Lecture week8


Published on


Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Lecture week8

  1. 1. Course Instructor: Parkash Lohana CN506 Network Management Week 08 SPRING 2010 Revision for Mid-Term Exam USMAN INSTITUTE OF TECHNOLOGY Hamdard University
  2. 2. Management Scenarios <ul><li>Customer Network Management </li></ul><ul><li>Distributed Data Storage </li></ul><ul><li>Central Graphic Archive </li></ul><ul><li>Shared document System </li></ul><ul><li>Help Desk Support </li></ul><ul><li>Nomadic Systems </li></ul><ul><li>DNS Management </li></ul><ul><li>Backup and Archiving System </li></ul>
  3. 3. Management Functions <ul><li>F ault management </li></ul><ul><li>C onfiguration management </li></ul><ul><li>A ccounting management </li></ul><ul><li>P erformance management </li></ul><ul><li>S ecurity management </li></ul>
  4. 4. Fault Management <ul><li>The facilities that enable the detection, isolation, and correction of abnormal operation of the OSI environment </li></ul><ul><li>What is “a fault”? </li></ul><ul><ul><li>An abnormal condition that requires management attention (or action) to repair </li></ul></ul><ul><ul><li>Indicated by failure to operate correctly or by excessive errors </li></ul></ul><ul><ul><ul><li>Communication line is cut </li></ul></ul></ul><ul><ul><ul><li>A crimp in the cable </li></ul></ul></ul><ul><ul><ul><li>Certain errors may occur occasionally and are not normally considered to be faults </li></ul></ul></ul>
  5. 5. Fault Management <ul><li>When a fault occurs </li></ul><ul><ul><li>Determine “exactly” where the fault is </li></ul></ul><ul><ul><li>Isolate the rest of the network from the failure </li></ul></ul><ul><ul><li>Reconfigure or modify the network to minimize the impact of operation </li></ul></ul><ul><ul><li>Repair or replace the failed components </li></ul></ul>
  6. 6. User requirements for Fault Management <ul><li>Fast and reliable problem resolution </li></ul><ul><ul><li>Receive notification and correct the problem immediately </li></ul></ul><ul><ul><li>Requires rapid and reliable fault detection and diagnostic management </li></ul></ul><ul><ul><li>Provides fault tolerance </li></ul></ul><ul><ul><ul><li>Redundant components and alternate communication routes </li></ul></ul></ul><ul><ul><ul><li>Fault management capability itself should be redundant </li></ul></ul></ul><ul><li>Keep informed of the network status </li></ul><ul><ul><li>Reassurance of correct network operation through mechanisms that use tests or analyze dumps, logs, alerts, or statistics </li></ul></ul><ul><li>Problem tracking and control </li></ul><ul><ul><li>Ensure the problem is truly resolved and no new problems are introduced </li></ul></ul><ul><li>Fault management should have minimal effect on network performance </li></ul>
  7. 7. Configuration Management <ul><li>Configuration management is concerned with </li></ul><ul><ul><li>Initializing a network </li></ul></ul><ul><ul><li>Gracefully shutting down part or all of the network </li></ul></ul><ul><ul><li>Maintaining, adding, and updating the relationships among components and the status of components themselves during network operation </li></ul></ul>
  8. 8. Requirements for Configuration Management <ul><li>The network manager needs the capability to </li></ul><ul><ul><li>Identify initially the components that comprise the network </li></ul></ul><ul><ul><li>Define and change the connectivity of components </li></ul></ul><ul><ul><li>Define and modify default attributes, and load the predefined sets of attributes into the specified network components </li></ul></ul><ul><ul><li>Reconfigure a network for performance evaluation, network upgrade, fault recovery or security checks </li></ul></ul><ul><ul><ul><li>End users want to inquire about the upcoming status of resources and their attributes before reconfiguration </li></ul></ul></ul><ul><ul><li>Generate configuration reports </li></ul></ul><ul><ul><ul><li>Periodic basis </li></ul></ul></ul><ul><ul><ul><li>Response for a request </li></ul></ul></ul><ul><ul><li>Only authorized end users can manage and control network operation (software distribution and updating) </li></ul></ul>
