Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Network Monitoring Mi-Jung Choi Dept. of Computer Science KNU

Published byEugene Cameron Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Network Monitoring Mi-Jung Choi Dept. of Computer Science KNU"— Presentation transcript:

1 1 Network Monitoring Mi-Jung Choi Dept. of Computer Science KNU Email: mjchoi@kangwon.ac.kr

2 2 Table of Contents Introduction Monitored Types of Information Network Monitoring Configurations Network Monitoring Methods Performance Monitoring –Performance Indicators –Performance Monitoring Functions Fault Monitoring –Problems of Fault Monitoring –Fault Monitoring Functions Accounting Monitoring

3 3 Introduction Network monitoring is concerned with observing and analyzing the status and behavior of the end systems, intermediate systems, and subnetworks that make up the network to be managed Issues in network monitoring –what to monitor? define what is to be monitored –how to monitor? how to obtain information from managed resources –what to do with the monitored information? how the monitored information is used in various management functional areas

4 4 Monitored Types of Information Static information –hardly changes –current configuration information e.g., the number and identification of ports on a router Dynamic information –changes frequently –information related to events in the network e.g., change of state, transmission/reception of packets Statistical information –derived from dynamic information e.g., average number of packets transmitted per unit time

5 5 Organization of a Management Information Base MANAGEMENT INFORMATION BASE (MIB) Call_Blocked Packet_Loss Time_Delay Throughput State_Variable Event_Variable Switch_server Buffer Source Server Station_Info Switch_Buffer Switch_Source Status_Sensor Derived_Status_Sensor Event_Sensor Configuration data base Sensor data base Statistical data base Dynamic data base Abstraction of state and event variables Sensor activation and data collection Static data base

6 6 Monitoring System Components monitoring application –includes the functions of monitoring that are visible to the user e.g., performance, fault, accounting manager function –performs the basic monitoring function of retrieving information agent function –gathers and records management information for one or more network elements and delivers the information to the monitor managed objects –mgmt information that represents resources and their activities monitoring agent –generates summaries and statistical analysis of mgmt information

7 7 Functional Architecture for Network Monitoring Monitoring application Monitoring application Manager function Manager function Monitoring agent... Agent function Agent function Agent function Managed objects Managed objects Managed objects (a) manager-agent model (b) A model for summarization

8 8 Network Monitoring Configurations LAN (c) External monitor Monitoring application Monitoring application Monitoring application Manager function Manager function Manager function Agent function Agent function Agent function Managed objects LAN (a) Managed resources in manager system (d) proxy monitor agent observed traffic Subnetwork or internet Monitoring application Manager function Agent function Managed objects (b) Resources in agent system Subnetwork or internet Subnetwork or internet

9 9 Network Monitoring Methods Polling –a request-response interaction between a manager and agent –a manager sends request to an agent which processes the request and responds with information from its MIB –a manager may use polling to learn about the configuration it is managing obtain periodically an update of conditions investigate an area in detail after being altered to a problem Event Reporting –information flow is initiated from the agent to manager –an agent may generate report periodically to give the manager its current status or whenever a significant event (e.g., change of a state) or an unusual event (e.g., fault) occurs –good for detecting problems as soon as they occur

10 10 Performance Monitoring Measuring the performance of the network (or performance monitoring) is absolutely required in NM –to detect & fix problems that cause performance degradation –to better plan network upgrades Problems in selecting and using appropriate indicators (or metrics) –too many indicators in use –the meaning of most indicators are not yet clearly understood –some indicators are supported by some manufacturers only –frequently, the indicators are accurately measured but incorrectly interpreted by human or mgmt application –the calculation of indicators takes too much time

11 11 Network Performance Indicators Service-oriented –Availability: the percentage of time that a network system, a component, or an application is available for a user –Response Time: how long it takes for a response to appear at a user’s terminal after a user action calls for it –Accuracy: the percentage of time that no errors in the transmission and delivery of information Efficiency-oriented –Throughput: the rate at which application-oriented events (e.g., file transfers) occur –Utilization: the percentage of the theoretical capacity of a resource (e.g., transmission line, switch, CPU) that is being used

12 12 Elements of Response Time TO Workstation Network interface (e.g., router) Server SI SO TI WI WO CPU RT = TI + WI + SI + CPU + WO + SO + TO RT = response time CPU = CPU process delay TI = inbound terminal delay WO = outbound queuing time WI = inbound queuing time SO = outbound service time SI = inbound service time TO = outbound terminal delay Network

