;SNMP.TXT ------------------------------------------------------------- -- ATI BUILDING BLOCK FOR PATHWAY FROM WOLLONGONG TOOLS -- ------------------------------------------------------------- ------------------------------------------------------------ -- Contents -- ------------------------------------------------------------ I. Using the MIB Variables to Manage your Network II. Working with the SNMP Agent III. Activating the SNMP Agent IV. MIB Variables V. Managing the Network VI. Viewing the MIB Variables VII. Troubleshooting with STAT or WINSTAT VIII. Using PING/WINPING to Determine the Status of a Network Host IX. Troubleshooting Installation I. Using the MIB Variables to Manage your Network ================================================= Building Block provides tools that help you manage your PC, the network, and the host systems on that network. These tools enable you to analyze Management Information Base (MIB) variables, which define the state of your network. These variables include configuration information about the host such as the IP address, transmit and receive statistics, and information regarding the TCP, UDP, IP, ICMP, and ARP protocols. These MIB variables are defined in RFC 1213 and are accessed by the Simple Network Management Protocol (SNMP) agent. SNMP is defined in RFC 1157, which can be obtained by anonymous FTP from the address ftp.nisc.sri.com (192.33.33.22). This section describes the TCP/IP network management tools that use SNMP: 1. The SNMP agent enables an SNMP management station to manage the host on your network. 2. STAT enables you to access MIB variables locally; you can use these variables for troubleshooting purposes, as described in the later section "Troubleshooting with the MIB variables". The Windows version of STAT is WINSTAT. 3. PING is a diagnostic tool used to test TCP/IP configurations and to diagnose connection failures. The Windows version of PING is WINPING. The DOS version cannot be run from within Windows. II. Working with the SNMP Agent =============================== The management station analyzes and monitors the activities on your PC and other hosts on the network. To enable a management station to manage a host on a network, the host must be running the SNMP agent. This SNMP agent responds to status queries from the SNMP station. III. Activating the SNMP Agent ============================== The SNMP agent is activated by the SNMP.EXE command. It is added to your AUTOEXEC.BAT file during the installation process. After you have activated the SNMP agent, a management station on another host can request data from your PC. IV. MIB Variables ================= Building Block can set the following MIB variables: ipDefaultTTL snmpEnableAuthenTraps The SNMP Community name is hard-coded in the SNMP agent, and the following Community names can be used: private proxy regional core The only SNMP Trap messages that are supported are the Authentication failure Trap and the Cold Start Trap. When you install or configure Building Block, the ATI installation software asks for the IP address of an SNMP management station. This station is where the traps will be sent. Authentication Failure trap: If an SNMP station attempts to use an illegal Community name, an authenticationFailure(4) trap will be sent to the SNMP station defined in the setup program. Moreover, this trap contains a variable in its varbind-list whose value identifies the IP address of the offending station. Cold Start trap: Prime the ARP cache before starting snmp.exe in order for the driver to not use the SNMP trap packet for the ARP request. This can be accomplished with the following line in the AUTOEXEC.BAT file: ping -n 1 SNMP-station where SNMP-station is the IP address, hostname, or alias of the SNMP Management station to which traps are sent. V. Managing the Network ======================= SNMP is the recommended Internet standard for performing network management on TCP/IP networks. It uses two applications to perform its collection, monitoring, and analysis functions: 1. The management station, running management software from Wollongong or others, that is used to display, request, and set information. 2. Agents such as Building Block within the individual devices (routers, gateways, networked computers) that collect data and interact with the management station. For example, if you want to display a graph showing how many IP packets were received by a particular host, you type in the request to the management software at the management station. The management station sends a request to the agent on the host to collect the information and send it back. When the management station receives the data, it shows the data on the screen. More than 100 variables can be managed from the management station. This set of variables is called Management Information Base (MIB). The network administrator can manage the network by monitoring the counters, and changing parameters and status variables in the MIB. VI. Viewing the MIB Variables ============================= The STAT program lets you access the MIB variables from your PC. It lets you query the status of basic system elements, such as connections to foreign hosts. STAT gives you access to the ten groups of statistics. These statistics can be used to identify problems with these basic system elements: Local network hardware interface IP, ARP, TCP, routing, and other network functions Foreign hosts Using STAT or WINSTAT to view the MIB variables ----------------------------------------------- To use WINSTAT, you must first set-up the program icon. From Windows "Program Manager" select "File", "New", "Program Item". Type the path to your Building Block files as follows: C:\ATI\WINSTAT.EXE. Each of the available MIB variables can be selected by clicking the appropriate button. To use STAT, you must be at a DOS prompt. By typing STAT the following table will be presented for your choice. PathWay for DOS--Statistics (C) Copyright 1986-1992 The Wollongong Group- All rights reserved Enter MIB group or table you wish to view: 1) System group 2) Interface group 3) ARP group 4) IP group 5) routing table 6) ICMP group 7) TCP group 8) TCP connection table 9) UDP group 0) queue statistics ----------------------------------------------------------------- To display one of the groups listed in the screen above, type the number of the group you want to view. You can also view the MIB statistics about one of the MIB groups. Type: C:\ATI> stat n where n is the number of the group about which you want statistics. VII. Troubleshooting with STAT or WINSTAT ========================================= This section describes the MIB statistics for each of the groups displayed in the STAT screen, the MIB variable groups. It gives examples of how each of the MIB variable groups can be used for troubleshooting. System Group ------------ The System group gives basic information about the PC and the TCP/IP software on the PC, as the following screen demonstrates. ----------------------------------------------------------------- PathWay for DOS -- Statistics (C) Copyright 1986-1992 The Wollongong Group- All rights reserved System description is : Wollongong TCP/IP for DOS -- (Version 3.0) System identifier is : 1.3.6.1.4.1.6.7 System has been up : 799 seconds. ------------------------------------------------------------------ The system identifier is the ASN.1 encoding for the Building Block product. The system up time tells you how long the system has been up. This value is reset when the driver is loaded into the memory. Interface Group --------------- The Interface Group statistics provide information about the network interface card in the PC, as shown in the following screen. ----------------------------------------------------------------- PathWay for DOS -- Statistics (C) Copyright 1986-1992 The Wollongong Group- All rights reserved MIB interface group variables for Wollongong ODI TWGDRVR Interface number 1, type 6 at physical address 0000.c0e5.321c MTU is 1500, Speed is 10000000 bits/sec, Operational status is UP Receive: 7396 Bytes 0 broadcast pkts, 218 unicast pkts Errors : 0 Type 0 discarded, 0 hardware Send : 0 Bytes 0 broadcast pkts, 0 unicast pkts Errors : 0 discarded, 0 hardware ----------------------------------------------------------------- The screen information includes the following static information pertaining to the interface: -The name of the network interface driver -The network type (Ethernet, Token Ring) -The physical address of the network interface -The IP Maximum Transfer Unit (MTU) for the network interface -The speed of the underlying network medium in bits per second The following statistics for the receive and send functions of the network interface are also displayed: -Total amount of data, in bytes -Total number of broadcast packets, unicast packets, and discarded packets -Total number of type errors -Total number of hardware errors detected Here are some guidelines for using the Interface Group statistics to solve problems: -If the physical address field is blank (all zeros), the initialization of the network interface has failed (except for the SLIP interface). For the NDIS interface, this means that no binding has taken place; that is, the NETBIND or PWBIND programs have not been executed. -If the send/receive statistics show that no packets have been received, one of the following conditions could be the cause: -The wrong interrupt is listed on either the NDIS or ODI line in the AUTOEXEC.BAT. -The network interface card may be connected to the wrong cable -The cable may be loose or not functioning -If there is a large number of hardware errors, the network interface card may not be functioning correctly. -If the display shows a large number of discarded packets, use the SETUP15 or SETUP17 to modify the installation and increase the number of packet buffers. The fact that many packets are being discarded is not in itself a reason for concern. The Building Block drivers discard packets that are not IP packets, so many packets are typically discarded in a large, heterogeneous network. However, packets are also discarded when there are insufficient resources to store them. If this is the case, increasing the number of packet buffers will help. ARP Group --------- The ARP group lists the Internet addresses that have been resolved to physical addresses since the device driver for the TCP/IP software has been loaded (for example, since the PC has been rebooted). To translate network addresses into physical addresses, a standard called Address Resolution Protocol (ARP) is used by most hosts. For instance, when you installed your ATI Ethernet adapter card, its 