Network Management Concepts: Models and Languages * * Mani Subramanian “Network Management: Principles and practice”, Addison-Wesley, 2000.
Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation 1 (ASN.1) Basic Encoding Rules, BER
Network Management Systems (NMS) A NMS is an integrated collection of tools for network monitoring and control Network management is concerned with system resources (e.g., hubs, bridges, routers, etc.) and the connectivity among them NME and NMA: collection of software devoted for NM task Workstation (agent) NMA OS Comm NME Appl OS Comm NME Appl OS Comm NME Router (agent) Server (agent) OS Comm NME Appl Network control host (Manager)
Elements of NMS Network Management Entity (NME) o Collect statistics on communication and related activities o Store statistics locally o Responds to commands from the network control center (e.g. report its object status, etc.) o Generate messages to the network control center when local conditions change (e.g., port failure) Network Management Application (NMA) o Interface allowing authorized users to manage the network o Display mgnt information and issue control commands to NME To maintain high availability, two or more network control hosts (managers) are used!
Network Management Components Network Agent monitors its respective objects either in response to a query from the NMS or triggered by a local alarm The agent communicates the relevant data to the NMS NMS Network Agent Network Agent Network Objects Network Objects
Network Management Components A NMS manages all the components connected to a network which may be coming from different vendors This might require installing multiple NMS or a single NMS capable of managing multiple vendor components (Interoperability). Therefore, standards are required (2 major standards emerged: the Internet and OSI) NMS Network Agent Network Agent Network Objects Network Objects
Interoperability Vendor A Application Services Management Protocol Transport Protocols Objects Vendor B Objects Management related applications e.g., fault and configuration management) Case of two service providers: each managed independently. Some mgnt information can be shared
Distributed Network Management Centralized management central control (makes sense when key resources reside in a central site and services are provided to remote users). Enables managers to maintain control over the entire configuration, balancing resources against needs, and optimizing the overall resource utilization Drawbacks traffic overhead, scalability and “single point of failure” NMA OS Comm NME Appl OS Comm NME Appl OS Comm NME Router (agent) Server (agent) OS Comm NME Appl Manager Workstation (agent)
Distributed Network Management Distributed management replaces the single network control with interoperable workstations located on distributed LANs. local control for managers over their own segments. Hierarchical architecture is typically used where a central workstation (with backup) has global access rights and the ability to manage all network resources Advantages: Traffic overhead is minimized: much of the traffic is confined to the local environment Greater scalability: more workstations can be deployed to provide additional management Eliminate the single “point of failure” by using multiple networked management stations
Distributed Network Management Management server Network Management application Management application MIB Proxy Network resources with management agents (servers, routers, etc.) Management clients (PCs, workstations ) Devices to be managed Devices with different management protocols Each may have access to one or more mgnt servers
Proxies Ideally, all network components that are to be managed should include a network management entity (NME) with common network management software across all managers and agents. This may actually not be practical or possible: Proprietary management systems Some components (e.g., modems) may not support additional software It is common to have agents acting as proxies: A proxy acts on behalf of other nodes A manager communicates with a proxy to get information for a specific node
Proxies Management application Client stub Protocol stack Protocol stack Proxy manager Protocol stack Protocol stack Server stub Client proxy stub Proprietary management interface Server proxy stub Standard operations and event reports Proprietary operations and event reports
Polling and Event Reporting Information that is useful for monitoring is collected and stored by agents and is made available to one or more manager systems. Polling and event reporting are two techniques used for this purpose by both network managers and agents.