  9. 9. Accounting Management <ul><li>The facilities that enable </li></ul><ul><ul><li>charges to be established for the use of managed objects </li></ul></ul><ul><ul><li>costs to be identified for the use of those managed objects </li></ul></ul>
  10. 10. Accounting Management <ul><li>Network managers track the use of network resources by end user or end-user class </li></ul><ul><ul><li>An end user or group of end users may be abusing its access privileges and burdening the network at the expense of other users </li></ul></ul><ul><ul><li>End users may be making inefficient use of the network, and network manager can assist in changing procedures to improve performance </li></ul></ul><ul><ul><li>The network manager is easier to plan for network growth if end user activity is known in sufficient detail </li></ul></ul>
  11. 11. Requirements for Accounting Management <ul><li>The network manager can specify </li></ul><ul><ul><li>The kinds of accounting information to be recorded at various nodes </li></ul></ul><ul><ul><li>The desired interval between sending the recorded information to higher-level management nodes </li></ul></ul><ul><ul><li>The algorithms to be used in calculating the charging </li></ul></ul><ul><li>Generate accounting reports </li></ul><ul><li>Provide the capability to verify end users’ authorization to access and manipulate the information </li></ul>
  12. 12. Management Functions <ul><li>Performance Management </li></ul><ul><ul><li>Functional properties are not enough </li></ul></ul><ul><ul><li>Look at Non-functional properties </li></ul></ul><ul><li>Performance Metrics </li></ul><ul><ul><li>Throughput, measured by a number of units of communication performed per unit of time. The unit of communication depends on the layer, type of network, and networking services. </li></ul></ul><ul><ul><li>Examples: </li></ul></ul><ul><ul><ul><li>At the link layer, the number of bytes, that are transmitted per second. </li></ul></ul></ul>
  13. 13. Management Functions <ul><li>Performance Metrics (Cont..) </li></ul><ul><ul><ul><li>At the network layer, the number of packets that are routed per second </li></ul></ul></ul><ul><ul><ul><li>At the application layer for a web service, the number of web requests that are serviced per second. </li></ul></ul></ul><ul><ul><ul><li>At the application layer for a voice service, the number of voice calls, or call attempts, that can be processed per hour. </li></ul></ul></ul>Course Instructor: Parkash Lohana
  14. 14. Management Functions <ul><li>Performance Metrics (Cont..) </li></ul><ul><ul><li>Delay, measured in a unit of time. Examples: </li></ul></ul><ul><ul><ul><li>At the link layer, the time that it takes for a byte that is transmitted to reach its destination at the other end of line. </li></ul></ul></ul><ul><ul><ul><li>At the network layer, the time it takes for an IP packet to reach its destination. </li></ul></ul></ul>
  15. 15. Management Functions <ul><ul><li>Performance Metrics (Cont..) </li></ul></ul><ul><ul><ul><li>At the application layer for a web service, the time that it takes for a request to reach its destination at the host servicing the request after the request has been issued. </li></ul></ul></ul><ul><ul><ul><li>At the application layer of a voice service, the time it takes to receive a dial tone after you have lifted the receiver. </li></ul></ul></ul>Course Instructor: Parkash Lohana
  16. 16. Management Functions <ul><li>Performance Metrics (Cont..) </li></ul><ul><ul><li>Quality is in many ways also performance related and can be measured differently, depending on the networking services </li></ul></ul><ul><ul><ul><li>At the link layer, the number or percentage of seconds during which errors in transmission occurred. </li></ul></ul></ul><ul><ul><ul><li>At the network layer, the number or percentage of packets dropped </li></ul></ul></ul>
  17. 17. Management Functions <ul><ul><li>Performance Metrics (Cont..) </li></ul></ul><ul><ul><ul><li>At the application layer for a web services, the number or percentage of web requests that could not be serviced. </li></ul></ul></ul><ul><ul><ul><li>At the application layer for a voice service, the number or percentage of voice calls that were dropped or abnormally terminated. </li></ul></ul></ul>Course Instructor: Parkash Lohana
