Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Introduction to Community-based SNMPv2
Document related concepts
Computer network wikipedia , lookup
Network tap wikipedia , lookup
Distributed firewall wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Extensible Authentication Protocol wikipedia , lookup
Airborne Networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
정보통신단체표준
TTAE.IF-RFC.1901
제정일: 2006 년 10 월 31 일
TTA
커뮤니티 기반 SNMPv2 개요
(Introduction to Community-based SNMPv2)
Standard
정보통신단체표준
TTAE.IF-RFC.1901
제정일 : 2006 년 10 월 31 일
커뮤니티 기반 SNMPv2 개요
(Introduction to Community-based SNMPv2)
본 문서에 대한 저작권은 TTA 에 있으며, 이 문서의 전체 또는 일부에 대하여 상업적
이익을 목적으로 하는 무단 복제 및 배포를 금합니다.
Copyrightⓒ Telecommunications Technology Associations(2006). All Rights Reserved.
정보통신(영문)단체표준
서
문
1. 표준의 목적
TCP/IP 기반 망을 관리하기 위해 필요한 단순 망 관리 프로토콜(Simple Network
Management)의 버전 2 (SNMPv2) 프레임워크를 정의한다. SNMPv2는 커뮤니티 기반
관리 프레임워크 형태로 정의된다.
2. 주요 내용 요약
SNMPv2를 이루는 구성요소를 소개하고 커뮤니티 기반 관리 프레임워크에 대해 정의
한다.
3. 표준 적용 산업 분야 및 산업에 미치는 영향
본 표준은 TCP/IP 기반 망에서 동작하는 장비를 개발하는 제조업체와 장비를 이용해
네트워크를 구축하는 이용자 모두에게 표준화된 망 관리 프로토콜 구조를 제시해 망 관
리 기술 활성화에 기여할 것이다.
4. 참조 표준(권고)
4.1 국외표준(권고)
- IETF RFC 1901, "Introduction to Community-based SNMPv2", 1996
- IETF RFC 1902, "Structure of Management Information for Version 2 of the Simple
Network Management Protocol (SNMPv2)", 1996
- IETF RFC 1903, "Textual Conventions for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1904, "Conformance Statements for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1905, "Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1906, "Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1907, "Management Information Base for Version 2 of the Simple
Network Management Protocol (SNMPv2)", 1996
i
TTAE.IF.RFC1901
정보통신(영문)단체표준
- IETF RFC 1908, "Coexistence between Version 1 and Version 2 of the Internetstandard Network Management Framework", 1996
- ITU-T Rec. X. 680, Specification of Abstract Syntax Notation One (ASN.1), 2002
4.2 국내표준
- TTA, TTAS.IF-RFC1157, "단순 망관리 프로토콜 표준", 1994.11.
- TTA, TTAS.IF-RFC1212, "간결한 관리정보베이스 정의 표준", 1994.11.
- TTA, TTAS.IF-RFC1213, "전송제어프로토콜/망관리프로토콜 기반망의 망관리를 위한
관리정보 베이스 표준", 1994.11.
- KICS, KICS.IF-RFC1157, "단순 망 관리 규약(SNMP) 표준", 1993.11.
- KICS, KICS.IF-RFC1441, “단순 망 관리 규약 버전2 표준", 1996.1.
5. 참조표준(권고)과의 비교
5.1 참조표준(권고)과의 관련성
IETF RFC 1901 표준은 SNMPv2에 대한 전체적인 개요를 다루고 있으며 세부적인 내
용은 IETF RFC 1902 ~ 1908에서 다루고 있다. 본 표준은 IETF에서 규정한 RFC 1901
표준과 기술적으로 동일하다. ITU-T Rec. X. 680은 SNMPv2에서 MIB module을 정의할
때 사용되었다. IETF RFC 1157, 1212, 1213은 SNMPv2의 이전 버전인 SNMPv1을 정의
한 표준 문서로 SNMPv2는 SNMPv1을 확장해 정의되었다. RFC1441은 SNMPv2의 초기
표준 정의 문서로 본 표준 문서를 통해 폐기되었다.
