用SNMP实现对大型网络的轻松管理!
?原文來(lái)自:http://guojiping.blog.51cto.com/5635432/985885
一、原理介紹:
SNMP簡(jiǎn)介?
? 目前網(wǎng)絡(luò)中用得最廣泛的網(wǎng)絡(luò)管理協(xié)議是SNMP(Simple Network Management Protocol,簡(jiǎn)單網(wǎng)絡(luò)管理協(xié)議)。SNMP是被廣泛接受并投入使用的工業(yè)標(biāo)準(zhǔn),用于保證管理信息在網(wǎng)絡(luò)中任意兩點(diǎn)間傳送,便于網(wǎng)絡(luò)管理員在網(wǎng)絡(luò)上的任何節(jié)點(diǎn)檢索信息、修改信息、定位故障、完成故障診斷、進(jìn)行容量規(guī)劃和生成報(bào)告。?
SNMP采用輪詢機(jī)制,只提供最基本的功能集,特別適合在小型、快速和低價(jià)格的環(huán)境中使用。SNMP的實(shí)現(xiàn)基于無(wú)連接的傳輸層協(xié)議UDP,因此可以實(shí)現(xiàn)和眾多產(chǎn)品的無(wú)障礙連接
SNMP的工作機(jī)制?
SNMP分為NMS和Agent兩部分:?
NMS(Network Management Station,網(wǎng)絡(luò)管理站)是運(yùn)行客戶端程序的工作站,目前常用的網(wǎng)管平臺(tái)有QuidView、Sun NetManager和IBM NetView。?
Agent是運(yùn)行在網(wǎng)絡(luò)設(shè)備上的服務(wù)器端軟件。?
NMS可以向Agent發(fā)出GetRequest、GetNextRequest和SetRequest報(bào)文,Agent接收到NMS的這些請(qǐng)求報(bào)文后,根據(jù)報(bào)文類型進(jìn)行Read或Write操作,生成Response報(bào)文,并將報(bào)文返回給NMS。?
Agent在設(shè)備發(fā)生異常情況或狀態(tài)改變時(shí)(如設(shè)備重新啟動(dòng)),也會(huì)主動(dòng)向NMS發(fā)送Trap報(bào)文,向NMS匯報(bào)所發(fā)生的事件。
SNMP的版本?
目前,設(shè)備中的SNMP Agent支持SNMP v3版本,兼容SNMP v1版本、SNMP v2C版本。?
SNMP v3采用用戶名和密碼認(rèn)證方式。?
SNMP?v1、SNMP v2C采用團(tuán)體名(Community Name)認(rèn)證,非設(shè)備認(rèn)可團(tuán)體名的SNMP報(bào)文將被丟棄。SNMP團(tuán)體名用來(lái)定義SNMP NMS和SNMP Agent的關(guān)系。團(tuán)體名起到了類似于密碼的作用,可以限制SNMP NMS訪問(wèn)設(shè)備上的SNMP Agent。用戶可以選擇指定以下一個(gè)或者多個(gè)與團(tuán)體名相關(guān)的特性:?
1.定義團(tuán)體名可以訪問(wèn)的MIB視圖。
2.設(shè)置團(tuán)體名對(duì)MIB對(duì)象的訪問(wèn)權(quán)限為讀寫(xiě)權(quán)限(write)或者只讀權(quán)限(read)。具有只讀權(quán)限的團(tuán)體名只能對(duì)設(shè)備信息進(jìn)行查詢,而具有讀寫(xiě)權(quán)限的團(tuán)體名還可以對(duì)設(shè)備進(jìn)行配置。?
3.設(shè)置團(tuán)體名指定的基本訪問(wèn)控制列表。
設(shè)備支持的MIB?
在SNMP報(bào)文中用管理變量來(lái)描述設(shè)備中的管理對(duì)象。為了唯一標(biāo)識(shí)設(shè)備中的管理對(duì)象,SNMP用層次結(jié)構(gòu)命名方案來(lái)識(shí)別管理對(duì)象。整個(gè)層次結(jié)構(gòu)就像一棵樹(shù),樹(shù)的節(jié)點(diǎn)表示管理對(duì)象,如下圖1-1所示。每一個(gè)節(jié)點(diǎn),都可以用從根開(kāi)始的一條路徑唯一地標(biāo)識(shí)。
MIB(Management Information Base,管理信息庫(kù))的作用就是用來(lái)描述樹(shù)的層次結(jié)構(gòu),它是所監(jiān)控網(wǎng)絡(luò)設(shè)備的標(biāo)準(zhǔn)變量定義的集合。在圖1-1中,管理對(duì)象B可以用一串?dāng)?shù)字{1.2.1.1}唯一確定,這串?dāng)?shù)字是管理對(duì)象的對(duì)象標(biāo)識(shí)符(Object Identifier)。?
系統(tǒng)支持的常見(jiàn)MIB如下表1-1所示。
?
二、案例分析及使用:
1.實(shí)驗(yàn)拓?fù)鋱D:
注意:windows server 2003 是在虛擬機(jī)中安裝,橋接到本地連接1上使用!
2.設(shè)備配置:
交換機(jī)配置:
[Quidway]int Vlan-interface 1
[Quidway-Vlan-interface1]ip add 192.168.1.2 255.255.255.0
[Quidway-Vlan-interface1]quit
[Quidway]ip route-static 0.0.0.0 0.0.0.0 192.168.1.3? //默認(rèn)網(wǎng)關(guān)
[Quidway]snmp-agent?? // 啟動(dòng)snmp
[Quidway]snmp-agent ?
community?Set a community?for the access of?SNMPv1&SNMPv2c
group?Set an SNMP group based on USM
local-engineid Set the engineID of local SNMP entity
mib-view?Set SNMP MIB view information
packet Set SNMP packet's parameters
sys-info?Set system information of the node
target-host?Set the target hosts to receive SNMP notification/trap
packets
trap?Set trap or notification parameters
usm-user Set a new user for access to SNMP entity
<cr>
[Quidway]snmp-agent sys-info??
contact Set the contact information for system maintenance
location Set the physical position information of this node
version Enable the SNMP protocol version
[Quidway]snmp-agent sys-info?contact?zhaoke
[Quidway]snmp-agent sys-info?location?zhengzhou
[Quidway]snmp-agent sys-info version ???? //版本信息
all Enable the device to support SNMPv1, SNMPv2c and SNMPv3
v1 Enable the device to support SNMPv1
v2c Enable the device to support SNMPv2c
v3 Enable the device to support SNMPv3
[Quidway]snmp-agent sys-info version all
[Quidway]snmp-agent?community??
read Read-only access for this community in the view
write Read-write access for this community in the view
[Quidway]snmp-agent community read public
[Quidway]snmp-agent community write private
[Quidway]snmp-agent trap ?
enable SNMP trap/notification enable commands group
life Set the trap aging time
queue-size Length of each TRAP message queue
source Set the source address of SNMPv1 trap packet
[Quidway]snmp-agent trap enable? //打開(kāi)陷阱功能
[Quidway]snmp-agent target-host ?
trap Specify the target to be trap host
[Quidway]snmp-agent target-host trap ?
address Specify the transport addresses to be used in the generation of SNMP
messages
[Quidway]snmp-agent target-host trap address ?
udp-domain Specify transport domain over UDP for the target host
[Quidway]snmp-agent target-host trap address udp-d
[Quidway]snmp-agent target-host trap address udp-domain ?
X.X.X.X IP address of target host
[Quidway]snmp-agent target-host trap address udp-domain 192.168.1.100 ?
params Specify SNMP target information to be used in the generation of
SNMP messages
udp-port Set port to receive traps/notifications for this target host
[Quidway]snmp-agent target-host trap address udp-domain 192.168.1.100 params ?
securityname Specify the name for the principal on whose behalf SNMP
messages will be generated
[Quidway]snmp-agent target-host trap address udp-domain 192.168.1.100 params secu
[Quidway]snmp-agent target-host trap address udp-domain 192.168.1.100 params securityname ?
STRING<1-32> Specify the character string of security name
[Quidway]snmp-agent target-host trap address udp-domain 192.168.1.100 params securityname public
路由器R2的配置:
[Router]sysname R2
[R2]int e1
[R2-Ethernet1]ip add 192.168.1.3 24
[R2-Ethernet1]int s0
[R2 -Serial0]ip add 192.168.2.1 24
[R2-Serial0]
%01:02:44: Line protocol ip on the interface Serial0 is UP
[Router-Serial0]quit
[R2]display ip routing
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.1.0/24 Direct 0 0 192.168.1.3 Ethernet1
192.168.1.3/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.2.0/24 Direct 0 0 192.168.2.1 Serial0
192.168.2.1/32 Direct 0 0 127.0.0.1 LoopBack0
[R2]ip route-static 192.168.3.0 24 192.168.2.2
[R2]ping 192.168.1.2
PING 192.168.1.2: 56 data bytes, press CTRL_C to break
Request time out
Reply from 192.168.1.2: bytes=56 Sequence=1 ttl=255 time = 32 ms
Reply from 192.168.1.2: bytes=56 Sequence=2 ttl=255 time = 14 ms
Reply from 192.168.1.2: bytes=56 Sequence=3 ttl=255 time = 9 ms
Reply from 192.168.1.2: bytes=56 Sequence=4 ttl=255 time = 12 ms
[R2]snmp-agent ?
<cr> Enable SNMP agent
community Configure community string access
group Configure a group security version
local-engineID Configure the local-engine ID string
mib-view Specify MIB family inclusions and exclusions
packet Configure the max packet size
sys-info Specify the SNMP system information
target-host Specify the SNMP trap host address
trap Configure SNMP traps
usm-user Configure a SNMP user
[R2]snmp-agent
[R2]snmp-agent sys-info contact zouyunxia
[R2]snmp-agent sys-info location xuchang
[R2]snmp-agent sys-info version all
[R2]snmp-agent community ?
read Specify read-only access
write Specify read-write access
[R2]snmp-agent community read public
[R2]snmp-agent community write private
[R2]snmp-agent trap ?
enable Enable SNMP trap
life Specify timeout of SNMP trap
queue-size Specify the length of SNMP trap queue
source Specify source address for sending SNMP trap
[R2]snmp-agent trap enable
[R2]snmp-agent target-host ?
trap Specify trap host information
[R2]snmp-agent target-host trap ?
address host IP address
[R2]snmp-agent target-host trap address ?
X.X.X.X IP address
[R2]snmp-agent target-host trap address 192.168.1.100 ?
parameters Specify SNMP parameters
port Specify host's UDP port
securityname Specify securityname string information
[R2]snmp-agent target-host trap address 192.168.1.100 securityname ?
STRING<1-32> SNMP securityname string
[R2]snmp-agent target-host trap address 192.168.1.100 securityname public
路由器R1的配置:
[Router]sysname R1
[R1]int e1
[R1-Ethernet1]ip add 192.168.3.1 24
[R1-Ethernet1]int s0
[R1-Serial0]ip address 192.168.2.2 24
[R1-Serial0]
%01:37:43: Line protocol ip on the interface Serial0 is UP
[R1-Serial0]shutdown
% Interface Serial0 is shut down
[R1-Serial0]
%01:37:48: Interface Serial0 is DOWN
[R1-Serial0]undo shutdown
% Interface Serial0 is?reset
[R1-Serial0]
%01:38:01: Interface Serial0 is UP
%01:38:01: Line protocol ip on the interface Serial0 is UP
[R1-Serial0]quit
[R1]ip route-static 192.168.1.0 24 192.168.2.1
[R1]snmp-agent
[R1]snmp-agent sys-info contact guojiping
[R1]snmp-agent sys-info location shanghai
[R1]snmp-agent sys-info version all
[R1]snmp-agent community read public
[R1]snmp-agent community write private
[R1]snmp-agent trap enable
[R1]snmp-agent target-host ?
trap Specify trap host information
[R1]snmp-agent target-host trap address 192.168.1.100 securityname ?
STRING<1-32> SNMP securityname string
[R1]snmp-agent target-host trap address 192.168.1.100 securityname public
[R1]display ip routing
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.1.0/24 Static 60 0 192.168.2.1 Serial0
192.168.2.0/24 Direct 0 0 192.168.2.1 Serial0
192.168.2.1/32 Direct 0 0 192.168.2.1 Serial0
192.168.2.2/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.3.0/24 Direct 0 0 192.168.3.1 Ethernet1
192.168.3.1/32 Direct 0 0 127.0.0.1 LoopBack0
[R1]ping 192.168.3.100
PING 192.168.3.100: 56 data bytes, press CTRL_C to break
Reply from 192.168.3.100: bytes=56 Sequence=0 ttl=64 time = 1 ms
3.測(cè)試:
Windows server 2003 的配置:
安裝what‘s up軟件 并設(shè)置:
整個(gè)網(wǎng)絡(luò)拓?fù)鋱D:
[R1]snmp-agent trap enable standard ?
authentication Send authentication trap
coldstart Send coldstart trap
linkdown Send linkdown trap
linkup Send linkup trap
warmstart Send warmstart trap
<cr>
[R1]snmp-agent trap enable standard linkup
[R1]snmp-agent trap enable standard linkdown
轉(zhuǎn)載于:https://www.cnblogs.com/zhuimengle/p/5851715.html
總結(jié)
以上是生活随笔為你收集整理的用SNMP实现对大型网络的轻松管理!的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
- 上一篇: 百钱百鸡问题
- 下一篇: 泛函编程—模板函数_类模板