1 CHAPTER 30 Internet Management Albert30.1, 2, 3 Yifan30.4, 5, 6, 7 Jianxin30.8 Huaidong30.9 Lai Yee30.10 Daniel30.11, 12, 13
2 Internet Management Activities in Internet management: Debug problems Control routing Find computer that violate protocol standard
3 Network Management Originally, many wide area networks included management protocols as part of their link level protocols. Advantage: Managers were often able to control switches even if higher level protocols failed.
4 Internet management differs from network management A single manager can control heterogeneous devices including IP routers, bridges, modems, work-stations, and printers. The controlled entities may not share a common link level protocol. The set of machines a manager controls may lie at arbitrary points in an internet.
5 Internet management operates at the application level Advantages: One set of protocol can be used for all networks. Same protocols can be used for all managed devices. A manager can control the routers across an entire TCP/IP internet without having direct attached to every physical network or router. Disadvantage: If the operating system, IP software, or transport protocol software does not work correctly, the manager may not be able to contact a router that needs managing.
6 Architectural Model
7 Client software usually runs on the manager’s workstation. Each participating router or host runs a server program called management agent. Most managers only control devices at their local sites; a large site may have multiple managers. Internet management software uses an authentication mechanism to ensure only authorized managers can access or control a particular device.
8 Protocol Framework It’s all about management information! SNMP How to exchange? MIB How to store and operate? SMI How to define and identify? ASN. 1 Formal notation used by SMI.
9 SNMP v3 – how to communicate? Stands for Simple Network Management Protocol version 3 A standard Network Management Protocol Defines: - message format, form of names and addresses - how to use transport protocol - set of operations and their meaning - approach is minimalistic
10 MIB – How about data? Stands for Management Information Base Defines: - What data should be kept for the manager? - What operations are allowed on these data? - Categories of data - Variables in each category MIB definition is independent of the network management protocol. - All managed devices speaks the same language (MIB)
11 __MIB category includes informationabout________ system The host or router operating system interfaces Individual network interfaces atAddress translation (e.g. ARP) ipInternet protocol software icmpInternet Control Protocol software tcpTansmission Control Protocol software udpUser datagram Protocol software ospfOpen shortest path first software bgpBorder Gateway Protocol software rmonRemote network monitoring rip-2Routing Information Protocol software dnsDomain Name System software
12 MIB Variable Category Meaning______________ sysUptime system Time since last reboot ifNumber interfaces Number of network interface ifMTU interfaces MTU for a particular interface ipDefaultTTL ip Value IP uses in TTL field ipInReceives ip Number of datagrams received ipForwdatagrams ip Number of datagrams forwarded ipOutNoroutes ip Number of routing failures ipReasmOKs ip Number of datagrams reassembled ipFragOKs ip Number of datagrams fragmented ipRoutingTable ip IP routing table icmpInEchos icmp # of ICMP echo requests received tcpRtoMin tcp Min retransmision time TCP allows tcpMaxConn tcp Max TCP connection allowed tcpInSegs tcp # of segments TCP has received udpInDatagrams udp # of UDP datagrams received
13 MIB variables Each variable can be stored as - A single integer - A complex structure e.g., an entire Routing Table Also defines table entries. Presentation only has logical meaning. - Router may use different internal data structures
14 SMI – rules to define and identify variables Stands for Structure of Management Information Specifies: - What variable types are allowed? - What naming rules should be followed? - How to refer to the tables of values? e.g., the IP routing table
15 ASN. 1 – a formal notation used by SMI Stands for ISO’s Abstract Syntax Notation 1 A formal notation of defining variable names and types - In documents: human can read - In communication: compact encoded representation Benefits: - Makes the form and contents of variables unambiguous. - Simplifies the implementation of protocols - guarantees interoperability
Structure And Representation Of MIB Object Names --- Jianxin Object Identifier Namespace: 1.Names used for MIB variables are taken from the object identifier namespace administered by ISO and ITU. 2.The object identifier namespace is absolute, meaning that names are structured to make them globally unique.
17 Hierarchy of namespace The root of the object identifier hierarchy is unnamed. It has three direct descendants managed by: ISO ITU jointly by ISO and ITU The descendants are assigned both short text strings and integers. ISO has allocated one subtree for use by other national or international standards organizations.
