Snmp Trap Variable Bindings

Menu

    Snmp Trap Variable Bindings

      суббота 11 апреля
          65
    OverviewPackageClassTreeIndexHelp
    HOMEFRAMESNO FRAMESAll Classes SUMMARY: NESTED FIELD CONSTR METHOD DETAIL: FIELD CONSTR METHOD

    Includes current sysUpTime value, an OID identifying the type of trap and optional variable bindings. Destination addressing for traps is determined in an application specific manner typically through trap configuration variables in the MIB. The format of the trap message was changed in SNMPv2 and the PDU was renamed SNMPv2-Trap. Perl and SNMP.

    com.ireasoning.protocol.snmp
    Class SnmpV2Notification

    All Implemented Interfaces:
    Msg, Serializable, SnmpDataType
    Direct Known Subclasses:
    SnmpInform, SnmpTrap
    public abstract class SnmpV2Notification
    extends SnmpPdu

    This class represents SNMPv2 and SNMPv3 Notification type object, including trap and inform requests. SNMPv1 trap is represented by SnmpV1Trap class.

    See Also:
    SnmpV1Trap, Serialized Form
    Field Summary
    static SnmpOIDAUTHENTICATION_FAILURE_TRAP_OID
    SNMPv2c warmStart trap oid: authenticationFailure
    static SnmpOIDCOLD_START_TRAP_OID
    SNMPv2c coldStart trap oid
    static SnmpOIDEGPNEIGHBOR_LOSS_OID
    SNMPv2c warmStart trap oid: egpNeighborLoss
    static SnmpOIDLINK_DOWN_TRAP_OID
    SNMPv2c warmStart trap oid: linkDown
    static SnmpOIDLINK_UP_TRAP_OID
    SNMPv2c warmStart trap oid: linkUp
    static SnmpOIDSNMP_TRAP_ENTERPRISE_OID
    snmpTrapEnterprise ('.1.3.6.1.6.3.1.1.4.3.0')
    static SnmpOIDSNMP_TRAP_OID
    snmpTrapOID ('.1.3.6.1.6.3.1.1.4.1.0')
    static SnmpOIDSYS_UP_TIME_OID
    sysUpTime oid ('.1.3.6.1.2.1.1.3.0')
    static SnmpOIDWARM_START_TRAP_OID
    SNMPv2c warmStart trap oid: warmStart
    Fields inherited from interface com.ireasoning.protocol.snmp.SnmpDataType
    BITS, BITSTRING, COUNTER32, COUNTER64, END_OF_MIB_VIEW, END_OF_MIB_VIEW_OBJECT, GAUGE32, INTEGER, IPADDRESS, NO_SUCH_INSTANCE, NO_SUCH_INSTANCE_OBJECT, NO_SUCH_OBJECT, NO_SUCH_OBJECT_OBJECT, NULL, OCTETSTRING, OID, OPAQUE, PDU, SEQUENCE, SEQUENCEOF, serialVersionUID, TIMETICKS, UNSIGNED32, VARBIND
    Fields inherited from interface com.ireasoning.protocol.Msg
    ERROR_TYPE
    Constructor Summary
    SnmpV2Notification(long sysUpTime, SnmpOID snmpTrapOID)
    Creates an SnmpV2Notification object using passed parameters
    SnmpV2Notification(long sysUpTime, SnmpOID snmpTrapOID, SnmpVarBind[] varbinds)
    Creates an SnmpV2Notification object using passed parameters
    SnmpV2Notification(SnmpV2Notification notif)
    Makes a copy of passed SnmpV2Notification object
    Method Summary
    StringgetIpAddress()
    Returns the trap sender's IP address
    SnmpVarBind[]getObjects()
    Returns the OBJECTS variable bindings as defined in MIB.
    SnmpOIDgetSnmpTrapOID()
    Returns the snmpTrapOID.0 value contained in this trap.
    longgetSysUpTime()
    Returns the sysUpTime value contained in this trap
    StringgetSysUpTimeString()
    Returns the string representation of sysUpTime value contained in this trap, such as '10 hours 5 minutes 20 seconds'.
    voidsetIpAddress(InetAddress addr)
    Sets trap sender's ip address
    voidsetIpAddress(String ipAddr)
    Sets trap sender's ip address.
    voidsetSysUpTime(long time)
    Sets a new sysUpTime
    StringtoString()
    Returns a string representation of this trap object
    SnmpV1TraptoV1Trap()
    Converts this v2 trap object to v1 trap according to RFC 2576 and RFC 2089.
    SnmpV1TraptoV1Trap(String ipAddress)
    Converts this v2 trap object to v1 trap according to RFC 2576 and RFC 2089
    Methods inherited from class com.ireasoning.protocol.snmp.SnmpPdu
    copy, decodePdu, encode, encodePdu, getCommand, getCommunity, getContextEngineID, getContextName, getDestinationAddress, getDestinationPort, getErrorIndex, getErrorStatus, getErrorStatusString, getErrorStatusString, getErrorString, getMaxRepetitions, getNonRepeaters, getRequestID, getSnmpV3MsgHeader, getSnmpv3MsgSecurityParameters, getSourceAddress, getSourcePort, getType, getTypeString, getVersion, hasMore, isSnmpV3AuthenticationFailed, setCommand, setCommunity, setContextEngineID, setContextName, setDestinationAddress, setDestinationPort, setErrorIndex, setErrorStatus, setHasMore, setMaxRepetitions, setNonRepeaters, setOID, setOID, setOIDs, setOIDs, setRequestID, setSourceAddress, setSourcePort, setVersion
    Methods inherited from class com.ireasoning.protocol.snmp.VarBindContainer
    addVarBind, addVarBinds, addVarBinds, getFirstVarBind, getLastVarBind, getVarBind, getVarBindCount, getVarBinds, removeAllVarBinds, removeAllVarBinds, removeVarBind, setVarBinds, setVarBinds
    Methods inherited from class java.lang.Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    Methods inherited from interface com.ireasoning.protocol.snmp.SnmpDataType
    equals, hashCode
    Field Detail