5.2 참조한 표준(권고)과 본 표준의 비교표
6. 지적재산권 관련사항
없음
7. 적합인증 관련사항
7.1 적합인증 대상 여부
없음
7.2 시험표준제정여부(해당 시험표준번호)
ii
TTAE.IF.RFC1901
정보통신(영문)단체표준
없음
8. 표준의 이력
판수
제/개정일
제․개정내역
제1판
2006.10.31
제정
iii
TTAE.IF.RFC1901
정보통신(영문)단체표준
Preface
1. The Purpose of Standard
This document defines the Simple Network Management Version 2 framework for
managing TCP/IP-based network. The SNMPv2 framewor is defined as communitybased Administrative framework.
2. The summary of contents
This standard introduces components of SNMPv2 and defines community-based
administrative framework.
3. Applicable fields of industry and its effect
This document presents standard network management protocol structure which is
useful to both vendors and users of TCP/IP-based network devices. This standard will
contribute to activating of network management technology.
4. Reference Standards (Recommendations)
4.1 International Standards (Recommendations)
- IETF RFC 1901, "Introduction to Community-based SNMPv2", 1996
- IETF RFC 1902, "Structure of Management Information for Version 2 of the Simple
Network Management Protocol (SNMPv2)", 1996
- IETF RFC 1903, "Textual Conventions for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1904, "Conformance Statements for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1905, "Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
- IETF RFC 1906, "Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", 1996
iv
TTAE.IF.RFC1901
정보통신(영문)단체표준
- IETF RFC 1907, "Management Information Base for Version 2 of the Simple
Network Management Protocol (SNMPv2)", 1996
- IETF RFC 1908, "Coexistence between Version 1 and Version 2 of the Internetstandard Network Management Framework", 1996
- ITU-T Rec. X. 680, Specification of Abstract Syntax Notation One (ASN.1), 2002
4.2 Domestic Standards
- TTA, TTAS.IF-RFC1157, "Simple Network Management Protocol Standard ",
1994.11.
- TTA, TTAS.IF-RFC1212, "Concise MIB Definitions", 1994.11.
- TTA, TTAS.IF-RFC1213, "Management Information Base for Network Management
of TCP/IP-based internets: MIB-II ", 1994.11.
- KICS, KICS.IF-RFC1157, "Simple Network Management Protocol (SNMP) Standard",
1993.11.
- KICS, KICS.IF-RFC1441, “Simple Network Management Protocol Version 2
Standard ", 1996.1.
5. Relationship to Reference Standards(Recommendations)
5.1 The relationship of Reference Standards
IETF RFC 1901 describes overall introduction of SNMPv2. This standard is identical
with it technically. Detail information of SNMPv2 is described in IETF RFC 1902 ~
1908. ITU-T Rec. X. 680 is used to define MIB modules of SNMPv2. SNMPv1 is prior
version of SNMPv2. RFC1157, 1212, 1213 are used to define SNMPv1. RFC1441
describes early standard of SNMPv2. It is obsoleted by this document.
5.2 Differences between Reference Standard(recommendation) and this standard
6. The Statement of Intellectual Property Rights
None
7. The Statement of Conformance Testing and Certification
None
v
TTAE.IF.RFC1901
정보통신(영문)단체표준
8. The History of Standard
Edition
Issued date
Contents
The 1st edition
2006.10.31
Established
vi
TTAE.IF.RFC1901
정보통신(영문)단체표준
목
차
1. 개 요 ·················································································· 1
2. SNMPv2 프레임워크 구성요소 ····················································· 1
2.1 관리정보 구조 ·································································· 2
2.2 문장 규칙 ········································································ 2
2.3 적합성 명세 ····································································· 2
2.4 프로토콜 동작 ·································································· 3
2.5 전송 매핑 ········································································ 3
2.6 프로토콜 구성 ·································································· 4
3. 커뮤니티 기반 관리 프레임워크 ··················································· 4
4. 보안 고려사항 ········································································ 5
5. 저자 주소 ············································································· 5
6. 감사의 글 ············································································· 5
7. 참조문헌 ·············································································· 6
vii
TTAE.IF.RFC1901
정보통신(영문)단체표준
Contents
1. Introduction ··········································································· 1
2. Components of the SNMPv2 Framework········································· 1
2.1 Structure of Management Information ······································ 2
2.2 Textual Conventions ··························································· 2
2.3 Conformance Statements ····················································· 2
2.4 Protocol Operations ··························································· 3
2.5 Transport Mappings···························································· 3
2.6 Protocol Instrumentation ······················································ 4
3. The Community-based Administrative Framework ····························· 4
4. Security Considerations ···························································· 5
5. Editor’s Address ····································································· 5
6. Acknowledgements·································································· 5
7. References············································································ 6
viii
TTAE.IF.RFC1901
정보통신(영문)단체표준
커뮤니티 기반 SNMPv2 개요
Introduction to Community-based SNMPv2
1. Introduction
The purpose of this document is to define the Community-based
Administrative
Framework for the SNMP version 2 framework (SNMPv2).
