25.8 Management Information Base (Continued)

Previous page
Table of content
Next page

25.8 Management Information Base (Continued)

We now return to the description of the MIB. We describe only the following groups: system (system identification), if (interfaces), at (address translation), ip, icmp, and tcp. Additional groups are defined.

system Group

The system group is simple; it consists of seven simple variables (i.e., no tables). Figure 25.16 shows their names , data types, and descriptions.

Figure 25.16. Simple variables in system group.
graphics/25fig16.gif

We can query the router netb for some of these variables: 

 sun %  snmpi -a netb -c secret  snmpi>  get sysDescr.0 sysObjectID.0 sysUpTime.0 sysServices.0  sysDescr.0="Epilogue Technology SNMP agent for Telebit NetBlazer"    sysObjectID.0=1.3.6.1.4.1.12.42.3.1    sysUpTime.0=22 days, 11 hours, 23 minutes, 2 seconds (194178200 timeticks)    sysServices.0=0xc<internet,transport>

The system's object identifier is in the internet.private. enterprises group (1.3.6.1.4.1) from Figure 25.6. From the Assigned Numbers RFC we can determine that the next object identifier (12) is assigned to the vendor (Epilogue).

We can also see that the sysServices variable is the sum of 4 and 8: this element supports the Internet layer (i.e., routing) and the transport layer (i.e., end-to-end).

interface Group

Only one simple variable is defined for this group: the number of interfaces on the system, shown in Figure 25.17.

Figure 25.17. Simple variable in if group.
graphics/25fig17.gif

This group also defines a table with 22 columns . Each row of the table defines the characteristics for each interface, as shown in Figure 25.18.

Figure 25.18. Variables in interface table: ifTable.
graphics/25fig18.gif

We can query the host sun for some of these variables for all its interfaces. We expect to find three interfaces, as in Section 3.8, if the SLIP interface is up: 

 sun  % snmpi -a sun  snmpi>  next ifTable   first see what index of first interface is  ifIndex.1=1     snmpi>  get ifDescr.1 ifType.1 ifMtu.1 ifSpeed.1 ifPhysAddress.1  ifDescr.1="le0"     ifType.1=ethernet-csmacd(6)     ifMtu.1=1500     ifSpeed.1=10000000     ifPhysAddress.1=0x08:00:20:03:f6:42     snmpi>  next ifDescr.1 ifType.1 ifMtu.1 ifSpeed.1 ifPhysAddress.1  ifDescr.2="sl0"     ifType.2=propPointToPointSerial(22)     ifMtu.2=552     ifSpeed.2=0     ifPhysAddress.2=0x00:00:00:00:00:00     snmpi>  next ifDescr.2 ifType.2 ifMtu.2 ifSpeed.2 ifPhysAddress.2  ifDescr.3="lo0"     ifType.3=softwareLoopback(24)     ifMtu.3=1536     ifSpeed.3=0     ifPhysAddress.3=0x00:00:00:00:00:00

We first get five variables for the first interface using the get operator, and then get the same five variables for the second interface using the get-next operator. The last command gets these same five variables for the third interface, again using the get-next command.

The interface type for the SLIP link is reported as proprietary point-to-point serial, not SLIP. Also, the speed of the SLIP link is not reported .

It is critical to understand the relationship between the get-next operator and the column-row ordering. When we say next ifDescr.1 it returns the next row of the table for this variable, not the next variable in the same row. If tables were stored in a row-column order instead, we wouldn't be able to step to the next occurrence of a given variable this way.

at Group

The address translation group is mandatory for all systems, but was deprecated by MIB-II. Starting with MIB-II, each network protocol group (e.g., IP) contains its own address translation tables. For IP it is the ipNetToMediaTable.

Only a single table with three columns is defined for the at group, shown in Figure 25.19.

Figure 25.19. Address translation table: atTable.
graphics/25fig19.gif

We can use a new command within the snmpi program to dump an entire table. We'll query the router named kinetics (which routes between a TCP/IP network and an AppleTalk network) for its entire ARP cache. This output reiterates the lexicographic ordering of the entries in the table: 

 sun  % snmpi -a kinetics -c secret dump at  atIfIndex.1.1.140.252.1.4=1     atIfIndex.1.1.140.252.1.22=1     atIfIndex.1.1.140.252.1.183=1     atIfIndex.2.1.140.252.6.4=2     atIfIndex.2.1.140.252.6.6=2     atPhysAddress.1.1.140.252.1.4=0xaa:00:04:00:f4:14     atPhysAddress.1.1.140.252.1.22=0x08:00:20:0f:2d:38     atPhysAddress.1.1.140.252.1.183=0x00:80:ad:03:6a:80     atPhysAddress.2.1.140.252.6.4=0x00:02:16:48     atPhysAddress.2.1.140.252.6.6=0x00:02:3c:48     atNetAddress.1.1.140.252.1.4=140.252.1.4     atNetAddress.1.1.140.252.1.22=140.252.1.22     atNetAddress.1.1.140.252.1.183=140.252.1.183     atNetAddress.2.1.140.252.6.4=140.252.6.4     atNetAddress.2.1.140.252.6.6=140.252.6.6

If we watch the packet exchange using tcpdump, when snmpi dumps an entire table it first issues a get-next for the table name ( at in this example) to get the first entry. It prints the first entry and issues another get-next. This continues until the entire table has been dumped.