    SYS_UP_TIME_OID

    sysUpTime oid ('.1.3.6.1.2.1.1.3.0')

    SNMP_TRAP_OID

    snmpTrapOID ('.1.3.6.1.6.3.1.1.4.1.0')

    SNMP_TRAP_ENTERPRISE_OID

    snmpTrapEnterprise ('.1.3.6.1.6.3.1.1.4.3.0')

    COLD_START_TRAP_OID

    SNMPv2c coldStart trap oid

    WARM_START_TRAP_OID

    SNMPv2c warmStart trap oid: warmStart

    LINK_DOWN_TRAP_OID

    SNMPv2c warmStart trap oid: linkDown

    LINK_UP_TRAP_OID

    SNMPv2c warmStart trap oid: linkUp

    AUTHENTICATION_FAILURE_TRAP_OID

    SNMPv2c warmStart trap oid: authenticationFailure

    EGPNEIGHBOR_LOSS_OID

    SNMPv2c warmStart trap oid: egpNeighborLoss
    Constructor Detail

    SnmpV2Notification

    Creates an SnmpV2Notification object using passed parameters
    Parameters:
    sysUpTime - the sysUpTime value
    snmpTrapOID - the snmpTrapOID value
    varbinds - the other variable bindings of this trap object

    SnmpV2Notification

    Creates an SnmpV2Notification object using passed parameters
    Parameters:
    sysUpTime - the sysUpTime value
    snmpTrapOID - the snmpTrapOID value

    SnmpV2Notification

    Makes a copy of passed SnmpV2Notification object
    Method Detail

    getSysUpTime

    Returns the sysUpTime value contained in this trap
    Returns:
    sysUpTime value, in 10 milliseconds.

    setSysUpTime

    Sets a new sysUpTime

    getSysUpTimeString

    Returns the string representation of sysUpTime value contained in this trap, such as '10 hours 5 minutes 20 seconds'.
    Returns:
    string representation of sysUpTime value, e.g. '10 hours 5 minutes 20 seconds'

    getSnmpTrapOID

    Returns the snmpTrapOID.0 value contained in this trap. Or null if the number of variable bindings is less than 2.

    getObjects

    Returns the OBJECTS variable bindings as defined in MIB.
    For example,
    In this NOTIFICATION object, OBJECTS are { snaNodeOperName, snaNodeOperState, snaNodeOperActFailureReason }, this method will returns variable bindings corresponding to those objects.
    Note: sysUpTime and snmpTrapOID are not included in the returned variable bindings array.

    getIpAddress

    Returns the trap sender's IP address
    Overrides:
    getIpAddress in class SnmpPdu
    See Also:
    SnmpPdu.getSourceAddress()

    setIpAddress

    Sets trap sender's ip address.

    Note:
    There's no IP address field in SNMPv2 TRAP/INFORM PDU. This method won't change the IP address of the UDP packet.

    Overrides:
    setIpAddress in class SnmpPdu
    See Also:
    SnmpPdu.setSourceAddress(java.lang.String)

    setIpAddress

    Sets trap sender's ip address

    Note:
    There's no IP address field in SNMPv2 TRAP/INFORM PDU. This method won't change the IP address of the UDP packet.

    toString

    Returns a string representation of this trap object
    Overrides:
    toString in class SnmpPdu

    toV1Trap

    Converts this v2 trap object to v1 trap according to RFC 2576 and RFC 2089. Use sender's IP address as the value of ip address field of SNMPv1 trap. If the translation occurs within a proxy application, the proxy must attempt to extract the original source of the notification from the variable-bindings. If the SNMPv2 variable-bindings contains a variable binding whose name is snmpTrapAddress.0, the agent-addr parameter SHALL be set to the value of that variable binding.
    Returns:
    V1 trap object

    toV1Trap

    Converts this v2 trap object to v1 trap according to RFC 2576 and RFC 2089
    Parameters:
    ipAddress - notification originator's IP address
    Returns:
    V1 trap object
    OverviewPackageClassTreeIndexHelp
    HOMEFRAMESNO FRAMESAll Classes SUMMARY: NESTED FIELD CONSTR METHOD DETAIL: FIELD CONSTR METHODCopyright © 2002 iReasoning Inc. All Rights Reserved.

    SNMP object index

    When the SNMP SNMPmanager send a requests for an object to a SNMP agent this one should include an index. The index with a value of 0 is required for non indexed object.

    But if the object is defined in a snmp table then an index is mandatory.

    In the example below, the MIB tree window of LoriotPro with two objects, ifnumber which is not indexed (this one give the number of interfaces of the host ann the number of entries in the iftable) the second one ifdescr is an indexed object of the iftable.

    When using SNMP OID (Object IDentifier) in the SNMP request and response packet the last values should specify the instance of the object. Instance is particularly useful to select a element among a group of similar element. This is the case when using network switches. Switches are made of a chassis containing multiple boards, sometimes daughter boards, each of them having ports.

    Example : the following SNMP OID (Object IDentifier) is used to get the number of incoming octets on the port 3 located on the daughter board 2 of the board 2 of this device switch.

    The zero value points the object itself (here the chassis) and is the default one.

    snmp v1 trap and snmp v2 notification

    SNMP Agent has the ability of sending packets on his own called TRAPs. The initial configuration of the agent specify an IP address where to send it, normally the management station run a trap receiver process.

    About TRAPs and LoriotPro: Loriot Pro manages SNMP V1 traps and notifications of informs from SNMP v2c and v3 (subset only). Traps are displayed in the windows trap manager. Filters allow the administrator to select the traps to display andto trigger and action.

    SNMP notifications can be sent as traps (SNMP V1) or inform requests (SNMP V2c). Traps are unreliable because the receiver does not send any acknowledgment when it receives a trap. The sender cannot determine if the trap was received. However, an SNMP manager that receives an inform request acknowledges the message with an SNMP response PDU. If the manager does not receive an inform request, it does not send a response. If the sender never receives a response, the inform request can be sent again. Thus, informs are more likely to reach their intended destination.

    Because they are more reliable, informs consume more resources in the SNMP device and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Also, traps are sent only once, while an Inform may be retried several times. The retries increase traffic and contribute to a higher overhead on the network. Thus, snmp trap and snmp nform requests provide a trade-off between reliability and resources. If it is important that the SNMP manager receives every notification, use Inform requests. On the other hand, if you are concerned about traffic on your network or memory in the router and you do not need to receive every notification, use traps.

    SNMPv1 traps were defined in RFC 1157, with the following fields:

    EnterpriseIdentifies the type of managed object generating the snmp v1 trap. Enterprise field contains value of sysObjectID of the device sending trap.For vendor specific snmp v1 traps, Generic snmp v1 trap type field is set to enterpriseSpecific(6).
    Agent addressProvides the address of the managed object generating the snmp v1 trap.
    Generic trap typeIndicates one of a number of generic snmp v1 trap types.
    Specific trap codeIndicates one of a number of specific trap codes.
    Time stampProvides the amount of time that has elapsed between the last network reinitialization and generation of the snmp v1 trap.
    Variable bindings The data field of trap containing PDU. Each variable binding associates a particular MIB object instance with its current value.
    0coldStartThe snmp device perform a power on
    1warmStartThe snmp device perform a sofwtare reload or ipl
    2 linkDownOne of the interface od the snmp device went down
    3linkUpOne of the interface od the snmp device went up
    4authenticationFailureA snmp manager try to acces an snmp agent with a wrong community or wrong user rights
    5egpNeighborLossExterior gateway protocol loss a neighbor router
    6enterprise specificEntreprise proprietary traps

    In SNMPv2c trap is defined as NOTIFICATION and formatted differently comparing to SNMPv1. It has the following parameters:

    sysUpTimeSame as Time stamp in SNMPv1 trap
    snmpTrapOIDTrap identification field. For generic traps, values are defined in RFC 1907, for vendor specific traps snmpTrapOID is essentially a concatenation of the SNMPv1 Enterprise parameter and two additional sub-identifiers, '0', and the SNMPv1 Specific trap code parameter.
    VarBindListA list of variable-bindings

    Security and community

    The security is became an unavoidable constrain in the contemporary information system. The initial security mechanisms designed in SNMP version 1 are now not enough secured to protect effectively access to devices. SNMP V2 and especially V3 added strong authentication between agents and the manager.

    SNMP defines a kind of password protection by the concept of Communities. A community is given to a group of devices under the control of an authorized administrator. Without the community it is impossible to make SNMP request to devices.

    Meanwhile it is impossible to affect rights to identified administrators and have access granularity on managed objects.

    SNMP Community

    There are three communities in SNMP v1 and V2c. Communities are set up when configuring the device

    1. Read only community : This community allows a read access only to any objects of a device. The common default value is “public”.
    1. Read write community: This community allows read and write access to any objects of a devices. The common default value is “private”.
    1. Trap community: the agent when sending traps to the manager uses this community.

    A manager should know the devices communities of a device to read or write objects. The lack of security comes from the fact that the password is sent in clear text in SNMP packets on the network and a hacker could easily capture it.

    Another common level of protection is to specify in the agent configuration the IP address of the manager that could send SNMP request. However, this address is easy to mystify.

    The version 3 of SNMP allows multiple methods of protection against hacking based on identification, strong authentication and encryption.

    LoriotPro supports authentication with a named profile and a password, using the algorithm HMAC-MD5-96.

    Structureof Management Information

    The SMI - Structure of Management Information specify the rules that should be followed when creating objects in MIB files. It is a subset of ASN1 – Abstract Syntax Notation from the OSI model. The objects are defined in a hierarchical tree structure. This global naming tree ensures that all object names are unique and gives a unique way for finding them.

    The RFC1155 defines the rules to apply in version 1. The version 2 of the SMI is also available and MIB files could use either the SMI v1 or the SMI v2.

    The following graph shows a part of the SMI tree:

    Each object is identified by is OID (Object Identifier). L’OID has two display formats (nominal and numeric). In PDU the numeric format is used by the protocol. Programs use the nominal format, easier to manipulate by human brain. The SNMP manager established the relation through the compiled MIB.

    Example

    Nominal

    iso.org.dod.internet.mgmt.mib-2.ip.ipInReceives

    Numeric

    1.3.6.1.2.1.4.3

    Here after the SMI v1 structure defining the top objects in the tree.

    -- RFC1155 MIB
    RFC1155-SMI DEFINITIONS ::= BEGIN
    -- the path to the root
    org OBJECT IDENTIFIER ::= { iso 3 }
    dod OBJECT IDENTIFIER ::= { org 6 }
    internet OBJECT IDENTIFIER ::= { dod 1 }
    directory OBJECT IDENTIFIER ::= { internet 1 }
    mgmt OBJECT IDENTIFIER ::= { internet 2 }
    experimental OBJECT IDENTIFIER ::= { internet 3 }
    private OBJECT IDENTIFIER ::= { internet 4 }
    enterprises OBJECT IDENTIFIER ::= { private1 }
    mib-2 OBJECT IDENTIFIER ::= { mgmt 1 }
    END

    The SMI V2 notation is quite different from v1 in the construction of the logical structure of MIB files and of the global naming tree. The RFC 1902 describes these enhancements.

    -- RFC 1902
    SNMPv2-SMI DEFINITIONS ::= BEGIN
    -- the path to the root
    org OBJECT IDENTIFIER ::= { iso 3 }
    dod OBJECT IDENTIFIER ::= { org 6 }
    internet OBJECT IDENTIFIER ::= { dod 1 }
    directory OBJECT IDENTIFIER ::= { internet 1 }
    mgmt OBJECT IDENTIFIER ::= { internet 2 }
    mib-2 OBJECT IDENTIFIER ::= { mgmt 1 }
    transmission OBJECT IDENTIFIER ::= { mib-2 10 }
    experimentalOBJECT IDENTIFIER ::= { internet 3 }
    private OBJECT IDENTIFIER ::= { internet 4 }
    enterprises OBJECT IDENTIFIER ::= { private 1 }
    security OBJECT IDENTIFIER ::= { internet 5 }
    snmpV2 OBJECT IDENTIFIER ::= { internet 6 }
    -- transport domains
    snmpDomains OBJECT IDENTIFIER ::= { snmpV2 1 }
    -- transport proxies
    snmpProxysOBJECT IDENTIFIER ::= { snmpV2 2 }
    -- module identities
    snmpModules OBJECT IDENTIFIER ::= { snmpV2 3 }
    -- definitions for information modules
    END

    The first sublevel under root is the iso object followed by the org object and so on. Each object has a number in the tree.

    Here is an example for the object “sysname” and how you can see it with the LoriotPro MIB browser

    The nominal format:

    iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).system(1).sysname(5).0.

    or the numerical format : 1.3.6.1.2.1.1.5.0


    Example of an SNMP object sysname in the mib tree

    Object types

    Objects are from different types.

    Scalar. A scalar object can be assigned values without structures

    Table. Table objects are structured arrays and could be indexed.

    The following unstructured data types could also be used :

    Counter: A non-negative Integer that is incremented until it reaches a maximum value. When the maximum value is reached the counter wrapper (reset to 0)

    Gauge: A non-negative Integer that could oscillate between 0 and a maximum value.

    IpAddress: A 32 bits address in dotted octet format (Example: F1:01:45:56)

    NetworkAddress: Used to store network address.

    Opaque: Used to encapsulate non-formatted data

    TimeTicks: A non-negative integer used to keep track of time in 100th of seconds.

    Examples of object

    Example of table object:

    sysDescr

    Describe the model and the mark of the equipment.

    IfEntry

    SONiVOX, your home for the best digital music creation tools available with products for professional composers, producers, musicians, and iPad and Android developers. We offer musical inspiration through great sounds, playable instruments, and innovative new technologies. 1 Gigabyte free hard drive space (Download and Installation) A VST, AU, RTAS or AAX compatible host application. Internet Access (Download and Authorization).Note - The following hosts do not support Vocalizer Pro at this time: Apple GarageBand, Akai MPC Renaissance, Akai MPC Studio, ACID Pro, PreSonus Studio One, Propellerhead's Record. Sonivox vocalizer vst free download windows 7. SONiVOX is your home for the best digital music creation tools available, with products for professional composers, producers, musicians, and iPad and Android developers. We offer musical inspiration through great sounds, playable instruments, and innovative new technologies. Put on your shades and get on board the time machine, as Stratum will.

    This object contains a synthesis table of equipment’s network interfaces.

    ipRouteTable

    This object contains the IP routing table of the host.

    The following text is an extract of the MIB file and describes the table object AtEntry :

    AtEntry ::=
    SEQUENCE {
    atIfIndex
    INTEGER,
    atPhysAddress
    PhysAddress,
    atNetAddress
    NetworkAddress
    }

    Example of scalar :

    We use the the ‘MIB Query’ tool from LoriotPro to query the scalar object sysDescr from 10.33.10.121 agent, its current value is displayed in the Result window. This is string type data.


    Query on 10.33.10.121 agent for its sysdescr objet

    Example of table query :

    The ifentry object displayed hereafter on its table format contains a set of scalar objects.


    Query on 10.33.10.121 agent for ifentry table

    Example of snmp object of Counter type viewed from the LoriotPro Wizard


    snmp counter object

    Example of snmp object of Gauge type from the LoriotPro Wizard


    snmp gauge

    Example of snmp object of IP address entry type from the LoriotPro Wizard


    snmp IpAddress

    Example of snmp object of TimeTicks type from the LoriotPro Wizard

    snmp timeticks