The SNMPv2 framework is fully described in [1-6]. This framework is derived from
the original Internet-standard Network Management Framework (SNMPv1), which
consists of these three documents:
- STD 16, RFC 1155 [7] which defines the Structure of Management Information
(SMI), the mechanisms used for describing and naming objects for the purpose of
management.
- STD 16, RFC 1212 [8] which defines a more concise description mechanism,
which is wholly consistent with the SMI.
- STD 15, RFC 1157 [9] which defines the Simple Network Management Protocol
(SNMP), the protocol used for network access to managed objects.
For information on coexistence between SNMPv1 and SNMPv2, consult[10].
2. Components of the SNMPv2 Framework
A management system contains:
several (potentially many) nodes, each with a
processing entity, termed an agent, which has access to management instrumentation;
at least one management station; and, a management protocol, used to convey
management information between the agents and management stations.
Operations
of the protocol are carried out under an administrative framework which defines
authentication, authorization, access control, and privacy policies.
Management stations execute management applications which monitor and control
managed elements. Managed elements are devices such as hosts, routers, terminal
servers, etc., which are monitored and controlled via access to their management
information.
1
TTAE.IF.RFC1901
정보통신(영문)단체표준
2.1. Structure of Management Information
Management information is viewed as a collection of managed objects, residing in a
virtual information store, termed the Management Information Base (MIB).
of related objects are defined in MIB modules.
Collections
These modules are written using a
subset of OSI's Abstract Syntax Notation One (ASN.1) [11]. It is the purpose of the
Structure of Management Information for SNMPv2 document [1] to define that subset.
The SMI is divided into three parts: module definitions, object definitions, and, trap
definitions.
(1) Module definitions are used when describing information modules. An ASN.1
macro, MODULE-IDENTITY, is used to concisely convey the semantics of an
information module.
(2) Object definitions are used when describing managed objects. An ASN.1 macro,
OBJECT-TYPE, is used to concisely convey the syntax and semantics of a managed
object.
(3) Notification definitions are used when describing unsolicited transmissions of
management information.
An ASN.1 macro, NOTIFICATION-TYPE, is used to
concisely convey the syntax and semantics of a notification.
2.2. Textual Conventions
When designing a MIB module, it is often useful to define new types similar to those
defined in the SMI.
In comparison to a type defined in the SMI, each of these new
types has a different name, a similar syntax, but a more precise semantics. These
newly defined types are termed textual conventions, and are used for the convenience
of humans reading the MIB module.
It is the purpose of the Textual Conventions for
SNMPv2 document [2] to define the initial set of textual conventions available to all
MIB modules.
Objects defined using a textual convention are always encoded by means of the
rules that define their primitive type.
semantics associated with them.
However, textual conventions often have special
As such, an ASN.1 macro, TEXTUAL-CONVENTION,
is used to concisely convey the syntax and semantics of a textual convention.
2.3. Conformance Statements
2
TTAE.IF.RFC1901
정보통신(영문)단체표준
It may be useful to define the acceptable lower-bounds of implementation, along
with the actual level of implementation achieved.
It is the purpose of the
Conformance Statements for SNMPv2 document [3] to define the notation used for
these purposes. There are two kinds of notations:
(1) Compliance statements are used when describing requirements for agents with
respect to object definitions.
An ASN.1 macro, MODULE-COMPLIANCE, is used to
concisely convey such requirements.
(2) Capability statements are used when describing capabilities of agents with
respect to object definitions.
An ASN.1 macro, AGENT-CAPABILITIES, is used to
concisely convey such capabilities.
Finally, collections of related objects are grouped together to form a unit of
conformance.
An ASN.1 macro, OBJECT-GROUP, is used to concisely convey the
syntax and semantics of a group.
2.4. Protocol Operations
The management protocol provides for the exchange of messages which convey
management information between the agents and the management stations.
The
form of these messages is a message "wrapper" which encapsulates a Protocol Data
Unit (PDU).
It is the purpose of the Protocol Operations for SNMPv2 document [4] to define the
operations of the protocol with respect to the sending and receiving of the PDUs.
2.5. Transport Mappings
The management protocol, version 2 of the Simple Network Management Protocol,
may be used over a variety of protocol suites.
It is the purpose of the Transport
Mappings for SNMPv2 document [5] to define how the SNMPv2 maps onto an initial
set of transport domains.
Other mappings may be defined in the future.
Although several mappings are defined, the mapping onto UDP is the preferred
mapping.
As such, to provide for the greatest level of interoperability, systems which
choose to deploy other mappings should also provide for proxy service to the UDP
mapping.
3
TTAE.IF.RFC1901
정보통신(영문)단체표준
2.6. Protocol Instrumentation
It is the purpose of the Management Information Base for SNMPv2 document [6] to
define managed objects which describe the behavior of a SNMPv2 entity.
3. The Community-based Administrative Framework
It is the purpose of an administrative framework to define an infrastructure through
which effective management can be realized in a variety of configurations and
environments.
Specified as a part of, or as extensions of, an administrative
framework are security mechanisms used to achieve an administratively-defined level
of security for protocol interactions.
The administrative framework for SNMPv2 identified in this document is the same
framework as was defined for SNMPv1 [9]. This administrative framework associates
each message with a "community" as defined in [9].
Use of this administrative
framework with SNMP Version 2 is commonly known as "Community-based SNMPv2
(SNMPv2C)."
Specifically, Section 3.2.5 of [9] defines the concept of a community, and Section
4.1 of [9] defines the Elements of Procedure for generating and receiving messages.
The following updates apply:
(1) The types of access defined in Section 3.2.5 of [9] are updated by [1].
(2) The Elements of Procedure defined in Section 4.1 of [9] are updated with the
additional requirement of incrementing the relevant statistics counter as defined in [6].
(3) The requirement in the Elements of Procedure in Section 4.1 of [9] that the "the
source transport address that a response message is sent from shall be identical to
the destination transport address that the original request message was sent to" is
deleted, i.e., the source transport address of a response message can be any
transport address belonging to the agent.
The form of a message is also taken from [9], with the exception that a new version
number is used in the message "wrapper". Use of a new version number is necessary
because of SNMPv2's new PDU types [4], error codes [4], etc.
With this one
change, the wrapper becomes:
COMMUNITY-BASED-SNMPv2 DEFINITIONS ::= BEGIN
4
TTAE.IF.RFC1901
정보통신(영문)단체표준
-- top-level message
Message ::=
SEQUENCE {
version
INTEGER {
version(1) -- modified from RFC 1157
},
community
-- community name
OCTET STRING,
data
-- PDUs as defined in [4]
ANY
}
}
END
Note that with this administrative framework, the 'authorizationError(16)' value
defined for the error-status component of an SNMPv2 PDU [4] is unused.
It may,
however, be used with future administrative frameworks.
4. Security Considerations
Security issues are not discussed in this memo.
5. Editor's Address
Keith McCloghrie
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
US
Phone: +1 408 526 5260
EMail: [email protected]
6. Acknowledgements
5
TTAE.IF.RFC1901
정보통신(영문)단체표준
This document is the result of significant work by the four major contributors:
Jeffrey D. Case (SNMP Research, [email protected])
Keith McCloghrie (Cisco Systems, [email protected])
Marshall T. Rose (Dover Beach Consulting, [email protected])
Steven Waldbusser (International Network Services, [email protected])
In addition, the contributions of the SNMPv2 Working Group are acknowledged. In
particular, a special thanks is extended for the contributions of:
Alexander I. Alten (Novell)
Dave Arneson (Cabletron)
Uri Blumenthal (IBM)
Doug Book (Chipcom)
Kim Curran (Bell-Northern Research)
Jim Galvin (Trusted Information Systems)
Maria Greene (Ascom Timeplex)
Iain Hanson (Digital)
Dave Harrington (Cabletron)
Nguyen Hien (IBM)
Jeff Johnson (Cisco Systems)
Michael Kornegay (Object Quest)
Deirdre Kostick (AT&T Bell Labs)
David Levi (SNMP Research)
Daniel Mahoney (Cabletron)
Bob Natale (ACE*COMM)
Brian O'Keefe (Hewlett Packard)
Andrew Pearson (SNMP Research)
Dave Perkins (Peer Networks)
Randy Presuhn (Peer Networks)
Aleksey Romanov (Quality Quorum)
Shawn Routhier (Epilogue)
Jon Saperia (BGS Systems)
Bob Stewart (Cisco Systems, [email protected]), chair
Kaj Tesink (Bellcore)
Glenn Waters (Bell-Northern Research)
Bert Wijnen (IBM)
7. References
6
TTAE.IF.RFC1901
정보통신(영문)단체표준
[1]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Structure of Management Information for Version 2 of the
Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996.