18
19 Name an object and MIB categories The name of an object in the hierarchy is the sequence of numeric labels on the nodes along a path from the root to the object. The sequence is written with periods separating the individual components. example: denotes the node ‘mgmt’ The MIB groups variables into categories, each category is the sub-tree of the ‘mib’ node of the object identifier namespace.
20
21 Simple category naming examples The category labeled ip has been assigned the value 4. The names of all MIB variables corresponding to ip have an identifier that begins with the prefix: The textual label would be: iso.org.dod.internet.mgmt.mib.ip When network management protocols use names of MIB variables in messages, each name has a suffix appended. For simple variables, the suffix is 0.
22 Complex example How about the variable ipAddrTable A list of the IP addresses for each network interface It’s a sub-tree under ip node, with prefix: iso.org.dod.internet.mgmt.mib.ip.ipAddrTable How to represent such data structures. MIB defines a uniform, virtual interface to access data
23 ipAddrTable can be defined as: ipAddrTable ::= SEQUENCE OF IpAddrEntry Each entry in the array is defined by five fields: IpAddrEntry ::= SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr IpAddress, ipAdEntReasmMaxSize INTEGER( ) }
24 Assign numeric values to entry and each item of the entry: ipAddrEntry {ipAddrTable 1} ipAdEntNetMask{ipAddrEntry 3} Use a suffix appended onto the name to select a specific element in the table, not the index. suffix = IP address variable name.IP address
25 Simple Network Management Protocol (SNMP) Huaidong Meng Instructor: Dr. Sharon Hall
26 Simple Network Management protocol Network Management protocol: –specify communication between client program a network manager invoked and server program executing on a host or router. –which defines the form and meaning of message exchanged –representation of names and values of message –define administrative relationships among routers between managed.
27 Network Management Protocol Allow the manager –Reboot the system –Add or delete the router –Disable or enable a particular network interface –Remove cached address binding The main disadvantage: the resulting complexity –For example, the command to delete a routing table entry differs from the command to disable an interface.
28 SNMP takes an interesting alternative approach to network management casts all operations in a fetch-store paradigm, instead of defining a large set of commands: –Stability Its definition remains fixed. –Simple to implement, understand, and debug It avoids the complexity of having special cases for each command. –Flexible Accommodate arbitrary commands in an elegant framework
29 SNMP commands get-request fetch a value from a specific variable get-next-request fetch a value without knowing its exact name get bulk-request fetch a large volume of data Response a response to any of above request set-request store a value in a specific variable inform-request reference to a third-party data snmpv2-trap reply triggered by an event Report undefined at present
30 Searching Table Using Names get-next-request –Allows a client to iterate through a table by supplies a prefix of a valid object identifier, without knowing how many items the table contains. –The server returns a network mask field of the first entry in ipAddrTable, and the client uses the full object identifier returned by the server to request the next item in the table. –See page 566 for the example
31 SNMP Message Format SNMPv3Message ::= SEQUENCE { msgVersion INTEGER ( ), msgGlobalData HeaderData, msgSecurityParameters OCTET STRING, msgData ScopedPduData }
32 Definition of SNMP HeaderData HeaderData ::= SEQUENCE { msgID INTEGER ( ) msgMaxSize INTEGER ( ) msgFlags OCTET STRING (SIZE(1)) msgSecurityModel INTEGER ( ) }
33 Definition of SNMP PDU PDU ::= CHOICE { get-request get-next-request get-bulk-request response set-request inform request snmpV2-trap report }
34 Internet Management - Example Encoded SNMP Message Figure contains an encoded get- request message for data item sysDescr Each term used is further defined until it can be defined by primitive data type, e.g. integer, string. - Let’s compare the message with the specified format Hence, the encoded items have variable- length fields
35 Internet Management - New Features In SNMPv3 Scope: Security and administration Goal: generality, flexibility and ease of admin. Example new features –Message Authentication –Privacy –Authorization & View-based Access Control –Remote Configuration
36 Internet Management - Summary An application level client program accesses and controls agents running on devices SNMP is the standard TCP/IP network management protocol that uses 2 conceptual operation, fetch and store A companion standard, MIB, defines the variables that are maintained by the agents MIB variables are described by ASN.1, which uses a hierarchical namespace to ensure global uniqueness
THANK YOU