Polling and Event Reporting Polling A “request-response” interaction between a manager and agent. A query is made by a manager to an authorized agent to request values for various information elements The agent responds with information from its MIB The request may take any shape: asking for some specific values or could be about the structure used for the MIB Event Reporting the agent initiates, and the manager acts as a listener waiting for incoming information A “reporting period” may be defined and configured by the manager When a significant (unusual) event occurs (e.g., a fault), the agent reports to the manager Reporting is more efficient than polling, especially for monitoring objects whose values change only infrequently
Polling and Event Reporting A network monitoring system employs both polling and reporting schemes Traditional TMN relies on event reporting whereas SNMP relies on polling and OSI falls in between The choice of either depends on number of factors: Amount of traffic generated Robustness in critical situations Delays in notifying Amount of processing in managed devices Reliable vs. unreliable transport Network monitoring applications supported Robustness of notification devices
Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation 1 (ASN.1) Basic Encoding Rules, BER
ICMP: Internet Control Message Protocol used by hosts & routers to communicate network-level information error reporting: unreachable host, network, port, protocol echo request/reply (used by PING) network-layer “above” IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Type Code description 0 0 echo reply (ping) 3 0 dest. network unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable 3 6 dest network unknown 3 7 dest host unknown 4 0 source quench (congestion control - not used) 8 0 echo request (ping) 9 0 route advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header
Traceroute and ICMP Source sends series of UDP segments (probes) to dest First has TTL =1 Second has TTL=2, etc. Provide also unlikely port number When nth datagram arrives to nth router: Router discards datagram And sends to source an ICMP message (type 11, code 0) Message includes name of router& IP address When ICMP message arrives, source calculates RTT Traceroute does this 3 times Stopping criterion UDP segment eventually arrives at destination host Destination returns ICMP “host unreachable” packet (type 3, code 3) When source gets this ICMP, stops.
PING and ICMP PING (Packet Internet Groper) is a simple management tool that depends on ICMP protocol Measure round trip delays, packet loss, etc. Isolates points of failure and areas of congestion Ping, ”Sends ICMP ECHO_REQUEST packets to network hosts”, used to : Test destination reachability, compute round trip time count the # of hops to destination may provide record route option Ping failure does not guarantee un-reachability Firewalls may filter pings
Origin of NM Internet currently growth in the number of attached hosts, number of distinct administrative domains, multi-vendor equipment, etc. PING capability was not satisfactory! need for automated capabilities Standardized protocols with more functionalities than PING and yet as simple! SNMP (Simple Network Management Protocol) and CMIP (Common Management Information protocol) over TCP/IP have emerged and were approved by the IAB
NM Standards StandardSalient Points OSI / CMIP International standard (ISO / OSI) Management of data communications network - LAN and WAN Deals with all 7 layers Most complete Object oriented Well structured and layered Consumes large resource in implementation SNMP/Internet Industry standard (IETF) Originally intended for management of Internet components, currently adopted for WAN and telecommunication systems Easy to implement Most widely implemented TMN International standard (ITU-T) Management of telecommunications network Based on OSI network management framework Addresses both network and administrative aspects of management IEEE IEEE standards adopted internationally Addresses LAN and MAN management Adopts OSI standards significantly Deals with first two layers of OSI Web-based Management Web-Based Enterprise Management (WBEM) Java Management Application Program Interface (JMAPI)
NM Standards OSI (Open System Interconnection) NM Adopted by the ISO (International Standards Organization) Its management protocol is the CMIP (Common Management Information Protocol) Very comprehensive and addresses the 7 layers of OSI Managed objects are based on object classes and inheritance rules Management of data communications network - LAN and WAN Complex and consumes large resource in implementation designed 1980’s: too slowly standardized
NM Standards Simple Network Management protocol (SNMP) Industry standard (IETF) Managed objects are defined as scalars with few characteristics such as data types, read-only, read-write attributes Originally intended for management of Internet components, currently adopted for WAN and telecommunication systems Easy to implement Most widely implemented NM: most vendor equipment supports SNMP
NM Standards Telecommunication Management Network (TMN) International Standard (ITU) Based on OSI Network Management Management of telecommunications networks Addresses both network and administrative aspects of management IEEE Adopted Internationally Addresses LAN/MAN management Based on OSI Network Management Deals with first two layers of OSI (physical and data link layers)