48-bit Ethernet address was fixed by a label to the card. The address will have six integers separated by commas. For example, the card might show the numbers 00,00,F4,14,35,12. The first three integers identify the manufacturer of the card. The last three identify the particular card. Because Ethernet does not understand Internet 32-bit addresses, ARP must resolve IP addresses to physical addresses. As long as the host you are addressing has ARP, it can recognize its own 32- bit Internet address and translate it to its 48-bit Ethernet address. In the rare instance that a host does not use ARP, it will not respond with its own physical address. ARP resolves an Internet address to the physical address of a network interface card in a PC. The following screen shows an example of an ARP group display. ----------------------------------------------------------------- IP address 129.84.3.88 resolved to aa00.0400.0330 on interface 1. IP address 129.84.3.62 resolved to 0800.2000.76ec on interface 1. ----------------------------------------------------------------- If the host you want to access does not use ARP, Building Block permits you to make the address translations for the host. Use the Network to Physical Address Translation Cache feature to assign Internet addresses to the Ethernet host. The translation cache performs the function of ARP. You can use this group to make sure no two PCs on your network are using the same Internet address. Recall that Internet addresses uniquely identify each host running TCP/IP software. While Internet addresses can change depending on the location of a host, physical addresses are ROM encoded. To verify that a specific IP address has not been duplicated: 1. As the Network administrator, you need to know the physical addresses of all the hosts on your network and the corresponding IP addresses. 2. Deallocate the TCP/IP kernel on the PC whose IP address you believe has been duplicated by typing C:\ATI\PWTCPRM. 3. Go to a remote host and PING the host whose IP address you believe has been duplicated. 4. Remain at the host from which you PINGed and display the ARP group by typing STAT 3. 5. If the physical address for the host is different from its assigned IP address, determine what IP address the indicated physical address should have. When you identify the physical address for the host, you can track down the location of the host that was wrongly assigned the duplicate IP address. IP Group -------- The IP Group display provides information about Internet Protocol (IP)-related parameters. In addition to displaying configurable information such as the IP address, network mask, default gateway's IP address, and the broadcast address bit, the IP Group display also shows send and receive statistics at the IP level. ----------------------------------------------------------------- 129.84.3.140 is the IP address of interface 1. 255.255.255.0 is the network mask, 0 is the broadcast address bit This IP host does not support routing. Default Time to live is 255, reassembly timeout is 60 seconds IP recv stats: 54192 packets, 0 routed, 51519 delivered err: 0 plus 11 header, 2662 addressing, 0 protocol Reassembly stats: 0 requests, 0 successes, 725 failures IP send stats: 5161 packets, 0 unroutable, 0 discards Fragment stats: 0 requests, 0 successes, 0 failures ----------------------------------------------------------------- To modify the IP parameters use the SETUP15 or SETUP17 and select modify instead of install. NOTE: The modify process will make changes to your AUTOEXEC.BAT file. Refer to the SIMPLE.TXT file for file configurations. If you are using Windows for Workgroups it will be necessary to edit the AUTOEXEC.BAT file. Routing Statistics ------------------ The Routing statistics display shows any ICMP redirect messages your PC might have received. That is, it tells the host that any traffic meant for a particular host should be redirected to another gateway, and gives the address of that gateway. (See the following screen.) ----------------------------------------------------------- 3 routes currently in route table, 32 free entries 129.84.7.0 routed to 129.84.3.3 via interface 1 129.84.2.0 routed to 129.84.3.2 via interface 1 88.0.0.0 routed to 129.84.3.82 via interface 2 ----------------------------------------------------------- If you have routing software on the PC, the above screen shows the routes that have been set. ICMP Group ---------- The ICMP Group statistics indicate whether ICMP packets are being sent and received correctly. (See the following screen.) --------------------------------------------------------------- ICMP messages: 3 sent, 2 received. destination unreachable: 0 sent, 0 received. Time exceeded: 0 sent, 0 received. parameter problems: 0 sent, 0 received. source quenches: 0 sent, 0 received. redirects: 0 sent, 0 received. echo requests: 3 sent, 0 received. echo replies: 0 sent, 2 received. timestamp requests: 0 sent, 0 received. timestamp replies: 0 sent, 0 received. timestamp replies: 0 sent, 0 received. address mask request: 0 sent, 0 received. address mask replies: 0 sent, 0 received. ICMP packet errors: 0 sent, 0 received. ---------------------------------------------------------------- ICMP stands for Internet Control Message Protocol. Statistics for the parameters shown above appear when your PC sends an ECHO_REPLY or receives an ECHO_REQUEST. TCP Group --------- The TCP Group statistics show how many TCP connections are currently active. (See the following screen.) ---------------------------------------------------------------- Round trip algorithm is type 1, rto is from 110- 16500 msecs. 