  18. 18. Management Functions <ul><li>Performance Management </li></ul><ul><ul><li>Performance management therefore encompasses all the measures required for ensuring that the quality of service conforms to the service level agreement. It includes: </li></ul></ul><ul><ul><ul><li>Establishing QoS parameters and metrics </li></ul></ul></ul><ul><ul><ul><li>Monitoring all resources for performance bottlenecks and threshold crossings. </li></ul></ul></ul><ul><ul><ul><li>Carrying out measurements and trend analysis to predict failure before it occurs. </li></ul></ul></ul>
  19. 19. Management Functions <ul><li>Performance Management (Cont..) </li></ul><ul><ul><ul><li>Evaluating history logs (i.e., records on system activity, error files) </li></ul></ul></ul><ul><ul><ul><li>Processing measurement data and compiling performance reports. </li></ul></ul></ul><ul><ul><ul><li>Carrying out performance and capacity planning. </li></ul></ul></ul><ul><ul><li>Monitors, protocol analyzer, statistics packets, report generators, and modeling tools are some of the typical tool functionalities in performance management. </li></ul></ul>Course Instructor: Parkash Lohana
  20. 20. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Two aspects needs to be distinguished: </li></ul></ul><ul><ul><ul><li>Security of Management </li></ul></ul></ul><ul><ul><ul><ul><li>Management itself is secure </li></ul></ul></ul></ul><ul><ul><ul><li>Management of Security </li></ul></ul></ul><ul><ul><ul><ul><li>Manages the security of the network </li></ul></ul></ul></ul>
  21. 21. Management Functions
  22. 22. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Security of management </li></ul></ul><ul><ul><ul><li>Management operations themselves are secure </li></ul></ul></ul><ul><ul><ul><ul><li>Access to management is restricted to authorized users </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Example: access to the management interfaces of the devices in the network needs to be secured </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Access to the management application themselves needs to be secured properly </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Devices generally authorize on the basis of management application, not on the basis of user of a management application. </li></ul></ul></ul></ul>
  23. 23. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Management of Security </li></ul></ul><ul><ul><ul><li>Managing the security of network itself </li></ul></ul></ul><ul><ul><ul><ul><li>Online security threats are too common </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Security threats not so much the network, but devices connected to network – PCs of end users, system that host the websites for corporations </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Resources of a company that are worth protecting: </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Information, IT infrastructure, services </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>Security measures that reflect the results of threat analysis or security risk analysis are needed to prevent damage and loss </li></ul></ul></ul></ul>
  24. 24. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Management of Security </li></ul></ul><ul><ul><ul><li>Typical threats are created by: </li></ul></ul></ul><ul><ul><ul><ul><li>Passive attacks: eavesdropping on information; producing a user profile or theft of information (password, etc.). </li></ul></ul></ul></ul>
  25. 25. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Management of Security </li></ul></ul><ul><ul><ul><li>Typical threats are created by: </li></ul></ul></ul><ul><ul><ul><ul><li>Active attacks: </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>masquerade (i.e., user pretending to be some one else, or spoofing); </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>manipulating message sequences by changing the sequence, giving priority to or delaying messages; </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>reconfiguration, reprogramming, unauthorized access, </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>viruses, Trojan horses, denial-of-service attacks. </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>Malfunctioning of resources </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Faulty or inappropriate behavior and incorrect response operation. </li></ul></ul></ul></ul>Course Instructor: Parkash Lohana
