当前位置: 首页 > 工具软件 > MIB Smithy > 使用案例 >

标准mib2解析

申屠乐池
2023-12-01

一、管理信息库具体语义(以系统组和接口组为例)

系统组:

MIB对象
SystemGroup
SysDescr:系统描述
SysObject ID: 标识一个设备
SysUptime:系统已经运行的时间
SysContact:管理者联系人
SysName:
SysLocation:物理安装地点
SysServices:说明设备服务的ISO层次 00000110表示设备服务在第2和3层
MIB对象
InterfaceGroup
ifDescr:接口描述
ifType:接口类型
ifMTU:该接口可以发送或接收的最大数据报的大小
ifSpee:接口速率 单位bps
ifPhysAddress:接口物理地址
ifAdminStatus:接口管理状态 1up, 2down, 3test
ifOperStatus:接口实际状态 1up, 2down, 3test

以上两个变量决定了接口的工作状态: 1-1:正常运行;2-1:失败;2-2:管理上已经关闭;3-3:测试模式,其它任何组合都是非法的,表示代理出现了问题
ifLastChange:接口进入运行状态时的sysuptime
MIB对象
InterfaceGroup
ifInOctes:接收字节数
ifInUcastPkts:接收单播数据包数
ifInNUcastPkts:接收非单播数据包数
ifInDiscards:接收时丢弃的数据包数
ifInErrors:接收时错误的数据包数
ifInUnknownProtos:接收的未知协议数据包数

ifOutQLen输出队列中的所有包数
MIB对象
Total Input Packts = ifInUcastPkts + ifInNNucastPkts
Percent Input Errors= ifInErrors/TotalInputPackts
Percent Input Discards= ifInDiscards/TotalInputPackts
MIB对象
IP Group
ipForwarding:设备是否转发数据包1是, 2否
ipInreceives:接收的IP包数量
ipInHdrErrors:接收头出错的包数量
ipInAddrErrors:接收地址出错的包数量
ipForwDatagrams:转发的IP包数量
ipInUnknownProtos:未知协议
ipInDiscards:丢弃的包数量
Percent IP Input Errors=(Disards+HdrErrors+AddrErros)/Inreceives
MIB对象
ipInDelivers:交给设备高层处理的包数量
ipOutRequests:设备高层发出的包数量
ipOutNoRoutes:无法找到路由丢弃的包
ipAddressTable设备接口IP地址表
ipRoutingTable路由表
MIB对象
ICMP组
icmpInMsgs/icmpOutMsgs
icmpInErros/icmpOutErrors
SNMP组
总结
网络管理系统
网络管理概述
TCP/IP网络管理体系结构
SNMP网络管理协议
管理信息库(MIB)
实验
Linux下的ucd-snmp
http://net-snmp.sourceforge.net/
202.38.96.184
public

SNMPv1规定了7种陷入条件: 1) coldStart:发送实体重新初始化,代理配置已改变,通常由于系统失效引起;例如机器重启。
2) warmStart:发送实体重新初始化,代理配置没有改变,正常重新启动引起; 例如代理重启。
3) linkDown:链路失效通知,变量绑定表的第一项指明对应接口表的索引变量及其值;例如某一网线脱落
4) linkUp:链路启动通知变量绑定表的第一项指明对应接口表的索引变量及其值;例如某一网线重新插入
5) authenticationFailure:发送实体收到一个没有通过认证的报文; 例如用错误的团体号去连代理
6) egpNeighborLoss:相邻的外部路由器失效或关机;
7) enterpriseSpecific:设备制造商定义的陷入条件,在特殊陷入字段指明具体的陷入类型。 

 

二、远程网络监视(RMON):可以采用图示和例子方式讲解

 

0 RMON并没有改变SNMP的协议和结构,仅仅引进了一些MIB和侦听统计的管理模式

1 提供网络整体统计信息:错误统计,性能统计

2 网络监视器(网络探测器,分析器):一般每一个子网一个监视器,这个监视器可以为单独的设备,也可以由具有其它任务的设备如工作站,服务器或路由器来进行。常见为UNIX主机或者路由器、交换机等附带功能。

3 大量表格:(1)丰富了表格操作;(2)建立了控制表和数据表的双表结构;(3)表格反映了一个RMON MIB定义。它定义了标准网络监视功能以及在管理控制台和远程监视器之间的通信接口。

