Linux Kernel AgentX Sub-Agents Oliver Wellnitz - - PowerPoint PPT Presentation

Linux Kernel AgentX Sub-Agents

Oliver Wellnitz

wellnitz@ibr.cs.tu-bs.de

Institute of Operating Systems and Computer Networks Technical University Braunschweig, Germany

page 1/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Overview

• Network Managment (SNMP and AgentX)
• Motivation
• Linux Kernel Implementation
• Conclusions and Outlook

page 2/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Why Network Management?

• Large computer networks cannot be managed manually
• Heterogeneous LANs
• Network management is essential

Standard network managment protocol in the Internet: Simple network managment protocol (SNMP)

page 3/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Simple Network Management Protocol

SNMP contains three principal components:

• SNMP manager

requests and processes information from SNMP agents

• SNMP agents
• n each device, provides management information to SNMP

managers

• Management Information Bases (MIBs)

define the data models of certain management areas, contain scalars and tables, MIB tree

page 4/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Simple Network Managment Protocol (cont.)

SNMP agents

Get/Set Notification

SNMP manager

Get/Set Notification Get/Set Notification

• ✁

page 5/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Extensible Agents

Goals

• Seperate SNMP protocol engine from MIB instrumentation
• Facilitate the (dynamic) extension with new MIB modules
• Extensible agents should be transparent for managers

Get / Set / Traps Get / Set / Traps Protocol Get / Set SNMP Protocol Traps

SNMP Agent Subagent Subagent SNMP SNMP Manager

Subagent

Master Agent

page 6/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Subagent Protocols

• SNMP multiplexing protocol (SMUX),

RFC 1227, May 1991

• SNMP distributed programm interface (DPI),

RFC 1228, May 1991

• Enhanced MANagement Agent Through Extensions

(EMANATE), commercial product

• Agent eXtensibility (AgentX),

RFC 2741, January 2000

page 7/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

AgentX Protocol Features

• Simplified variable enconding (SNMP uses ASN.1/BER)
• No authentication, no encryption (
• simple to implement)
• Registration conflict arbitration
• Index allocation
• Multiple sessions with one connection
• Multiphase set operation
• Mature (First subagent protocol on IETF’s standards track)

page 8/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Motivation

Problems of today’s userspace SNMP agents for Linux

• Various methods to gather information from the kernel

(ioctl, specific system call, /proc filesystem)

• Specific kernel interfaces may change
• SNMP Notifications are difficult to implement
• Functionality and management of kernel subsystem are split

and often diverge

page 9/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Management Architecture Overview

... ... Master Agent SNMP AgentX Module Subsystem Kernel Userspace Userspace Subagent Userspace Subagent Userspace Kernel Userspace Kernel Subagent Kernel Subagent Kernel Mgmt Info Mgmt Info Mgmt Info Mgmt Info Subsystem Subsystem Subsystem page 10/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Kernel AgentX Architecture

SNMP Master agent

AgentX module MIB modules

functions Notification emitting functions Notification emitting functions Callback functions Callback Socket layer Session layer AgentX protocol layer Receiving thread specific layer MIB / subsystem Kernel subsystem Kernel subsystem

page 11/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Subagent Registration

• Register MIB region
• Registration contains list of callback functions
• More than one registration is possible
• Callback functions handle all requests for a specific MIB

subregion

• Asynchronous subagent registration does not depend on master

agent

page 12/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Get / GetNext / GetBulk Processing

• Transfrom GetNext / GetBulk into (several) Get requests
• Subagent callback functions work on a single variable
• Split up large requests and reassemble responses

(Multiplexing)

• Produce errors for requests that cannot be assigned to a

subagent callback function

page 13/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Example: GetBulk processing

B B B C A C A A C C

Manager Subagent SNMP SNMP Agent Subagent

1 2

AgentX SNMP Master agent module

page 14/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Set Transaction

Start Success Success Abort Transaction failed Transaction completed TestSet CommitSet CleanupSet UndoSet Transaction aborted

• Four different AgentX PDUs
• Multiphase set operation to maintain atomic nature of SNMP

set requests (all-or-nothing)

• Multiplexing similar to Get/GetNext/GetBulk requests
• Stateless subagents; Undo data is stored within the AgentX

module

page 15/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Implemented MIB Modules

• Interfaces MIB (IF-MIB, RFC 2863) module
• Read-only informational elements (ifname, speed, mtu, etc.)
• Can set interface up/down via ifAdminStatus
• Can send trap when interface status changes
• Standalone kernel module
• Linux Netfilter MIB module
• No exisiting MIB, developed our own (with Frank Strauß)
• Focuses on Netfilter core functions
• Can show / alter / add Netfilter rules
• Integrated in the Netfilter subsystem

page 16/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Conclusions

Easy access to information from inside the kernel Can efficiently support SNMP notifications Kernel subsystem and management are integrated Requires little knowledge of SNMP or AgentX protocol No immediate information gain except for notifications Programming inside the kernel is more critical to machine stability

page 17/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Outlook

• Not publicly released yet but planned to
• Get feedback from the network management and the Linux

community

• Implement more Standard MIBs

page 18/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Links

Linux Kernel AgentX sub-agents, Diplomarbeit, September 2002 http://www.ibr.cs.tu-bs.de/

• wellnitz/kagentxd/

The Simple Web http://www.simpleweb.org IETF AgentX Working Group http://www.scguild.com/agentx/ The NET-SNMP project http://www.net-snmp.org

page 19/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents

Thanks for listening. Questions? Comments?

page 20/20 Oliver Wellnitz, IBR, TU Braunschweig Diplomanden- und Doktorandenseminar, October 2002

Linux Kernel AgentX sub-agents