Chapter 9: Network Management Chapter goals: introduction to network management motivation major components Internet network management framework MIB: management information base SMI: data definition language SNMP: protocol for network management security and administration presentation services: ASN.1 Network Management
Chapter 9 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration ASN.1 Network Management
What is network management? autonomous systems (“network”): 100s or 1000s of interacting hardware/software components other complex systems requiring monitoring, control: jet airplane nuclear power plant others? "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, analyze, evaluate, and control the network. Network Management
What is network management? Lets see One analogy first Imagine that ur the head of a large organization that has several branch offices around the world Its your job to make sure that the pieces of your organization are operating smoothly How will you do so? You will periodically gather data from your branch offices in the form of reports & budget Network Management 9-4
Then pass order (make this change) to the branch office. You will occasionally (but not always) be explicitly notified when there is a problem in one of the branch offices The branch manager may send you unsolicited (unwanted) reports indicating how smoothly things are running at his or her branch You will see the reports try to find out the solution on that problem that need your attention You might initiate a one-on-one dialogue with one of your problem branch offices, gather more data in order to understand the problem Then pass order (make this change) to the branch office. Network Management 9-5
There are three major components of a network management architecture: This is very common human scenario for controlling the organization – the boss (you), the remote sites being controlled (the branch offices), your remote agents (the branch office managers), communication protocols (for transmitting reports and data) The architecture of a network management system is conceptually identical to our analogy There are three major components of a network management architecture: A managing entity (the boss), the managed devices (the branch office) and the network management protocol with agent data (branch manager) Network Management 9-6
A managed device is a piece of network equipment (including its software) that resides on a managed network (branch office) A managed device might be a host, router, hub, modem, within managed device there may be several managed objects These managed objects are the actual pieces of hardware within managed device (ex: network interface card) Network Management 9-7
In our human analogy the managed objects might be the departments within the branch office In each managed device is a network management agent (a process running in the managed device that communicate with managing entity The last piece of network management architecture is the network management protocol (protocol runs between managing entity & managed device) Network Management
Infrastructure for network management definitions: managing entity agent data managing entity data managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managed device agent data network management protocol managed device agent data agent data managed device managed device Network Management
Internet-standard management Framework SNMP: Simple Network Management Protocol (SNMP) It is used for network management in the internet for moving management data between a management entity & its agents started simple deployed, adopted rapidly growth: size, complexity currently: SNMP V3 Network Management
Chapter 9 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration ASN.1 Network Management
SNMP overview: 4 key parts Management information base (MIB): distributed information store of network management data( the MIB defines information conveyed between the branch office & main office) Structure of Management Information (SMI): data definition language for MIB objects (that defines data types, rules for writing & revising management information) SNMP protocol (conveying information & commands between a managing entity & agent) convey manager<->managed object info, commands security, administration capabilities major addition in SNMPv3(major enhancement) Network Management
Structure of Management Information SMI SMI: The Structure of Management Information is language used to define the management information residing in a managed network entity Such a definition language is needed to ensure that the syntax and semantics of the network management data are well defined & unambiguous (clear-cut, unmistakable) Basic Data Types INTEGER Integer32 Unsigned32 OCTET STRING IPaddress(32 bit ip add.) Counter32 Counter64 Time Ticks (Time Measured) Network Management 9-13
In addition to the basic data types, the SMI data definition language also provides higher level language constructs The OBJECT-TYPE construct is used to specify the data type, status and semantics of a managed object Collectively these managed objects contain the management data that lie at the heart of network management The OBJECT-TYPE constructs has four clauses The SYNTAX clause of an OBJETC-TYPE definition specifies the basic data type associated with the object
The MAX-ACCESS clause specifies whether the managed object can be read, be written The STATUS clause indicates whether the object definition is current and valid The DESCRIPTION clause contains a human-readable textual definition of the object ipInDelivers OBJECT TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION “The total number of input datagrams successfully delivered to IP user- protocols Counter32: keeps track of the number of IP datagrams that were received at managed device
The MODULE- IDENTITY construct allows related objects to be grouped together within a “module” In addition to containing the OBJECT-TYPE definition of the managed objects within the module The MODULE-IDENTITY constructs contains clauses to document contact information of the author of module The date of the last update, a revision history and textual description of the module. Ex: consider module definition for management of the IP protocol
Editors of this version: MODULE-IDENTITY: ipMIB ipMIB MODULE-IDENTITY LAST-UPDATED “941101000Z” ORGANZATION “IETF SNMPV2 Working Group” CONTACT-INFO “ Keith McCloghrie Postal:Cisco Systems, 170 West Tasman Drive, CA 95134-1706, US Phone: +1 408 526 5260 ……” DESCRIPTION “The MIB module for managing IP and ICMP implementations” IETF: The Internet Engineering Task Force (IETF) develops and promotes Internet standards Editors of this version: The MODULE-IDENTITY statement is where information is collected such as the module's purpose, the organization responsible for the module, and contact information for the module's authors Network Management
