test case generation for testing snmp agents
DESCRIPTION
Test Case Generation for testing SNMP agents. Diana Serbanescu (Fraunhofer FOKUS) & Theofanis Vassiliou-Gioles (Testing Technologies). Contact. Diana Serbanescu Fraunhofer FOKUS diana.serbanescu@ fokus.fraunhofer.de. Theo Vassiliou Testing Technologies [email protected]. Agenda. - PowerPoint PPT PresentationTRANSCRIPT
Test Case Generation for testing SNMP agents
Diana Serbanescu (Fraunhofer FOKUS) & Theofanis Vassiliou-Gioles (Testing Technologies)
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Contact
2
Diana SerbanescuFraunhofer FOKUS
Theo VassiliouTesting Technologies
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Agenda
Why SNMP?
An Introduction to SNMP
Technical Solution
3
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Why bother for SNMP at all?
First version has been defined in the late 1980sRFC 1067, 1098, 1157
A protocol to monitor and manage network elements
Defines a message structure and communication flows
Widely deployed and heavily used in the IT datacom industry
Router, switches, servers, network printers, ...
One would think that SNMP isWell establishedWell deployed and thereWell tested!
4
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
New Domains – New Applications
5
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Summary – Why SNMP
SNMP is well established in the IT community
Application to new domains require thorough testing
of existing functionalityin sometimes hazard environmentsby not native IT/datacom experts
6
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Introduction to SNMP (I)
SNMP is a tool (protocol) that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices
Comprised of agents and managers
SNMP is a “client pull” model
The management system (client) “pulls” data from the agent (server)
SNMP is a “server push” model
The agent (server) “pushes” out a trap message to a (client) management system
7
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Introduction to SNMP (II)
SNMP managementSNMP Protocol
Definition of message formatOperation specification
Structure of Management Information (SMI)
Rules specifying the format used to define objects managed
Management Information Base (MIB)
A map all managed objects
Languages of SNMPStructure of Management Information (SMI)ASN.1
Used to define the MIBsBasic Encoding Rules (BER)
For SNMP message encoding
Three different versions of SNMP defined over the years
v1, v2 and v3V3 adds authorization and encryption
8
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
MIBs : Management Information Base MIB-I
9
Root Node
CCITT(0) ISO(1) Joint(2)
org(3)
dod(6)
Internet(1)
directory(1) mgmt(2)experimental
(3)private(4)
mib(1)
system(1)
Interface(2)
at(3) IP(4) icmp(5) tcp(6) udp(7) egp(8) oim(9)
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.© 10
The Object Identifier (OID)
A scheme that allows two vendors or products within a vendor to compare like items
Object identifiers (OID) as the identification schemeAn OID is an ordered sequence of non-negative integers written left to right, containing at least two elements
Once a MIB module is published, OIDs are bound for all time to the objects defined
Objects cannot be deletedCan only be made obsoleteEven minor changes to an object are discouraged
Root Node
CCITT(0) ISO(1) Joint(2)
org(3)
dod(6)
Internet(1)
directory(1) mgmt(2)experimental
(3)private(4)
mib(1)
system(1)
Interface(2)
at(3) IP(4) icmp(5) tcp(6) udp(7) egp(8) oim(9)
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
SNMP Operations (v1, v2 & v3)
Get
Get-next
Get-bulk (SNMPv2 and SNMPv3)
Set
Get-response
Trap
Inform (SNMPv2 and SNMPv3)
Report (SNMP2 and SNMPv3)
11
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
SNMP PDU Sequences
12
Manager Agent
GetRequest PDU
GetResponse PDU
Manager Agent
SetRequest PDU
GetResponse PDU
Manager Agent
GetNextRequest PDU
GetResponse PDU
Manager Agent
Trap PDU
(a) Get values (b) Get next values
(c) Set values (d) Send trap
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.© 13
SNMP Security Mechanisms - Summary
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Summary – What is SNMP?
A protocol to manage network agents
Communication is ASN.1/BER based
MIBs define the managed objects
Different versions of SNMP are available
Security plays a major role in v3 but it is considered difficult to handle by users.
14
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Test Aspects
Single and multiple (table) values for the objects defined in the given MIB file(s) should be verified for type and value conformance
Test the main operations for each version of the SNMP protocol that is being used
GET/GET-NEXT/GET-BULK/SETNegative and positive tests
Positive: e.g. GET a read-write objectNegative: e.g. SET a read-only object
Test the main operations within different security levels
15
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Abstract Test Architecture for SNMP
16
TTCN-3Test System
SNMP Transmission
SNMP Entity
Act as a SMP Manager
SNMP AgentMIB document
SNMPv3 Testing: Basic Test Concept Configuration
Convert MIB definitions to TTCN-3and import them in TTCN-3 modules
Compile MIB definitionsSUT
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Abstract Architecture for Testing SNMP jointly with other Protocols/Test Access
17
SNMP TTCN-3Test System
SNMP Testing Module
SNMP Testing Module
Generic Test Access
Generic Test Access
SUT
SNMPSNMPGET RESPONSE / TRAP
SET (USM)
GET / GETNEXTGET BULK
WebServiceIP LPT
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Abstract Workflow
18
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
TTplugin-SNMP Generated Artefacts
19
MIBMIBMIBMIB
MIBMIBMIBMIB
TypeSystem
TypeSystem
Pattern 1
Pattern 1
Pattern 2
Pattern 2
Pattern 3
Pattern 3
Pattern 4
Pattern 4
Pattern 5
Pattern 5
Pattern 6
Pattern 6
Pattern 7
Pattern 7
SUT
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
The Patterns
Testing for type conformanceT1, T3
Testing for valuesT5, T6, T7
Testing for access rightsT2, T4
Testing for values can be enhanced by value enforcement via additional test access
Web Service, IP Packets,
20
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
The Complete Test System
21
TypeSystem
TypeSystem
SUT
TTworkbench
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.© 22
Summary & Outlook
Summary A test architecture as TTplugin-SNMP for testing SNMPv1,2,3 was developedFocus was on the seamless management of the different SNMP version and security mechanismsTest case templates that cover the main groups of tests for SNMP are defined and implemented in the frameworkA very powerful framework to quickly define test cases to SNMP agents and/or SNMP mastersTTplugin –SNMP can also be used to manipulate SNMP manged system in non-SNMP testing context
OutlookTo generate more test cases based on generic patterns
Copyright Testing Technologies 2012. Confidential Information. All Rights Reserved. More Information at www.testingtech.com.©
Further information
Fraunhofer FOKUS – MOTIONwww.fokus.fraunhofer.de/de/motion/index.html
Testing Technologiestestingtech.comfacebook.com -> Testing-Technologies
TTplugin-SNMPtestingtech.com/products/ttplugins_snmp.phptestingtech.com/download/datasheets/PlugSNMP.pdf
23