Introdunction to Network Management Protocols - SNMP & TR-069

5,923
-1

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,923
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
183
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Introdunction to Network Management Protocols - SNMP & TR-069

  1. 1. Introduction To Network Management Protocols SNMP & TR-069 William.L wiliwe@gmail.com 2006-01-09
  2. 2. Index 1 SUMMARY ................................................................................................................................1 1.1 GENERAL DESCRIPTION ........................................................................................................1 2 WHAT IS NETWORK MANAGEMENT...............................................................................2 2.1 CONFIGURATION MANAGEMENT...........................................................................................2 2.2 PERFORMANCE MANAGEMENT .............................................................................................2 2.3 ACCOUNTING MANAGEMENT................................................................................................2 2.4 FAULT MANAGEMENT ...........................................................................................................3 2.5 SECURITY MANAGEMENT .....................................................................................................3 2.6 THE ARCHITECTURE OF NETWORK MANAGEMENT ...............................................................3 3 SIMPLE NETWORK MANAGEMENT PROTOCOL.........................................................6 4 CPE WAN MANAGEMENT PROTOCOL (TR-069)............................................................7 4.1 AUTO-CONFIGURATION AND DYNAMIC SERVICE PROVISIONING...........................................7 4.2 SOFTWARE/FIRMWARE IMAGE MANAGEMENT ......................................................................7 4.3 STATUS AND PERFORMANCE MONITORING............................................................................7 4.4 DIAGNOSTICS........................................................................................................................7 4.5 PROTOCOL COMPONENTS......................................................................................................8 5 TERMINOLOGY .................................................................................................................... 11 5.1 B-NT : BROADBAND NETWORK TERMINATION ...................................................................11 5.2 CPE : CUSTOMER PREMISE EQUIPMENT..............................................................................11 5.3 ACS : AUTO-CONFIGURATION SERVER ...............................................................................11 5.4 DSLAM : DIGITAL SUBSCRIBER LINE ACCESS MULTIPLEXER ............................................11 5.5 BRAS : BROADBAND REMOTE ACCESS SERVER .................................................................11 5.6 PARAMETER ........................................................................................................................11 5.7 IETF : INTERNET ENGINEERING TASK FORCE .....................................................................11 5.8 RPC : REMOTE PROCEDURE CALL ......................................................................................11 5.9 SOAP : SIMPLE OBJECT ACCESS PROTOCOL .......................................................................11 5.10 BER : BASIC ENCODING RULE............................................................................................12 6 REFERENCE...........................................................................................................................13 APPENDIX A. COMPARISON BETWEEN SNMP&CWMP....................................................14 APPENDIX B. EXPLANATION OF SOAP MESSAGE..............................................................15 APPENDIX C. INFORM MESSAGE ETHEREAL PCAP .........................................................17
  3. 3. 1 1 Summary 1.1 General Description Network management function is one of the most important functions, because it let the manager could monitor the remote device in the distance. Simple Network Management Protocol [9], SNMP, is one of popular network management methods. SNMP is referred to as "simple" because the agent requires minimal software. After the SNMP, the new generation network management protocol, CPE WAN Management Protocol, was developed. Many telecom and service providers are making TR-069 support a requirement for all new CPE purchases and proposals, so we will introduce this new management protocol.
  4. 4. 2 2 What is Network Management In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks. The network management has five main functions: 2.1 Configuration Management To monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed. Each network device has a variety of version information associated with it. Configuration management subsystems store this information in a database for easy access. When a problem occurs, this database can be searched for clues that may help solve the problem. 2.2 Performance Management To measure and make available various aspects of network performance so that internet work performance can be maintained at an acceptable level. Examples of performance variables that might be provided include network throughput, user response times, and line utilization. Performance management involves three main steps. First, performance data is gathered on variables of interest to network administrators. Second, the data is analyzed to determine normal (baseline) levels. Finally, appropriate performance thresholds are determined for each important variable so that exceeding these thresholds indicates a network problem worthy of attention. Management entities continually monitor performance variables. When a performance threshold is exceeded, an alert is generated and sent to the network management system. Each of the steps just described is part of the process to set up a reactive system. When performance becomes unacceptable because of an exceeded user-defined threshold, the system reacts by sending a message. Performance management also permits proactive methods: For example, network simulation can be used to project how network growth will affect performance metrics. Such simulation can alert administrators to impending problems so that counteractive measures can be taken. 2.3 Accounting Management To measure network utilization parameters so that individual or group uses on the network can be regulated appropriately. Such regulation minimizes network problems (because network resources can be apportioned based on resource capacities) and maximizes the fairness of network access across all users. As with performance management, the first step toward appropriate accounting management is to measure utilization of all important network resources. Analysis of the results provides insight into current usage patterns, and usage quotas can be set at this point. Some correction, of course, will be required to reach optimal access practices. From this point, ongoing measurement of resource use can yield billing information as well as information used to assess continued fair and optimal resource utilization.
