Tutorial #23

  1. How would you request a router to return the actual values of the objects ipForwarding, icmpInEchoes and tcpMaxConn? Give solutions using each of the get and get-next commands. Use a command syntax of your choice, although the CMU SNMPlib syntax given in the lecture notes would be the most appropriate. Be sure to distinguish where instance values are used.

  2. Imagine you are building a network management system. You want to measure the workload of routers. Using what you know about SNMP, and MIB variables, how would you measure these loads? How would you expect to display "real time" information about router loads?

  3. The following is a diagrammatic view of portion of a table (ifTable) in the interfaces portion of the standard MIB, edited to fit the page. The table consists of a sequence of ifEntry elements. Values shown are from the router r-bgowan at Bendigo, which is nowadays used as a backup (over ISDN) to the microwave link to Bundoora.
    Table of interfaces
    1. Describe interface 3 on this router.

    2. Draw the OBJECT IDENTIFIER subtree, in "tree" format, in the region which defines the various ifSpeed entries. You might find it helpful to refer to your lecture notes for some useful information here.

    3. What would be the structure of an SNMP "get request" to discover the speed, in bps, of interface 1.

    4. What value would be returned by "get-next ...ifSpeed.2"?

  4. Why do SNMP proponents use the expression "powerful get-next"? In other words, what problem does the get-next operation solve very elegantly? How is it used?

  5. (Philosophical, but still practical, question) In this section of the unit, we have played pretty "fast and loose" with abbreviations of OBJECT IDENTIFIERs, eg "{system sysDescr}". Of course, in the "Real World™", we would normally have to be more careful to ensure that the software we were using was able to unambiguously fetch the variable we desired. How should SNMP software resolve such abbreviations, especially with numeric OBJECT IDENTIFIER strings? Hint: think of how Fully Qualified Domain Names (FQDNs) are specified, compared to abbreviated versions.

  6. (Philosophical question) What is the purpose of the SNMP portion of the MIB?

  7. (Extension Question) One interesting aspect of the ASN.1/BER is the way in which OBJECT IDENTIFIERS are encoded for transmission. In general, the integers which specify the OBJECT IDENTIFIER are simply encoded in BER as a SEQUENCE of single byte values. However, the first two integers (let's call them a and b) are encoded in a compact form, taking only a single byte, of the form 40a + b. So, for the Internet, the first two integers are 1.3, therefore they are encoded as the single byte value 43. Can you imagine a reason why this is done? What does it say about the values of these first two integers?

  8. (REALLY hard last question -- you do NOT have to answer this!) The following is a IP packet (in tcpdump format) snarfed from the staff subnet at Bendigo. It contains an SNMP get-response, although the full IP and UDP headers (28 bytes total) are still present -- simply ignore them in your analysis. Can you discover what it means? 
    4500 004a 2823 0000 fe11 400f 9590 14aa
9590 153c 00a1 5a9a 0036 5c6d 302c 0201
0004 0670 7562 6c69 63a2 1f02 045e 520c
cd02 0100 0201 0030 1130 0f06 082b 0601
0201 0406 0041 0302 f80c
    La Trobe Uni Logo
Copyright © 2004 by Philip Scott, La Trobe University.
Valid HTML 3.2!