
•IP Address Table contains
ipInHdrErrors (4) ipAddrTable (20)
table of IP addresses
ipInAddrErrors (5) ipFragCreates (19)
ipForwDatagrams (6) ipFragFails (18)
•IP Route Table contains an ipInUnknownProtos (7) ipFragOKs (17)
entry for each route ipInDiscards (8) ipReasmFails (16)
ipInDelivers (9) ipReasmOKs (15)
•IP Network-to-Media ipOutRequests(10) ipReasmReqds (14)
Table is address translation ipOutDiscards (11) ipReasmTimeout (13)
table mapping IP addresses
to physical addresses ipOutNoRoutes (12)
 IP ADDRESS TABLE
ipAddrTable
Row ipAdEntAddr ipAdEntIfIndex IpAdEntNetMask IpAdEntBcastAddr IpAdEntReasmMaxSize
(ip 20)
1 123.45.2.1 1 255.255.255.0 0 12000
ipAddrEntry
2 123.45.3.4 3 255.255.0.0 1 12000 (ipAddrTable 1)
3 165.8.9.25 2 255.255.255.0 0 10000
4 9.96.8.138 4 255.255.255.0 0 15000
ipAdEntReasmMaxSize (5
ipAdEntAddr (1)
ipAdEntBcastAddr (4)
Figure 4.23(b) Object instances of ipAddrTable (1.3.6.1.2.1.4.20) ipAdEntIfIndex (2)
ipAdEntNetMask
(3)

Columnar Object Row # in (b) Object Identifier

ipAdEntAddr 2 {1.3.6.1.2.1.4.20.1.1.123.45.3.4}
1.3.6.1.2.1.4.20.1.1
ipAdEntIfIndex 3 {1.3.6.1.2.1.4.20.1.2.165.8.9.25}
1.3.6.1.2.1.4.20.1.2
ipAdEntBcastAddr 1 {1.3.6.1.2.1.4.20.1.4.123.45.2.1}
1.3.6.1.2.1.4.20.1.4
IpAdEntReasmMaxSize 4 {1.3.6.1.2.1.4.20.1.5.9.96.8.138}
1.3.6.1.2.1.4.20.1.5
iso .org .dod. internet. mgmt. mib. ip .ipAddrTable .ipAddrEntry. ipAdEntBcastAddr
1 . 3 .6 .1 . 2 .1 . 4 . 20 .1 . 4
 Has the same value of ifIndex
in the interface group
IP ADDRESS TRANSLATION TABLE
Entity OID Description (brief)
ipNetToMediaTable ip 22 Table mapping IP addresses to ipNetToMediaTable
physical addresses (ip 22)
ipNetToMediaEntry IpNetToMediaTable 1 IP address to physical address
for the particular interface
ipNetToMediaEntry (1)
ipNetToMediaIfIndex IpNetToMediaEntry 1 Interfaces on which this entry's
equivalence is effective; same
as ifIndex
ipNetToMediaPhysAddress IpNetToMediaEntry 2 Media dependent physical ipNetToMediaIfIndex (1) ipNetToMediaType (4)
address
ipNetToMediaNetAddress IpNetToMediaEntry 3 IP address
ipNetToMediaPhysAddress (2) ipNetToMediaNetAddress (3)
ipNetToMediaType IpNetToMediaEntry 4 Type of mapping
 IP ROUTING TABLE
Entity OID Description (brief)
ipRouteTable ip 21 IP routing table
ipRouteEntry ipRouteTable 1 Route to a particular destination
ipRouteDest ipRouteEntry 1 Destination IP address of this route
ipRouteIfIndex ipRouteEntry 2 Index of interface, same as ifIndex
ipRouteMetric1 ipRouteEntry 3 Primary routing metric for this route
ipRouteMetric2 ipRouteEntry 4 An alternative routing metric for this route
ipRouteMetric3 ipRouteEntry 5 An alternative routing metric for this route
ipRouteMetric4 ipRouteEntry 6 An alternative routing metric for this route
ipRouteNextHop ipRouteEntry 7 IP address of the next hop
ipRouteType ipRouteEntry 8 Type of route
ipRouteProto ipRouteEntry 9 Routing mechanism by which this route was
learned ipRouteTable
ipRouteAge ipRouteEntry 10 Number of seconds since routing was last updated (ip 21)
ipRouteMask ipRouteEntry 11 Mask to be logically ANDed with the destination
address before comparing with the ipRouteDest ipRouteEntry
field ipRouteTable (1)
ipRouteMetric5 ipRouteEntry 12 An alternative metric for this route
ipRouteInfo ipRouteEntry 13 Reference to MIB definition specific to the routing
protocol ipRouteDest (1) ipRouteInfo (13
ipRouteMetric5
ipRouteIfIndex (2)
(12)
ipRouteMetric1 (3) ipRouteMask 11)
ipRouteMetric2 (4) ipRouteAge (10)
ipRouteMetric3 (5) ipRouteProto (9)
ipRouteMetric4 (6) ipRouteType (8)
ipRouteNextHop (7)
TCP GROUP