NM Standards Web-based Management Based on Web technology (web servers and browsers) Still an evolving technology Web-Based Enterprise Management (WBEM) Desktop Management Task Force (DMTF) is actively developing specs for WBEM DMTF had chosen Microsoft OO management model Java Management Extensions (JMX) Based on JAVA applets developed by Sun Microsystems
Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation 1 (ASN.1) Basic Encoding Rules, BER
Network Management Models Organization Model the components of a NM system, their functions, and relationships (it defines manager, agent, object) Network Management Information Model Organization Model Functional Model Communication Model Information Model Structure of Management Information (SMI: Syntax and semantics) Management Information Base (MIB: Organization of management information)
Network Management Models Communication Model Transfer syntax with bi- directional messages; Transfer structure (PDU) Network Management Information Model Organization Model Functional Model Communication Model Functional Model Application functions Configure components Monitor components Measure performance Secure information Usage accounting
Organization Model Managed object A network element that is managed (e.g., routers, bridges, hubs, etc.) Houses SNMP management agent Objects are classified into managed/unmanaged Managed object has a running management agent Manager Managed objects Unmanaged objects Two-Tier Network Management Organization Model Agent process MDB MDB Management Database
Organization Model Management Station (Manager) Interface for network managers to monitor and control the network Contains management applications (data analysis, fault recovery, etc.) Translation capabilities from manager’s requirements into actual monitoring and control of remote elements Contains DB of information extracted from MIBs of all the managed entities in the Network Manager Managed objects Unmanaged objects Two-Tier Network Management Organization Model Agent process MDB MDB Management Database
Organization Model Management Agent Gathers information from objects Configures parameters of objects (e.g., enable/disable a router port, shut down a port on a hub, etc.) Responds to requests for information and actions from managers Generates alarms and sends them to managers Manager Managed objects Unmanaged objects Two-Tier Network Management Organization Model Agent process MDB MDB Management Database
Organization Model Middle layer plays the dual role Agent to the top-level manager Manager to the managed objects collects, processes and stores data locally Performs statistical operation on the data and passes it to top level manager The intermediate system could be at a local site and passes info. to a remote site. Example of middle level: Remote monitoring agent (RMON) Agent / Manager Managed objects Agent process Manager Three-Tier Network Management Organization Model MDB MDB Management Database
Organization Model Different network domains, each managed locally Agent NMS manages the domain MoM presents integrated view of domains Domain may be geographical, administrative, vendor-specific products, etc. MoM Agent Agent NMS Manager Managed objects MDB MoM Manager of Managers Agent Agent NMS Manager NMS Network Management System
Communication Model Resources are represented as objects (or data variables) Collection of objects is a MIB (more later) A manager performs monitoring by retrieving the value of MIB objects A manager causes an action to take place or changes the configuration settings by modifying values of specific variables
Communication Model Management stations and agents are linked by a network management protocol SNMP is used for the management of TCP/IP networks o Get: manager or management station can retrieve the value of objects at the agent o Set: set the values of objects at the agent o Trap: agent notifies manager on significant events
Protocol Architecture (e.g., Ethernet, X.25, ATM) Interprets SNMP messages and controls the agent’s MIB -SNMP uses UDP port connection-less
Communication Model Management data is communicated between agent and manager as well as between managers Three aspects: Transport medium of message exchange (transport protocol) Message format (application protocol) Actual message (commands and responses) ManagerAgent Operations / Requests Responses Notifications / Traps Applications Network Elements Managed Objects Management Message Communication Model
Communication Model GetRequestGetNextRequestSetRequestGetResponseTrap Layer 1 & 2 IP SNMP Manager UDP Layer 1 & 2 IP SNMP Agent UDP Networ k GetRequestGetNextRequestSetRequestGetResponseTrap Management application SNMP managed objects Application manages object SNMP Messages Central MIB
Trap-Directed Polling SNMP encourages the manager to use trap- directed polling A manager may be responsible for a large number agents, each maintains a large number of managed objects It is impractical to regularly poll all agents for all their readable objects (management overhead on the network may be very excessive!) agent data agent data agent data agent data managed device managing entity data network management protocol managing entity
Trap-Directed Polling Initially a manager may poll all the agents for some key information e.g., interface characteristics (# pckts in/out, etc..) Then, each agent is responsible for notifying (through trap messages) the manager of any unusual event e.g., high pckt drop rate at some interface agent data agent data agent data agent data managed device managing entity data network management protocol managing entity Substantial savings in network capacity and agent processing (use network resources for the right reason!)