  26. 26. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Breakdown of Security Management Tasks </li></ul></ul><ul><ul><ul><li>Security requirements and goals are established on the basis of threat analyses and the values (resources and services) needing protection. </li></ul></ul></ul><ul><ul><ul><li>The security policies defined ultimately identify the security requirements. Examples are: </li></ul></ul></ul><ul><ul><ul><ul><li>Passwords have to be changed every three weeks </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Only second-line managers have access to personnel data </li></ul></ul></ul></ul><ul><ul><ul><ul><li>All attacks on security have to be recorded and followed up. </li></ul></ul></ul></ul>
  27. 27. Management Functions <ul><li>Security Management </li></ul><ul><ul><li>Breakdown of Security Management Tasks </li></ul></ul><ul><ul><ul><li>These policies serve as framework for security services needed and consequently implemented. </li></ul></ul></ul><ul><ul><ul><li>Security management therefore comprises: </li></ul></ul></ul><ul><ul><ul><ul><li>Conducting threat analyses </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Defining and enforcing security policies. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Checking identity (authentication based on signature, notarization, or certification) </li></ul></ul></ul></ul>
  28. 28. Management Functions <ul><ul><li>Breakdown of Security Management Tasks </li></ul></ul><ul><ul><ul><ul><li>Carrying out and enforcing access controls </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Guaranteeing confidentiality (encryption) </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Ensuring data integrity (message authentication) </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Monitoring system to prevent threats to security. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Reporting on security status and violation or attempted violations. </li></ul></ul></ul></ul>Course Instructor: Parkash Lohana
  29. 30. OSI Architecture and Model <ul><li>Organization </li></ul><ul><ul><li>Network management components </li></ul></ul><ul><ul><li>Functions of components </li></ul></ul><ul><ul><li>Relationships </li></ul></ul><ul><li>Information </li></ul><ul><ul><li>Structure of management information (SMI) </li></ul></ul><ul><ul><li>Management information base (MIB) </li></ul></ul><ul><ul><ul><li>Organization of management information </li></ul></ul></ul><ul><ul><li>Object-oriented </li></ul></ul>Network Management Information Model Organization Model Functional Model Communication Model OSl Network Management Model
  30. 31. SNMP Architecture and Model <ul><li>Organization </li></ul><ul><ul><li>Same as OSI model </li></ul></ul><ul><li>Information </li></ul><ul><ul><li>Same as OSI, but scalar </li></ul></ul><ul><li>Communication </li></ul><ul><ul><li>Messages less complex than OSI and unidirectional </li></ul></ul><ul><ul><li>Transfer structure (PDU) </li></ul></ul><ul><li>Functions </li></ul><ul><ul><li>Application functions </li></ul></ul><ul><ul><ul><li>Operations </li></ul></ul></ul><ul><ul><ul><li>Administration </li></ul></ul></ul><ul><ul><ul><li>Security </li></ul></ul></ul>Network Management Information Model Organization Model Functional Model Communication Model OSl Network Management Model
  31. 32. Organizational Model <ul><li>Manager </li></ul><ul><ul><li>Sends requests to agents </li></ul></ul><ul><ul><li>Monitors alarms </li></ul></ul><ul><ul><li>Houses applications </li></ul></ul><ul><ul><li>Provides user interface </li></ul></ul><ul><li>Agent </li></ul><ul><ul><li>Gathers information from objects </li></ul></ul><ul><ul><li>Configures parameters of objects </li></ul></ul><ul><ul><li>Responds to managers’ requests </li></ul></ul><ul><ul><li>Generates alarms and sends them to mangers </li></ul></ul><ul><li>Managed object </li></ul><ul><ul><li>Network element that is managed </li></ul></ul><ul><ul><li>Houses management agent </li></ul></ul><ul><ul><li>All objects are not managed / manageable </li></ul></ul>
  32. 33. Two-Tier Model <ul><li>Agent built into network element Example: Managed hub, managed router </li></ul><ul><li>An agent can manage multiple elements Example: Switched hub, ATM switch </li></ul><ul><li>MDB is a physical database </li></ul><ul><li>Unmanaged objects are network elements that are not managed - both physical (unmanaged hub) and logical (passive elements) </li></ul>Manager Managed objects Unmanaged objects Two-Tier Network Mangement Organization Model Agent process MDB MDB Management Database
  33. 34. Three-Tier Model <ul><li>Middle layer plays the dual role </li></ul><ul><ul><li>Agent to the top-level manager </li></ul></ul><ul><ul><li>Manager to the managed objects </li></ul></ul><ul><li>Example of middle level: Remote monitoring agent (RMON) </li></ul>Agent / Manager Managed objects Agent process Manager Three-Tier Network Mangement Organization Model MDB MDB MDB Management Database
  34. 35. Manager of Managers <ul><li>Agent NMS manages the domain </li></ul><ul><li>MoM presents integrated view of domains </li></ul><ul><li>Domain may be geographical, administrative, vendor-specific products, etc. </li></ul>MoM Agent Agent NMS Manager Managed objects Managed objects Network Mangement Organization Model with MoM Agent process MDB MDB MDB MoM Manager of Managers MDB Management Database Agent Agent NMS Manager
  35. 36. <ul><li>Information Model: Analogy </li></ul><ul><li>Information model is concerned with the structure and the storage of information </li></ul><ul><li>A book is identified by an International Standard Book Number (ISBN) </li></ul><ul><li>Figure in a book uniquely identified by </li></ul><ul><ul><li>ISBN, Chapter, and Figure number in that hierarchical order </li></ul></ul><ul><li>ID: {ISBN, chapter, figure} </li></ul><ul><li>The three elements above define the syntax </li></ul><ul><li>Semantics is the meaning of the three entities according to Webster’s dictionary </li></ul><ul><li>The information comprises syntax and semantics about an object </li></ul>
  36. 37. <ul><li>Structure of Management Information (SMI) </li></ul><ul><li>SMI defines for a managed object </li></ul><ul><ul><li>Syntax </li></ul></ul><ul><ul><li>Semantics </li></ul></ul><ul><ul><li>plus additional information such as status </li></ul></ul><ul><li>Example sysDescr: { system 1 } Syntax: OCTET STRING Definition: &quot;A textual description of the entity. &quot; Access: read-only Status: mandatory </li></ul>
  37. 38. Management Information Base (MIB) <ul><li>Information base contains information about objects </li></ul><ul><li>Organized by grouping of related objects </li></ul><ul><li>Defines relationship between objects </li></ul><ul><li>It is NOT a physical database. It is a virtual database that is compiled into management module </li></ul>
  38. 39. Information Base View: An Analogy <ul><li>Fulton County library system has many branches </li></ul><ul><li>Each branch has a set of books </li></ul><ul><li>The books in each branch is a different set </li></ul><ul><li>The information base of the county has the view (catalog) of all books </li></ul><ul><li>The information base of each branch has the catalog of books that belong to that branch. That is, each branch has its view (catalog) of the information base </li></ul><ul><li>Let us apply this to MIB view </li></ul>
  39. 40. Management Data Base / Information Base <ul><li>Distinction between MDB and MIB </li></ul><ul><ul><li>MDB physical database; e.g.. Oracle, Sybase </li></ul></ul><ul><ul><li>MIB virtual database; schema compiled into management software </li></ul></ul><ul><li>An NMS can automatically discover a managed object, such as a hub, when added to the network </li></ul><ul><li>The NMS can identify the new object as hub only after the MIB schema of the hub is compiled into NMS software </li></ul>Network Configuration with Data and Information Base
  40. 41. SNMP Model <ul><li>CONCEPT </li></ul><ul><li>MANAGEMENT COMPONENTS </li></ul><ul><li>SMI </li></ul><ul><li>MIB </li></ul><ul><li>SNMP </li></ul>
  41. 42. CONCEPT
  42. 43. Concept <ul><li>A framework for managing devices in an internet using TCP/IP protocol </li></ul><ul><li>Provides set of fundamental operations for monitoring and maintaining an internet. </li></ul><ul><li>Application level protocol allows it to monitor devices made by different manufacturers installed on different physical networks </li></ul>
  43. 44. Concept
  44. 45. Agent <ul><li>A router or host that runs the SNMP server program </li></ul><ul><li>Keeps performance information in database </li></ul><ul><li>Can send a trap to the manager if something unusual occurs. </li></ul>
  45. 46. Manager <ul><li>A host that runs the SNMP client program </li></ul><ul><li>Has access to the values in the database </li></ul><ul><li>Management is achieved through simple interaction between manager and agent. </li></ul>
  46. 47. Managers and Agents <ul><li>Management with SNMP is based on three basic ideas: </li></ul><ul><ul><li>A manager checks an agent by requesting information that reflects the behavior of the agent </li></ul></ul><ul><ul><li>A manager forces an agent to perform a task by resetting values in the agent database. </li></ul></ul><ul><ul><li>An agent contribute to the management process by warning the manager of an unusual situation. </li></ul></ul>
  47. 48. Management Components <ul><li>To do management tasks, SNMP uses other two protocols: </li></ul><ul><ul><li>Structure of Management Information (SMI) </li></ul></ul><ul><ul><li>Management Information Base (MIB) </li></ul></ul><ul><li>SNMP, SMI, and MIB </li></ul>
  48. 49. Components of network management on the Internet
  49. 50. SNMP defines the format of packets exchanged between a manager and an agent. It reads and changes the status (values) of objects (variables) in SNMP packets. Role of SNMP
  50. 51. SMI defines the general rules for naming objects, defining object types (including range and length), and showing how to encode objects and values. Role of SMI
  51. 52. SMI defines neither the number of objects an entity should manage, nor names the objects to be managed nor defines the association between the objects and their values. Role of SMI
  52. 53. MIB creates a collection of named objects, their types, and their relationships to each other in an entity to be managed. Role of MIB
  53. 54. We can compare the task of network management to the task of writing a program. 1. Both tasks need rules. In network management this is handled by SMI. 2. Both tasks need variable declarations. In network management this is handled by MIB. 3. Both tasks have actions performed by statements. In network management this is handled by SNMP. An Analogy
  54. 55. SNMP <ul><li>There are two approaches for management system to obtain information from SNMP: </li></ul><ul><ul><li>Traps </li></ul></ul><ul><ul><li>Polling </li></ul></ul>
  55. 56. SNMP Traps <ul><li>Traps are unrequested event reports that are sent to a management system by an SNMP agent process. A trap will contain: </li></ul><ul><ul><li>Network device name </li></ul></ul><ul><ul><li>Time the event happened </li></ul></ul><ul><ul><li>Type of event </li></ul></ul>
  56. 57. SNMP Traps <ul><li>When a trappable event occurs, a trap message is generated by the agent and sent to a trap destination (a specific configured network address) </li></ul><ul><li>Many events can be configured to signal a trap, like a network cable fault, failing NIC or hard drive, a general protection fault, or a power supply failure. </li></ul>
  57. 58. SNMP Traps <ul><li>Traps can also be throttled - you can limit the number of traps sent per second from the agent </li></ul><ul><li>Traps have a priority associated with them – critical, major, minor, warning, marginal, informational, Normal, unknown </li></ul>
  58. 59. SNMP Traps <ul><li>Resources are required on the network device to generate a trap </li></ul><ul><li>When lot of events occurs, the network bandwidth may be tied up with traps </li></ul><ul><ul><li>Threshold can be used to help </li></ul></ul><ul><li>Because the network device has a limited view, it is possible the management system has already received the information and the trap is redundant </li></ul>
