Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 2: Infrastructure of Network Management Part1

Similar presentations


Presentation on theme: "Lecture 2: Infrastructure of Network Management Part1"— Presentation transcript:

1 Lecture 2: Infrastructure of Network Management Part1
Organized by: Nada Alhirabi Edited By Maysoon ALDuwais NET 311 Lecture 2: Infrastructure of Network Management Part1 Some of these slides are taken from : Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 from : Computer Networking: A Top Down Approach 6th edition – Chapter 9

2 Outline What is network management?
Internet-standard management framework Structure of Management Information: SMI Management Information Base: MIB SNMP Protocol Operations and Transport Mappings Security and Administration Network Management

3 What is network management?
autonomous systems (aka “network”): An autonomous system (AS) is a network or a collection of networks that are all managed and supervised by a single entity or organization. (common network administrator) on behalf of a single administrative entity (such as a university, a business enterprise, or a business division).  other complex systems requiring monitoring, control: jet airplane - nuclear power plant - others? Network Management

4 Network management “includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost."

5 Architecture for network management
definitions: managed devices contain managed objects whose data is gathered into a Management Information Base (MIB) managing entity data managing entity agent data network management protocol managed device agent data agent data managed device Network Management managed device agent data agent data managed device managed device

6 Architecture for network management (TCP/IP network management model)
Management station Management agent „Management information base Network management protocol

7 Management Station (Managing Entity)
Is a stand-alone device „A set of management applications for data analysis, fault recovery An interface by which network manager monitors and controls the network A database of information extracted from the MIBs of all the managed entities in the network

8 Management Station (Managing Entity)
Performs the monitoring function by retrieving the value of MIB objects Cause an action to take place at an agent Changes the configuration settings at an agent by modifying the value of specific variables

9 Management Agent (Managed Device)
Equipped on key platforms Hosts, bridges, routers, and hubs Managed from a management station Responds to requests for information Action from the management station Asynchronously provides the management with important but unsolicited information

10 Management Information Base
Object Represented the managed resources in the network Is a data variable that represents one aspect of managed agent MIB The collection of objects (Data Base) Functions as a collection of access points at the agent for the management station. Objects are standardized across systems of a particular class Used for the management of routers

11 Network Management Protocol
Links the management station and agents Example: SNMP Simple Network Management Protocol OSI CMIP (Common Management Information Protocol)

12 Network Management Protocols
The purpose of Network management protocol is to links the management station and agents OSI CMIP Common Management Information Protocol designed 1980’s: the unifying net management standard too slowly standardized SNMP: Simple Network Management Protocol Internet roots (SGMP) started simple deployed, adopted rapidly growth: size, complexity currently: SNMP V3 de facto network management standard Network Management

13 SNMP overview: 4 key parts
Management information base (MIB): distributed information store of network management data Structure of Management Information (SMI): data definition language for MIB objects SNMP protocol The link between manager<->managed object info, commands security, administration capabilities major addition in SNMPv3 Network Management

14 SMI: data definition language
Purpose: syntax, semantics of management data well-defined, unambiguous basic data types OBJECT-TYPE data type, status, semantics of managed object MODULE-IDENTITY groups related objects into MIB module Basic Data Types INTEGER Integer32 Unsigned32 OCTET STRING OBJECT IDENTIFIED IPaddress Counter32 Counter64 Guage32 Time Ticks Opaque Network Management

15 SNMP MIB MIB module specified via SMI MODULE-IDENTITY
(100 standardized MIBs, more vendor-specific) MODULE OBJECT TYPE: OBJECT TYPE: OBJECT TYPE: Network Management objects specified via SMI OBJECT-TYPE construct

16 SMI: object, module examples
OBJECT-TYPE: ipInDelivers MODULE-IDENTITY: ipMIB ipMIB MODULE-IDENTITY LAST-UPDATED “ Z” ORGANZATION “IETF SNPv2 Working Group” CONTACT-INFO “ Keith McCloghrie ……” DESCRIPTION “The MIB module for managing IP and ICMP implementations, but excluding their management of IP routes.” REVISION “ Z” ……… ::= {mib-2 48} ipInDelivers OBJECT TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION “The total number of input datagrams successfully delivered to IP user- protocols (including ICMP)” ::= { ip 9} Network Management