tcp
(mib-2 6)

tcpOutRsts (15)
tcpRtoAlgorithm (1)
tcpInErrors (14)
tcpRtoMin (2)
tcpConnTable 13)
tcpRtoMax (3)
tcpRetranSegs (12)
tcpMaxConn (4)
tcpActiveOpens (5) tcpOutSegs (11)
tcpPassiveOpens (6) tcpInSegs (10)
tcpAttemptFails (7) tcpCurrEstab (9)
tcpEstabResets (8)
 TCP CONNECTION TABLE

Entity OID Description (brief)

tcpConnTable tcp 13 TCO connection table

tcpconnEntry TcpConnTable 1 Information about a particular TCP
connection
tcpConnState TcpConnEntry 1 State of the TCP connection
tcpConnLocalAddress TcpConnEntry 2 Local IP address
tcpConnLocalPort TcpConnEntry 3 Local port number tcpConnTable
tcpConnRemAddress TcpConnEntry 4 Remote IP address (tcp 13)
tcpConnRemPort TcpConnEntry 5 Remote port number
tcpConnEntry
(1)

To perform TCP Port Scanning you need these

OIDs
tcpConnState (1) tcpCommRemPort (5)
tcpConnLocalAddress (2) tcpConnRemAddress(4)

tcpConnLocalPort (3)
 UDP GROUP udp
(mib-2 7)

udpInDatagrams udpNoPorts udpInErrors udpOutDatagrams udpTable

(1) (2) (3) (4) (5)

udpEntry
(1)
Entity OID Description (brief)
udpInDatagrams udp 1 Total number of datagrams delivered to the
users
udpNoPorts udp 2 Total number of received datagrams for
udpLocAddress udpLocalPort
which there is no application
(1) (2)
udpInErrors udp 3 Number of received datagrams with errors
udpOutDatagrams udp 4 Total number of datagrams sent UDP Port Scanning
udpTable udp 5 UDP Listener table
udpEntry udpTable 1 Information about a particular connection or
UDP listener
udpLocalAddress udpEntry 1 Local IP address
udpLocalPort udpEntry 2 Local UDP port
UDPTABLE
TRAFFIC MONITORING
¡ To calculate the utilization of an interface down:
¡ Get ifIndex of the interface
¡ In the case of downlink then get : Get “ifInOctets” that represent
the data coming into that interface between t1 and t2
¡ Use “ifOutOctets” in case of link is up
¡ Get ifSpeed for the same interface (same ifIndex)
¡ t1: C1 t2: C2

(C2 - C1 ) × 8
Utilization (%) = × 100%
(t2 - t1) × Bandwidth
SNMPV1 LIMITATIONS

Limited in Security:
• based on community string only
• No authentication or authorization

Limited error codes and error handling

• genErr is a catch-all

Limited notification
• Agent does not know if critical notifications (Traps) have reached the manger

Limited performance
• Get request: get only one scalar object at a time (not suitable for large network) such
routing tables

Limited architecture
• Only manager –Agent, no manager –Manager communication
QUESTIONS?