8 tcp connections actively opened, 5 passively, 2 reset. 4979 tcp segments have been sent, 3537 received, 204 retrans. ---------------------------------------------------------------- This is only applicable if you are using additional software from Wollongong. A TCP connection requires either FTP or TELNET. UDP Group --------- The UDP group statistics show any UDP activity on the PC or on the network. (See the following screen.) ----------------------------------------------------------------- PathWay for DOS -- Statistics (C) Copyright 1986-1992 The Wollongong Group- All rights reserved UDP statistics: 0 datagrams received, 0 datagrams sent. 24 to an unknown port, 0 received in error. 0 UDP listen currently active, 7 free. ----------------------------------------------------------------- The UDP Group shows the number of UDP datagrams sent and received, the number of datagrams received in error, and the number of datagrams sent to an unknown port. The unknown port field usually indicates datagrams used for the rwho program. Queue Statistics ---------------- While not part of the Management Information Base, the queue statistics show the number of packet buffers maintained or "queued" in the TCP/IP kernel buffer queues. The screen below shows a typical example of a queue statistics display. This display shows the current (len), the smallest (min) and largest (max) amount of memory used by each of the queues. ----------------------------------------------------------------- PathWay for DOS -- Statistics (Version 2.1) (C) Copyright 1986-1992 The Wollongong Group- All rights reserved InputQ len: 0 min: 0 max: 1 BigFreeQ len: 6 min: 5 max: 6 SmallFreeQ len: 12 min: 10 max: 12 ----------------------------------------------------------------- The fields in this screen have the following meanings: InputQ All incoming packets received from the device driver are placed here. BigFreeQ Free memory for packet buffers. To increase the size of this Queue, increase the number of large packet buffers using the Extended parameters in the Building Block for DOS Setup Program SmallFreeQ Free memory for packet buffers. The "SmallFreeQ len" field value is always six greater than the BigFreeQ len field. len The number of packets currently in one of the three queues. min The smallest number of buffer entries the queue ever had since the TCP/IP kernel was last loaded into memory. It is not unusual to see a zero value. max The largest number of buffer entries the queue ever had since the TCP/IP kernel was last loaded into memory. VIII. Using PING/WINPING to Determine the Status of a Network Host ================================================================== PING and WINPING are Internet Control Message Protocol (ICMP) echo request programs that can be used from a PC to help determine the operating status of a specific host on a network. You start the PING program by entering the PING command at the DOS prompt. You cannot run the DOS PING from a DOS Window. To use the WINPING utility, you must first set up the icon. From Program Manager select "File", "New", "Program Item". Under the "command line" type: C:\ATI\WINPING.EXE. PING and WINPING send an ICMP ECHO_REQUEST datagram to the selected host and listens for an ICMP ECHO_RESPONSE datagram in response. ECHO_REQUEST datagrams (pings) consist of an Internet Protocol (IP) header, an ICMP header, a time stamp and a selectable number of padding bytes used to fill out the datagram. The default datagram length is 64 bytes. PING and WINPING are useful tools for determining if your PC and other hosts on your network are functioning. It is intended as a tool for network testing and management. When using PING or WINPING to isolate problems on the network, you should first ping your workstation to verify that the TCP/IP transport has been loaded properly. Then a host on your local network to verify that your network interface card is functioning. Next you would PING your default gateway, and then remote hosts. Sending a PING message (no options) ----------------------------------- To PING a remote host without options, type: C:\ATI> ping hostname Where hostname is the official hostname, alias, or IP address of a host. If the host responds to the PING, a screen similar to the following appears. ----------------------------------------------------------------- PathWay for DOS - ICMP Echo program (Version 3.0) (C) Copyright 1986-92 by The Wollongong Group-All rights reserved PING 89.0.0.253(89.0.0.253): 64 data bytes. ICMP send sequence 1: receive no ICMP reply on sequence #1. ICMP send sequence 2: receive ICMP reply. Time=0(tick) ICMP send sequence 3: receive ICMP reply. Time=0(tick) ICMP send sequence 4: receive ICMP reply. Time=0(tick) ICMP send sequence 5: receive ICMP reply. Time=0(tick) ICMP send sequence 6: receive ICMP reply. Time=0(tick) ICMP send sequence 7: receive ICMP reply. Time=0(tick) ICMP send sequence 8: receive ICMP reply. Time=0(tick) ICMP send sequence 9: receive ICMP reply. Time=0(tick) ICMP send sequence 10: receive ICMP reply. Time=0(tick) 