Presentation is loading. Please wait.

Presentation is loading. Please wait.

Revised Spring 2006 SNMPv3 and Network Management 1 SNMPv3 and Network Management Chapter 2 Network Management, MIBs, and MPLS Stephen B. Morris Copyright.

Published bySheena Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "Revised Spring 2006 SNMPv3 and Network Management 1 SNMPv3 and Network Management Chapter 2 Network Management, MIBs, and MPLS Stephen B. Morris Copyright."— Presentation transcript:

1 Revised Spring 2006 SNMPv3 and Network Management 1 SNMPv3 and Network Management Chapter 2 Network Management, MIBs, and MPLS Stephen B. Morris Copyright 2003. Pearson Education Inc., Publishing as Prentice Hall PTR. All rights reserved. Visit the companion Web site at http://authors.phptr.com/morris/ http://authors.phptr.com/morris/ 1

2 Revised Spring 2006 Rudimentary NMS Software Components2 Overview The purpose of this particular lesson is to familiarize you with the message structure and encryption methods of SNMPv3.

3 Revised Spring 2006 SNMPv3 and Network Management 3Structure Provides modular structure that is flexible Provides modular structure that is flexible Complements trend toward component technology Complements trend toward component technology Has two main components Has two main components Engine and a collection of applications Engine and a collection of applications Has four subcomponents Has four subcomponents Dispatcher and message, security, and access control subsystems Dispatcher and message, security, and access control subsystems Subcomponents service versions one through three Subcomponents service versions one through three Important facts to remember about engine subcomponents Important facts to remember about engine subcomponents Can hand off msg processing to each other as required Can hand off msg processing to each other as required Are themselves extensible entities Are themselves extensible entities 2

4 Revised Spring 2006 SNMPv3 and Network Management 4Applications Currently five SNMPv3 apps defined Currently five SNMPv3 apps defined Cmd generators create msgs Cmd generators create msgs Cmd responders respond to msgs Cmd responders respond to msgs Notification originators send trap or inform msgs Notification originators send trap or inform msgs Notification receivers receive and processs trap or inform msgs Notification receivers receive and processs trap or inform msgs Proxy forwarders forward messsages between SNMP entity components Proxy forwarders forward messsages between SNMP entity components v3 framework allow room for additional apps v3 framework allow room for additional apps 3

5 Revised Spring 2006 SNMPv3 and Network Management 5 Message Formats 4 Msg Version MsgID MaxMsgSize MsgFlags MsgSecurity EngineID EngineBoots EngineTime UserName MD5 Digest or SHA Digest DES Key ContextID ContextName PDU Types Common Data General Authentication Privacy Msg format is broken down into four overall sections Msg format is broken down into four overall sections Common data: occur in all SNMPv3 msgs Common data: occur in all SNMPv3 msgs Security model data: three subsections-one general, one authentication, Security model data: three subsections-one general, one authentication, and one privacy data and one privacy data Context: two fields used to provide correct context in which PDU should Context: two fields used to provide correct context in which PDU should be processed be processed PDU: contains a v2 PDU PDU: contains a v2 PDU Encrypted or plain text1 Encrypted or plain text1 Context PDU Security Model Data

6 Revised Spring 2006 SNMPv3 and Network Management 6 Message Formats First field in SNMP msg is the MsgVersion First field in SNMP msg is the MsgVersion The number shown indicates version The number shown indicates version MsgID used between two entities for msg correlation MsgID used between two entities for msg correlation Similar IDs should not be used simultaneously Similar IDs should not be used simultaneously Msg should time out or be answered before the ID is used again Msg should time out or be answered before the ID is used again PDU has a request ID field PDU has a request ID field No longer used since encryption is an option under v3 No longer used since encryption is an option under v3 MsgID now found in the unencrypted header MsgID now found in the unencrypted header 5

7 Revised Spring 2006 SNMPv3 and Network Management 7 Message Formats MsgID also allow discernment between duplicate msgs MsgID also allow discernment between duplicate msgs Underlying datagram services duplicate msgs Underlying datagram services duplicate msgs MaxMsgSize MaxMsgSize Supported by sender of msg Supported by sender of msg Largest packet that transport protocol can carry without having to use Largest packet that transport protocol can carry without having to use fragmetation fragmetation Receiver of msg uses info to ensure its reply is within allowed size range Receiver of msg uses info to ensure its reply is within allowed size range MsgFlags MsgFlags 1 byte long: determines authentication and privacy settings for the msg 1 byte long: determines authentication and privacy settings for the msg Indicates if msg requires response Indicates if msg requires response The security subsystem handles processing of this section The security subsystem handles processing of this section 7

8 Revised Spring 2006 SNMPv3 and Network Management 8 Message Formats MsgSecurity MsgSecurity An integer object that determines security setting associated with the An integer object that determines security setting associated with the msg msg 0 reserved for any and 1-3 correlates to SNMP versions 1-3 0 reserved for any and 1-3 correlates to SNMP versions 1-3 4-255 reserved for standards-track security models 4-255 reserved for standards-track security models Values greater than 255 for enterprise specific security models Values greater than 255 for enterprise specific security models Security Model Data: Authentication Protocol Security Model Data: Authentication Protocol MD5 and SHA are two support protocols in SNMPv3 MD5 and SHA are two support protocols in SNMPv3 Both authenticate the SNMP msg Both authenticate the SNMP msg SHA most complex algorithm with 20-byte calculation SHA most complex algorithm with 20-byte calculation MD5 has 16-byte algorithm MD5 has 16-byte algorithm First 12-bytes/96 bits in both protocols are included in the First 12-bytes/96 bits in both protocols are included in the authentication field authentication fieldfield 20-octet passwd for SHA and 16-octet for MD5 20-octet passwd for SHA and 16-octet for MD5 8

9 Revised Spring 2006 SNMPv3 and Network Management 9 Message Formats 12-byte octet string used to authenticate msg 12-byte octet string used to authenticate msg String known as electronic fingerprint String known as electronic fingerprint Verifies data has not be altered in transit Verifies data has not be altered in transit True for MD5 and SHA protocols True for MD5 and SHA protocols SNMP: entity to entity SNMP: entity to entity During msg exchange authentication key is known to both parties During msg exchange authentication key is known to both parties During receipt of key the receiver recalculates the know key using During receipt of key the receiver recalculates the know key using algorithm algorithm If the recalculated key matches the original, then authentication occurs If the recalculated key matches the original, then authentication occurs Security Model Data: Privacy Protocol Security Model Data: Privacy Protocol Privacy protocol field Privacy protocol field 8-byte octet string used for Data Encryption Standard (DES) 8-byte octet string used for Data Encryption Standard (DES) 16-byte key used for encryption 16-byte key used for encryption First 8 octets of key used for encryption/DES First 8 octets of key used for encryption/DES Second 8 octets of key used as initialization vector Second 8 octets of key used as initialization vector (continued on next slide) (continued on next slide) 9

10 Revised Spring 2006 SNMPv3 and Network Management10 Message Formats Unique 8-octet value is manipulated to prevent re-usage on encryption of packet Unique 8-octet value is manipulated to prevent re-usage on encryption of packet DES in SNMPv3 uses private key to encrypt/decrypt msgs DES in SNMPv3 uses private key to encrypt/decrypt msgs Context Context Deals with existing MIB indexing schemes and how to extend them Deals with existing MIB indexing schemes and how to extend them Some MIB are indexed by port number Some MIB are indexed by port number Certain configs there may be cards/units with the same port numbers Certain configs there may be cards/units with the same port numbers Context feature allows multiple instances of identical MIB tables within same SNMP agent Context feature allows multiple instances of identical MIB tables within same SNMP agent

11 Revised Spring 2006 SNMPv3 and Network Management11 Message Formats SNMPv3 Message Exchanges SNMPv3 Message Exchanges The flow diagram explains the flow of SNMP msgs The flow diagram explains the flow of SNMP msgs

12 Revised Spring 2006 SNMPv3 and Network Management12 Message Formats

13 Revised Spring 2006 SNMPv3 and Network Management13 Message Formats

14 Revised Spring 2006 SNMPv3 and Network Management14 SNMP Problems Has difficulty manipulating large data sets Has difficulty manipulating large data sets Scalability issues where table grow in the thousands Scalability issues where table grow in the thousands Notifications aren’t guaranteed to arrive Notifications aren’t guaranteed to arrive UDP UDP Management operations (such as get or set) can time out if network is congested or agent host is heavily loaded Management operations (such as get or set) can time out if network is congested or agent host is heavily loaded SNMP use UDP SNMP use UDP Despite shortcomings, SNMP’s widespread deployment and simplicity are great strengths! Despite shortcomings, SNMP’s widespread deployment and simplicity are great strengths!

