![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to snmp.tex CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / snmp|
Return to snmp.tex CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / snmp |
1.1 ! root 1: % -*- LaTeX -*- ! 2: ! 3: \input lcustom ! 4: ! 5: \documentstyle[12pt,sfwmac]{article} ! 6: ! 7: \begin{document} ! 8: ! 9: \begin{center}\Large\bf ! 10: 4BSD/ISODE SNMP Roadmap\\[0.25in] ! 11: \normalsize\bf Marshall T. Rose\\ Performance Systems International, Inc.% ! 12: \footnote{This work was partially supported by the U.S.~Defense Advanced ! 13: Research Projects Agency and the Rome Air Development Center of the U.S.~Air ! 14: Force Systems Command under contract number F30602--88--C-0016. ! 15: The content of the information contained herein does not necessarily reflect ! 16: the position or the policy of the U.S.~Government, ! 17: and no official endorsement should be inferred.} ! 18: \end{center} ! 19: ! 20: \section* {Introduction} ! 21: You might consider it strange that the ISODE, ! 22: the openly available implementation of the upper-layers of OSI, ! 23: includes an implementation of the SNMP. ! 24: Inasmuch as the continued survival of the Internet hinges on all nodes ! 25: becoming network manageable, ! 26: this package was developed using the ISODE and is being freely ! 27: distributed with releases of Berkeley \unix/. ! 28: ! 29: It must be stressed that this package is not a complete network management ! 30: system. ! 31: In particular, ! 32: whilst \pgm{snmpd} provides a minimal agent functionality, ! 33: there are no Network Operation Center (NOC) tools~---~\pgm{snmpi} is a ! 34: debugging aid only. ! 35: ! 36: The purpose of this {\em Roadmap\/} is simply to point out where you can find ! 37: the various components in the 4BSD/ISODE SNMP package. ! 38: ! 39: \section* {SNMP Agent} ! 40: The SNMP agent (the \pgm{snmpd} program) along with the simple initiator ! 41: (the \pgm{snmpi} program) are in the directory \file{snmp/}. ! 42: The \file{READ-ME} file in the top-level directory describes how to generate ! 43: and install these. ! 44: ! 45: \subsection* {Streamlined Installation} ! 46: The standard installation directions assume that you wish to install the base ! 47: ISODE system in addition to the 4BSD/ISODE SNMP package. ! 48: However, ! 49: you might wish to install only SNMP software. ! 50: If this is the case, ! 51: then follow these steps and ignore the \file{READ-ME} file. ! 52: \begin{enumerate} ! 53: \item Configure the ISODE by selecting the appropriate configuration files ! 54: in the \file{config/} directory. ! 55: For example, ! 56: \begin{quote}\small\begin{verbatim} ! 57: % cp config/sunos3.h h/config.h ! 58: % cp config/sunos3.make config/CONFIG.make ! 59: % cp config/*.local support/ ! 60: \end{verbatim}\end{quote} ! 61: is all that's required to configure the ISODE on a Sun workstation running ! 62: SunOS~3.5. ! 63: ! 64: You might wish to consult the {\bf CONFIGURATION\/} section of the ! 65: \file{READ-ME} file for information on other target platforms. ! 66: ! 67: \item Generate both the base ISODE system and the SNMP software: ! 68: \begin{quote}\small\begin{verbatim} ! 69: % ./make all all-snmp ! 70: \end{verbatim}\end{quote} ! 71: ! 72: \item Make sure the ISODE installation directories are created: ! 73: \begin{quote}\begin{tabular}{|l|l|l|} ! 74: \hline ! 75: \multicolumn{1}{|c|}{\bf name}& ! 76: \multicolumn{1}{c|}{\bf usually}& ! 77: \multicolumn{1}{c|}{\bf containing}\\ ! 78: \hline ! 