4 RMON提供了一个有效而且高效的方法,它可以在降低其它代理和管理站负载的情况下监视子网的行为。考虑SNIFF操作,并没有引起网络开销,但可以进行网络行为统计


5 RMON设计目标:(1)脱线操作:监视器可以自主工作,不断地收集统计信息,并不引起网管流量,知道管理站查询时才上报或者在某些异常情况出现时主动上报;(2)抢先监视:监视器可以主动进行网络诊断,并在某些异常情况出现时主动上报;问题检测和汇报:被动地(不用查询,仅靠侦听)识别网络故障情况;增值数据:监视器可以对收集到的数据进行增值处理,从而减轻管理站的负担;多管理站支持。

6 为了有效地管理监视器,RMON MIB中提供了对来自管理站的各种控制命令的支持。主要有配置和动作发动。(1)配置:管理站需要对RMON进行数据收集配置,告诉它需要收集的数据类型和形式。这些配置以配置表格的形式实现。RMON MIB被组织为几个组,每个组可能有一个或多个控制表和一个或多个数据表。控制表一般可读可写,它包含描述数据表中数据的参数,而数据表一般为只读。管理站设置合适的控制表(控制参数)来配置远程监视器使其收集所需要的数据。通过在控制表上增加一个新行或者更改已有的一行来设置参数。监视器按照控制表中每行的控制参数收集信息,并存放在相应的数据表中。为了将控制表中的控制行和数据表中的数据行关联,一般在控制表中有一个索引对象,使用该索引对象可以访问数据表中一行或者多行,只需用控制行的索引对象值作为关键字在数据表中查找相应行即可。(2)动作发动:借助于SET命令来完成动作设置和执行。

7 表管理:增加或者删除表中行,对SNMPv1中的增强。(1)两个新的数据类型:

OwnerString ::=DisplayString

EntryStatus ::=INTEGER {

Valid(1),

CreateRequest(2),

UnderCreation(3),

Invalid(4) }

在RMON MIB中,在每一个可读写(控制表中)中有一个列对象(属性)类型为OwnerString,指定那一行的所有者,该变量名以Owner结尾。同时,还有另一个属性,类型为EntryStatus,该属性用于创建,修改和删除行,该变量名以Status结尾。

行增加:管理站通过一个SetRequest操作来完成。参数为全部或主要属性及其值,OID部分不仅包括属性OID,而且包括所以对象值。该行状态变化:createRequest---underCreation---valid,主要为考虑到多管理站的存在。

行删除:管理站通过一个SetRequest操作来完成,参数为行参数对象设置为无效即可。

 

8 RMON MIB:共分为9组:统计、历史、警报、主机、最高N台主机、矩阵、过滤、包捕获、事件等。RFC 1271定义,RFC1271其实就是一个MIB定义。

RFC1271-MIB DEFINITIONS ::= BEGIN

 

IMPORTS

Counter FROM RFC1155-SMI

DisplayString FROM RFC1158-MIB

mib-2 FROM RFC1213-MIB

OBJECT-TYPE FROM RFC-1212;

 

-- This MIB module uses the extended OBJECT-TYPE macro as

-- defined in [9].

 

-- Remote Network Monitoring MIB

 

rmon OBJECT IDENTIFIER ::= { mib-2 16 }

 

-- textual conventions

 

OwnerString ::= DisplayString

-- This data type is used to model an administratively

-- assigned name of the owner of a resource. This

-- information is taken from the NVT ASCII character set.

-- It is suggested that this name contain one or more

-- of the following:

-- IP address, management station name, network manager's

-- name, location, or phone number.

-- In some cases the agent itself will be the owner of

-- an entry. In these cases, this string shall be set

-- to a string starting with 'monitor'.

--

-- SNMP access control is articulated entirely in terms of

-- the contents of MIB views; access to a particular SNMP

-- object instance depends only upon its presence or

-- absence in a particular MIB view and never upon its

-- value or the value of related object instances. Thus,

-- objects of this type afford resolution of resource

-- contention only among cooperating managers; they

-- realize no access control function with respect

-- to uncooperative parties.

--

-- By convention, objects with this syntax are declared

-- as having

--

-- SIZE (0..127)

 

EntryStatus ::= INTEGER

{ valid(1),

createRequest(2),

underCreation(3),

invalid(4)

}

 

-- The status of a table entry.

--

-- Setting this object to the value invalid(4) has the

-- effect of invalidating the corresponding entry.

-- That is, it effectively disassociates the mapping

-- identified with said entry.

-- It is an implementation-specific matter as to whether

-- the agent removes an invalidated entry from the table.

-- Accordingly, management stations must be prepared to

-- receive tabular information from agents that corresponds

-- to entries currently not in use. Proper

-- interpretation of such entries requires examination

-- of the relevant EntryStatus object.

--

-- An existing instance of this object cannot be set to

-- createRequest(2). This object may only be set to

-- createRequest(2) when this instance is created. When

-- this object is created, the agent may wish to create

-- supplemental object instances to complete a conceptual

-- row in this table. Immediately after completing the

-- create operation, the agent must set this object to

-- underCreation(3).

--

-- Entries shall exist in the underCreation(3) state until

-- the management station is finished configuring the

-- entry and sets this object to valid(1) or aborts,

-- setting this object to invalid(4). If the agent

-- determines that an entry has been in the

-- underCreation(3) state for an abnormally long time,

-- it may decide that the management station has

-- crashed. If the agent makes this decision,

-- it may set this object to invalid(4) to reclaim the

-- entry. A prudent agent will understand that the

-- management station may need to wait for human input

-- and will allow for that possibility in its

-- determination of this abnormally long period.

 

statistics OBJECT IDENTIFIER ::= { rmon 1 }

history OBJECT IDENTIFIER ::= { rmon 2 }

alarm OBJECT IDENTIFIER ::= { rmon 3 }

hosts OBJECT IDENTIFIER ::= { rmon 4 }

hostTopN OBJECT IDENTIFIER ::= { rmon 5 }

matrix OBJECT IDENTIFIER ::= { rmon 6 }

filter OBJECT IDENTIFIER ::= { rmon 7 }

capture OBJECT IDENTIFIER ::= { rmon 8 }

event OBJECT IDENTIFIER ::= { rmon 9 }

 

(1) 统计组:包含对每个监视子网的基本统计信息。控制表和数据表合二为一(一一对应:一行控制参数只收集一行数据)。

EtherStatsEntry ::= SEQUENCE {

etherStatsIndex INTEGER (1..65535),

etherStatsDataSource OBJECT IDENTIFIER,

etherStatsDropEvents Counter,

etherStatsOctets Counter,

etherStatsPkts Counter,

etherStatsBroadcastPkts Counter,

etherStatsMulticastPkts Counter,

etherStatsCRCAlignErrors Counter,

etherStatsUndersizePkts Counter,

etherStatsOversizePkts Counter,

etherStatsFragments Counter,

etherStatsJabbers Counter,

etherStatsCollisions Counter,

etherStatsPkts64Octets Counter,

etherStatsPkts65to127Octets Counter,

etherStatsPkts128to255Octets Counter,

etherStatsPkts256to511Octets Counter,

etherStatsPkts512to1023Octets Counter,

etherStatsPkts1024to1518Octets Counter,

etherStatsOwner OwnerString,

etherStatsStatus INTEGER

}

(2) 历史组:用于定义一个或多个监视器接口的采样功能。由两个表组成:

-- The History Group

 

-- Implementation of the History group is optional.

--

-- The history group records periodic statistical samples from

-- a network and stores them for later retrieval. The

-- historyControl table stores configuration entries that each

-- define an interface, polling period, and other parameters.

-- Once samples are taken, their data is stored in an entry

-- in a media-specific table. Each such entry defines one

-- sample, and is associated with the historyControlEntry that

-- caused the sample to be taken. Currently the only media-

-- specific table defined is the etherHistoryTable, for

-- Ethernet networks.

--

-- If the probe keeps track of the time of day, it should

-- start the first sample of the history at a time such that

-- when the next hour of the day begins, a sample is

-- started at that instant. This tends to make more

-- user-friendly reports, and enables comparison of reports

-- from different probes that have relatively accurate time

-- of day.

--

-- The monitor is encouraged to add two history control entries

-- per monitored interface upon initialization that describe

-- a short term and a long term polling period. Suggested

-- parameters are 30 seconds for the short term polling

-- period and 30 minutes for the long term period.