13 13 Performance Monitoring Functions Performance Measurement –the actual gathering of statistics about network traffic & timing –typically performed by agents within network devices –e.g., amount of data in and out of a node, number of connections, traffic per connection Performance Analysis –analyzing the gathered data and presenting it –e.g., total, average, min, max, histogram Synthetic Traffic Generation –generating artificial traffic load –permits the network to be observed under a controlled load

14 14 Typical Performance-Related Questions Performance measurements can be used to answer a number of questions –Why is the response so slow? (a very loaded question!) –Why is the retransmission rate so high? –Is traffic evenly distributed among network users or are there source-destination pairs with unusually heavy traffic? –What is the percentage of each type of packet? –What is the channel utilization and throughput? –What is the effect of traffic load on utilization, throughput & time delays? –When does traffic load start to degrade system performance? –What is the maximum capacity of the channel under normal operating conditions? How many active users are necessary to reach this maximum?

15 15 Fault Monitoring To detect faults as quickly as possible after they occur and to identify the cause of the fault so that correctional action may be taken Problems of Fault Monitoring –Fault Detection Problems Unobservable faults: e.g., deadlock, device not monitorable Partially observable faults: insufficient to pinpoint the problem Uncertainty in observation: not clear what the problem is –Fault Isolation Problems Multiple potential causes Too many related observations Interference between diagnosis and local recovery procedures Absence of automated testing tools

16 16 Fault Monitoring Functions Logging –record important events and errors –logs should be accessible by managers (e.g., via polling) Event Reporting –sending events, errors to managers –sending alarms to manager to warn possible problems Diagnostic Functions –connectivity test (e.g., traceroute) –response-time test –liveness test (e.g., ping) –protocol integrity test –loopback test

17 17 Accounting Monitoring Keeping track of users’ usage of network resources –communication facilities –computer hardware –software and systems –services Usage may need to be broken down by account, by project, or by individual user for appropriate accounting purposes

18 18 Summary Network monitoring is the most basic aspect of NM The purpose of network monitoring is to gather information about the status and behavior of network elements Information to be gathered include –static, dynamic and statistical information Monitoring methods - polling & event reporting Monitoring functions –performance monitoring –fault monitoring –accounting monitoring READ Chapter 2 of Textbook

Download ppt "1 Network Monitoring Mi-Jung Choi Dept. of Computer Science KNU"

Similar presentations

CSE 413: Computer Networks

CSE 413: Computer Networks
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Network Management - Introduction. References Communications Network Management, Kornel Terplan Prentice Hall 1992, 2 nd ed. Managing Inter networks with.

Network Management - Introduction. References Communications Network Management, Kornel Terplan Prentice Hall 1992, 2 nd ed. Managing Inter networks with.
Global Network & Network Management **** IEC Teacher Workshop June 28, 2012 Prof. Mani Subramanian.

Global Network & Network Management **** IEC Teacher Workshop June 28, 2012 Prof. Mani Subramanian.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
CIS 203 17 : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.

CIS : Network Management. Introduction Network, associated resources and distributed applications indispensable Complex systems —More things can.
Telecommunications Management 273-436/635 Network Management.

Telecommunications Management /635 Network Management.
CS 408 Computer Networks Congestion Control (from Chapter 05)

CS 408 Computer Networks Congestion Control (from Chapter 05)
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Introduction to Network Analysis and Sniffer Pro

Introduction to Network Analysis and Sniffer Pro
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Internetworking.

William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Internetworking.
Network Monitoring Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University.

Network Monitoring Chu-Sing Yang Department of Electrical Engineering National Cheng Kung University.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Chapter 15 Chapter 15: Network Monitoring and Tuning.

Chapter 15 Chapter 15: Network Monitoring and Tuning.
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
Chapter 10 Introduction to Wide Area Networks Data Communications and Computer Networks: A Business User’s Approach.

Chapter 10 Introduction to Wide Area Networks Data Communications and Computer Networks: A Business User’s Approach.
Measuring Performance Chapter 12 CSE807. Performance Measurement To assist in guaranteeing Service Level Agreements For capacity planning For troubleshooting.

Measuring Performance Chapter 12 CSE807. Performance Measurement To assist in guaranteeing Service Level Agreements For capacity planning For troubleshooting.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 14 Server and Network Monitoring.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 14 Server and Network Monitoring.
Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.

Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.

Similar presentations

Ads by Google