79: \verb"BINDIR"& \file{/usr/local/bin/}& user programs\\ ! 80: \verb"SBINDIR"& \file{/usr/etc/}& administrator programs\\ ! 81: \verb"ETCDIR"& \file{/usr/etc/}& administrator files\\ ! 82: \verb"INCDIR"& \file{/usr/include/}& {\em C\/} include files\\ ! 83: \verb"LOGDIR"& \file{/usr/spool/isode/}& ! 84: log files\\ ! 85: \hline ! 86: \end{tabular}\end{quote} ! 87: ! 88: \item Check the \file{/etc/services} file and make sure that these three ! 89: lines are present: ! 90: \begin{quote}\small\begin{verbatim} ! 91: snmp 161/udp ! 92: snmp-trap 162/udp ! 93: smux 199/tcp ! 94: \end{verbatim}\end{quote} ! 95: If you are running Sun Yellow Pages, ! 96: then you will need to modify this file on the YP master and run a command to ! 97: export the changes to the other YP hosts. ! 98: ! 99: \item Add these lines to the \file{/etc/rc.local} file: ! 100: \begin{quote}\small\begin{verbatim} ! 101: if [ -f $(SBINDIR)snmpd ]; then ! 102: $(SBINDIR)snmpd & (echo -n ' snmp') > /dev/console ! 103: fi ! 104: if [ -f $(SBINDIR)smux.unixd -a -f $(SBINDIR)snmpd ]; then ! 105: $(SBINDIR)smux.unixd & ! 106: (echo -n ' smux-unix') > /dev/console ! 107: fi ! 108: \end{verbatim}\end{quote} ! 109: ! 110: \item If you wish to have an SNMP trap sink on your system, ! 111: also add these lines to the \file{/etc/rc.local} file: ! 112: \begin{quote}\small\begin{verbatim} ! 113: if [ -f $(SBINDIR)snmpt ]; then ! 114: $(SBINDIR)snmpt & (echo -n ' snmp-trap') > /dev/console ! 115: fi ! 116: \end{verbatim}\end{quote} ! 117: Usually the trap sink is started before the agent, ! 118: so if the agent sends any traps initially, ! 119: then can be audited. ! 120: ! 121: \item Install a partial ISODE system, as the super-user: ! 122: \begin{quote}\small\begin{verbatim} ! 123: # ./make inst-partial ! 124: \end{verbatim}\end{quote} ! 125: ! 126: \item Install the 4BSD/ISODE SNMP software: ! 127: \begin{quote}\small\begin{verbatim} ! 128: # ./make inst-snmp ! 129: \end{verbatim}\end{quote} ! 130: ! 131: \item Configure the SNMP agent by editing the file \file{snmpd.rc} in the ! 132: \verb"$ETCDIR" directory: ! 133: \begin{itemize} ! 134: \item Fill-in the value for \verb"sysContact" and \verb"sysLocation". ! 135: ! 136: \item If your site has a management station that listens for traps, ! 137: fill-in the information for the trap sink, e.g., ! 138: \begin{quote}\small \begin{verbatim} ! 139: trap traps a.b.c.d ! 140: \end{verbatim}\end{quote} ! 141: where \verb"traps" is the community that traps should be logged under ! 142: and \verb"a.b.c.d" is the IP address of the host where a trap sink is ! 143: listening on UDP port~162. ! 144: ! 145: \item For each of your network interfaces ! 146: (as reported by the ! 147: \begin{quote}\small\begin{verbatim} ! 148: netstat -i ! 149: \end{verbatim}\end{quote} ! 150: command) ! 151: make sure that it is defined in the configuration file with ! 152: the appropriate type and speed. ! 153: For the vast majority of BSD-derived systems, ! 154: the definitions already appear. ! 155: \end{itemize} ! 156: ! 157: \item Finally, start the SNMP agent and SMUX \unix/ daemon. ! 158: The command from \pgm{CShell} is: ! 159: \begin{quote}\small\begin{verbatim} ! 160: # $(SBINDIR)snmpd >& /dev/null ! 161: # $(SBINDIR)smux.unixd >& /dev/null ! 162: \end{verbatim}\end{quote} ! 163: which starts the daemons and directs them to automatically detach. ! 164: If you are going to run a sink for SNMP traps, ! 165: then you will need to start that daemon as well: ! 166: \begin{quote}\small\begin{verbatim} ! 