  59. 60. SNMP Polling <ul><li>The network management system periodically queries the network device for information </li></ul><ul><li>The advantage is the network management system is in control and know the “big picture” </li></ul>
  60. 61. SNMP Polling <ul><li>The disadvantage is the amount of delay from when an event occurs to when it’s noticed </li></ul><ul><ul><li>Short interval, network bandwidth is wasted </li></ul></ul><ul><ul><li>Long interval, response to event is too slow </li></ul></ul>
  61. 62. SNMP Traps/Polling <ul><li>When an event occurs, the network device generates simple traps </li></ul><ul><li>The management system than polls the network device to get the necessary information. </li></ul><ul><li>The management system also does low frequency polling as a backup to the trap </li></ul>
  62. 63. SNMP <ul><li>SNMP uses both SMI and MIB in internet network management. </li></ul><ul><ul><li>A manager to retrieve the value of an object defined in an agent. </li></ul></ul><ul><ul><li>A manager to store a value in an object defined in an agent. </li></ul></ul><ul><ul><li>An agent to send alarm message about an abnormal situation to the manager. </li></ul></ul>
  63. 64. SMI <ul><li>The Structure of Management Information is a component for network management. Its functions are: </li></ul><ul><ul><li>To name objects </li></ul></ul><ul><ul><li>To define the type of data that can be stored in an object. </li></ul></ul><ul><ul><li>To show how to encode data for transmission over the network. </li></ul></ul>
  64. 65. The Structure of Management Information <ul><li>Managed object need not be just network element </li></ul><ul><li>Example: “internet” with OBJECT IDENTIEIER </li></ul><ul><li>Object type, which is a data type, has a name, syntax, and encoding scheme </li></ul>
  65. 66. Name <ul><li>SMI requires that each managed object (such as a router, a variable in a router, a value, etc.) have unique name. </li></ul><ul><li>To name objects globally, SMI uses an object identifier , which is hierarchical identifier based on a tree structure </li></ul>
  66. 67. Naming <ul><li>Integer.dot representation </li></ul><ul><li>Name.dot notation </li></ul><ul><li>iso.org.dod.internet.mgmt.mib-2  > </li></ul><ul><li>All objects managed by SNMP are given an object identifier. The object identifier always starts with </li></ul>
  67. 68. Object identifier
  68. 69. All objects managed by SNMP are given an object identifier. The object identifier always starts with . Name
  69. 70. Internet Subnodes Any object in the internet MIB will start with the prefix There four objects under internet object
  70. 71. SMI <ul><li>Object: A textual name, termed descriptor, for the object type along with its corresponding object identifier defined above </li></ul><ul><li>Syntax: The abstract syntax for the object type. It can be a choice of SimpleSyntax (integer, octet string, object identifier, Null) or an ApplicationSyntax, and constructor type </li></ul>
  71. 72. SNMP ASN.1 Data Type
  72. 73. Primitive Data Types
  73. 74. Defined or Application Data Type
  74. 75. Data types <ul><li>Structured Type </li></ul><ul><ul><li>By combining simple and structured data types, can make new structured data types </li></ul></ul><ul><ul><li>SMI define two structured data types: sequence and Sequence of </li></ul></ul><ul><ul><ul><li>Sequence. A sequence data type is a combination of simple data types </li></ul></ul></ul><ul><ul><ul><li>Sequence of . A sequence of data type is a combination of simple data type all of the same type </li></ul></ul></ul>
  75. 76. Constructor or Structured Data Type: SEQUENCE <ul><li>List maker </li></ul>
  76. 77. Constructor or Structured Data Type: SEQUENCE OF
  77. 78. SMI: Managed Objects <ul><li>A managed object has five parameters: </li></ul><ul><ul><li>Textual name, syntax, definition, access, and status as defined in RFC 1155 </li></ul></ul><ul><li>Definition: A textual description of the semantics of the object type </li></ul><ul><li>Access: one of read-only, read-write, write-only, or not-accessible </li></ul><ul><li>Status: one of mandatory, optional, or obsolete. </li></ul>