[2]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1903, January 1996.
[3]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Conformance Statements for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1904, January 1996.
[4]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1905, January 1996.
[5]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, January 1996.
[6]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Management Information Base for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1907, January 1996.
[7]
Rose, M., and K. McCloghrie, "Structure and Identification of Management
Information for TCP/IP-based internets", STD 16, RFC 1155, May 1990.
[8]
Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212,
March 1991.
[9]
Case, J., Fedor, M., Schoffstall, M., Davin, J., "Simple Network Management
Protocol", STD 15, RFC 1157, SNMP Research, Performance Systems
International, MIT Laboratory for Computer Science, May 1990.
[10] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Coexistence between Version 1 and Version 2 of the Internetstandard Network Management Framework", RFC 1908, January 1996.
[11] Information processing systems - Open Systems Interconnection –
7
TTAE.IF.RFC1901
정보통신(영문)단체표준
Specification of Abstract Syntax Notation One (ASN.1), International
Organization for Standardization. International Standard 8824, (December,
1987).
8
TTAE.IF.RFC1901
정보통신(영문)단체표준
영문단체표준 해설서
1. 개요
본 문서는 커뮤니티 기반 관리 프레임워크를 가지는 SNMPv2 를 정의하고 있다.
SNMPv2 프레임워크의 상세 정의는 참조문헌 [1-6]에 기술되어 있다. SNMPv2 는
RFC1155, RFC 1212, RFC1157 로 정의된 SNMPv1 을 근간으로 하고 있다.
2. SNMPv2 프레임워크 구성요소
SNMPv2 프레임워크를 구성하는 관리정보 구조, 문장 규칙, 적합성 명세, 프로토콜
동작, 전송 매핑, 프로토콜 구성에 대해 다루고 있다.
3. 커뮤니티 기반 관리 프레임워크
SNMPv2 의 관리 프레임워크는 SNMPv1 와 동일하게 커뮤니티 문자열을 이용하며
이를 커뮤니티 기반 SNMPv2 (SNMPv2C)라 한다.
4. 보안 고려사항
본 표준에서는 보안에 대해서는 다루지 않는다.
5. 저자 주소
영문 표준 문서를 작성한 저자의 주소가 기술되어 있다.
6. 감사의 글
본 표준 문서의 작성에 기여한 사람들의 이름과 소속 기관 이름이 기술되어 있다.
7. 참조문헌
본 문서에서 참조한 문서 목록이 기술되어 있다.
9
TTAE.IF.RFC1901
정보통신(영문)단체표준
표준작성 공헌자
표준 번호 : TTAE.IF-RFC1901
이 표준의 제․개정 및 발간을 위해 아래와 같이 여러분들이 공헌하였습니다.
구분
성명
과제 제안
이영민
표준 초안 제출
이영민
표준 초안 검토
황찬규
및 작성
위원회 및 직위
연락처
소속사
망관리 프로젝트 그룹 /
042-712-4137
위원
[email protected]
망관리 프로젝트 그룹 /
042-712-4137
위원
[email protected]
망관리 프로젝트그룹
042-870-8560
의장
[email protected]
LG 데이콤
LG 데이콤
KT
외 프로젝트그룹 위원
표준안
민경선
심의
전송기술위원회 의장
042-870-8340
[email protected]
KT
외 기술위원회 위원
김영재
선임
김선
팀장
사무국 담당
10
031-724-0195
[email protected]
031-724-0080
[email protected]
TTA
TTA
TTAE.IF.RFC1901
(뒷 표지)
정보통신(영문)단체표준
TTA 표준 작성 샘플
(Example for Writing on TTA Standard)
발행인 : 김홍구
발행처 : 한국정보통신기술협회
463-824, 경기도 성남시 분당구 서현동 267-2
Tel : 031-724-0114, Fax : 031-724-0019
발행일 : 2006.10