  5. 5. 3 2.4 Fault Management To detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively. Because faults can cause downtime or unacceptable network degradation, fault management is perhaps the most widely implemented of the ISO network management elements. Fault management involves first determining symptoms and isolating the problem. Then the problem is fixed and the solution is tested on all-important subsystems. Finally, the detection and resolution of the problem is recorded. 2.5 Security Management To control access to network resources according to local guidelines so that the network cannot be sabotaged (intentionally or unintentionally) and sensitive information cannot be accessed by those without appropriate authorization. A security management subsystem, for example, can monitor users logging on to a network resource and can refuse access to those who enter inappropriate access codes. Security management subsystems work by partitioning network resources into authorized and unauthorized areas. For some users, access to any network resource is inappropriate, mostly because such users are usually company outsiders. For other (internal) network users, access to information originating from a particular department is inappropriate. Access to Human Resource files, for example, is inappropriate for most users outside the Human Resources department. Security management subsystems perform several functions. They identify sensitive network resources (including systems, files, and other entities) and determine mappings between sensitive network resources and user sets. They also monitor access points to sensitive network resources and log inappropriate access to sensitive network resources. 2.6 The Architecture of Network Management Figure 1 is the architecture of the network management. The network management system manages device by sending commands to or receiving reports from the agent (a program) in the devices. The agent is responsible for executing the NMS’s commands and reporting the status of the device it locates in.
  6. 6. 4 Figure 1 Figure 2 is an GUI network management system Figure 2 Managing Server Managed Devices
  7. 7. 5 Table 1 is the summary of the functions of the network management : Goal Performance Management Measure and make available various aspects of network performance so that internetwork performance can be maintained at an acceptable level Configuration Management Monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed. Accounting Management Measure network utilization parameters so that individual or group uses on the network can be regulated appropriately. Fault Management Detect, log, notify users of, and automatically fix network problems to keep the network running effectively. Security Management Control access to network resources according to local guidelines so that the network cannot be sabotaged and so that sensitive information cannot be accessed by those without appropriate authorization. Table 1
  8. 8. 6 3 Simple Network Management Protocol SNMP is a protocol that allows for remote and local management of items on the network including servers, workstations, routers, switches and other managed devices. Unlike traditional network management methods having complicated commands, SNMP has only few simple commands for get/set configuration and status. Figure 3 shows the SNMP management architecture : Figure 3 Request Response Trap Agent Process TCP/IP MIB-II TCP/IP SNMP Manager NMS AgentCommand Server Device
  9. 9. 7 4 CPE WAN Management Protocol (TR-069) The CPE WAN Management Protocol defines a mechanism that encompasses secure auto-configuration of a CPE, and also incorporates other CPE management functions into a common framework. This protocol is specified by DSL forum to be Technical Report - 069, TR-069 [8]. It provides the following main capabilities : 4.1 Auto-Configuration and Dynamic Service Provisioning The protocol allows an ACS to provision a CPE or collection of CPE based on a variety of criteria. The provisioning mechanism includes specific provisioning parameters and a general mechanism for adding vendor-specific provisioning capabilities as needed. 4.2 Software/Firmware Image Management The CPE WAN Management Protocol provides tools to manage downloading of CPE software/firmware image files. The protocol provides mechanisms for version identification, file download initiation (ACS initiated downloads and optional CPE initiated downloads), and notification of the ACS of the success or failure of a file download. 4.3 Status and Performance Monitoring The protocol provides support for a CPE to make available information that the ACS may use to monitor the CPE’s status and performance statistics. The protocol defines a common set of such parameters, and provides a standard syntax for vendors to define additional non-standard 4.4 Diagnostics The protocol provides support for a CPE to make available information that the ACS may use to diagnose connectivity or service issues. The protocol defines a common set of such parameters and a general mechanism for adding vendor-specific diagnostic capabilities.
  10. 10. 8 Figure 4 shows the CPE WAN Management Protocol configuration architecture : Figure 4 4.5 Protocol Components The CPE WAN Management Protocol comprises several components that are unique to this protocol and makes use of several standard protocols. Figure 5 shows the protocol stack defined by CPE WAN Management Protocol. Figure 5 CPE/ACS Management Application RPC Methods SOAP HTTP SSL/TLS TCP/IP (may haveDHCP) Internet, ISP network, Frame Relay… (TR-069) TR-104 LAN WAN
  11. 11. 9 Figure 6 shows the descriptions for the above, each protocol in the protocol stack : Figur e 6 Protocol Layer Description CPE/ACS Application The application uses the CPE WAN Management Protocol on the CPE and ACS, respectively. The application is locally defined and not specified as part of the CPE WAN Management Protocol RPC Methods The specific RPC methods that are defined by the CPE WAN Management Protocol (TR-69) SOAP A standard XML-based syntax used here to encode remote procedure calls. Specifically SOAP 1.1 [5] HTTP HTTP 1.1 [3] SSL/TLS The standard Internet transport layer security protocols. Specifically, either SSL 3.0 [6] (Secure Socket Layer), or TLS 1.0 [7] (Transport Layer Security). Use of SSL/TLS is RECOMMENDED but is not required TCP/IP Standard TCP/IP
  12. 12. 10 Figure 7 shows the managing message of the CPE WAN Management Protocol . Figure 7 POST /dps/TR069 HTTP/1.1 Host: demo.dimark.com:8888 User-Agent: TR69_CPE-1.0 Connection: keep-alive SOAPAction: Cookie: JSESSIONID=9418E79390E6E98A036FE1A3A4F1EEEF Content-Type: text/xml Content-Length: 1361 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cwmp="urn:dslforum-org:cwmp-1-0" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope"> <SOAP-ENV:Header> <cwmp:ID SOAP-ENV:mustUnderstand="1">263236</cwmp:ID> </SOAP-ENV:Header> <SOAP-ENV:Body> <cwmp:GetParameterNamesResponse> <ParameterList SOAP-ENC:arrayType="cwmp:ParameterInfoStruct[4]"> <ParameterInfoStruct> <Name>InternetGatewayDevice.LANDeviceNumberOfEntries</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.WANDeviceNumberOfEntries</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.LANDevice.</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.WANDevice.</Name> <Writable>0</Writable> </ParameterInfoStruct> </ParameterList> </cwmp:GetParameterNamesResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope> HTTP message
  13. 13. 11 5 Terminology In this section, it lists all abbreviations used in this document. 5.1 B-NT : Broadband Network Termination 5.2 CPE : Customer Premise Equipment A DSL B-NT is one of form of broadband CPE. This could be ADSL modem. 5.3 ACS : Auto-Configuration Server This is a device in the broadband network responsible for auto-configuration of the CPE for advanced services. 5.4 DSLAM : Digital Subscriber Line Access Multiplexer The DSLAM at the access provider is the equipment that really allows DSL to happen. A DSLAM takes connections from many customers and aggregates them onto a single, high-capacity connection to the Internet. It may provide additional functions including routing or dynamic IP address assignment for the customers. 5.5 BRAS : Broadband Remote Access Server This is the connection point to the network(Internet, WAN) and application service providers(ISP, Corporate Network…etc) 5.6 Parameter A name-value pair representing a manageable CPE parameter made accessible to an ACS for reading and/or writing. 5.7 IETF : Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. 5.8 RPC : Remote Procedure Call An RPC is analogous to a function call. Like a function call, when an RPC is made, the calling arguments(parameters) are passed to the remote procedure and the caller waits for a response to be returned from the remote procedure. 5.9 SOAP : Simple Object Access Protocol SOAP provides a simple and lightweight mechanism for exchanging structured and typed information between peers in a decentralized, distributed environment using XML.
  14. 14. 12 5.10 BER : Basic Encoding Rule This is ASN.1 encoding rules for producing self-identifying and self-delimiting transfer syntax for data structures described in ASN.1 notations. BER is a self-identifying and self-delimiting encoding scheme, which means that each data element can be identified, extracted and decoded individually. Each data element is encoded as a type identifier, a length description, the actual data elements, and where necessary, an end-of-content marker. These types of encodings are commonly called type-length-value or TLV encodings.
