snmp.sgml

来自「eCos操作系统源码」· SGML 代码 · 共 601 行 · 第 1/2 页

<!-- {{{ Banner                         -->

<!-- =============================================================== -->
<!--                                                                 -->
<!--     snmp.sgml                                                   -->
<!--                                                                 -->
<!--     eCos TCP/IP Stacks                                          -->
<!--                                                                 -->
<!-- =============================================================== -->
<!-- ####COPYRIGHTBEGIN####                                          -->
<!--                                                                 -->
<!-- =============================================================== -->
<!-- Copyright (C) 1997, 1998, 1999, 2000, 2001, 2002 Red Hat, Inc.  -->
<!-- This material may be distributed only subject to the terms      -->
<!-- and conditions set forth in the Open Publication License, v1.0  -->
<!-- or later (the latest version is presently available at          -->
<!-- http://www.opencontent.org/openpub/)                            -->
<!-- Distribution of the work or derivative of the work in any       -->
<!-- standard (paper) book form is prohibited unless prior           -->
<!-- permission obtained from the copyright holder                   -->
<!-- =============================================================== -->
<!--                                                                 -->      
<!-- ####COPYRIGHTEND####                                            -->
<!-- =============================================================== -->
<!-- #####DESCRIPTIONBEGIN####                                       -->
<!--                                                                 -->
<!-- ####DESCRIPTIONEND####                                          -->
<!-- =============================================================== -->

<!-- }}} -->

<PART id="net-snmp">
<TITLE>SNMP</TITLE>
<CHAPTER id="net-snmp-ecos-port">
<TITLE><!-- <xref> -->SNMP for <EMPHASIS>eCos</EMPHASIS></TITLE>
<SECT1 id="net-snmp-version">
<TITLE>Version</TITLE>
<PARA>
This is a port of <!-- <index></index> -->UCD-SNMP-4.1.2
</PARA>
<PARA>Originally this document said: See
<ulink url="http://ucd-snmp.ucdavis.edu/">http://ucd-snmp.ucdavis.edu/</ulink>
for details.  And send them a postcard.
</PARA>
<PARA>
The project has since been renamed &ldquo;net-snmp&rdquo; and re-homed at
<ulink url="http://net-snmp.sourceforge.net/">
            http://net-snmp.sourceforge.net/</ulink>
where various new releases (of the original, not <EMPHASIS>eCos</EMPHASIS>
ports) are available.
</PARA>
<PARA>
The original source base from which we worked to create the
<EMPHASIS>eCos</EMPHASIS> port is available from various archive sites such
as
<ulink url="ftp://ftp.freesnmp.com/mirrors/net-snmp/">
            ftp://ftp.freesnmp.com/mirrors/net-snmp/</ulink>
or
<ulink url="ftp://sunsite.cnlab-switch.ch/mirror/ucd-snmp/">
            ftp://sunsite.cnlab-switch.ch/mirror/ucd-snmp/</ulink>
generally with this filename and details:
<screen>
<ulink url="ftp://ftp.freesnmp.com/mirrors/net-snmp/ucd-snmp-4.1.2.tar.gz">
ucd-snmp-4.1.2.tar.gz. . . . . . Nov  2  2000   1164k</ulink>
</screen>
</PARA>
</SECT1>
<SECT1 id="net-snmp-package-contents">
<TITLE>SNMP packages in the <EMPHASIS>eCos</EMPHASIS> source repository</TITLE>
<PARA>
The SNMP/eCos package consists of two eCos packages;
the SNMP library and the SNMP agent.
</PARA>
<PARA>
The sources are arranged this way partly for consistency with
the original release from UCD, and so as to accommodate possible
future use of the SNMP library without having an agent present.
That could be used to build an eCos-based SNMP client application.
</PARA>
<PARA>
The library contains support code for talking SNMP over the
net - the SNMP protocol itself - and a MIB file parser (ASN-1) which
is not used in the agent case.
</PARA>
<PARA>
The agent contains the application specific handler files
to get information about the system into the SNMP world, together
with the SNMP agent thread
(<LITERAL>snmpd</LITERAL> in <LITERAL>UNIX</LITERAL> terms).
</PARA>
</SECT1>
<SECT1 id="net-snmp-mibs-supported">
<TITLE>MIBs supported</TITLE>
<PARA>
The standard set in MIB-II, together with the Ether-Like MIB, are supported
by default.  The MIB files used to compile the handlers in the agent and to
&ldquo;drive&rdquo; the testing (<command>snmpwalk</command> <EMPHASIS>et
al</EMPHASIS> under <LITERAL>LINUX</LITERAL>)
are those acquired from that same UCD distribution.
</PARA>
<PARA>
These are the supported MIBs; all are below mib2 == 1.3.6.1.2.1:
</PARA>
<PROGRAMLISTING>
system        { mib2 1 }   
interfaces    { mib2 2 }
              [ address-translation &ldquo;at&rdquo; { mib2 3 } is deprecated ]
ip            { mib2 4 }   
icmp          { mib2 5 }   
tcp           { mib2 6 }   
udp           { mib2 7 }
              [ exterior gateway protocol &ldquo;egp&rdquo; { mib2 8 } not supported ]
              [ cmot { mib2 9 } is &ldquo;historic&rdquo;, just a placeholder ]
dot3          { mib2 10 7 } == { transmission 7 } &ldquo;EtherLike MIB&rdquo;
snmp          { mib2 11 }
</PROGRAMLISTING>
<PARA>
On inclusion of SNMPv3 support packages, the following MIBs are added to the
default set of MIBs enumerated above : 
</PARA>
<PROGRAMLISTING>
snmpEngine    { snmpFrameworkMIBObjects 1 }  SNMP-FRAMEWORK-MIB, as described in
                                             RFC-2571 for support of SNMPv3
                                             framework.

usmStats      {           usmMIBObjects 1 }  SNMP-USER-BASED-SM-MIB, as 
usmUser       {           usmMIBObjects 2 }  specified in RFC-2574 for support 
                                             of user based security model in 
                                             SNMPv3 management domains.
</PROGRAMLISTING>
</SECT1>
<SECT1 id="net-snmp-ecos-changes">
<TITLE>Changes to eCos sources</TITLE>
<PARA>
Small changes have been made in three areas:
</PARA>
<orderedlist>
<listitem><PARA>Various hardware-specific ethernet drivers.</para></listitem>
<listitem><para>The generic ethernet device driver.</PARA></listitem>
<listitem><para>The OpenBSD TCP/IP networking package.</PARA></listitem>
</orderedlist>
<PARA>
These changes were made in order to export information about the driver and
the network that the SNMP agent must report.  The changes were trivial in
the case of the network stack, since it was already SNMP-friendly.  The
generic ethernet device driver was re-organized to have an extensive header
file and to add a couple of APIs to extract statistics that the
hardware-specific device drivers keep within themselves.
</PARA>
<PARA>
There may be a performance hit for recording that data; disabling
a config option named something like
<LITERAL>CYGDBG_DEVS_ETH_xxxx_xxxx_KEEP_STATISTICS</LITERAL>
depending on the specific device driver will prevent that.
</PARA>
<PARA>
Not all platform ethernet device drivers export complete SNMP statistical
information; if the exported information is missing, SNMP will report zero
values for such data (in the dot3 MIB).
</PARA>
<PARA>
The interface chipset has an ID which is an OID; not all the latest greatest
devices are listed in the abailable database, so new chipsets may need to
be added to the client MIB, if not defined in those from UCD.
</PARA>
</SECT1>
<SECT1 id="net-snmp-starting-the-snmp-agent">
<TITLE>Starting the SNMP Agent</TITLE>
<PARA>
A routine to instantiate and start the SNMP agent thread in the default
configuration is provided in
<filename>PACKAGES/net/snmp/agent/VERSION/src/snmptask.c</filename>
</PARA>
<PARA>
It starts the snmpd thread at priority
<LITERAL>CYGPKG_NET_THREAD_PRIORITY+1</LITERAL>
by default, ie. one step less important than the TCP/IP stack service
thread.
It also statically creates and uses a very large stack of around 100
KiloBytes.
To use that convenience function, this code fragment may be copied (in
plain C).
</PARA>
<PROGRAMLISTING>
#ifdef CYGPKG_SNMPAGENT
{
                extern void cyg_net_snmp_init(void);
                cyg_net_snmp_init();
            
}
#endif
</PROGRAMLISTING>
<PARA>
In case you need to perform initialization, for example setting up SNMPv3
security features, when the snmp agent starts and every time it restarts,
you can register a callback function by simply writing the global variable:
<PROGRAMLISTING>
externC void (*<EMPHASIS>snmpd_reinit_function</EMPHASIS>)( void );
</PROGRAMLISTING>
with a suitable function pointer.
</PARA>
<PARA>
The entry point to the SNMP agent is
<PROGRAMLISTING>
externC void <FUNCTION>snmpd</FUNCTION>( void (*<EMPHASIS>initfunc</EMPHASIS>)( void ) );
</PROGRAMLISTING>
so you can of course easily start it in a thread of your choice at another
priority instead if required, after performing whatever other
initialization your SNMP MIBs need.  A larger than default stacksize is
required.  The <LITERAL>initfunc</LITERAL> parameter is the callback
function mentioned above &mdash; a NULL parameter there is safe and
obviously means no callback is registered.
</PARA>
<PARA>
Note that if you call <LITERAL>snmpd();</LITERAL> yourself and do
<EMPHASIS>not</EMPHASIS> call <LITERAL>cyg_net_snmp_init();</LITERAL> then
that routine, global variable, and the default large stack will not be
used.  This is the recommended way control such features from your
application; create and start the thread yourself at the appropriate
moment.
</PARA>
<PARA>
Other APIs from the <LITERAL>snmpd</LITERAL> module are available,
specifically:
<PROGRAMLISTING>
void <FUNCTION>SnmpdShutDown</FUNCTION>(int <EMPHASIS>a</EMPHASIS>);
</PROGRAMLISTING>
which causes the <LITERAL>snmpd</LITERAL> to restart itself &mdash;
including the callback to your init function &mdash; as soon as possible.
</PARA>
<PARA>
The parameter <EMPHASIS>a</EMPHASIS> is ignored.  It is there because in
<LITERAL>snmpd</LITERAL>'s &ldquo;natural environment&rdquo; this routine
is a <LITERAL>UNIX</LITERAL> signal handler.
</PARA>
<PARA>
The helper functions in the network stack for managing
<LITERAL>DHCP</LITERAL>
leases will call <FUNCTION>SnmpdShutDown()</FUNCTION>
when necessary, for example if network interfaces go down and/or come up
again.
</PARA>
</SECT1>
<SECT1 id="net-snmp-configuring-ecos">
<TITLE>Configuring eCos</TITLE>
<PARA>
To use the SNMP agent, the SNMP library and agent packages must be
included in your configuration. To incorporate the stack into your
configuration select the SNMP library and SNMP agent packages in the
eCos Configuration Tool, or at the command line type:
<SCREEN>
$ <USERINPUT>ecosconfig add snmplib snmpagent</USERINPUT>
</SCREEN>
</PARA>
<PARA>
After adding the networking, common ethernet device drivers,
snmp library and snmp agent packages, there is no configuration
required. However there are a number of configuration options
that can be set such as some details for the System MIB, and
disabling SNMPv3 support (see below).
</PARA>
<PARA>
Starting the SNMP agent is not integrated into network
tests other than <FILENAME>snmpping</FILENAME> below, nor is it
started automatically in normal eCos startup -
it is up to the application to start the agent when it is ready,
at least after the network interfaces are both &lsquo;up&rsquo;.
</PARA>
<SECT2 id="net-snmp-version-usage">
<TITLE>Version usage (v1, v2 or v3)</TITLE>
<PARA>
The default build supports all three versions of the SNMP protocol, but without
any dispatcher functionality (rfc 2571, section 3.1.1.2). This has the
following implications :
</PARA>
<PARA> 1. There is no community authentication for v1 and v2c.</PARA>
<PARA>2. Security provided by v3 can be bypassed by using v1/v2c protocol.</PARA>
<PARA>
To provide the dispatcher with rfc 2571 type functionality, it is required to
set up security models and access profiles. This can be provided in the normal
Unix style by writing the required configurations in <LITERAL>snmpd.conf</LITERAL> 
file. Application code may setup profiles in <LITERAL>snmpd.conf</LITERAL> and 
optionally set the environment variable <LITERAL>SNMPCONFPATH</LITERAL> to 
point to the file if it is not in the usual location. The whole concept works
in the usual way as with the standard UCD-SNMP distribution.
</PARA>
</SECT2>
<SECT2 id="Traps">
<TITLE>Traps</TITLE>
<PARA>
The support of the <LITERAL>trapsink</LITERAL> command in the
<link linkend="net-snmp-agent-manpages-snmpd.conf">snmpd.conf</link> file is not tested 
and there may be problems for it working as expected. Moreover, in systems that do not 
have filesystem support, there is no way to configure a trap-session in the
conventional way.
</PARA>
<PARA>
For reasons mentioned above, applications need to initialize their own trap
sessions and pass it the details of trap-sink. The following is a small sample
for initializing a v1 trap session :
</PARA>