Figure 25.20 shows the arrangement of this table.

Figure 25.20. Example of at table (ARP cache).
graphics/25fig20.gif

The AppleTalk physical addresses on interface number 2 are 32-bit values, not the 48-bit Ethernet addresses to which we're accustomed. Also note that an entry exists for our router ( netb at 140.252.1.183), which we expect, since kinetics and netb are on the same Ethernet (140.252.1) and kinetics must use ARP to send the SNMP responses back to us.

ip Group

The ip group defines numerous variables and three tables. Figure 25.21 defines the simple variables.

Figure 25.21. Simple variables in ip group.
graphics/25fig21.gif

The first table in the ip group is the IP address table. It contains one row for each IP address on the system. Each row contains five variables, described in Figure 25.22.

Figure 25.22. IP address table: ipAddrTable.
graphics/25fig22.gif

We can query the host sun for its entire IP address table: 

 sun %  snmpi -a sun dump ipAddrTable  ipAdEntAddr.127.0.0.1=127.0.0.1     ipAdEntAddr.140.252.1.29=140.252.1.29     ipAdEntAddr.140.252.13.33=140.252.13.33     ipAdEntIfIndex.127.0.0.1=3  loopback interface,  lo0     ipAdEntIfIndex.140.252.1.29=2  SLIP interface,  sl0     ipAdEntIfIndex.140.252.13.33=1  Ethernet interface,  le0     ipAdEntNetMask.127.0.0.1=255.0.0.0     ipAdEntNetMask.140.252.1.29=255.255.255.0     ipAdEntNetMask.140.252.13.33=255.255.255.224     ipAdEntBcastAddr.127.0.0.1=1  all three use one bits for broadcast  ipAdEntBcastAddr.140.252.1.29=1     ipAdEntBcastAddr.140.252.13.33=1     ipAdEntReasmMaxSize.127.0.0.1=65535     ipAdEntReasmMaxSize.140.252.1.29=65535     ipAdEntReasmMaxSize.140.252.13.33=65535

The interface numbers can be compared with the output following Figure 25.18, and the IP addresses and subnet masks can be compared with the values output by the ifconfig command in Section 3.8.

The next table, Figure 25.23, is the IP routing table. (Recall our description of routing tables in Section 9.2.) The index used to access each row of the table is the destination IP address.

Figure 25.23. IP routing table: ipRouteTable.
graphics/25fig23.gif

Figure 25.24 is the IP routing table on the host sun obtained with the dump ipRouteTable command using snmpi. We have deleted all five of the routing metrics, since they are all -1. In the column headings we've also removed the prefix ipRoute from each variable name.

Figure 25.24. IP routing table for the router sun.
graphics/25fig24.gif

For comparison, here is the IP routing table in the format output by netstat (which we discussed in Section 9.2). Figure 25.24 is lexicographically ordered, unlike the netstat output: 

 sun  % netstat -rn  Routing tables     Destination         Gateway             Flags    Refcnt Use        Interface     140.252.13.65       140.252.13.35       UGH      0      115        le0     127.0.0.1           127.0.0.1           UH       1      1107       lo0     140.252.1.183       140.252.1.29        UH       0      86         sl0     default             140.252.1.183       UG       2      1628       sl0     140.252.13.32       140.252.13.33       U        8      68359      le0

The final table in the ip group is the address translation table, Figure 25.25. As we said earlier, the at group is now deprecated, and this IP table replaces it.

Figure 25.25. IP address translation table: ipNetToMediaTable.
graphics/25fig25.gif

Here is the ARP cache on the system sun: 

 sun %  arp -a  Svr4 (140.252.13.34) at 0:0:c0:c2:9b:26     bsdi (140.252.13.35) at 0:0:c0:6f:2d:40

and the corresponding SNMP output: 

 sun  % snmpi -a sun dump ipNetToMediaTable  ipNetToMediaIfIndex.1.140.252.13.34=1     ipNetToMediaIfIndex.1.140.252.13.35=1     ipNetToMediaPhysAddress.1.140.252.13.34=0x00:00:c0:c2:9b:26     ipNetToMediaPhysAddress.1.140.252.13.35=0x00:00:c0:6f:2d:40     ipNetToMediaNetAddress.1.140.252.13.34=140.252.13.34     ipNetToMediaNetAddress.1.140.252.13.35=140.252.13.35     ipNetToMediaType.1.140.252.13.34=dynamic(3)     ipNetToMediaType.1.140.252.13.35=dynamic(3)

icmp Group

The icmp group consists of four general counters (total number of input and output ICMP messages, and number of input and output ICMP messages with errors) and 22 counters for the different ICMP message types: 11 input counters and 11 output counters. These are shown in Figure 25.26.