167: # $(SBINDIR)snmpt >& /dev/null ! 168: \end{verbatim}\end{quote} ! 169: \end{enumerate} ! 170: The agent logs activity to the file \file{snmpd.log} in the ISODE ! 171: \verb"LOGDIR" directory. ! 172: ! 173: By default, ! 174: the trap sink will audit all traps to the file \file{snmp.traps} in the ! 175: ISODE \verb"LOGDIR" directory. ! 176: The \verb"audit" command in \pgm{snmpi} can be used to examine the file. ! 177: ! 178: \section* {Exporting MIB Modules} ! 179: You might wish to modify your existing daemons to export MIB modules for ! 180: access via the SNMP agent. ! 181: The SMUX protocol is used for this. ! 182: The SMUX protocol is defined in the file \file{doc/rfcs/smux.txt}. ! 183: You should read this document once just to familiarize yourself with the ! 184: general concepts of SNMP multiplexing. ! 185: ! 186: However, ! 187: when you instrument your agent to export the MIB, ! 188: you use the SMUX Applications Programming Interface (SMUX API) which is ! 189: defined in the file \file{doc/rfcs/smux-api.txt}. ! 190: This API is fully implemented in the 4BSD/ISODE SNMP software. ! 191: ! 192: The SMUX \unix/ daemon is an example of a program which uses the software. ! 193: The source for this daemon is in the \file{snmp/} directory. ! 194: At present, ! 195: this daemon exports information on the system's mbufs. ! 196: In the future, ! 197: it is conceivable that it may make generalized process information available. ! 198: ! 199: \subsection* {One day} ! 200: $\ldots$ it would be nice to have MIBs defined to allow management ! 201: applications to be written which have equivalent functionality to: ! 202: \begin{quote}\begin{tabular}{l} ! 203: mailq/mailstats\\ ! 204: lpq\\ ! 205: finger/rwho\\ ! 206: iostat/pstat/vmstat\\ ! 207: named (DNS)\\ ! 208: nntpd (NTP)\\ ! 209: bgpd (BGP)\\ ! 210: nfsstat/rpcinfo ! 211: \end{tabular}\end{quote} ! 212: ! 213: \section* {SNMP and gawk} ! 214: If you are interested in prototyping network management applications, ! 215: then you might find it interesting to run a version of GNU \pgm{awk} ! 216: (the \pgm{gawk} program) which is SNMP capable. ! 217: ! 218: The directory \file{snmp/gawk-2.11 contains} the modifications to the GNU ! 219: \pgm{awk} 2.11~beta release necessary to achieve this. ! 220: Follow the instructions in the \file{READ-ME-FIRST} file in this directory to ! 221: install this modified \pgm{gawk}. ! 222: ! 223: \subsection* {Accessing SNMP variables} ! 224: The current implementation assumes a read-only view of an SNMP MIB. ! 225: This means that MIB objects must occur only as {\em rvalues\/} in expressions. ! 226: ! 227: \subsubsection* {Non-tabular variables} ! 228: To access an object which does not occur inside a table, ! 229: simply use the name of that object, e.g., ! 230: \begin{quote}\small\begin{verbatim} ! 231: % gawk 'BEGIN { print sysDescr; }' ! 232: \end{verbatim}\end{quote} ! 233: Instead, ! 234: if you want to supply a special instance identifier, ! 235: then reference the variable as an array. ! 236: Hence, ! 237: an equivalent command is: ! 238: \begin{quote}\small\begin{verbatim} ! 239: % gawk 'BEGIN { print sysDescr[0]; }' ! 240: \end{verbatim}\end{quote} ! 241: This is less intuitive, ! 242: but it's your choice. ! 243: ! 244: Of course, ! 245: you may not be able to retrieve a variable. ! 246: For example, \verb"sysDescr[1]", according to the MIB, ! 247: doesn't make much sense. ! 248: There is a special built-in variable, ! 249: \verb"DIAGNOSTIC" which returns a textual description of any problem which ! 250: occurred with the last SNMP operation, ! 251: hence: ! 252: \begin{quote}\small\begin{verbatim} ! 253: % gawk 'BEGIN { print "sysDescr: ", sysDescr, DIAGNOSTIC; }' ! 254: \end{verbatim}\end{quote} ! 255: prints either the system description of the agent you are talking to, ! 256: or a diagnostic, ! 257: depending on what happened with the SNMP interaction. ! 258: ! 259: \subsubsection* {Tabular Variables} ! 260: To retrieve the value of an object occurring in a table, ! 261: there are also two methods. ! 262: ! 263: First, ! 264: you can simply put the instance identifier inside an array reference, ! 265: e.g., ! 266: \begin{quote}\small\begin{verbatim} ! 267: ifDescr[1] ! 268: \end{verbatim}\end{quote} ! 269: which is equivalent to an SNMP get operation on the variable ! 270: \begin{quote}\small\begin{verbatim} ! 271: ifDescr.1 ! 272: \end{verbatim}\end{quote} ! 273: or ! 274: \begin{quote}\small\begin{verbatim} ! 275: ipRouteNextHop["10.0.0.0"] ! 276: \end{verbatim}\end{quote} ! 277: which is equivalent to an SNMP get operation on the variable ! 278: \begin{quote}\small\begin{verbatim} ! 279: ipRouteNextHop.10.0.0.0 ! 280: \end{verbatim}\end{quote} ! 281: This is called the ``subscript notation''. ! 282: ! 283: Note that care should be taken to make sure that the subscript doesn't look ! 284: like a floating-point number to \pgm{gawk}. ! 285: These are all the same, valid, references: ! 286: \begin{quote}\small\begin{verbatim} ! 287: ipRouteNextHop[10,0,0,0] ! 288: ipRouteNextHop["10.0.0.0"] ! 289: \end{verbatim}\end{quote} ! 290: In contrast, ! 291: this is a bogus reference: ! 292: \begin{quote}\small\begin{verbatim} ! 293: ipRouteNextHop[10.0.0.0] ! 294: \end{verbatim}\end{quote} ! 295: ! 296: Second, ! 297: you can traverse the table (referred to as ``walking the tree''). ! 298: This is done with the \verb"for-in" construct, e.g., ! 299: \begin{quote}\small\begin{verbatim} ! 300: for (i in ipRouteDest) { ! 301: printf "route to %s from %s\n", ! 302: ipRouteDest, ipRouteNextHop; ! 303: } ! 304: \end{verbatim}\end{quote} ! 305: which says to traverse the table containing the object \verb"ipRouteDest". ! 306: The for-loop body will be executed once for each row of the table; ! 307: for each iteration, ! 308: the control variable will be assigned the value of the instance-identifier for ! 309: that row ({\bf not\/} the value of the column in that row). ! 310: This allows you to reference other parts of the MIB using the same ! 311: instance-identifier, e.g., ! 312: \begin{quote}\small\begin{verbatim} ! 313: for (i in ipRouteDest) { ! 314: printf "ipRoutingTable[%s]: to %s from %s\n", ! 315: i, ipRouteDest, ipRouteNextHop; ! 316: } ! 317: \end{verbatim}\end{quote} ! 318: ! 319: The \verb"for-in" construct retrieves a row of a table using a single powerful ! 320: SNMP get-next operator. ! 321: If a particular column is unsupported by the agent, ! 322: then referencing the corresponding variable will return the empty string. ! 323: Note that within the for-loop body, ! 324: repeated references to a column of a table will not result in additional SNMP ! 325: operations. ! 326: If, for some reason, you want to force a refresh of the variable's value, ! 327: use the subscript notation, e.g., ! 328: \begin{quote}\small\begin{verbatim} ! 329: for (i in ipRouteDest) { ! 330: printf "route to %s from %s\n", ! 331: ipRouteDest, ipRouteNextHop[i]; ! 332: } ! 333: \end{verbatim}\end{quote} ! 334: which causes each iteration to use the powerful SNMP get-next operation ! 335: to bind values to each column in the \verb"ipRoutingTable", ! 336: and the corresponding instance-identifier is assigned to \verb"i". ! 337: Then, ! 338: when the \verb"printf" statement is executed, ! 339: a separate SNMP get operation will be used to supply a (possibly) new value ! 340: for \verb"ipRouteNextHop". ! 341: Usually, ! 342: you use the subscript notation when you want to look at a variable in another ! 343: table, e.g., ! 344: \begin{quote}\small\begin{verbatim} ! 345: for (i in ipRouteDest) { ! 346: printf "route to %s from %s on %s (interface #%d)\n", ! 347: ipRouteDest, ipRouteNextHop,; ! 348: ifDescr[ipRouteIfIndex], ipRouteIfIndex; ! 349: } ! 350: \end{verbatim}\end{quote} ! 351: which causes each iteration to perform the powerful SNMP get-next operation ! 352: being to bind values to each column in the \verb"ipRoutingTable", ! 353: and the corresponding instance-identifier is assigned to \verb"i". ! 354: Then, ! 355: when the \verb"printf" statement is executed, ! 356: a separate SNMP get operation will be used to supply the corresponding value ! 357: of \verb"ifDescr". ! 358: ! 359: Of course, ! 360: there's always the question of dealing with agents which may not support the ! 361: table or when an error occurs. ! 362: Usually, the following code fragment is sufficient: ! 363: \begin{quote}\small\begin{verbatim} ! 364: didone = 0; ! 365: for (i in tabularVariable) { ! 366: didone = 1; ! 367: ! 368: # handle one row of the table here... ! 369: } ! 370: if (didone == 0) { ! 371: if (DIAGNOSTIC) { ! 372: # handle table error here... ! 373: } ! 374: else { ! 375: # handle empty table here... ! 376: } ! 377: } ! 378: else ! 379: if (DIAGNOSTIC) { ! 380: # handle partial table here... ! 381: } ! 382: \end{verbatim}\end{quote} ! 383: Finding an empty or partial table is often unimportant, ! 384: so the boilerplate usually is: ! 385: \begin{quote}\small\begin{verbatim} ! 386: didone = 0; ! 387: for (i in tabularVariable) { ! 388: didone = 1; ! 389: ! 390: # handle one row of the table here... ! 391: } ! 392: if (!didone && DIAGNOSTIC) ! 393: printf "table: %s\n", DIAGNOSTIC; ! 394: \end{verbatim}\end{quote} ! 395: ! 396: \subsubsection* {Non-tabular variables (revisited)} ! 397: If you are accessing a lot of non-tabular variables sharing a common parent ! 398: (e.g., within the \verb"system" group), ! 399: you can use the \verb"for-in" construct to walk this degenerate tree, ! 400: e.g., ! 401: \begin{quote}\small\begin{verbatim} ! 402: for (i in sysDescr) { ! 403: # this for-loop is executed at most once... ! 404: } ! 405: \end{verbatim}\end{quote} ! 406: will cause all the non-tabular variables having the same immediate parent as ! 407: \verb"sysDescr" to be retrieved in a single SNMP operation, ! 408: and the corresponding instance-identifier (i.e., \verb"0") is assigned to ! 409: \verb"i". ! 410: ! 411: This syntax is used only for optimization of network traffic. ! 412: ! 413: \subsubsection* {Illegal References} ! 414: If you do not use the subscript notation, ! 415: then it is illegal to reference a tabular variable outside of a \verb"for-in" ! 416: loop. ! 417: This causes a fatal error in a \pgm{gawk} script. ! 418: ! 419: Further, ! 420: it is illegal to use an SNMP variable as an ``lvalue''. ! 421: ! 422: Finally, ! 423: non-leaf variables, ! 424: (e.g., \verb"ifTable") are not recognized by the \pgm{gawk} front-end as being ! 425: accessible via the SNMP. ! 426: These are treated as ordinary \pgm{gawk} variables without any SNMP semantics. ! 427: ! 428: \subsection* {Data typing} ! 429: The \pgm{gawk} program has two kinds of data types: numbers and strings. ! 430: When mapping MIB objects to these data types, ! 431: the following conventions are used: ! 432: \[\begin{tabular}{|r|l|l|l|} ! 433: \hline ! 434: \multicolumn{1}{|c|}{\bf Syntax}& ! 435: \multicolumn{1}{c|}{\bf Type}& ! 436: \multicolumn{1}{c|}{\bf Format}\\ ! 437: \hline ! 438: INTEGER& number& \\ ! 439: OCTET STRING& string& \verb|"%02x: ... : %02x"|\\ ! 440: DisplayString& string& \\ ! 441: OBJECT IDENTIFIER& string& \verb|"%u. ... .%u"|\\ ! 442: NULL& string& \verb|"NULL"|\\ ! 443: IpAddress& string& \verb|"a.b.c.d"|\\ ! 444: NetworkAddress& string& \verb|"a.b.c.d"|\\ ! 445: Counter& number& \\ ! 446: Gauge& number& \\ ! 447: TimeTicks& number& \\ ! 448: ClnpAddress& string& \verb|"%02x: ... : %02x"|\\ ! 449: \hline ! 450: \end{tabular}\] ! 451: ! 452: \subsection* {Modifications to gawk} ! 453: The functional changes to \pgm{gawk} are quite straight-forward: ! 454: ! 455: \subsubsection* {Switches} ! 456: The \switch"s" turns on SNMP debugging to level 1, ! 457: whilst the \switch"S" turns on SNMP debugging to level 2. ! 458: ! 459: At level~1 debugging and above, ! 460: exceptional events are reported to the diagnostic output. ! 461: At level~2 debugging and above, ! 462: SNMP PDUs are logged to the standard output. ! 463: For any debugging activity to occur, ! 464: the \file{snmp.c} module in \pgm{gawk} must be compiled with \verb"-DDEBUG". ! 465: ! 466: \subsubsection* {Variables} ! 467: There are a few built-in, read-write variables added: ! 468: \begin{small} ! 469: \[\begin{tabular}{|r|l|l|l|} ! 470: \hline ! 471: \multicolumn{1}{|c|}{\bf Variable}& ! 472: \multicolumn{1}{|c|}{\bf Type}& ! 473: \multicolumn{1}{|c|}{\bf Value of}& ! 474: \multicolumn{1}{|c|}{\bf Default}\\ ! 475: \hline ! 476: \smaller AGENT& string& SNMP agent name or address& localhost\\ ! 477: \smaller COMMUNITY& string& SNMP community name& public\\ ! 478: \smaller DIAGNOSTIC& string& last thing to go wrong& \\ ! 479: \smaller ERROR& number& last SNMP error status& \\ ! 480: \smaller RETRIES& number& times to retry SNMP operation& 3\\ ! 481: \smaller TIMEOUT& number& seconds between retries& 10\\ ! 482: \hline ! 483: \end{tabular}\]\normalsize ! 484: The \verb"DIAGNOSTIC" and \verb"ERROR" variables are set after each SNMP ! 485: operation. ! 486: If no error occurs, ! 487: then \verb"DIAGNOSTIC" variable is set to the empty string, ! 488: and \verb"ERROR" varaible is set to \verb"0". ! 489: \end{small} ! 490: ! 491: \subsubsection* {Functions} ! 492: There are a few built-in functions added: ! 493: \begin{itemize} ! 494: \item The \verb"bitwise_and(i,j)" function returns the bit-wise AND of the ! 495: two unsigned long quantities, \verb"i" and \verb"j". ! 496: ! 497: \item The \verb"bitwise_or(i,j)" function returns the bit-wise OR of the ! 498: two unsigned long quantities, \verb"i" and \verb"j". ! 499: \end{itemize} ! 500: ! 501: \subsection* {An Example} ! 502: After installing the SNMP-capable \pgm{gawk}, ! 503: the \file{READ-ME-FIRST} file describes how to install \pgm{s-netstat}, ! 504: a program which provides the functionality of \pgm{netstat} using the SNMP ! 505: rather than reading \file{/dev/kmem}. ! 506: This script and associated \pgm{gawk} scripts is an excellent example of how ! 507: the new \pgm{gawk} can be used to prototype new management applications. ! 508: ! 509: \end{document}
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.