2023年11月25日

网络监视代写|INFO3390 Network Monitoring using SNMP

这是一篇来自加拿大的关于使用SNMP用于收集和组织有关IP网络上受管理设备的信息,并修改这些信息以改变设备行为的代写

 

SNMP Components

SNMP manager

A software [installed on a powerful system] that collects information from an SNMP agent using the “get” action. Changes configurations on an agent using the “set” action.

SNMP agents

Every device manufacturer configures SNMP agent (a software or mix with hardware) on the managed device. Some OS (e.g., Windows) runs it as a process.

Management Information

Base (MIB)

A database that stores data and operational statistics about the managed device.

Management Information Base (MIB) and Object Identifier (OID)

MIB is a collection of information organized hierarchically that can be accessed using SNMP. OIDs uniquely identify managed objects in a MIB hierarchy. Top level MIB object IDs (OIDs) belong to different standard organizations. Vendors define private branches including managed objects for their own products.

All SNMP devices generally support something called MIB-2, which is a standard set of objects that can be monitored. The OID starts with 1.3.6.1.2…etc. For example, the hostname of a router (later in this demo) has an OID 1.3.6.1.2.1.1.5.0.

Manufacturers register their custom objects under a different part of the OID tree from MIB-2. For example,Cisco’s would be 1.3.6.1.4.1.9…etc. and Microsoft’s would be 1.3.6.1.4.1.311….etc.

To translate OIDs between their name and number format, and to display the location of any OID in the OID tree, you can use the SNMP Object Navigator on the Cisco IOS MIB Tools page (for vendors only).

For a listing of all of the objects and OIDs, you can download the text files at ftp://ftp.cisco.com/pub/mibs/oid/

Demonstration

Given the following network with OSPF dynamic routing enabled, configure router R2 as a SNMP agent. Run the SNMP manager (MIB browser) and explore the properties of R2.

Configure router R2 to make it as a SNMP agent:

R2(config)#snmp-server community READONLY ro

R2(config)#snmp-server community READWRITE rw

Community Strings are like passwords. They are used to allow authorized users to access the SNMP agent on a device. Community Strings can be configured as read-only(RO), or read-write(RW). In the above statements, I used READONLY and READWRITE as the passwords for RO and RW respectively.

Run the SNMP manager (MIB browser) on PC1 (or other connected PC)

  1. Open the MIB browser on PC1
  1. Enter the IP address (the address that is applied to one of R2’s interface. Click the Advanced button that is below the Address field.
  1. Enter both the Read and Write Community (i.e., the Passwords for RO and RW) at the Advanced dialog.

Select SNMP Version 3. Click OK when done. (Note: Port 161 is well-known TCP port for SNMP)

  1. Retrieve R2’s hostname. Expand the OID tree. Locate “sysName” on the Left Panel (the corresponding OID will be shown on the right top OID field. Make sure “Get” request is selected. Click GO when done. In the Result Table, you will find the hostname for R2 has been retrieved and displayed as Value in the OctetString Type format.
  1. Set a new hostname name for R2. Choose “Set” request this time. Enter a new hostname (e.g. R2A in my example) in the “Value” field of the pop-up dialog. Make sure Data Type is “OctetString”. Click OK when done. Then click GO. In the Result Table, you will find the hostname for R2 has been changed to R2A.
  1. In the CLI of R2, you will realize that the hostname has been updated (Note: it may take a minute to see the updated hostname).
  1. Retrieve the Area number (since OSPF routing protocol is used). Expand the OID tree until “.ospfAreaId” object is selected. Choose “Get” request. Click GO when done. In the Result Table, you will find the area is 0.0.0.0 (i.e., Area 0). You can verify this information using CLI on R2A (was named R2 before)
  1. Retrieve the neighbors information of R2. Expand the OID tree until .ospfNbrIpAddr object (or.ospfNbrRtrId) is selected. Choose “Get” request. Click GO when done. In the Result Table, you will the neighbors’ information. Similar, you can verify the information using R2A’s CLI.