Policy-Based Management with SNMP and Comparison with COPS-PR Steve Waldbusser 5/16/01.

Slides:



Advertisements
Similar presentations
A Brief Introduction to Internet Network Management and SNMP Geoff Huston NTW Track 4.
Advertisements

2 Introduction A central issue in supporting interoperability is achieving type compatibility. Type compatibility allows (a) entities developed by various.
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
DISTRIBUTED MANAGEMENT THREE APPROACHES ARE BEING DEFINED MIB BASED EXPRESSION MIB EVENT MIB NOTIFICATION LOG MIB SCRIPT BASED SCRIPT MIB SCHEDULE MIB.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
Fault, Configuration, Performance Management
XP 1 Working with JavaScript Creating a Programmable Web Page for North Pole Novelties Tutorial 10.
1 Network Packet Generator Characterization presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.
Russell Taylor Lecturer in Computing & Business Studies.
Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.
CSE 1301 J Lecture 2 Intro to Java Programming Richard Gesick.
Ch. 31 Q and A CS332 Spring Network management more than just Ethernet Q: Comer mentions that network managers need to be able to account for different.
HiVision SNMP Software.
SNMP In Depth. SNMP u Simple Network Management Protocol –The most popular network management protocol –Hosts, firewalls, routers, switches…UPS, power.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.
MPLS networking at PSP Co Multi-Protocol Label Switching Presented by: Hamid Sheikhghanbari 1.
Configuration Management With The Internet-Standard Management Framework Jon Saperia Adelaide IETF March 2000.
ECE Prof. John A. Copeland Office: Klaus or call.
Java SNMP Oplet Tal Lavian. Goals Portable across a range of devices Extensible Simple and convenient for client use Consistent with SNMP model Hide unnecessary.
Communication and Functional Models
BAI513 - PROTOCOLS SNMP BAIST – Network Management.
Building an Agile Datacenter with Deployment Standards Jonathan Richey | Director of Development | Altiris Sam Rosenbalm | Director of Microsoft Alliance.
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Introduction Slide 1 A Communications Model Source: generates.
February 20, AgentCities - Agents and Grids Prof Mark Baker ACET, University of Reading Tel:
Scalable Systems Software Center Resource Management and Accounting Working Group Face-to-Face Meeting October 10-11, 2002.
Python – Part 1 Python Programming Language 1. What is Python? High-level language Interpreted – easy to test and use interactively Object-oriented Open-source.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages.
OPERATING SYSTEMS Goals of the course Definitions of operating systems Operating system goals What is not an operating system Computer architecture O/S.
CS 390 Unix Programming Summer Unix Programming - CS 3902 Course Details Online Information Please check.
PosView Progress Report CS720H May, 3, POSTECH DP&NM Lab. (2)(2)CORBA-based Agent What we do? Development of network management platform: PosView.
CS 390 Unix Programming Environment Summer Suchindra Rengan - CS3902 Course Details Instructors Suchindra Rengan – ‘sachin’ ( Section 001)
Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,
1 Network Management: SNMP The roots of education are bitter, but the fruit is sweet. - Aristotle.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
TDM over PSN-MIB Orly Nicklass IETF 59 RAD Data Communications.
SNMP 1. SNMP is an Internet protocol developed by the IETF. It is designed to facilitate the exchange of management information between network elements.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Processes Introduction to Operating Systems: Module 3.
PosView Overall Architecture – Version 2 SNMP Agent MIB DB Discovery Engine Trap HandlerRequest Handler Polling Engine Logging Event Handler Alarm Handler.
Guide to Linux Installation and Administration, 2e1 Chapter 11 Using Advanced Administration Techniques.
UNIX Unit 1- Architecture of Unix - By Pratima.
9-Nov-97Tri-Ada '971 TASH An Alternative to the Windows API TRI-Ada ‘97 Terry J. Westley
Stanford GSB High Tech Club Tech 101 – Session 1 Introduction to Software, Distributed Architectures, and ASPs Presented by Shawn Carolan Former Manager.
Policy-Based Management MIB Steve Waldbusser Jon Saperia Thippanna Hongal.
Cloud Computing Use Case Draft v2.
Ch 9. Network Management Myungchul Kim
Slide 1 2/22/2016 Policy-Based Management With SNMP SNMPCONF Working Group - Interim Meeting May 2000 Jon Saperia.
Scripting Languages Info derived largely from Programming Language Pragmatics, by Michael Scott.
Policy-Based Management MIB Steve Waldbusser Jon Saperia Thippanna Hongal.
Python: Building Geoprocessing Tools David Wynne, Ghislain Prince.
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Lec 3: Infrastructure of Network Management Part2 Organized by: Nada Alhirabi NET 311.
1 Dynamic Classification in a Silicon-Based Forwarding Engine Technology Center, Nortel Networks & The University of Maryland Rob Jaeger
OPEN SOURCE NETWORK MANAGEMENT TOOLS
SQL Database Management
or call for office visit, or call Kathy Cheek,
SNMP.
Do-more Technical Training
Scripting Languages Info derived largely from Programming Language Pragmatics, by Michael Scott.
Logo here Module 3 Microsoft Azure Web App. Logo here Module Overview Introduction to App Service Overview of Web Apps Hosting Web Applications in Azure.
MOBILE DEVICE OPERATING SYSTEM
TRANSLATORS AND IDEs Key Revision Points.
Chapter 2: Operating-System Structures
Chapter 29: Program Security
ICT Programming Lesson 1:
Lecture 14: JSON and Web SERVICES
Javascript Chapter 19 and 20 5/3/2019.
Chapter 2: Operating-System Structures
Web Application Development Using PHP
Presentation transcript:

Policy-Based Management with SNMP and Comparison with COPS-PR Steve Waldbusser 5/16/01

Policy Based Management u A policy binds an action (simple or complex) to a filter rule that determines what elements the action should be applied to u I.e. if (an element has certain characteristics) then (apply operation to that element) u Alternately: if (policyFilter) then (policyAction)

A Conceptual policy Trunk Ethernet Gold 100Mb Trunk ATM Gold 45Mb Trunk Ethernet 100Mb Access Ethernet Gold 10Mb Access Ethernet Silver 10Mb Access Ethernet 10Mb Trunk Ethernet Silver 100Mb Access Ethernet Gold 100Mb Trunk Frame 45Mb Access Frame Gold 512Kb Access Frame Silver 512Kb Access Frame 128Kb Access Ethernet Bronze 10Mb Access Ethernet Gold 10Mb Trunk AND Ethernet AND 100Mb: Trunk Ethernet Gold 100Mb Trunk Ethernet 100Mb Trunk Ethernet Silver 100Mb Autonegotiate Off

A Conceptual policy Trunk Ethernet Gold 100Mb Trunk ATM Gold 45Mb Trunk Ethernet 100Mb Access Ethernet Gold 10Mb Access Ethernet Silver 10Mb Access Ethernet 10Mb Trunk Ethernet Silver 100Mb Access Ethernet Gold 100Mb Trunk Frame 45Mb Access Frame Gold 512Kb Access Frame Silver 512Kb Access Frame 128Kb Access Ethernet Bronze 10Mb Access Ethernet Gold 10Mb Access Ethernet Gold 10Mb Ethernet AND Access AND Gold: Access Ethernet Gold 10Mb Access Ethernet Gold 100Mb Access Ethernet Gold 10Mb Access Ethernet Gold 10Mb DSCP = 5.

The Policy-Based Management MIB u The Policy Management MIB (PM MIB) provides a way to describe and install policies for any domain: –QOS –Security –Routing –etc. u PM MIB Policies can manage any type of element –Interfaces –Circuits –Queues –Processes –Software –others...

PM MIB Goals u Leverage existing infrastructure and tools –Resulting simplicity will accelerate time to market u Leverage existing MIBs –Don’t start from scratch in our data models u Flexibility for real-world policy –Simple or complex filters –Simple or complex actions u Meet operational requirements –Policy-based management is *very* different –End-users will need new tools and practices

Policy Operation Existing SNMP MIBs PolicyFilterPolicyAction ifType == FastEthernet && roleString == trunk fullDuplexMode = ON ifType == Ethernet && roleString == GOLD Set QOS parameters to provide EF PHB Policies (Usually local operations in which SNMP packets on network are unnecessary)

Elements of the Policy MIB Architecture u PolicyScript Language –Interpreted language that policy filters and actions are expressed in u Accessor Function Library –Standard set of library functions available for PolicyScript code u PM MIB –Objects and attributes that describe policies, schedules and supporting information

PolicyScript Language u Least Common Denominator of C, Perl, C++, TCL, Python, and Javascript u No pointers, structures, typed variables, objects, classes, etc. u Does contain expressions, variables, looping

Accessor Function Library u Library of 41 standard functions for policy processing –Convenience SNMP Functions getvar, exists, setvar, searchcolumn, setRowStatus, counterRate,... –General SNMP Functions newPDU, readVar, writeVar, snmpsend –Policy Functions roleMatch, elementName, setScratchPad, getScratchPad, signalException, getParameters –Utility Functions regexp, regexp_replace, oidlen, oidncmp, insubtree, subid, substr,... –Library Functions strncmp, strncasecmp, strlen, random, sprintf, sscanf u Extensible –Vendors and others can add new accessor functions (e.g., setCLI())

policyFilter PseudoCode Pseudocode: (is an ethernet AND is operational AND gets gold or silver service) Scripted As: (getvar(“ifType.$*”) == ethernet-csmacd && getvar(“ifOperStatus.$*”) == up && (roleMatch("gold") || roleMatch("silver")))

Execution Example  Filter: (getvar(“ifType.$*”) == ethernet-csmacd && !(roleMatch("gold") || roleMatch("silver"))) u Action: setvar(“ifAdminStatus.$*”, down(2), Integer)

Example Policy u Web Hosting Provider gives shell accounts but prohibits long- running programs u Filter: // if it's an application and it's // consumed more than 5 minutes of CPU time (getvar("hrSWRunType.$*") == 4 // app, not OS or driver && getvar("hrSWRunPerfCPU.$*") > 30000) // 300 seconds u Action: // Kill it setvar("hrSWRunStatus.$*", invalid(4), Integer); // invalid(4) kills it

MIB Objects u Policy Table: Contains filter, action, scheduling info, execution instructions, debugging info, etc. –Policy installation consists of creating rows in this table u Other Tables in PM MIB for scheduling, roles and capabilities, operational tools, debugging, etc....

Initial Configuration Config Req (Get/Getnext) Config Data Policy Installation (Set) Ack Protocol Interaction Manager Managed System u No Polling u No Traps

Policy Change Policy Install/Modify (Set) Ack Protocol Interaction Manager Managed System u No Polling u No Traps

Config State Change Ack State Change (Inform) Policy Install/Modify (Set) Ack Protocol Interaction Manager Managed System u No Polling u No Traps

Features of Policy MIB u Scripting –Very flexible and understandable way to express policy –IT Personnel like the power of scripting –Much more flexible than string matching u Policies based on operational status –Capabilities, status of interface, utilization, etc. –Allows much more rich sets of policies than using human-input strings u Scheduling –Business calendars: “M-F 9-5” or “Last Friday of every month” –Videoconference from 12PM to 1PM u Conflict resolution –Follows a precedence tree to find best policy in case of conflict –COPS punts conflict resolution to the manager u Error Recovery –Scripting allows you to fallback to an alternate mechanism, an alternate policy, or to raise an alarm

Operational Requirements u Tools for Policy Creation –Need to allow an engineer to test a policy –Answer question: will this filter match the proper elements? u Tools for Ongoing Operations –Notifications if a policy undergoes errors –When debugging a problem, want to know: what policies are managing this element –May want to disable a policy on an element so operator can take back control (“limp-home mode”) until policy is fixed Must document this ad-hoc decision

Advantages of the PM MIB u Built with existing infrastructure and tools u Leverages existing MIBs u Flexibility u Complete Architecture –Includes operational tools

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.