The files snmpdefs.h and snmpmgr.c provide the codebase for our elementary management system. We now describe the principal elements of this program: The source code listing is contained in Appendix D, “Visual C++ Sample Program Source C.” The contents of the header file snmpdefs.h are illustrated in Figure 7-2. We added line numbers and section headings to make it easier to follow the description that follows. The header file snmpdefs.h is made up of three sections.

    /****************** SECTION 1 ******************/
1  #define TIMEOUT 6000 /* milliseconds */
2  #define RETRIES 3
3  #define MAX_OID_NAME_LENGTH 50
4  #define FUNCTION_SUCCESS 0
5  #define FUNCTION_FAILED -1

/****************** SECTION 2 ******************/
6  enum Operations { GET, GETNEXT, SET, WALK, TRAP };
7  char * operationsArray[5] = { "GET", "GETNEXT", "SET", "WALK", "TRAP" };
8  INT programMode, operation;
9  LPSTR SNMPAgentName, SNMPCommunity, OIDstring;
10 RFC1157VarBindList variableBindings;
11 LPSNMP_MGR_SESSION SNMPsession;
12 AsnAny retrievedInstanceValue;
13 INT timeout = TIMEOUT;
14 INT retries = RETRIES;
15 BYTE requestType;
16 AsnInteger errorStatus, errorIndex;

/****************** SECTION 3 ******************/
17 int allocateResources(LPSTR agentName, LPSTR community, char *objectIdentifier);
18 int deallocateResources();
19 int prepareForOp(enum Operations reqOperation, LPSTR agentName, LPSTR community, char
 *objectIdentifier, char *objectValue);
20 int prepareDataForOperation(enum Operations reqOperation, unsigned char *newObjectValue);
21 int prepareSetOperation(unsigned char *newObjectValue);
22 int prepareGetOperation();
23 int prepareGetNextOperation();
24 int dispatchOperation(int programMode, char * argumentVector[]);
25 int createSNMPSession();
26 int executeRequest();
27 int displayMIBInstanceValue();
28 int doSnmpOperation(enum Operations reqOperation, LPSTR agentName, LPSTR community,
 char *objectIdentifier, char *objectValue);
29 int executeMibWalk();
30 int waitForTraps();
31 int startupRoutine (int argc, char *argv []);

Five operations are allowed with this manager:

The required operation is specified on the program command line. Overall, the external API provided by this program is a single function called:

int doSnmpOperation(enum Operations reqOperation, LPSTR agentName, LPSTR community, char
 *objectIdentifier, char *objectValue)

The program is invoked for a GET operation on the ipInReceives object value as follows, with a three-line response (commands typed by the user are shown in bold; system responses are delimited by angle brackets):

Debugsnmpmgr.exe GET myHostPC public .iso.org.dod.internet.mgmt.mib-2.ip.ipInReceives.0 NULL
< ***** THE SYSTEM RESPONSE NOW FOLLOWS ***** >
< SNMP Operation Type GET >
< MIB Object Instance = ip.ipInReceives.0 >
< Value    = Counter32 4929873 >

The parameters for this are as follows:

The remote (or local) agent responds to the message and the data sent back to snmpmgr.exe is presented as:

< SNMP Operation Type GET >
< MIB Object Instance = ip.ipInReceives.0 >
< Type and Value =  Counter32 4929873 >

The last two lines indicate the required MIB object instance and its value (in this case, the object is our old friend ipInReceives.0 and has the value 4929873). The supplied DOS batch files automate the process of running the program, freeing the user from having to type complex command lines. The batch files and their use are described in the following sections.

The MIB-II system table is used in our examples and is illustrated in Figure 7-4.

Figure 7-4. The MIB-II system table.

Figure 7-4 can be consulted during the following sections. The syntax for specifying MIB objects in the Microsoft SNMP API is to prefix each leaf with a period, starting with .iso. This is seen in the next section.

Double-clicking the batch file Get.bat (or running it from a command line) should result in a display similar to that shown in Figure 7-5.

Debugsnmpmgr.exe GET myHostPC public  .iso.org.dod.internet.mgmt.mib-2.system.sysContact.0
< SNMP Operation Type GET >
< MIB Object Instance = system.sysContact.0 >
< Type and Value = String StephenM >

Figure 7-5 illustrates a GET operation on a specific instance (zero in this case) of a columnar object from the standard system table—in this case, system.sysContact. We must specify the instance explicitly by appending a zero. The value of the returned object is illustrated as StephenM.

Double-clicking the batch file GetNext.bat (or running it from a command line) should result in a display similar to that shown in Figure 7-6.

Debugsnmpmgr.exe GETNEXT myHostPC public .iso.org.dod.internet.mgmt.mib-2.system.sysContact.0
< SNMP Operation Type GETNEXT >
< MIB Object Instance = system.sysName.0 >
< Type and Value = String myHostPC >

Figure 7-6 illustrates a GETNEXT operation on the sysContact object. Instead of returning StephenM, as in the last example, we receive the host system name. This is the lexical successor to the sysContact object, as can be seen from Figure 7-4.

We now move to a different category of SNMP operation, that of setRequest. This pushes data into the MIB of the remote agent. Interestingly, providing a set capability like this is often considered controversial because of security fears. These fears are generally well-founded, but we present sets here only in order to describe the principles, leaving aside any political issues. In this example, we set the value of the sysContact name to be StephenMorris. Recall from the GET example above that the value of this object is currently StephenM. Double-clicking the batch file Set.bat (or running it from a command line) should result in a display similar to that shown in Figure 7-7. We can verify that the operation succeeded by simply running Get.bat again.

Debugsnmpmgr.exe SET myHostPC public .iso.org.dod.internet.mgmt.mib-2.system.sysContact.0
 StephenMorris
< SNMP Operation Type SET >
< MIB Object Instance = system.sysContact.0 >
< Type and Value = String StephenMorris >

Figure 7-7 illustrates a SET operation on the system.sysContact.0 object.

Suppose we want to get an idea of the MIB objects supported by a given agent, starting at a specific point in the tree. An SNMP walk provides this capability by traversing the MIB tree leaf objects until the end of that branch is reached. This is useful for retrieving tables (of unknown extent). Double-clicking the batch file Walk.bat (or running it from a command line) should result in a display similar to that shown in Figure 7-8. This is achieved by a dialog between the manager and the agent in which the former keeps sending GETNEXT messages until the end of the MIB table is reached.

Debugsnmpmgr.exe WALK myHostPC public .iso.org.dod.internet.mgmt.mib-2.system
< Variable = system.sysDescr.0 >
< Value    = String Hardware: x86 Family 6 Model 8 >
< Variable = system.sysObjectID.0 >
< Value    = ObjectID 1.3.6.1.4.1.311.1.1.3.1.1 >
< Variable = system.sysUpTime.0 >
< Value    = TimeTicks 1889968 > 
< Variable = system.sysContact.0 >
< Value    = String StephenMorris >
< Variable = system.sysName.0 >
< Value    = String myHostPC >
< Variable = system.sysLocation.0 >
< Value    = String Europe >
< Variable = system.sysServices.0 >
< Value    = Integer32 76 >
< End of MIB subtree. >

Figure 7-8 illustrates a WALK of the system table. Referring to Figure 7-4, it can be seen that all the columns in this table are retrieved up to and including the last object, sysServices.

The manager program can also be configured to listen for SNMP traps. This is illustrated by running the batch file GetTraps.bat. This puts the manager into listening mode, as can be seen in Figure 7-9. Next, we must simulate a trap. This can be done by simply stopping and starting the SNMP service, which results in the agent sending three traps, as illustrated in the bottom half of Figure 7-9.

Debugsnmpmgr.exe TRAP
< snmputil: listening for traps. >
***** THE PROGRAM IS NOW AWAITING THE ARRIVAL OF TRAPS *****
***** WE NOW STOP AND THEN START THE SNMP SERVICE *****
snmputil: trap generic=0 specific=0  from -> 127.0.0.1  *** TRAP 1
snmputil: trap generic=3 specific=0  from -> 127.0.0.1  *** TRAP 2
Variable = interfaces.ifTable.ifEntry.ifIndex.1
Value    = Integer32 1
snmputil: trap generic=3 specific=0  from -> 127.0.0.1  *** TRAP 3
Variable = interfaces.ifTable.ifEntry.ifIndex.16777219
Value    = Integer32 16777219

Let's take a closer look at what's going on in Figure 7-9. Trap 1 has both generic and specific code values of zero, indicating that this is a coldStart, that is, the agent has restarted. This is a direct response to stopping and starting the SNMP service. The origin of this trap is the loopback IP address (127.0.0.1), indicating that the agent is located on the same host as the manager. Traps 2 and 3, respectively, have generic and specific codes of three and zero, indicating linkUp events. These relate to entries in the host system interfaces MIB table (ifTable). Two interfaces are present on the host machine (indicated by the MIB object ifNumber, which has the value 2 and is not shown); one is the software loopback interface (127.0.0.1), and the other is an Ethernet interface (16777219). When these interfaces go into the up state, the agent detects it and emits traps 2 and 3.

It is easy enough to chain these batch files together (or write entirely new ones) to carry out multiple operations in sequence—for example, to execute a SET followed by a GET. A real NMS tends to use a rich mix of all types of SNMP operations, for example, manipulating a range of scalar and tabular objects on a number of agents (as we'll see in Chapter 8).

Security is increasingly important in network management. We now acknowledge this with a specific example of a simple security violation by using the wrong community name. This is equivalent to entering the wrong password during a login procedure. Modifying the community name in one of the batch files achieves the desired result. The remote agent should do two things:

In a real network with stronger security (such as SNMPv3), the intruder might be attempting more sophisticated actions, such as replaying a captured message into an agent. In this case, the security system in the agent would rely on more advanced protection facilities, such as message timeliness checking. However, we illustrate the simple (wrong community string) case just to give a flavor of what might occur in a real network.

To see this, we must configure one session of the program to listen for traps and another to issue an improper SNMP Get. Figure 7-10 illustrates the GET with a modified (and invalid) community string of public1 (instead of public).

Debugsnmpmgr.exe GET myHostPC public1 .iso.org.dod.internet.mgmt.mib-2.system.sysContact.0
< error on SnmpMgrRequest 8 >
< SNMP Operation Type GET >
< MIB Object Instance = system.sysContact.0 >
< Type and Value = Null value >

In Figure 7-10, we see a Microsoft Visual C++ SNMP API error value of 8, indicating a problem with the submitted message.

If we initiate another instance of the program in trap mode (before running the Get in Figure 7-10), we see an interesting sequence of events, as illustrated in Figure 7-11. Four traps are received from the loopback address. So, what's happening here, and why do we see four traps?

Debugsnmpmgr.exe TRAP
< snmputil: listening for traps... >
< snmputil: trap generic=4 specific=0 from -> 127.0.0.1 >
< snmputil: trap generic=4 specific=0 from -> 127.0.0.1 >
< snmputil: trap generic=4 specific=0 from -> 127.0.0.1 >
< snmputil: trap generic=4 specific=0 from -> 127.0.0.1 >

Recall from Figure 7-2 that the program implements a retry mechanism (the RETRIES symbolic constant in snmpdefs.h). A maximum of three retries is allowed. So, the first GetRequest is sent to the agent. This message has an invalid community string and is discarded. The agent also issues a trap with a generic code of 4 (indicating an authenticationFailure). This explains the first trap. Our manager code is not very sophisticated and fails to correlate the authentication failure trap with the bad GetRequest message. Having failed to get the expected response, the manager then transparently (via the SNMP library code) retries the operation a total of three more times; this results in three more traps before the manager code finally gives up. This explains the sequence of four traps in Figure 7-11. One final point about Figure 7-11 is that the timeout mechanism is also initiated as a result of the (attempted) security breaches. Again from Figure 7-2, we note that there is a timeout defined as 6,000 milliseconds or 6 seconds. This is the time between retries and explains the small delays between the occurrence of the traps in Figure 7-11.

A number of Sun Microsystems' software applications are needed for our Java example. The following installation steps were followed (for Windows NT) in order to set up JDMK:

Step 2 may not be necessary.

Installation of JDMK involves running two downloaded batch files called Setup.bat—this extracts the JDMK class files (jdmk42_nt_12.class and jdmk42_nt_11.class, respectively).

Next, the environment variables must be set. We created one variable (JDMKPATH) and modified two others for this:

The values we assigned to these variables are:

JDMKPATH=C:Program FilesSUNWjdmkjdmk4.21.2
PATH=%JDMKPATH%in;C:jdk1.3.1_02in
CLASSPATH=%JDMKPATH%libcollections.jar;%JDMKPATH%libjdmkrt.jar;%JDMKPATH%libjdmktk.jar;.

The syntax %JDMKPATH% is simply a shorthand form for the fully expanded contents of JDMKPATH. One last point is to make sure to include the period (for the current directory) at the end of the CLASSPATH.

Two commands are required to build the Java program:

The first command builds a file called RFC1213_MIBOidTable.java. The second command creates the bytecode file SynchronousManager.class. The latter is the binary (executable) file for the examples that follow.

To run the program, double-click on Get.bat to invoke Java and execute a GetRequest operation. This should result in a display similar to that shown in Figure 7-13.

java SynchronousManager GET myHostPC public sysContact.0 NULL 161
< Sent GET request to agent on myHostPC port 161 >
< Result: [Object ID : 1.3.6.1.2.1.1.4.0  (Syntax : String) >
< Value : StephenMorris] >

Figure 7-13 illustrates a GET operation on the sysContact object from the standard system table. The object instance is hardcoded (i.e., there is no way for the value to be changed other than by a program source code change) internally to the program. The value of system.sysContact.0 is illustrated as StephenMorris. Recall that this object instance was set to its current value in Figure 7-7.

To run the program, double-click on GetNext.bat to invoke Java and execute a GetRequest operation. This should result in a display similar to that shown in Figure 7-14.

java SynchronousManager GETNEXT myHostPC public sysContact.0 NULL 161
< Sent GETNEXT request to agent on myHostPC port 161 >
< Result: [Object ID : 1.3.6.1.2.1.1.5.0  (Syntax : String) >
< Value : myHostPC] >

Figure 7-14 illustrates a GETNEXT operation on the sysContact object from the standard system table. As was the case with the C++ program, the GETNEXT response provides the lexical successor to the system.sysContact.0 object. This is the system.sysName.0 object and has the value myHostPC.

The Java program is very simple indeed. All of the code is contained in one file that in turn contains a Java class called SynchronousManager. The command-line parameters are validated, and the required operation type is recorded as either GET or GETNEXT. The next nine lines prepare the API for making SNMP calls. The actual SNMP request is made in the method called:

public static void issueRequest(SnmpPeer agent, String operation, 
            SnmpVarBindList list, SnmpSession session, 
            String host, String port)

It is this method that issues the message and processes the agent response. Any exceptions that occur are caught in an overall try/catch block.

The JDMK API provides both synchronous and asynchronous operation. Synchronous operation simply waits for responses from the network, whereas asynchronous operation uses callbacks to allow the program to proceed with other tasks. A production-standard NMS tends to use asynchronous operation, or it may use synchronous calls in conjunction with multiple threads. In either case, the NMS should not simply block until a response is received. As we've seen, there is generally much ongoing work to be done by a given NMS as it strives to keep up to date with the managed network. So, execution time should never be squandered waiting for (possibly) tardy devices to respond.

Our examples are all synchronous in nature in order to illustrate the software components in as simple a fashion as possible.

Table 7-1 shows a brief comparison between the Visual C++ and JDMK APIs.

An interesting exercise in interoperability is to mix and match the operation of the two programs, for example,

To compare the performance of the two APIs, a new batch file can be written to make multiple calls (e.g., 10 GETs) to one of the example batch files. The system time can be printed at the beginning and end of the new batch file, and from this, a very simple idea of the overall execution time can be derived.

In this case, the agent is (happily) communicating with two entities, one written in C++ and the other in Java. Though a relatively trivial test, this shows the platform-independent power of standardized protocols.