89.0.0.253 PING Statistics 10 packets transmitted, 9 packets received 10% packet loss Round-trip (tick) min/avg/max=0/1/2 ----------------------------------------------------------------- In this example, your PC sends a series if ECHO_REQUEST datagrams to hostname and listens for the corresponding ECHO_RESPONSE datagrams from hostname. The series of messages continues until you terminate PING by pressing any key. If a hostname returns a positive reply, you will receive the messages shown in the screen above. If the remote host does not respond, a screen similar to the following appears. ----------------------------------------------------------------- PING 89.0.0.253(89.0.0.253): 64 data bytes. ICMP send sequence 1: receive no ICMP reply on sequence #1. ICMP send sequence 2: receive no ICMP reply on sequence #2. ICMP send sequence 3: receive no ICMP reply on sequence #3. ICMP send sequence 4: receive no ICMP reply on sequence #4. ICMP send sequence 5: receive no ICMP reply on sequence #5. ICMP send sequence 6: receive no ICMP reply on sequence #6. ICMP send sequence 7: receive no ICMP reply on sequence #7. 89.0.0.253 PING Statistics 7 packets transmitted, 0 packets received 100% packet loss 89.0.0.253 not responding ----------------------------------------------------------------- In this case, if an IP address is used, the host may be down, there may be bad cabling, or your network card is not functioning. If a hostname is used, then the HOSTS file may be incorrect. Try the PING command again with the IP address. If there is a response, you will need to edit the HOSTS file. Sending a PING with options --------------------------- The full format of the PING command is: C:\ATI> ping hostname [-s] [-z data size] [-n packets] [-t time] [-o timeout] [-i interval] To display the available PING options on your PC, type ping and press Enter. This list describes the options: -s The ping sends ECHO_REQUEST datagrams to the selected remote host until you press a key on your keyboard. This is the default. -zdatasize Enables you to specify the number of bytes sent in each ECHO_REQUEST datagram. The maximum datasize value is 512 bytes. The default value is 64 bytes. -npackets Enables you to specify how many ECHO_REQUEST datagrams, or packets, to send. -ttime Enables you to specify, in seconds, the length of time you want to send ICMP datagrams. -0timeout Let you specify, in seconds, the length of time you want your PC to listen for an ECHO_RESPONSE datagram before it stops waiting and generates a no reply message. The default is five seconds. -iinterval Enables you to specify, in seconds, the length of the interval between each ECHO_REQUEST datagram transmitted. The default is one second. The ICMP-Echo-Program screen displays more detail when you use the PING options. The options are valid only during a given PING session. All the PING parameters revert to default settings after a session is terminated. -------------------------Example-------------------------- As an example of using PING with options, suppose you wanted to send 10 ECHO_REQUEST datagrams to host hostname, with each datagram being 512 bytes in length, and with an interval between datagrams of five seconds. You would enter the following command: C:\ATI> ping hostname -z 51 -n 10 -i 5 A positive response from hostname appears as shown in the following screen. ----------------------------------------------------------------- PING 89.0.0.253(89.0.0.253): 512 data bytes. ICMP send sequence 1: receive ICMP reply Time=0(tick) ICMP send sequence 2: receive ICMP reply. Time=0(tick)i ICMP send sequence 3: receive ICMP reply. Time=0(tick) ICMP send sequence 4: receive ICMP reply. Time=0(tick) ICMP send sequence 5: receive ICMP reply. Time=0(tick) ICMP send sequence 6: receive ICMP reply. Time=0(tick) ICMP send sequence 7: receive ICMP reply. Time=0(tick) ICMP send sequence 8: receive ICMP reply. Time=0(tick) ICMP send sequence 9: receive ICMP reply. Time=0(tick) ICMP send sequence 10: receive ICMP reply. Time=0(tick) 89.0.0.253 PING Statistics 10 packets transmitted, 9 packets received 0% packet loss Round-trip (tick) min/avg/max=0/0/1 ----------------------------------------------------------------- On the fourth line, note the indication of the size of each datagram (512 data bytes). A summary of the session statistics appears at the bottom of the screen. IX. Troubleshooting Installation ================================ This section describes the command line parameters for the following files: PROTMAN.EXE, PWCONFIG.EXE, PWTCP.EXE, SNMP.EXE NDIS.EXE, and ODI.EXE. All of these files may be loaded in high memory. The installation defaults to load them all in conventional memory. To load these files in high memory, insert LH before the file name in the AUTOEXEC.BAT file. ----------------------------------------------------------------- PWCONFIG.EXE ------------ pwconfig -n:65 The entry -n:65 describes the software interrupt. PWTCP.EXE --------- Loads the TCP/IP transport. SNMP.EXE -------- Loads the SNMP Agent. NDIS.EXE -------- ndis -i:15 -d:2 The -i:15 specifies the interrupt setting for the adapter card. The -d:2 refers to the module number for the NDIS driver in the PROTOCOL.INI file. For example DriverName=AT1500$ ODI.EXE ------- odi -i:15 The -i:15 specifies the interrupt setting for the adapter card. **END**