15 Revised Spring 2006 SNMPv3 and Network Management15 Summary SNMPv3 offers much greater security than previous versions SNMPv3 offers much greater security than previous versions Allows extension of MIBs Allows extension of MIBs Understanding SNMP msg flow is critical to network managers Understanding SNMP msg flow is critical to network managers Network elements combine to make up a managed network Network elements combine to make up a managed network

16 Revised Spring 2006 Rudimentary NMS Software Components 16 The Network Management Problem Chapter 3 Network Management, MIBs, and MPLS Stephen B. Morris Rodrigo Iglesias de Aliaga

17 Revised Spring 2006 Rudimentary NMS Software Components17 Overview Network Operators problems with the growth of traffic types and volumes. Network Operators problems with the growth of traffic types and volumes. Operational increase due to Multiple NMS growth. Operational increase due to Multiple NMS growth. There is a strong need to reduce the cost of ownership and improve the return on investment (ROI) for network equipment. There is a strong need to reduce the cost of ownership and improve the return on investment (ROI) for network equipment.

18 Revised Spring 2006 Rudimentary NMS Software Components18 Overview Automated, flow-through actions are required for network management operations. Automated, flow-through actions are required for network management operations. Provisioning Provisioning Detecting faults Detecting faults Checking (and verifying) performance Checking (and verifying) performance Billing/accounting Billing/accounting Initiating repairs or network upgrades Initiating repairs or network upgrades Maintaining the network inventory Maintaining the network inventory

19 Revised Spring 2006 Rudimentary NMS Software Components19 Bringing the Managed Data to the Code Managed objects reside on many SNMP agent hosts. Managed objects reside on many SNMP agent hosts. Copies of managed objects reside on SNMP management systems. Copies of managed objects reside on SNMP management systems. Changes in agent data may have to be regularly reconciled with the management system copy. Changes in agent data may have to be regularly reconciled with the management system copy.

20 Revised Spring 2006 Rudimentary NMS Software Components20 Bringing the Managed Data to the Code Components of an NMS Components of an NMS

21 Revised Spring 2006 Rudimentary NMS Software Components21 Bringing the Managed Data to the Code The Quality of an NMS is inversely proportional to the gap between its picture of the network and the actual state of the underlying network- the smaller the gap, the better the NMS. The Quality of an NMS is inversely proportional to the gap between its picture of the network and the actual state of the underlying network- the smaller the gap, the better the NMS. As managed NES become more complex, an extra burden is placed on the management system. As managed NES become more complex, an extra burden is placed on the management system.

22 Revised Spring 2006 Rudimentary NMS Software Components22 Scalability Today’s Network is Tomorrow’s NE Today’s Network is Tomorrow’s NE Scalability is one of the biggest problems facing modern networking. Scalability is one of the biggest problems facing modern networking. A scalability problem occurs when an increase in the number of instances of a given managed object in the network necessitates a compensating, proportional resource increase inside the management system. A scalability problem occurs when an increase in the number of instances of a given managed object in the network necessitates a compensating, proportional resource increase inside the management system.

23 Revised Spring 2006 Rudimentary NMS Software Components23 Layer 2 VPN Scalability Scalability Problems tend to arise in situations of proportional growth. Scalability Problems tend to arise in situations of proportional growth. The N 2 Problem The N 2 Problem When the number of layer 2 virtual circuits required is proportional to the square of the number of sites. When the number of layer 2 virtual circuits required is proportional to the square of the number of sites. Anything in networking that grows at the rate of N 2 tends to give rise to a problem of scale. Anything in networking that grows at the rate of N 2 tends to give rise to a problem of scale. As the number of sites gets bigger, the N 2 term is more significant than the other terms. As the number of sites gets bigger, the N 2 term is more significant than the other terms.

24 Revised Spring 2006 Rudimentary NMS Software Components24 The N 2 problem

25 Revised Spring 2006 Rudimentary NMS Software Components25 The N 2 problem Layer 3 VPNs Layer 3 VPNs Layer 3 VPNs provide a much more scalable solution because the number of connections required is proportional to a number of sites, not the square of the number of sites. Layer 3 VPNs provide a much more scalable solution because the number of connections required is proportional to a number of sites, not the square of the number of sites. Layer 3 VPNs avoid the need for a full mesh between all of the customer edge routers by providing these features: Layer 3 VPNs avoid the need for a full mesh between all of the customer edge routers by providing these features: A layer 3 core A layer 3 core Overlapping IP address range across the connected sites (if separate organizations use the same VPN service) Overlapping IP address range across the connected sites (if separate organizations use the same VPN service) Multiple routing table instances in the provider edge routers Multiple routing table instances in the provider edge routers

26 Revised Spring 2006 Rudimentary NMS Software Components26 Virtual Circuit Status Monitoring Scalability problems arise when the MIB table entries become very large due to NMS attempts to read all MIB table entries at the same time. Scalability problems arise when the MIB table entries become very large due to NMS attempts to read all MIB table entries at the same time.

27 Revised Spring 2006 Rudimentary NMS Software Components27 MIB Scalability Network operators and their users demand more: Network operators and their users demand more: Bandwidth Bandwidth Faster Networks Faster Networks Bigger Devices Bigger Devices Scalability concerns are growing because routers and switches are routinely expected to support the creation of millions of virtual circuits. Scalability concerns are growing because routers and switches are routinely expected to support the creation of millions of virtual circuits.

28 Revised Spring 2006 Rudimentary NMS Software Components28 Creating LSPs in an MPLS network

29 Revised Spring 2006 Rudimentary NMS Software Components29 Other Enterprise Network Scalability Issues Scalability concerns also affect enterprise networks in these areas: Scalability concerns also affect enterprise networks in these areas: Storage Solutions Storage Solutions Adding, deleting, modifying, and monitoring SANs Adding, deleting, modifying, and monitoring SANs Administration of Firewalls Administration of Firewalls Rules for permitting or blocking packet transit Rules for permitting or blocking packet transit Routers Routers Access control lists and static routes Access control lists and static routes Security Managements Security Managements Encryption keys, biometrics facilities, and password control Encryption keys, biometrics facilities, and password control Application Management Application Management

30 Revised Spring 2006 Rudimentary NMS Software Components30 Light Reading Trials Internet core routers from Cisco, Juniper, Charlotte’s Networks, and Foundry Networks were stress-tested during 2001 using these tests Internet core routers from Cisco, Juniper, Charlotte’s Networks, and Foundry Networks were stress-tested during 2001 using these tests MPLS throughput MPLS throughput Latency Latency IP throughput at OC-48 IP throughput at OC-48 IP throughput at OC-192 IP throughput at OC-192

31 Revised Spring 2006 Rudimentary NMS Software Components31 Large NEs Advantages of the deployment of much bigger device Advantages of the deployment of much bigger device They reduce the number of devices required, saving central office (CO) space and reducing cooling and power requirements. They reduce the number of devices required, saving central office (CO) space and reducing cooling and power requirements. They may help to reduce cabling by aggregating links. They may help to reduce cabling by aggregating links. They offer richer feature set. They offer richer feature set. Disadvantages Disadvantages They are harder to manage. They are harder to manage. They potentially generate vast amounts of management data. They potentially generate vast amounts of management data. They are a possible single point of failure if not back up. They are a possible single point of failure if not back up.

32 Revised Spring 2006 Rudimentary NMS Software Components32 Expensive (and Scarce) Development Skill Sets Building management systems for the devices of today and tomorrow is increasingly difficult. Building management systems for the devices of today and tomorrow is increasingly difficult. General migration to a Layer 3 infrastructure is another reason for the widening gap between available development skills and required product features. General migration to a Layer 3 infrastructure is another reason for the widening gap between available development skills and required product features. The need for customers to see rapid ROI for all infrastructural purchases The need for customers to see rapid ROI for all infrastructural purchases

33 Revised Spring 2006 Rudimentary NMS Software Components33 Expensive (and Scarce) Development Skill Sets A different approach is needed for developing management systems. A different approach is needed for developing management systems. Acquiring skills like these would positively enhance the development process. Acquiring skills like these would positively enhance the development process. A solution mindset A solution mindset Distributed, creative problem solving Distributed, creative problem solving Taking ownership Taking ownership Acquiring domain expertise Acquiring domain expertise Embracing short development cycles Embracing short development cycles Minimizing code changes Minimizing code changes Strong testing capability Strong testing capability

