Ad Hoc SNMP SNMP
9.3.3 Ad Hoc SNMP
All of the SNMP polling I have discussed so far has been periodic and scheduled. However, the same SNMP server software can also do ad hoc queries. This means that the network manager can use the system to generate a single poll manually. This can be an extremely useful tool for fault isolation and troubleshooting. For example, this facility can quickly query a set of different devices to see which ones have high CPU loads, errors, or whatever you happen to be looking for. Using this facility is usually much faster than logging into all of these devices manually and poking around on the command line. In fact, the network-management software for many types of hardware makes it possible to do a large list of standard ad hoc queries on a device automatically. Many hardware vendors make SNMP software called instance managers. This software gives a relatively detailed, graphical view of the complete state of one device all at once. Usually, these instance managers also provide the ability to make configuration changes via SNMP as well. For Ethernet switches, it is often true that the instance-manager software is the fastest and most efficient way to do basic configuration changes such as manipulating VLAN memberships. This topic actually brings up one of the most serious issues with SNMP. With SNMP Version 1 and, to a lesser extent, with Versions 2 and 3, it is remarkably easy to subvert the security. It is not difficult to load publicly available SNMP server software onto a PC. This software can then be used to reconfigure key pieces of network equipment. Even nonmalicious users and applications can cause problems. For example, some ill-behaved server- management software automatically attempts to discover the network path to the remote managed-server devices. In doing so, this software generally does detailed SNMP polling of key network devices. Once the path is discovered, this software then periodically polls these network devices as if it were managing the network instead of just the servers. This situation is not in itself a problem because the server-management software is only polling and not actually changing anything. Remember that the SNMP agent running on a router or a switch is a CPU- bound software process. It uses memory from the main memory pool. If a server program repeatedly polls this device, requesting large parts of its MIB, it can overload the devices CPU. Many such programs all requesting this data at the same time can cause network problems. As I have stressed repeatedly throughout this book, there is no reason for any end device to ever have to know the topology of a well-built network. It may be necessary in these cases to implement access controls on the SNMP agents of key devices. These access controls have the effect of preventing the agent from speaking SNMP with any devices other than the officially sanctioned SNMP servers. Some network engineers go further and actually block SNMP from passing through the network if it does not originate with the correct server. However, this measure is extreme. There may be well-behaved applications that happen to use SNMP to communicate with their well-behaved clients. In this case, the network should not prevent legitimate communication. 2169.3.4 Automated Activities
Parts
» Money Geography Business Requirements
» Installed Base Bandwidth Business Requirements
» Layer 1 Layer 2 The Seven Layers
» Layer 3 Layer 4 The Seven Layers
» Layer 5 Layer 6 Layer 7 The Seven Layers
» Routing Versus Bridging Networking Objectives
» Top-Down Design Philosophy Networking Objectives
» Failure Is a Reliability Issue
» Performance Is a Reliability Issue
» Guidelines for Implementing Redundancy
» Redundancy by Protocol Layer
» Multiple Simultaneous Failures Complexity and Manageability
» Always let network equipment perform network functions Intrinsic versus external automation
» Examples of automated fault recovery
» Fault tolerance through load balancing
» Avoid manual fault-recovery systems
» Isolating Single Points of Failure
» Multiple simultaneous failures Predicting Your Most Common Failures
» Combining MTBF values Predicting Your Most Common Failures
» Traffic Anomalies Failure Modes
» Software Problems Human Error
» Ring topology Basic Concepts
» Star topology Basic Concepts
» Mesh Topology Basic Concepts
» Spanning Tree eliminates loops Spanning Tree activates backup links and devices
» Protocol-Based VLAN Systems VLANs
» Why collapse a backbone? Backbone capacity
» Backbone redundancy Collapsed Backbone
» Trunk capacity Distributed Backbone
» Trunk fault tolerance Distributed Backbone
» Ancient history Switching Versus Routing
» One-armed routers and Layer 3 switches
» Filtering for security Filtering
» Filtering for application control
» Containing broadcasts Switching and Bridging Strategies
» Redundancy in bridged networks Filtering
» Trunk design VLAN-Based Topologies
» VLAN Distribution Areas VLAN-Based Topologies
» Sizing VLAN Distribution Areas
» Multiple Connections Implementing Reliability
» Routers in the Distribution Level Routers in Both the Core and Distribution Levels
» Connecting Remote Sites Large-Scale LAN Topologies
» General Comments on Large-Scale Topology
» Cost Efficiency Selecting Appropriate LAN Technology
» Installed Base Maintainability Selecting Appropriate LAN Technology
» Ethernet addresses Ethernet Framing Standards
» Collision Detection Ethernet and Fast Ethernet
» Transceivers Ethernet and Fast Ethernet
» FDDI Local Area Network Technologies
» Wireless Local Area Network Technologies
» Firewalls and Gateways Local Area Network Technologies
» Horizontal Cabling Structured Cabling
» Vertical Cabling Structured Cabling
» Network Address Translation IP
» Multiple Subnet Broadcast IP
» Unregistered Addresses General IP Design Strategies
» Easily summarized ranges of addresses
» Sufficient capacity in each range
» Standard subnet masks for common uses
» The Default Gateway Question
» Types of Dynamic Routing Protocols
» Split Horizons in RIP Variable Subnet Masks
» Basic Functionality IGRP and EIGRP
» Active and Stuck-in-Active Routes
» Interconnecting Autonomous Systems IGRP and EIGRP
» Interconnecting Autonomous Systems OSPF
» Redistributing with Other Routing Protocols
» IP Addressing Schemes for OSPF OSPF Costs
» Autonomous System Numbers BGP
» IPX Addressing Schemes General IPX Design Strategies
» RIP and SAP Accumulation Zones
» Using Equipment Features Effectively
» Hop Counts Elements of Efficiency
» Bottlenecks and Congestion Elements of Efficiency
» Filtering Elements of Efficiency
» QoS Basics Quality of Service and Traffic Shaping
» Layer 2 and Layer 3 QoS Buffering and Queuing
» Assured Forwarding in Differentiated Services
» Traffic Shaping Quality of Service and Traffic Shaping
» Defining Traffic Types Quality of Service and Traffic Shaping
» RSVP Quality of Service and Traffic Shaping
» Network-Design Considerations Quality of Service and Traffic Shaping
» Configuration Management Network-Management Components
» Fault Management Performance Management Security Management
» Designing a Manageable Network
» VLAN structures Architectural Problems
» LAN extension Architectural Problems
» Redundancy features Architectural Problems
» Out-of-Band Management Techniques Management Problems
» Multicast Addressing IP Multicast Networks
» Multicast Services IP Multicast Networks
» Group Membership IP Multicast Networks
» Multicast administrative zones Network-Design Considerations for Multicast Networks
» Multicast and QoS Network-Design Considerations for Multicast Networks
Show more