MODULE IDENTITY moduleIdentityName MODULE-IDENTITY LAST-UPDATED "timestamp" ORGANIZATION "text" CONTACT-INFO "text" DESCRIPTION “text" The MODULE-IDENTITY statement is where information is collected such as the module's purpose, the organization responsible for the module, and contact information for the module's authors. It also contains revision tracking information -- in the form of a timestamp (A timestamp is a sequence of characters, denoting the date and/or time at which a certain event occurred)for the last update Network Management
Network Management
Network Management
Network Management
Network Management
Network Management
Network Management
SNMP Protocol Operations The Simple Network Management Protocol is used to convey MIB information among managing entities and agents The most common usage of SNMP is in a request response mode in which managing entity sends a request to agent Who receives the request, performs some action, and sends a reply to the request Network Management
A second common usage of SNMP is for an agent to send an unsolicited (unwanted) message, known as a trap message, to a managing entity Trap messages are used to notify a managing entity of an exceptional situation The network administrator might want receive a trap message for ex: when an interface goes down(system & hardware related problem), congestion in a network, or an authentication failure event, the loss of a neighbor, a link going up or down Network Management
request/response mode SNMP protocol Two ways to convey MIB info, commands: managing entity managing entity request trap msg response agent data agent data Managed device Managed device request/response mode trap mode Network Management
SNMP protocol: message types SNMP defines seven types of messages known generically as protocol data units-PDUs The GetRequest, GetNextRequest and GetBulkRequest PDUs are all sent from a managing entity to an agent to request at the agents managed device The SetRequest PDU is used by a managing entity to set the value (make changes) of one or more MIB objects in a managed device An agent replies with a Response PDU with the “noError” message Network Management
The InformRequest PDU is used by a managing entity to notify another managing entity of MIB information that is remote to receiving entity The final type is the trap message (managing entity requires notification) congestion in a network, or an authentication failure event, the loss of a neighbor, a link going up or down Network Management
SNMP protocol: message types Function GetRequest GetNextRequest GetBulkRequest Mgr-to-agent: “get me data” (instance, next in list, block) Mgr-to-mgr: inform remote managing Entity of MIB values InformRequest SetRequest Mgr-to-agent: set MIB value (mke chng Agent-to-mgr: value, response to Request Response Trap Agent-to-mgr: inform manager of exceptional event Network Management
Chapter 9 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration The presentation problem: ASN.1 Network Management
The presentation problem Q: does perfect memory-to-memory copy solve “the communication problem”? A: not always! struct { char code; int x; } test; test.x = 259; test.code=‘a’ test.code test.x a 00000001 00000011 test.code test.x a 00000011 00000001 host 1 format host 2 format problem: different data format, storage conventions Network Management
ASN.1 (Abstract Syntax Notation) is an ISO-originated standard that is used in a number of Internet-related protocols, particularly in the area of network management The different computer architectures, different operating system and different compilers have different conventions for storing and representing data So the different computers store and represent data in different ways though your data is same.(means exact copy from one host to another) Network Management
Memory Address Big-Endian Byte Value Little-Endian Byte Value Example Four-Byte Integer: 0x44332211 Memory Address Big-Endian Byte Value Little-Endian Byte Value 104 11 44 103 22 33 102 33 22 101 44 11 Little-Endian: If the hardware is built so that the lowest, least significant byte of a multi-byte scalar is stored "first", at the lowest memory address, then the hardware is said to be "little-endian Big-Endian: If the hardware is built so that the highest, most significant byte of a multi-byte scalar is stored "first", at the lowest memory address, then the hardware is said to be "big-endian" Network Management
Real World Presentation Problem: Neither receiver understands the essential idea being communicated –that the speaker likes something The Phrase whose meaning is great, special, incredible(usually indicating stylishness in 1920) Network Management
A real-life presentation problem: grandma 2004 teenager aging 60’s hippie Network Management
Presentation problem: potential solutions Sender learns receiver’s format and translates into receiver’s format. Sender sends. Sender sends. Receiver learns sender’s format and translate into receiver-local format Sender translates host-independent format and sends. Receiver translates to receiver-local format. Third option is to have a machine-independent , OS-independent, language-independent A presentation service can solve this problem by translating the idea into a commonly understood(by presentation service), person-independent language, sending that information to receiver, then translating into a language understood by the receiver
Solving the presentation problem 1. Translate local-host format to host-independent format 2. Transmit data in host-independent format 3. Translate host-independent format to remote-host format aging 60’s hippie grandma 2004 teenager Network Management
ASN.1: Abstract Syntax Notation 1 ISO standard used extensively in Internet defined data types, object constructors like SMI BER: Basic Encoding Rules specify how ASN.1-defined data objects to be transmitted each transmitted object has Type, Length, Value (TLV) encoding (here value 259 decimal which equals 00000001, 00000011 in binary or byte value of 1 followed by byte value of 3) Network Management
TLV Encoding Idea: transmitted data is self-identifying T: data type, one of ASN.1-defined types L: length of data in bytes V: value of data, encoded according to ASN.1 standard Tag (Type)Value Type 1 2 3 4 5 Boolean Integer Bitstring Octet string Null Network Management
TLV encoding: example Value, 259 Length, 2 bytes Type=2, integer Value, 5 octets (chars) Length, 5 bytes Type=4, octet string Network Management
Network Management: summary extremely important: 80% of network “cost” ASN.1 for data description SNMP protocol as a tool for conveying information Network management: more art than science what to measure/monitor how to respond to failures? alarm correlation/filtering? Network Management