Chapter 8 Network Management Communication Networks P. Demeester Chapter 8 Network Management Computer networking - A top-down approach featuring the internet 4th Edition, 2008 Addison Wesley James F. Kurose, Keith W. Ross ISBN 0-321-49770-8 Network Management

Chapter 8: Network Management Chapter goals: introduction to network management motivation major components Internet network management framework MIB: management information base SMI: data definition language SNMP: protocol for network management security and administration Network Management

Chapter 8 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

What is network management? autonomous systems (“network”): 100s or 1000s of interacting hardware/software components "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational Performance, and Quality of Service requirements at a reasonable cost." Network Management

FCAPS : fault, configuration, accounting, performance, security Fault Management : log, detect, respond to fault conditions in the network (similar to performance management, but short term; e.g. link failure, power shut down, …) Configuration Management : track which devices are in the network, what the hardware and software configurations are, … (e.g. router, hubs, switches, …) Accounting Management : specify, log and control user and device access to the network (e.g. usage quotas, usage based charging, …) Performance Management : quantify, measure, report, analyze, and control the performance of different network components (router, host, link but also end-to-end abstractions) (long term, in contrast to fault management, e.g. average packet loss rate, …) Security Management : control access to resources (e.g. KDC and CA) Network Management

Infrastructure for network management definitions: managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managing device agent data managing entity Central MIB managed device network management protocol agent data Examples : - monitoring traffic - detecting NIC failures - monitoring hosts are up - … managed device Network Management

Network Management standards OSI CMIP Common Management Information Protocol designed 1980’s: the unifying net management standard too slowly standardized SNMP: Simple Network Management Protocol Internet roots (SGMP) started simple deployed, adopted rapidly growth: size, complexity currently: SNMP V3 de facto network management standard Network Management

Chapter 8 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

SNMP overview: 4 key parts Structure of Management Information (SMI): data definition language for managed objects Management information base (MIB): distributed information store of network management data SNMP protocol convey manager<->managed object info, commands security, administration capabilities major addition in SNMPv3 Typically the whole framework is called SNMP (not only the protocol part) Network Management

SMI: data definition language Purpose: - syntax, semantics of management data - well-defined, unambiguous base data types: straightforward OBJECT-TYPE base data type, status, semantics of managed object MODULE-IDENTITY groups related objects into a MIB module Network Management

Basic Data Types INTEGER Integer32 Unsigned32 OCTET STRING OBJECT IDENTIFIER IPaddress Counter32 Counter64 Guage32 TimeTicks Opaque Examples : OCTET STRING : byte-string representing arbitrary binary or textual data, up to 65535 bytes long OBJECT IDENTIFIER : assigned name to object element (sequence of up to 128 integers) TimeTicks : time, measured in 1/100ths of a second since some event Network Management

OBJECT-TYPE Specify the data-type, status and semantics of a managed object (nearly 10.000 defined objects) OBJECT-TYPE construct has 4 clauses : - SYNTAX : basic data type associated with object - MAX-ACCESS : what is allowed : read, write, create, include value in notification - STATUS : current and valid, obsolete, deprecated - DESCRIPTION : human-readable definition of object ipInDelivers OBJECT TYPE SYNTAX counter32 MAX-ACCESS read-only STATUS current DESCRIPTION “The total number of input datagrams successfully delivered to IP user-protocols (including ICMP)” ::= { ip 9} Network Management

MODULE-IDENTITY Allows related objects to be grouped together within a module (MIB module) ipMIB MODULE-IDENTITY LAST-UPDATED “9411010000Z” ORGANZATION “IETF SNMPv2 Working Group” CONTACT-INFO “ Keith McCloghrie ……” DESCRIPTION “The MIB module for managing IP and ICMP implementations, but excluding their management of IP routes.” REVISION “0193310000Z” ::= {mib-2 48} Network Management e.g. RFC 2011 (MIB for the internet protocol using SMIv2)

Chapter 8 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

MIB : Management Information Base - MIB : virtual information store, holding managed objects whose values collectively reflect the current status of the network - managed objects specified by OBJECT-TYPE SMI - managed objects grouped in MIB modules (using MODULE-IDENTITY) - over 100 standards-based MIB modules (even larger number vendor specific (private) MIB modules) MODULE OBJECT TYPE: Network Management

Object Naming How to name every possible standard object (protocol, data, more..) in every possible network standard ? ISO Object Identifier tree: hierarchical naming of all objects each branchpoint has name, number 1.3.6.1.2.1.7.1 ISO ISO-ident. Org. US DoD Internet udpInDatagrams UDP MIB2 management Network Management

ASN.1 Object Identifier Tree ISO(1) ISO identified Organization (3) US DoD (6) Internet (1) management (2) MIB-2 (1) UDP(7) 1.3.6.1.2.1.7.x Network Management www.alvestrand.no/harald/objectid/top.html

MIB example: UDP module Object ID Name Type Comments 1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered at this node 1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # undeliverable datagrams no app at port 1.3.6.1.2.1.7.3 UDPInErrors Counter32 # undeliverable datagrams all other reasons 1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent 1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port in use by app, gives port # and IP address Network Management

Chapter 8 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

request/response mode SNMP protocol Two ways to convey MIB info, commands: agent data Managed device managing entity trap mode managing entity request trap msg response agent data Managed device request/response mode Network Management

SNMP protocol: message types Function GetRequest GetNextRequest GetBulkRequest Mgr-to-agent: “get me data” (instance,next in list, block) InformRequest Mgr-to-Mgr: here’s MIB value SetRequest Mgr-to-agent: set MIB value Agent-to-mgr: value, response to Request Response Trap Agent-to-mgr: inform manager of exceptional event Network Management

SNMP protocol summary SNMP manager UDP IP DL PHY Management application SNMP agent UDP IP DL PHY Management agent application managed objects SNMP managed objects GetRequest GetResponse GetRequest GetResponse GetNextRequest Trap GetNextRequest Trap SetRequest SetRequest SNMP messages Public Internet Network Management

SNMP Example subtree : ipRouteTable 1.3.6.1.2.1.4.21 ipRouteEntry ipRouteDest ipRouteMetric1 ipRouteNextHop 10.0.0.1 3 10.0.0.254 10.0.0.2 10.10.10.1 5 10.10.10.254 ipRouteTable 1.3.6.1.2.1.4.21 subtree : ipRouteEntry 1.3.6.1.2.1.4.21.1=X ipRouteDest X.1 ipRouteMetric1 X.3 ipRouteNextHop X.7 ipRouteDest.10.0.0.1 X.1.10.0.0.1 ipRouteDest.10.0.0.2 X.1.10.0.0.2 ipRouteDest.10.10.10.1 X.1.10.10.10.1 ipRouteMetric1.10.0.0.1 X.3.10.0.0.1 ipRouteMetric1.10.0.0.2 X.3.10.0.0.2 ipRouteMetric1.10.10.10.1 X.3.10.10.10.1 ipRouteNextHop.10.0.0.1 X.7.10.0.0.1 ipRouteNextHop.10.0.0.2 X.7.10.0.0.2 ipRouteNextHop.10.10.10.1 X.7.10.10.10.1 See : “Advanced Network Administration” S. Wisniewski, Prentice Hall, 2003 Network Management

SNMP Example GetRequest (ipRouteDest.10.0.0.1, ipRouteMetric1.10.0.0.1, ipRouteNextHop.10.0.0.1) GetResponse ((ipRouteDest.10.0.0.1 = 10.0.0.1, ipRouteMetric1.10.0.0.1 = 3, ipRouteNextHop.10.0.0.1 = 10.0.0.254) GetNextRequest (ipRouteDest, ipRouteMetric1, ipRouteNextHop) GetResponse ((ipRouteDest.10.0.0.1 = 10.0.0.1, ipRouteMetric1.10.0.0.1 = 3, ipRouteNextHop.10.0.0.1 = 10.0.0.254) GetNextRequest (ipRouteDest.10.0.0.1, ipRouteMetric1.10.0.0.1, ipRouteNextHop.10.0.0.1) GetResponse ((ipRouteDest.10.0.0.2 = 10.0.0.2, ipRouteMetric1.10.0.0.2 = 3, ipRouteNextHop.10.0.0.2 = 10.0.0.254) GetNextRequest (ipRouteDest.10.0.0.2, ipRouteMetric1.10.0.0.2, ipRouteNextHop.10.0.0.2) GetResponse ((ipRouteDest.10.10.10.1 = 10.10.10.1, ipRouteMetric1.10.10.10.1 = 5, ipRouteNextHop.10.10.10.1 = 10.10.10.254) ipRouteDest ipRouteMetric1 ipRouteNextHop 10.0.0.1 3 10.0.0.254 10.0.0.2 10.10.10.1 5 10.10.10.254 Network Management

SNMP : message formats : PDU PDU-type Request-id Variable bindings GetRequest, GetNextRequest, SetRequest PDU-type Request-id Error-status Error-index Variable bindings GetResponse name1 value1 name2 value2 name3 … Request-id : each request has a unique identification number Error-status : (0) noError, (1) tooBig, (2) noSuchName, (3)badvalue, … Error-index : additional information by indicating which variable caused the exception Variable bindings : list of names and corresponding values (value Null in case of request) Network Management

Chapter 8 outline What is network management? Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

SNMP security and administration application Command generator Notification receiver Proxy forwarder Command responder originator Others PDU Dispatching Message Processing system Timeliness Authentication Privacy Access control SNMP engine Security/message header PDU Transport layer Network Management

SNMP security and administration encryption: DES-encrypt SNMP PDU (symmetric key !) authentication/integrity: HMAC (Hashed Message Authentication Codes) Authentication (using K, key known by sender and receiver) Protection against tampering (using H(.)) protection against playback: use nonce view-based access control SNMP entity maintains database of access rights, policies for various users database itself accessible as managed object! K + m H(.) H(m,K) Internet + m Network Management

Network Management: summary extremely important: 80% of network “cost” SNMP protocol as a tool for conveying information Network management: more art than science what to measure/monitor how to respond to failures? alarm correlation/filtering? Network Management

Table of contents What is network management ? 3 Internet-standard management framework Structure of Management Information: SMI 8 Management Information Base: MIB 14 SNMP Protocol Operations and Transport Mappings 19 Security and Administration 26 Table of contents 30 Network Management