17 MIB example: UDP module
Object ID Name Type Comments UDPInDatagrams Counter total # datagrams delivered at this node UDPNoPorts Counter # underliverable datagrams: no application at port UDInErrors Counter # undeliverable datagrams: all other reasons UDPOutDatagrams Counter # datagrams sent udpTable SEQUENCE one entry for each port in use by app, gives port # and IP address Network Management

18 SNMP naming hierarchical naming of all objects
question: how to name every possible standard object (protocol, data, more..) in every possible network standard?? answer: ISO Object Identifier tree: hierarchical naming of all objects each branch point has name, number Network Management ISO ISO-ident. Org. US DoD Internet udpInDatagrams UDP MIB2 management

19 OSI Object Identifier Tree
Network Management

20 Overview and basic concepts
An SNMP-managed network consists of three key components: Managed device Agent — software which runs on managed devices Network management station (NMS) — software which runs on the manager

21 Network Management Protocol Architecture
Designed to be an application-level protocol that is part of the TCP/IP protocol suite Operates over UDP Management Station Manager process Controls access to a central MIB at the management station Provides an interface to the network manager Achieves network management by using SNMP Implemented on top of UDP. IP, and the relevant network-dependent protocols Managed devices Agent Implements SNMP, UDP, IP Interprets the SNMP messages and controls the agent’s MIB

22 Configuration of SNMP

23 Overview and basic concepts
In typical uses of SNMP one or more administrative computers, called managers, have the task of monitoring or managing a group of hosts or devices on a computer network. Each managed system executes, at all times, a software component called an agent which reports information via SNMP to the manager. SNMP agents expose management data on the managed systems as variables. The protocol also permits active management tasks, such as modifying and applying a new configuration through remote modification of these variables. The variables accessible via SNMP are organized in hierarchies. These hierarchies, and other metadata (such as type and description of the variable), are described by Management Information Bases (MIBs). An SNMP-managed network consists of three key components: Managed device Agent — software which runs on managed devices Network management station (NMS) — software which runs on the manager A managed device is a network node that implements an SNMP interface that allows unidirectional (read-only) or bidirectional (read and write) access to node-specific information. Managed devices exchange node-specific information with the NMSs. Sometimes called network elements, the managed devices can be any type of device, including, but not limited to, routers, access servers, switches, cable modems, bridges, hubs, IP telephones, IP video cameras, computer hosts, and printers. An agent is a network-management software module that resides on a managed device. An agent has local knowledge of management information and translates that information to or from an SNMP-specific form. A network management station (NMS) executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs may exist on any managed network.

24 SNMP protocol Two ways to convey MIB info, commands: managing entity
request trap msg response Network Management agent data agent data managed device managed device request/response mode trap mode

25 Network Management Example
„A management application of network management station NMS calls for the service of the management process The management process calls the SNMP manager „The SNMP manager constructs a request packet and sends it to SNMP agent „The SNMP agent passes the packet to the agent process The agent process accesses the values of the requested variable and passes it to the SNMP agent

26 Network Management Example
The SNMP agent constructs the response packet And sent it to the SNMP manager The SNMP manager receives the response packet and passes it to management process The management process either passes the requested values to the application program that displays it, perhaps using a Graphical User Interface (GUI), or stores it in memory for later retrieval.

27 SNMP Protocol „SNMP management station SNMP agent
getRequest getNextRequest setRequest SNMP agent GetResponse The form of acknowledged message by the agent Passed up to the management application Trap Issues by agent to response to an event that effects the MIB and the underlying managed resources

28 The Role of SNMP

29 SNMP protocol: message formats
Get/set header Variables to get/set PDU type (0-3) Error Status (0-5) Request ID Error Index Name Value Name Value …. PDU type 4 Trap Type (0-7) Agent Addr Specific code Time stamp Enterprise Name Value …. Network Management GetRequest A manager-to-agent request to retrieve the value of a variable or list of variables. Desired variables are specified in variable bindings (values are not used). Retrieval of the specified variable values is to be done as an atomic operation by the agent. A Response with current values is returned. SetRequest A manager-to-agent request to change the value of a variable or list of variables. Variable bindings are specified in the body of the request. Changes to all specified variables are to be made as an atomic operation by the agent. A Response with (current) new values for the variables is returned. GetNextRequest A manager-to-agent request to discover available variables and their values. Returns a Response with variable binding for the lexicographically next variable in the MIB. The entire MIB of an agent can be walked by iterative application of GetNextRequest starting at OID 0. Rows of a table can be read by specifying column OIDs in the variable bindings of the request. GetBulkRequest Optimized version of GetNextRequest. A manager-to-agent request for multiple iterations of GetNextRequest. Returns a Response with multiple variable bindings walked from the variable binding or bindings in the request. PDU specific non-repeaters and max-repetitions fields are used to control response behavior. GetBulkRequest was introduced in SNMPv2. Response Returns variable bindings and acknowledgement from agent to manager for GetRequest, SetRequest, GetNextRequest, GetBulkRequest and InformRequest. Error reporting is provided by error-status and error-index fields. Although it was used as a response to both gets and sets, this PDU was called GetResponse in SNMPv1. Trap Asynchronous notification from agent to manager. SNMP traps enable an agent to notify the management station of significant events by way of an unsolicited SNMP message. Includes current sysUpTime value, an OID identifying the type of trap and optional variable bindings. Destination addressing for traps is determined in an application-specific manner typically through trap configuration variables in the MIB. The format of the trap message was changed in SNMPv2 and the PDU was renamed SNMPv2-Trap. While in classic communication the client always actively requests information from the server, SNMP allows the additional use of so-called "traps". These are data packages that are sent from the SNMP client to the server without being explicitly requested. InformRequest Acknowledged asynchronous notification. This PDU was introduced in SNMPv2 and was originally defined as manager to manager communication.[4] Later implementations have loosened the original definition to allow agent to manager communications.[5][6][7] Manager-to-manager notifications were already possible in SNMPv1 (using a Trap), but as SNMP commonly runs over UDP where delivery is not assured and dropped packets are not reported, delivery of a Trap was not guaranteed. InformRequest fixes this by sending back an acknowledgement on receipt.[6] Trap header Trap info SNMP PDU

30 SNMP protocol: message types The seven SNMP protocol data unit (PDU) types are as follows:
Function GetRequest GetNextRequest GetBulkRequest Mgr-to-agent: “get me data” (instance,next in list, block) InformRequest Mgr-to-Mgr: here’s MIB value Network Management SetRequest Mgr-to-agent: set MIB value Agent-to-mgr: value, response to Request Response Agent-to-mgr: inform manager of exceptional event Trap

31 Trap Directed Polling If the number of managed agents is large, and if each agent maintains a large number of objects Management station becomes impractical regularly to poll all agents for all object data At initialization time, and at infrequent intervals Management station poll all of the agents for some key information Interface characteristics „Baseline performance statistics Packet count

32 Trap Directed Polling Once baseline is established
Management station refrains from polling Each agent notifies the management station of any unusual event – Trap Triggers Agent crashes and is rebooted Link fails Overload condition as defined by the packet load goes beyond its normal load.

33 Trap Directed Polling Management station may choose to take some action Altered to an exception condition May directly poll to the agent reporting the event and to some nearby agents to diagnose any problem Gain more specific information about the exception condition Results in substantial savings of network capacity and agent processing time

34 SNMP security and administration
encryption: DES-encrypt SNMP message authentication: compute, send MIC(m,k): compute hash (MIC) over message (m), secret shared key (k) protection against playback: use nonce view-based access control: SNMP entity maintains database of access rights, policies for various users database itself accessible as managed object! Network Management


Download ppt "Lecture 2: Infrastructure of Network Management Part1"

Similar presentations


Ads by Google