A computer network is a collection of interconnected computing devices that can exchange data and share resources. In a packet-based network, such as an Ethernet network, the computing devices communicate data by dividing the data into small blocks called packets, which are individually routed across the network from a source device to a destination device. The destination device extracts the data from the packets and assembles the data into its original form. Dividing the data into packets enables the source device to resend only those individual packets that may be lost during transmission.
A conventional network device, such as a router, typically includes a mechanism, such as a management interface, to locally or remotely configure the device. By interacting with the management interface, various clients, such as human users and automated scripts, can perform configuration tasks. For example, the clients may configure interface cards of the device, adjust parameters for supported network protocols, specify physical components within the device, modify routing information maintained by a router, access software modules and other resources residing on the device, and perform other configuration tasks.
The Simple Network Management Protocol (SNMP) is a standard defined by the Internet Engineering Task Force (IETF) for managing network devices. SNMP uses an extensible design that incorporates management information bases (MIBs) to define and store configuration data that is available in a managed device. Specifically, MIBs describe the structure of the management data of a network device by using a namespace that contains object identifiers. Each object identifier identifies a variable of configuration data within the network device that can be read or set by the client via SNMP, where the variable represents a specific characteristic (e.g., configurable parameter) about the managed device. MIBs typically manage two basic types of objects; scalar objects and tabular objects. Tabular objects define multiple related object instances and group them into MIB tables, sometimes called SNMP tables. MIBs are often hard-coded into a managed device, and a unique MIB typically exists for each management format area implemented by a management device. Management devices, such as computer consoles, utilize SNMP MIBs to manage devices of a network, such as routers, switches, and other network devices.
The SNMP standard defines several commands that an SNMP management application running on an SNMP management system must support for managing remote network devices. The SNMP management application issues the commands to an SNMP agent executing on the managed device. In version two of the SNMP standard recently announced, generally referred to as SNMPv2, these commands include Get, GetNext, Set, and GetBulk. When issued by the SNMP management application, the Get and GetNext commands, for example, each retrieve a single scalar or tabular object from a MIB of the targeted network device. When retrieving several scalar or tabular objects, it may be more efficient for the management application to issue a GetBulk command because, as defined by SNMPv2 a single GetBulk command may be used to retrieve multiple scalar and tabular objects from the MIB rather than requiring the management application to issue multiple Get or GetNext commands to the remote network device.
As defined, the GetBulk command takes several parameters including one or more scalar or tabular object identifiers, an integer value corresponding to the number of object identifiers for which only a single value is to be retrieved (non-repeaters), and a maximum number of repetitions (max-repetitions) for the remaining object identifiers. In operation, the GetBulk command is internally translated by the SNMP agent running on the remote network device into a set of GetNext commands, one for each non-repeating object identifier and a number of sequential GetNext commands for the remaining object identifiers equal to the number specified by the max-repetitions parameter. The GetBulk command permits the SNMP management application to fetch more data in a single command. However, SNMP does not provide means for the management application to determine the number of rows in an SNMP table located within the MIB of the remote network device being managed. As a result, if the max-repetitions parameter is set too low by the issuing management application, then the performance of the request when implemented by the remote network device may be no better than a series of GetNext commands resulting in an inefficient use of the GetBulk command. If the max-repetitions value is set too high, the response may contain information outside the scope of the requested or the SNMP agent may crash when trying to allocate more memory than is possible, thus allowing the SNMP GetBulk command to be used as the basis of a denial of service attack.
Previous solutions for determining and setting the max-repetitions parameter of the GetBulk command were directed to adding new SNMP protocol operations to retrieve the row count of the SNMP table, to retrieve a sub-tree of the table such that only the columns specified are fetched in a single-request, multiple-response way, or to put a filter criteria inside the SNMP request so that only the requested columns will be fetched. Other previous solutions include putting a proxy on the SNMP agent that fetches required columns only and then the proxy sends them to the SNMP management application and adding a scalar SNMP variable inside the MIBs for each table to represent the row count in that table. However, when adding new SNMP protocol operations, all SNMP management and managed devices must be modified or upgraded at significant administrative expense. Similarly, modifying the SNMP agent and adding a proxy on the SNMP agent both require at least updating all SNMP managed devices again, at significant administrative expense.