34 Revised Spring 2006 Rudimentary NMS Software Components34 A Solution Mindset Solutions have a number of characteristics Solutions have a number of characteristics Clear economic value Clear economic value Fulfillment of important requirements Fulfillment of important requirements Resolution of one or more end-user problems Resolution of one or more end-user problems

35 Revised Spring 2006 Rudimentary NMS Software Components35 A Solution Mindset

36 Revised Spring 2006 Rudimentary NMS Software Components36 Distributed, Creative Problem Solving Software Bugs Software Bugs NE Bugs (Hard to identify) NE Bugs (Hard to identify) Performance Bottlenecks in FCAPS applications due to congestion on the network. Performance Bottlenecks in FCAPS applications due to congestion on the network. Client Applications crashing from time to time Client Applications crashing from time to time MIB Table Corruption MIB Table Corruption SNMP Agent Exceptions SNMP Agent Exceptions

37 Revised Spring 2006 Rudimentary NMS Software Components37 Distributed, Creative Problem Solving Tools available to solve these problems Tools available to solve these problems UML support packages UML support packages Java/C++/SDL products Java/C++/SDL products Version control Version control Debuggers Debuggers

38 Revised Spring 2006 Rudimentary NMS Software Components38 Taking Ownership A broad task can be ring-fenced by a small group of developers who take responsibility for design, development, and delivery. A broad task can be ring-fenced by a small group of developers who take responsibility for design, development, and delivery. Traditional development boundaries are removed. Traditional development boundaries are removed. No more pure GUI, backend, or database developers. No more pure GUI, backend, or database developers. All NMS software developers should strive to extend their portfolio of skills to achieve this. All NMS software developers should strive to extend their portfolio of skills to achieve this. Institutional memory relates to individual developers with key knowledge of product infrastructure. Institutional memory relates to individual developers with key knowledge of product infrastructure.

39 Revised Spring 2006 Rudimentary NMS Software Components39 Acquiring Domain Expertise Domain expertise represents a range of detailed knowledge Domain expertise represents a range of detailed knowledge IP/MPLS that can be readily applied to the needs of an organization. IP/MPLS that can be readily applied to the needs of an organization.

40 Revised Spring 2006 Rudimentary NMS Software Components40 Acquiring Domain Expertise Knowledge include areas such us: Knowledge include areas such us: Layer 2 and layer 3 traffic engineering Layer 2 and layer 3 traffic engineering Layer 2 and layer 3 QoS Layer 2 and layer 3 QoS Network Management Network Management Convergence of legacy technologies into IP Convergence of legacy technologies into IP Backward and forward compatibility of new technologies Backward and forward compatibility of new technologies MPLS MPLS

41 Revised Spring 2006 Rudimentary NMS Software Components41 Linked Overviews ATM Linked Overview ATM Linked Overview IP Linked Overview IP Linked Overview Embracing Short Development Cycles Embracing Short Development Cycles Minimizing Code Changes Minimizing Code Changes

42 Revised Spring 2006 Rudimentary NMS Software Components42 Elements of NMS Development NMS Developments NMS Developments Using a browser-based GUI Using a browser-based GUI Developer wants to check that the software executed the correct actions Developer wants to check that the software executed the correct actions During provisioning, developer verifies Java During provisioning, developer verifies Java Database is updated by the management system code Database is updated by the management system code Verifying that the correct set of managed objects was written to the NE Verifying that the correct set of managed objects was written to the NE

43 Revised Spring 2006 Rudimentary NMS Software Components43 Elements of NMS Development Data Analysis Data Analysis Upgrade considerations Upgrade considerations UML, Java, and Object-Oriented Development UML, Java, and Object-Oriented Development Class Design for Major NMS Features Class Design for Major NMS Features GUI Development GUI Development Middleware Using CORBA-Based Products Middleware Using CORBA-Based Products Insulating Applications from Low-Level Code Insulating Applications from Low-Level Code

44 Revised Spring 2006 Rudimentary NMS Software Components44 Expensive (and Scarce) Operational Skill Sets The growing complexity of networks is pointing to increasingly scarce operational skills The growing complexity of networks is pointing to increasingly scarce operational skills Multiservice Switches Multiservice Switches Enterprise network typically want to: Enterprise network typically want to: Reduce the payback period for new purchases Reduce the payback period for new purchases Maintain and expand existing network services Maintain and expand existing network services Reduce operational costs associated with multiple networks Reduce operational costs associated with multiple networks Telephony Telephony LAN LAN