  15. 15. 13 6 Reference 1. IETF, http://www.ietf.org/ 2. DSL Forum, http://www.dslforum.org 3. RFC 2616, Hypertext Transfer Protocol—HTTP/1.1, http://www.ietf.org/rfc/rfc2616.txt 4. RFC 2617, HTTP Authentication: Basic and Digest Access Authentication, http://www.ietf.org/rfc/rfc2617.txt 5. Simple Object Access Protocol (SOAP) 1.1, http://www.w3.org/TR/2000/NOTE-SOAP-20000508 6. The SSL Protocol, Version 3.0, http://www.netscape.com/eng/ssl3/draft302.txt 7. RFC 2246, The TLS Protocol, Version 1.0, http://www.ietf.org/rfc/rfc2246.txt 8. Technical Report 069(TR-069) : CPE WAN Management Protocol, Jeff Bernstein, Tim Spets, May 2004. 9. Simple Network Management Protocol (SNMP), http://www.faqs.org/rfcs/rfc1067.html 10. Abstract Syntax Notation (ASN.1), http://asn1.elibel.tm.fr/en/
  16. 16. 14 Appendix A. Comparison between SNMP&CWMP This section provides the different between SNMP and CWMP : SNMP CWMP Support Organization IETF (The Internet Engineering Task Force) [1] DSL Forum [2] Protocol Layer Application Layer Transport Protocol UDP TCP Well-Known Port UDP Port 161 - SNMP Messages UDP Port 162 - SNMP Trap Messages NON ( HTTPS : 443 ) Encoding ASN.1 [10] / BER (Basic Encoding Rule) XML / SOAP Security SNMP V2 --- Community Name SNNP V3 --- SNMP V2 and Security for Messages, Access Control HTTP Authentication (Basic/Digest) [4] SSL/TLS Managed Objects MIB (Management Information Base) Parameters Number of protocol defined managed objects Few Many Identifying managed object object ID (OID) parameter’s name How to know managed objects pre-defined Dynamic Active Contacting Network Management System (the system knows the addresses of managed CPEs) CPE (CPE knows the address of the management system) Contacting Persistency Could be hold until the CPE shutdown / reboot / exception Having no other request in both end, terminating the connection. Table 2
  17. 17. 15 Appendix B. Explanation of SOAP message Figure 8 POST /dps/TR069 HTTP/1.1 Host: demo.dimark.com:8888 User-Agent: TR69_CPE-1.0 Connection: keep-alive SOAPAction: Cookie: JSESSIONID=9418E79390E6E98A036FE1A3A4F1EEEF Content-Type: text/xml Content-Length: 1361 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cwmp="urn:dslforum-org:cwmp-1-0" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope"> <SOAP-ENV:Header> <cwmp:ID SOAP-ENV:mustUnderstand="1">263236</cwmp:ID> </SOAP-ENV:Header> <SOAP-ENV:Body> <cwmp:GetParameterNamesResponse> <ParameterList SOAP-ENC:arrayType="cwmp:ParameterInfoStruct[4]"> <ParameterInfoStruct> <Name>InternetGatewayDevice.LANDeviceNumberOfEntries</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.WANDeviceNumberOfEntries</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.LANDevice.</Name> <Writable>0</Writable> </ParameterInfoStruct> <ParameterInfoStruct> <Name>InternetGatewayDevice.WANDevice.</Name> <Writable>0</Writable> </ParameterInfoStruct> </ParameterList> </cwmp:GetParameterNamesResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope> HTTP headers SOAP RPC elements of the arrary of structure type RPC’s parameter name The arrary of structure type
  18. 18. 16 The C language form of the above SOAP RPC message is as the following (the meanings of the colors of the font are the same as the ones of the above SOAP message): /* Extern function prototype declaration */ extern GetParameterNamesResponse ( ParameterInfoStruct ParameterList[] ); /* Declare the structure data type */ struct ParameterInfoStruct { char Name[256+1]; /* Maximum length of the string */ bool Writable; }; struct ParameterInfoStruct ParameterList[4]; /* Declaring the variable of structure data type */ /* Filling the value of the fields */ strcpy( ParameterList[0].Name, “InternetGatewayDevice.LANDeviceNumberOfEntries” ); ParameterList[0].Writable = 0; strcpy( ParameterList[1].Name, “InternetGatewayDevice.WANDeviceNumberOfEntries” ); ParameterList[1].Writable = 0; strcpy( ParameterList[2].Name, “InternetGatewayDevice.LANDevice.” ); ParameterList[2].Writable = 0; strcpy( ParameterList[3].Name, “InternetGatewayDevice.WANDevice.” ); ParameterList[3].Writable = 0; /* Calling the RPC */ GetParameterNamesResponse ( ParameterList );
  19. 19. 17 Appendix C. Inform message Ethereal PCAP Captured on 2005-12-26
  20. 20. 18
  21. 21. 19
  22. 22. 20

×