Figure 25.26. Simple variables in icmp group.
graphics/25fig26.gif

For the ICMP messages with additional codes (recall from Figure 6.3 that there are 16 different codes for destination unreachable), a separate counter is not maintained by SNMP for each code.

tcp Group

Figure 25.27 describes the simple variables in the tcp group. Many of these refer to the TCP states that we showed in Figure 18.12.

Figure 25.27. Simple variables in tcp group.
graphics/25fig27.gif

We can query some of these variables on the system sun: 

 sun %  snmpi  -  a sun  snmpi>  get tcpRtoAlgorithm.0 tcpRtoMin.0 tcpRtoMax.0 tcpMaxConn.0  tcpRtoAlgorithm.0=vanj(4)     tcpRtoMin.0=200     tcpRtoMax.0=12800     tcpMaxConn.0=-1

This system (SunOS 4.1.3) uses the Van Jacobson retransmission timeout algorithm, uses timeouts between 200 ms and 12.8 seconds, and has no fixed limit on the number of TCP connections. (This upper limit of 12.8 seconds appears wrong, since most implementations use an upper limit of 64 seconds, as we saw in Chapter 21.)

The tcp group has a single table, the TCP connection table, shown in Figure 25.28. This contains one row for each connection. Each row contains five variables: the state of the connection, local IP address, local port number, remote IP address, and remote port number.

Figure 25.28. TCP connection table: tcpConnTable.
graphics/25fig28.gif

Let's look at this table on the system sun. We show only a portion of the table, since there are many servers listening for connections. Before dumping this table two TCP connections were established: 

 sun %  rlogin gemini   IP address of  gemini  is 140.252.1.11

and 

 sun %  telnet localhost   IP address should be 127.0.0.1

The only listening server that we show is the FTP server, on port 21: 

 sun %  snmpi -a sun dump tcpConnTable  tcpConnState.0.0.0.0.21.0.0.0.0.0=listen(2)     tcpConnState.127.0.0.1.23.127.0.0.1.1415=established(5)     tcpConnState.127.0.0.1.1415.127.0.0.1.23=established(5)     tcpConnState.140.252.1.29.1023.140.252.1.11.513=established(5)     tcpConnLocalAddress.0.0.0.0.21.0.0.0.0.0=0.0.0.0     tcpConnLocalAddress.127.0.0.1.23.127.0.0.1.1415=127.0.0.1     tcpConnLocalAddress.127.0.0.1.1415.127.0.0.1.23=127.0.0.1     tcpConnLocalAddress.140.252.1.29.1023.140.252.1.11.513=140.252.1.29     tcpConnLocalPort.0.0.0.0.21.0.0.0.0.0=21     tcpConnLocalPort.127.0.0.1.23.127.0.0.1.1415=23     tcpConnLocalPort.127.0.0.1.1415.127.0.0.1.23=1415     tcpConnLocalPort.140.252.1.29.1023.140.252.1.11.513=1023     tcpConnRemAddress.0.0.0.0.21.0.0.0.0.0=0.0.0.0     tcpConnRemAddress.127.0.0.1.23.127.0.0.1.1415=127.0.0.1     tcpConnRemAddress.127.0.0.1.1415.127.0.0.1.23=127.0.0.1     tcpConnRemAddress.140.252.1.29.1023.140.252.1.11.513=140.252.1.11     tcpConnRemPort.0.0.0.0.21.0.0.0.0.0=0     tcpConnRemPort.127.0.0.1.23.127.0.0.1.1415=1415     tcpConnRemPort.127.0.0.1.1415.127.0.0.1.23=23     tcpConnRemPort.140.252.1.29.1023.140.252.1.11.513=513

For the rlogin to gemini only one entry appears, since gemini is a different host. We only see the client end of the connection (local port 1023), but both ends of the Telnet connection appear (client port 1415 and server port 23), since the connection is through the loopback interface. We can also see that the listening FTP server has a local IP address of 0.0.0.0, indicating it will accept connections on any interface.


Previous page
Table of content
Next page
TCP.IP Illustrated, Volume 1. The Protocols
TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series)
ISBN: 0201633469
EAN: 2147483647
Year: 1993
Pages: 378
Authors: W. Richard Stevens
BUY ON AMAZON
Adobe After Effects 7.0 Studio Techniques
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
MySQL Clustering
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy