Previous Table of Contents Next


Trace 6.7b amplifies the first trace by looking at the actual ASN.1-encoded information included within the SNMP PDUs. Frame 7 begins with a SEQUENCE OF type, code 30H, followed by the length of the encoding (94 octets, or 5E). (These two octets are shown in bold within the hexadecimal display and are the 43rd and 44th octets transmitted.) The ASN.1 encoding continues within the SNMP PDU, using the TLV (Type-Length-Value) structure discussed in Chapter 2. You can identify the first OID Value requested (line 6.1) by looking for the preceding OID. That information is the 71st octet transmitted, with an OBJECT IDENTIFIER type (06H), a Length of 8 octets (08H), and a Value of 2B 06 01 02 01 01 03 00H. Recall that the 1.3 prefix is translated into a 43 decimal (or 2BH) through the expression we studied in Section 2.5.3.3. The rest of the PDU follows in a similar manner.

The final example (see Figure 6-12) shows how the SNMP GetRequest PDU is encapsulated within the Ethernet frame. Frame 7 illustrates this with the hexadecimal characters shown below their respective fields. The data capture begins with the destination address (08 00 90 03 4C F1), which identifies the Retix bridge. Likewise, the source address (08 00 20 09 00 C8) identifies the Sun Manager. The Ethertype field (08 00) indicates that IP will be the next protocol in the Data field. You can decode the IP header, UDP header, SNMP authentication header, and SNMP GetRequest PDU (including the Variable Bindings) in a similar manner.


Figure 6-12.  Expansion of the SNMP GetRequest PDU within an Ethernet frame

Trace 6.7b. ASN.1 encoding of SNMP GetRequest and GetResponse PDUs

  Sniffer Network Analyzer data 10-Nov at 10:29:36 file GOLD_SYS.ENC Pg 1

  --------------------------------- Frame 7 -----------------------------
  SNMP: 1.1 SEQUENCE [of], Length=94
  SNMP: 2.1 INTEGER, Length=1, Value = “0”
  SNMP: 2.2 OCTET STRING, Length=6, Value = “public”
  SNMP: 2.3 Context-Specific Constructed [0], Length=81
  SNMP: 3.1 INTEGER, Length=1, Value = “0”
  SNMP: 3.2 INTEGER, Length=1, Value = “0”
  SNMP: 3.3 INTEGER, Length=1, Value = “0”
  SNMP: 3.4 SEQUENCE [of], Length=70
  SNMP: 4.1 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.3.0}”
  SNMP: 6.2 NULL, Length=0, Value = “”
  SNMP: 4.2 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.1.0}”
  SNMP: 6.2 NULL, Length=0, Value = “”
  SNMP: 4.3 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.2.0}”
  SNMP: 6.2 NULL, Length=0, Value = “”
  SNMP: 4.4 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.3.0}”
  SNMP: 6.2 NULL, Length=0, Value = “”
  SNMP: 4.5 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.6.0}”
  SNMP: 6.2 NULL, Length=0, Value = “”
  SNMP:

  ADDR HEX                                             ASCII
  0000 08 00 90 03 4C F1 08 00 20 09 00 C8 08 00 4500  ....L... .....E.
  0010 00 7C 4E 57 00 00 3C 11 A5 C5 84 A3 80 04 84A3  .|NW..<.........
  0020 01 0A 0C A2 00 A1 00 68 00 00 30 5E 02 01 0004  .......h..0^....
  0030 06 70 75 62 6C 69 63 A0 51 02 01 00 02 01 0002  .public.Q.......
  0040 01 00 30 46 30 0C 06 08 2B 06 01 02 01 01 0300  ..0F0...+.......
  0050 05 00 30 0C 06 08 2B 06 01 02 01 01 01 00 0500  ..0...+.........
  0060 30 0C 06 08 2B 06 01 02 01 01 02 00 05 00 300C  0...+.........0.
  0070 06 08 2B 06 01 02 01 01 03 00 05 00 30 0C 0608  ..+.........0...
  0080 2B 06 01 02 01 01 06 00 05 00                   +.........

  --------------------------------- Frame 8 ----------------------------
  SNMP: 1.1 SEQUENCE [of], Length=150
  SNMP: 2.1 INTEGER, Length=1, Value = “0”
  SNMP: 2.2 OCTET STRING, Length=6, Value = “public”
  SNMP: 2.3 Context-Specific Constructed [2], Length=136
  SNMP: 3.1 INTEGER, Length=1, Value = “0”
  SNMP: 3.2 INTEGER, Length=1, Value = “0”
  SNMP: 3.3 INTEGER, Length=1, Value = “0”
  SNMP: 3.4 SEQUENCE [of], Length=125
  SNMP: 4.1 SEQUENCE [of], Length=16
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.3.0}”
  SNMP: 6.2 Application Primitive [3], Length=4, Data = “<0E>R0$”
  SNMP: 4.2 SEQUENCE [of], Length=51
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.1.0}”
  SNMP: 6.2 OCTET STRING, Length=39, Value = “Retix Local Ethernet
Bridge Model 2265M”
  SNMP: 4.3 SEQUENCE [of], Length=20
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.2.0}”
  SNMP: 6.2 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.4.1.72.8.3}”
  SNMP: 4.4 SEQUENCE [of], Length=16
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.3.0}”
  SNMP: 6.2 Application Primitive [3], Length=4, Data = “<0E>R0$”
  SNMP: 4.5 SEQUENCE [of], Length=12
  SNMP: 6.1 OBJECT IDENTIFIER, Length=8, Value = “{1.3.6.1.2.1.1.6.0}”
  SNMP: 6.2 OCTET STRING, Length=0, Value = “”
  SNMP:

  ADDR HEX                                             ASCII
  0000 08 00 20 09 00 C8 08 00 90 03 4C F1 08 00 4500  .. .......L...E.
  0010 00 B5 00 00 00 00 10 11 1F E4 84 A3 01 0A 84A3  ................
  0020 80 04 00 A1 0C A2 00 A1 64 17 30 81 96 02 0100  ........d.0.....
  0030 04 06 70 75 62 6C 69 63 A2 81 88 02 01 00 0201  ..public........
  0040 00 02 01 00 30 7D 30 10 06 08 2B 06 01 02 0101  ....0}0...+.....
  0050 03 00 43 04 0E 52 30 24 30 33 06 08 2B 06 0102  ..C..R0$03..+...
  0060 01 01 01 00 04 27 52 65 74 69 78 20 4C 6F 6361  .....’Retix Loca
  0070 6C 20 45 74 68 65 72 6E 65 74 20 42 72 69 6467  l Ethernet Bridg
  0080 65 20 4D 6F 64 65 6C 20 32 32 36 35 4D 30 1406  e Model 2265M0..
  0090 08 2B 06 01 02 01 01 02 00 06 08 2B 06 01 0401  .+.........+....
  00A0 48 08 03 30 10 06 08 2B 06 01 02 01 01 03 0043  H..0...+.......C
  00B0 04 0E 52 30 24 30 0C 06 08 2B 06 01 02 01 0106  ..R0$0...+......
  00C0 00 04 00                                        ...

This chapter completes our tour of the Internet Network Management Framework. Chapter 7 discusses what happens when the systems (from Chapter 1) and the protocols (from Chapters 2 through 6) don’t work together as designed.

6.8 References

[6-1] Postel, J. “User Datagram Protocol.” RFC 768, ISI, August 1980.
[6-2] Miller, Mark A. Troubleshooting TCP/IP, Second edition. New York, NY: M&T Books, Inc. 1996.
[6-3] Postel, J. “Internet Protocol.” RFC 791, September 1981.
[6-4] Reynolds, J., and J. Postel, “Assigned Numbers.” RFC 1700, October 1994.
[6-5] Postel, J. “Internet Control Message Protocol.” RFC 792, September 1981.
[6-6] Horning, Charles. “A Standard for the Transmission of IP Datagrams over Ethernet Networks.” RFC 894, April 1984.
[6-7] Postel, J., and J. Reynolds. “A Standard for the Transmission of IP Datagrams over IEEE 802 Networks.” RFC 1042, February 1988.
[6-8] Provan, D. “Transmitting IP Traffic over ARCNET Networks.” RFC 1201, February 1991.
[6-9] Katz, D. “A Proposed Standard for the Transmission of IP Datagrams over FDDI Networks.” RFC 1188, October 1990.
[6-10] Plummer, D. “An Ethernet Address Resolution Protocol, or Converting Network Protocol Addresses to 48-bit Ethernet Addresses for Transmission on Ethernet Hardware.” RFC 826, November 1982.
[6-11] Finlayson, R., et.= al. “A Reverse Address Resolution Protocol.” RFC 903, June 1984.


Previous Table of Contents Next