 

historyControlTable:每一行定义了一个对特定接口以特定采样间隔采样的功能。

historyControlTable OBJECT-TYPE

SYNTAX SEQUENCE OF HistoryControlEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION

"A list of history control entries."

::= { history 1 }

 

historyControlEntry OBJECT-TYPE

SYNTAX HistoryControlEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION

"A list of parameters that set up a periodic

sampling of statistics."

INDEX { historyControlIndex }

::= { historyControlTable 1 }

 

HistoryControlEntry ::= SEQUENCE {

historyControlIndex INTEGER (1..65535),

historyControlDataSource OBJECT IDENTIFIER,

historyControlBucketsRequested INTEGER (1..65535),

historyControlBucketsGranted INTEGER (1..65535),

historyControlInterval INTEGER (1..3600),

historyControlOwner OwnerString,

historyControlStatus INTEGER

}

historyControlIndex OBJECT-TYPE

SYNTAX INTEGER (1..65535)

ACCESS read-only

STATUS mandatory

DESCRIPTION

"An index that uniquely identifies an entry in the

historyControl table. Each such entry defines a

set of samples at a particular interval for an

interface on the device."

::= { historyControlEntry 1 }

 

historyControlOwner OBJECT-TYPE

SYNTAX OwnerString

ACCESS read-write

STATUS mandatory

DESCRIPTION

"The entity that configured this entry and is therefore

using the resources assigned to it."

::= { historyControlEntry 6 }

 

historyControlStatus OBJECT-TYPE

SYNTAX EntryStatus

ACCESS read-write

STATUS mandatory

DESCRIPTION

"The status of this historyControl entry.

Each instance of the media-specific table associated

with this historyControlEntry will be deleted by the

agent if this historyControlEntry is not equal to

valid(1)."

::= { historyControlEntry 7 }

 

EtherHistoryTable:监视器以控制表中的采样间隔采样到的数据存储

-- Ether History table

 

etherHistoryTable OBJECT-TYPE

SYNTAX SEQUENCE OF EtherHistoryEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION

"A list of Ethernet history entries."

::= { history 2 }

 

etherHistoryEntry OBJECT-TYPE

SYNTAX EtherHistoryEntry

ACCESS not-accessible

STATUS mandatory

DESCRIPTION

"An historical sample of Ethernet statistics on a

particular Ethernet interface. This sample is

associated with the historyControlEntry which set

up the parameters for a regular collection of these

samples."

INDEX { etherHistoryIndex , etherHistorySampleIndex }

::= { etherHistoryTable 1 }

 

EtherHistoryEntry ::= SEQUENCE {

etherHistoryIndex INTEGER (1..65535),

etherHistorySampleIndex INTEGER,

etherHistoryIntervalStart TimeTicks,

etherHistoryDropEvents Counter,

etherHistoryOctets Counter,

etherHistoryPkts Counter,

etherHistoryBroadcastPkts Counter,

etherHistoryMulticastPkts Counter,

etherHistoryCRCAlignErrors Counter,

etherHistoryUndersizePkts Counter,

etherHistoryOversizePkts Counter,

etherHistoryFragments Counter,

etherHistoryJabbers Counter,

etherHistoryCollisions Counter,

etherHistoryUtilization INTEGER (0..10000)

}

etherHistoryIndex OBJECT-TYPE

SYNTAX INTEGER (1..65535)

ACCESS read-only

STATUS mandatory

DESCRIPTION

"The history of which this entry is a part. The

history identified by a particular value of this

index is the same history as identified

by the same value of historyControlIndex."

::= { etherHistoryEntry 1 }

etherHistorySampleIndex OBJECT-TYPE

SYNTAX INTEGER

ACCESS read-only

STATUS mandatory

DESCRIPTION

"An index that uniquely identifies the particular

sample this entry represents among all samples

associated with the same historyControlEntry.

This index starts at 1 and increases by one

as each new sample is taken."

::= { etherHistoryEntry 2 } ;与etherHistoryIndex结合作为数据表索引

 

两个表由historyControlIndex和etherHistoryIndex相关联,即两表中这两个属性值相等的行对应。结果为控制表中的一行对应于数据表中的一行或多行。

 

 类似资料: