1 / 13

PSAMP MIB Status

PSAMP MIB Status. Managed Objects for Packet Sampling A Status Report Thomas Dietz dietz@netlab.nec.de Benoit Claise bclaise@cisco.com. MIB Structure. Currently there are 4 groups of objects The sampling methods group Defines all sampling methods and their parameters

dchaparro
Download Presentation

PSAMP MIB Status

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PSAMP MIB Status Managed Objects forPacket SamplingA Status Report Thomas Dietz dietz@netlab.nec.de Benoit Claise bclaise@cisco.com

  2. MIB Structure • Currently there are 4 groups of objects • The sampling methods group • Defines all sampling methods and their parameters • The filtering methods group • Defines all filtering methods and their parameters • The reporting group • Defines the collectors the device reports the packets to • The baseAssoc group • Links sampling/filtering methods, their parameters and the collectors together

  3. The sampling/filtering group • Each sampling/filtering method is represented by its capabilities and a parameter table • Currently there are 7 sampling methods and 3 filtering methods defined • The parameter table contains all parameter sets currently used on the device • The MIB tree for a method must only be implemented if the method is supported by the device

  4. The Reporting Group • Contains the addresses of the collectors the device reports to in the collector table • Groups collectors together in the collector group table • The device can report the same sampled packets to multiple collectors • Must be present in every device

  5. The baseAssoc Group • Contains the 2 tables that are vital for the MIB • The baseAssoc table contains the basic information for all the sampling processes applied to the device • The selectionList table links the baseAssoc to the sampling/filtering methods and their parameter sets • These 2 tables must be present on any device

  6. Table Summary

  7. Linking Everything Together psampSelectorListEntry.2.5.1 = 1 (second index) psampSelectorListEntry.2.5.2 = 2 (second index) psampSelectorListEntry.3.5.1 = 1.3.6.1.2.1.XXX.1.1.2.3.1.10 psampSelectorListEntry.3.5.2 = 1.3.6.1.2.1.XXX.1.1.1.3.1.4 psampSampCountBasedParamSetTableEntry.4 psampSampTimeBasedParamSetTableEntry.10 psampCollectorGroupEntry.1.7.5 = 7 (index) Order in which themethods are applied psampBaseAssocEntry.1.5 = 1 (index) psampBaseAssocEntry.x.5 ... psampBaseAssocEntry.4.5 = 7 (index of collector group)

  8. Diagrams, Examples and Function References • The document needs some diagrams and examples to explain the interconnection of different parts of the MIB. An entity relationship diagram should be added in the next version. • References with Object ID‘s must be explained. It must be clear which Object ID should be referenced e.g., by psampBaseAssocObservationPoint or psampSampNonUniProbFunc. • A new section about undefined functions, parameters and observation point is needed.

  9. Hash Filtering • Hash filtering is the most difficult function in the PSAMP Architecture. • The knowledge of all parameters of the hash function in the MIB could lead to a potential attack to the NMS. • The MIB will implement all parameters but these parameters may be protected by any means to avoid a security breach. • Those variables could e.g., be secured by a separate community name and be excluded from public access. • The description of the hash filtering should differentiate between input and output parameters.

  10. Observation Domain,Data Types and Row Status • The observation domain is missing in both the PSAMP-MIB PsampBaseAssocEntry and PSAMP-TECH document. • Consistent usage of data types (especially Unsigned32 and Integer32 with ranges) should be ensured. • The description of the RowStatus objects must clearly state the minimum set of MIB variables in that table that need to be set in order for the status to go to "create".

  11. Router State Filtering • psampFilterRState should be renamed to psampFilterRouterState if maximum OID name length of 32 chars is not exceeded. • The usage of subtables for each router state function should be evaluated. • That would also make clear which function is available (psampFilterRStateAvail) and it can be extended with new methods easily.

  12. Terminology and Document Title • Capitalization should be consistent throughout the document. • Maybe the solution is to list all reference terms from PSAMP and IPFIX drafts (the ones used in the draft). So just a list, with no definition, in the terminology section. • Title should include sampling and filtering not only sampling.

  13. The End Thank you for your attention

More Related