Information Model The representation of objects and information relevant to their management This information is usually communicated between agents and management processes SMI (Structure of Management Information) defines the syntax and semantics of management information stored in MIB (Management Information Base) Example sysDescr: { system 1 } Syntax: OCTET STRING Definition: "A textual description of the entity. " Access: read-only Status: mandatory MIB Contains information about objects Organized by grouping of related objects Defines relationship between objects Agent MIB vs. Manager MIB MIB Agent: local information MIB Manager: info. on all network components
Information Model MDB physical database; e.g.. Oracle Contains measured or administratively configured values of NEs MIB virtual database; schema compiled into management software Info necessary for processes to exchange info. (e.g., #ports/hub) A NMS can automatically discover (periodic broadcast of PING messages) a managed object, such as a hub, when added to the network Once detected, its information (e.g., address, number of ports, etc.) is added to MDB MIB does not need to be updated if another hub from same vendor already exist The NMS can identify a new added object only after the MIB schema of the new added object is compiled into manager MIB.
Management Information Tree Both Internet and OSI define objects uniquely by a tree structure Each managed object occupies a node in the tree underneath the root Root Level 1 Level 2 Level 3 Management Information Tree Managed Objects Standard organizations: define management of objects under them iso-itu 2 itu 0 iso 1 org 3 dod 6 internet 1 OSI Management Information Tree Designation of objects: iso 1 org 1.3 dod internet
Object Type and Instance object ID unique ID and descriptor and name for the object syntax used to model the object access access privilege to a managed object (read-only, etc) status implementation requirements (e.g., optional or mandatory) definition textual description of the semantics of object type Object Type: Object ID and Descriptor circle Access: Access privilege Definition: Semantics - textual description Status: Implementation requirements Syntax: model of object Internet Perspective
Object Type and Instance object class managed object attributes attributes visible at its boundary operations access operations that can be applied to it behavior behavior exhibited by it in response to an operation Notifications notifications emitted by the object Behavior Object Class: Circular object Object Class: Elliptical object Attributes: : circle, dimension Operations : Push Attributes: ellipse, dimension Notifications : Notify changes in attribute values OSI Perspective
Object Type and Instance
Function Model Configuration management set and change network configuration and component parameters Set up alarm thresholds Fault management Detection and isolation of failures in network Trouble ticket administration Performance management Monitor performance of network Security management Authentication Authorization Encryption Accounting management Functional accounting of network usage
Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation 1 (ASN.1) Basic Encoding Rules, BER
Abstract and Transfer Syntaxes Transfer Syntax Encoding Rules Local Mapping Local Storage Data Transfer Component Application Component Local Storage Local Mapping User Presentation Mapping User Abstract Syntax The user of data transfer comp. e.g., SNMP, FTP, TELNET for TCP/IP Mechanisms for transfer of data between end systems (e.g., TCP or UDP) Binary representation of data User is concerned with semantics of data Concerned with syntax of data
Abstract and Transfer Syntaxes For the application component, information is presented in an abstract syntax that deals with data types and data values o Abstract syntax is the set of rules used to specify data types and structures for storage of information Abstract syntax is used to exchange info. between application components in systems o Makes application layer protocols independent of lower layer protocols Abstract syntax must be mapped into some form for presentation to the human user And to some local format for storage (e.g. of this mapping is in the case of MIB; however, elements within MIB are defined using abstract syntax)
Abstract and Transfer Syntaxes The transfer syntax defines a unified representation of the data to be exchanged between data transfer components o Transfer syntax represents the set of rules for communicating information between systems Mapping from abstract syntax to transfer syntax is accomplished by means of encoding o A common representation for the exchange of data between different systems o Can generate machine-readable code: Basic Encoding Rules (BER) is used in management modules ASN.1 is based on the Backus system and uses the formal syntax and grammar of the Backus-Nauer Form (BNF) ASN.1 is independent from lower layer protocols
Backus-Nauer Form (BNF) Definition: ::= where denotes “entity” and the symbol “::=“ represents “defined as” primitive definitions: ::= 0|1|2|3|4|5|6|7|8|9 ::= +|-|x|/ similarly, an entity number can be constructed from primitives: ::= | Example: 9 is primitive 9 19 is construct of 1 and 9 619 is construct of 6 and 19
ASN.1 Assignments Assignments ::= BOOLEAN data type assignment (or name of the entity) ::= TRUE | FALSE value assignment (assigned value to the data type) Group of assignments: Modules Start with capital letters Usually modules are built from primitive (atomic) data types (e.g., INTEGER, REAL, etc..) May use ASN.1 constructs (e.g., SET, SEQUENCE, etc.) Constructors are used to build structured data types Backward and forward references, and inline definition
A module PersonnelRecord (a set of data types) ASN.1 Modules Three construction mechanisms (develop structured data types): Alternatives: CHOICE List: SET and SEQUENCE Repetition: SET OF and SEQUENCE OF Primitives data types Constructs: “list makers” Construct: alternatives
PersonnelRecord is a set of different data types, each uniquely associated with a name and can be encoded and transmitted in any order. ASN.1 Modules Example: “Smith”, “Manager”, {“North”, “Chile”} “Manager”, “Smith”, {“North”, “Chile”} {“North”, “Chile”}, “Smith”, “Manager” Lists built with “SEQUENCE” maintains the correct order
ASN.1 Symbols Symbol Meaning ::=Defined as |or, alternative, options of a list -Signed number --Following the symbol are comments {}Start and end of a list []Start and end of a tag ()Start and end of subtype..Range
Data Types Data types are generally defined based on a structure and a tag: Structure: simple (or atomic), structured, etc.. Tag: class and a tag
ASN.1 simple types Basic Types o BOOLEAN o INTEGER o ENUMERATED o REAL o BIT STRING o OCTET STRING Character String Types (various subsets of ISO ) o NumericString (0-9, ) o PrintableString (0-9,A-Z,a z,, ) o VisibleString o GraphicString o TeletexString o UTF8String o IA5String
ASN.1 simple types Syntax : ::= type Example : counter ::= INTEGER IpAddress ::= OCTET STRING PageNumber ::= INTEGER ChapterNumber::= INTEGER Months ::= ENUMERATED {january (1), february (2), march (3), april (4), may (5), june (6), july (7 august (8), september (9), october (10), november (11), december (12)}
ASN.1 simple types A subtype is derived from a parent type Syntax: ::= ( ) Examples: Counter ::= INTEGER ( ) IpAddress ::= OCTET STRING ( SIZE(4) ) Spring ::= Months ( march | april | may ) Summer ::= Months ( june | july | august ) SmallPrime ::= INTEGER ( 2 | 3 | 5 | 7 | 11 )
ASN.1 structured types A data type is structured type when it contains other types (i.e., have components) BookPageNumber ::= SEQUENCE {ChapterNumber, Separator, PageNumber} separator is a VisibleString data type with value “-” Example: {1-1, 2-3, 3-39} BookPages ::= SEQUENCE OF { BookPageNumber } BookPages ::= SEQUENCE OF { SEQUENCE {ChapterNumber, Separator, PageNumber} } Example: {1-1, 1-2,..,2-1, 2-2,…..}
ASN.1 structured types The pages of a book could also be specified as a collection of individual pages in random order BookPages ::= SET OF { SEQUENCE {ChapterNumber, Separator, PageNumber} }
ASN.1 Tagged Types Tag uniquely identifies a data type and is required for encoding the data types for communication Comprises class and tag number Class: o Universal - similar to global variables o Application - only in the application used o Context-specific - specific context in application o Private - used extensively by commercial vendors Example: BOOLEAN Universal 1 INTEGER Universal 2 research Application [1] product-based Context-specific under research [0]
ASN.1 Tagged Types - basic types - object types - character string types - miscellaneous types - structured types UNIVERSAL 1 UNIVERSAL 3 UNIVERSAL 9UNIVERSAL 10 BOOLEAN BIT STRING REALENUMERATED UNIVERSAL 2INTEGER UNIVERSAL 4OCTET STRING UNIVERSAL 6 UNIVERSAL 7ObjectDescriptor OBJECT IDENTIFIERUNIVERSAL 5NULL UNIVERSAL 23UTCTime UNIVERSAL 24GeneralizedTime UNIVERSAL 16SEQUENCE [OF]UNIVERSAL 17SET [OF]UNIVERSAL 26VisibleString...