45 Revised Spring 2006 Rudimentary NMS Software Components45 Expensive (and Scarce) Operational Skill Sets Multiservice Switches Multiservice Switches MPLS provides a way of filling these needs in conjunction with multiservice switches MPLS provides a way of filling these needs in conjunction with multiservice switches ATM ATM FR FR TDM TDM IP IP

46 Revised Spring 2006 Rudimentary NMS Software Components46 MPLS: Second Chunk Managed objects of MPLS Managed objects of MPLS Explicit Route Objects Explicit Route Objects Resource blocks Resource blocks Tunnels and LSPs Tunnels and LSPs In-segments In-segments Out-segments Out-segments Cross-connects Cross-connects Routing Protocols Routing Protocols Signaling Protocols Signaling Protocols Label operations Label operations Traffic Engineering Traffic Engineering QoS QoS

47 Revised Spring 2006 Rudimentary NMS Software Components47 Explicit Route Objects An ERO is a of layer 3 address hops inside an MPLS cloud An ERO is a of layer 3 address hops inside an MPLS cloud Describes a list of MPLS nodes through which a tunnel passes. Describes a list of MPLS nodes through which a tunnel passes. EROs are used by signaling protocols to create tunnels EROs are used by signaling protocols to create tunnels

48 Revised Spring 2006 Rudimentary NMS Software Components48 Resource Blocks MPLS permits the reservation of resources in the network. MPLS permits the reservation of resources in the network. Resource blocks provide a means for recording the bandwidth settings Resource blocks provide a means for recording the bandwidth settings Resource blocks include Resource blocks include Maximum reserved bandwidth Maximum reserved bandwidth Maximum traffic burst size Maximum traffic burst size Packet length Packet length

49 Revised Spring 2006 Rudimentary NMS Software Components49 Tunnels and LSPs MPLS-encapsulated packets enter the tunnel, pass across the appropiaye path, and exhibit three important characteristics MPLS-encapsulated packets enter the tunnel, pass across the appropiaye path, and exhibit three important characteristics Forwarding is based on MPLS label rather than IP header Forwarding is based on MPLS label rather than IP header Resource usage is fixed, based on those rederved at the time of connection creation Resource usage is fixed, based on those rederved at the time of connection creation The path taken by the traffic is constrained by the path chosen in advance by the user. The path taken by the traffic is constrained by the path chosen in advance by the user.

50 Revised Spring 2006 Rudimentary NMS Software Components50 In-Segments and Out-Segments In-segments on an MPLS node represent the point of ingress for traffic In-segments on an MPLS node represent the point of ingress for traffic Out-segments represent the point of egress for traffic Out-segments represent the point of egress for traffic

51 Revised Spring 2006 Rudimentary NMS Software Components51 Cross-Connects MPLS node uses the cross-connect settings to decide how to switch traffic between the segments MPLS node uses the cross-connect settings to decide how to switch traffic between the segments Connection Types Connection Types Point-to-Point Point-to-Point Point-to-Multipoint Point-to-Multipoint Multipoint-to-Point Multipoint-to-Point

52 Revised Spring 2006 Rudimentary NMS Software Components52 Routing Protocols MPLS incorporates standard IP routing protocols such as OSPF, IS-IS and BGP4 MPLS incorporates standard IP routing protocols such as OSPF, IS-IS and BGP4

53 Revised Spring 2006 Rudimentary NMS Software Components53 Signaling Protocols LSPs and tunnels can be achieved either manually or via signaling LSPs and tunnels can be achieved either manually or via signaling Signaled connections have Signaled connections have Resource Reserved Resource Reserved Labels Distributed Labels Distributed Paths selected by protocols Paths selected by protocols RSVP-TE RSVP-TE LDP LDP

54 Revised Spring 2006 Rudimentary NMS Software Components54 Label Operations MPLS-labeled traffic is forwarded based on its encapsulated value MPLS-labeled traffic is forwarded based on its encapsulated value The operations that can be executed against labels are The operations that can be executed against labels are Lookup Lookup Swap Swap Pop Pop Push Push