ASN.1 Tagged Types Context specific (subset of an application, and limited to the application) Tag nb is 1 (overrides that of BOOLEAN) Application specific
ASN.1 Object Types Used to name and describe information objects Such as standard documents, data structures, managed objects In general, an information object is a class of information, e.g., file format, rather than an instance of such a class (i.e., individual file) Object identifier is a unique identifier for a particular object and its value consist of a set of integers Object descriptor is a human readable description of an information object
ASN.1 Object Types internet OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) 1 } root ccitt(0) iso(1) joint-iso-ccitt(2) org(3) dod(6) internet(1) private(4) mgmt(2) experimental(3) enterprise(1)mib-2(1) private OBJECT IDENTIFIER ::= {internet 4 }
ASN.1 Object Types Private type is used extensively by vendors of network products A vendor is assigned a node on the MIT, all branches and leaves under that node will be assigned private data types by the vendor ibm OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) internet(1) private(4) enterprize(1) 2}
Network Management Concepts: Models and Languages Network Management Systems Origin of Network Management OSI Management Models Organization Information Communication Functional Abstract Syntax Notation 1 (ASN.1) Basic Encoding Rules, BER
Encoding Structure ASN.1 syntax containing management information is encoded using the Basic Encoding Rules (BER) that is defined for the transfer syntax BER is a specification developed and standardized by CCITT and OSI ASCII data is converted to bit-oriented data TLV, Type-Length-Value: is a specific encoding structure Type: indicates the ASN.1 type, class of the type Length: length of the actual value representation Value: the value of the ASN.1 type as a string of octets
Encoding Structure P/C (1-bit) specifies whether the structure is simple or a construct 0 for simple 1 for construct 1 byte
Encoding Structure Class (2 bits): specifies the class being used 1 byte
Universal classPrimitive Tag value = 2 Encoding Structure Tag Number: designates the tag value in binary Example: for encoding INTEGER 1 byte
Tag number < 31 ClassP/CTag number 0 = Primitive 1 = Constructed 0 0 = Universal 0 1 = Application 1 0 = Context-specific 1 1 = Private Bits Identifier Octet
Tag number >= 31 ClassP/C Leading octet 1 2nd octet 10 Last octet = Tag number
Encoding of Length Field Binary equivalent of 128 Short form ( L < 128 octets ) 0Length L one octet Contents (or Value) field L octets Long form ( 128 L < octets) 1K first octet Length L K octets Contents field L octets Example, L = 128:
BER, Examples distance INTEGER ::= UNIVERSAL P2 today INTEGER ::= Length is 2 to indicate 2 octets for Value DayOfYear ::= [APPLICATION 17] IMPLICIT INTEGER APPLICATION P today DayOfYear ::= B Type Length Value
BER, Examples BER Encoding Birthday Length Contents 30 ?? VisibleString Length Contents 1A 04 "Jane" DayOfYear Length Contents Birthday ::= SEQUENCE { name VisibleString, day DayOfYear } Type Definition myBirthday Birthday ::= { name "Jane", day 129 } Value Assignment 0A UNIVERSAL
MACROS Macro is used to create new data types