55 Revised Spring 2006 Rudimentary NMS Software Components55 MPLS Encapsulation The MPLS Encapsulation specifies four reserved label values The MPLS Encapsulation specifies four reserved label values 0-IPv4 explicit null that signals the receiving node to pop the label and execute an IP lookup 0-IPv4 explicit null that signals the receiving node to pop the label and execute an IP lookup 1-Router alert that indicates to the receiving node to examine the packet more closely (rather than simply forwarding it) 1-Router alert that indicates to the receiving node to examine the packet more closely (rather than simply forwarding it) 2-IPv6 explicit null 2-IPv6 explicit null 3-Implicit null that signals the receiving node to pop the label and execute an IP lookup 3-Implicit null that signals the receiving node to pop the label and execute an IP lookup

56 Revised Spring 2006 Rudimentary NMS Software Components56 Qos and Traffic Engineering LAN Bandwidth can be increased as needed using switches LAN Bandwidth can be increased as needed using switches Excess bandwidth helps avoid congestion Excess bandwidth helps avoid congestion Traffic Engineering is set to become a mandatory element of converged layer 3 enterprise networks. Traffic Engineering is set to become a mandatory element of converged layer 3 enterprise networks.

57 Revised Spring 2006 Rudimentary NMS Software Components57 QoS There are three approaches that can be adopted for providing different levels of network service There are three approaches that can be adopted for providing different levels of network service Best effort (as provided by the Internet) Best effort (as provided by the Internet) Fine granularity QoS (Integrated Services – IntServ) Fine granularity QoS (Integrated Services – IntServ) Coarse granularity QoS (Differentiated Services – DiffServ) Coarse granularity QoS (Differentiated Services – DiffServ)

58 Revised Spring 2006 Rudimentary NMS Software Components58 IP Header

59 Revised Spring 2006 Rudimentary NMS Software Components59 MPLS and Scalability This table can include millions of rows This table can include millions of rows It is not practical to try to read or write an object of this size using SNMP It is not practical to try to read or write an object of this size using SNMP Unfortunately, it might be necessary if a network is being initially commissioned or rebalanced after adding new hardware Unfortunately, it might be necessary if a network is being initially commissioned or rebalanced after adding new hardware

60 Revised Spring 2006 Rudimentary NMS Software Components60 MPLS and Scalability

61 Revised Spring 2006 Rudimentary NMS Software Components61 MPLS and Scalability

62 Revised Spring 2006 Rudimentary NMS Software Components62 Summary Bringing managed data and code together is one of the central foundations of computing and network management Bringing managed data and code together is one of the central foundations of computing and network management Designers of management systems need rarified skills set that matches the range of technologies embedded in NEs and networks Liberal use of standards documents and linked overviews are some important tools for tackling the complexity of system development, managed object derivation, and definition. Designers of management systems need rarified skills set that matches the range of technologies embedded in NEs and networks Liberal use of standards documents and linked overviews are some important tools for tackling the complexity of system development, managed object derivation, and definition. Networks must increasingly support a growing range of traffic types. (Traffic Engineering and QoS handling in Layer 2 and Layer 3 Networks). Networks must increasingly support a growing range of traffic types. (Traffic Engineering and QoS handling in Layer 2 and Layer 3 Networks).

Download ppt "Revised Spring 2006 SNMPv3 and Network Management 1 SNMPv3 and Network Management Chapter 2 Network Management, MIBs, and MPLS Stephen B. Morris Copyright."

Similar presentations

Identifying MPLS Applications

Identifying MPLS Applications
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—8-1 MPLS TE Overview Introducing the TE Concept.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—8-1 MPLS TE Overview Introducing the TE Concept.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Implementing a Highly Available Network

Implementing a Highly Available Network
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.

TCP/IP Protocol Suite 1 Chapter 21 Upon completion you will be able to: Network Management: SNMP Understand the SNMP manager and the SNMP agent Understand.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 4: Frame Mode MPLS Implementation.
Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.

Chapter 19 Binding Protocol Addresses (ARP) Chapter 20 IP Datagrams and Datagram Forwarding.
SNMP Simple Network Management Protocol

SNMP Simple Network Management Protocol
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.

Guide to TCP/IP, Third Edition Chapter 11: Monitoring and Managing IP Networks.
Chapter 2: SNMPv3 and Network Management 1 Enterprise Network Management Chapter 2 SNMPv3 and Network Management Jiun January 2005.

Chapter 2: SNMPv3 and Network Management 1 Enterprise Network Management Chapter 2 SNMPv3 and Network Management Jiun January 2005.

Similar presentations

Ads by Google