  78. 79. Managed Object: Structure
  79. 80. Object Identifier <ul><li>The first group defines the node administrator: </li></ul><ul><ul><li>(1) for ISO </li></ul></ul><ul><ul><li>(2) for CCITT </li></ul></ul><ul><ul><li>(3) for the joint ISO-CCITT </li></ul></ul><ul><li>The second group for the ISO node administrator defines (3) for use by other organizations </li></ul><ul><li>The third group defines (6) for the use of the U.S Department of Defense (DoD) </li></ul>
  80. 81. CCITT <ul><li>International Telegraph and Telephone Consultative Committee ( CCITT ), (from the French name &quot;Comité Consultatif International Téléphonique et Télégraphique&quot;) was created in 1956. It was renamed ITU-T in 1993. </li></ul>
  81. 82. Object Identifier <ul><li>In the fourth group the DoD has not indicated how it will manage its group so the internet community assumed (1) for its own: </li></ul><ul><li>The fifth group was approved by IAB to be: </li></ul><ul><li>(1) for the use of OSI directory in the internet </li></ul><ul><li>(2) for object identification for management purpose </li></ul><ul><li>(3) for object identification for experimental purpose </li></ul><ul><li>(4) for object identification for private use. </li></ul>
  82. 83. Encoding Method <ul><li>Basic Encoding Rule (BER) </li></ul>
  83. 84. Codes for data types
  84. 85. Length format
  85. 86. Example. OCTET STRING “HI”
  86. 87. SNMP MIBS <ul><li>Management Information Base (MIB) is a collection of related managed objects </li></ul><ul><li>Used to define what information you can get back from the network device </li></ul><ul><li>There are standards and enterprise specific MIBS </li></ul>
  87. 88. MIB <ul><li>Each agent has its own MIB </li></ul><ul><li>The objects in the MIB are categorized under ten different groups: </li></ul><ul><ul><li>System, interface, address, translation, ip, icmp, udp, egp, transmission, and smnp. </li></ul></ul>
  88. 89. mib-2
  89. 90. Accessing MIB Variables <ul><li>Use the udp group as an example. </li></ul><ul><li>There are four simple variables in the udp group and one sequence of (table of) records. </li></ul>
  90. 91. udp group
  91. 92. Simple variables <ul><li>To access any of the simple variable, id of the groups ( followed by the id of the variable </li></ul><ul><li>udpInDatagrams – </li></ul><ul><li>.. </li></ul>
  92. 93. udp variables and tables
  93. 94. Table <ul><li>So to access the table, we should use the following: </li></ul><ul><li>udpTable – </li></ul><ul><li>udpEntry - 1 </li></ul><ul><li>udpLocalAddress - 1.1 </li></ul><ul><li>udpLocalPort - 1.2 </li></ul>
  94. 95. SNMP MIBS <ul><li>Types of MIB Modules </li></ul><ul><ul><li>Standard: These are standard MIBS currently designed to capture the core aspect of particular technology </li></ul></ul>
  95. 96. SNMP MIBS <ul><li>Types of MIB Modules </li></ul><ul><ul><li>Experimental: Temporary and if achieves standardization then it is placed in standard module </li></ul></ul><ul><ul><li>Enterprise-specific: Vendor specific MIBS that provide additional management capabilities for those features that require it </li></ul></ul>
  96. 97. SNMP <ul><li>A group was formed and their efforts were complete in early 1993 </li></ul><ul><li>There are 12 documents describing SNMPv2 </li></ul><ul><li>There are three basic commands used with SNMP: </li></ul><ul><ul><li>Get </li></ul></ul><ul><ul><li>Set </li></ul></ul><ul><ul><li>Get next </li></ul></ul>
  97. 98. Types of SNMP packets <ul><li>GetRequest </li></ul><ul><ul><li>Retrieves the value of a variable or a set of variable </li></ul></ul><ul><li>GetNextRequest </li></ul><ul><ul><li>Used to retrieve values of entries in a table </li></ul></ul><ul><li>GetBulkRequest </li></ul><ul><ul><li>Retrieve a large amount of data </li></ul></ul><ul><ul><li>Used instead of multiple GetRequest and GetNextRequest </li></ul></ul>
  98. 99. Types of SNMP packets <ul><li>SetRequest </li></ul><ul><ul><li>Set(store) a value in a variable </li></ul></ul><ul><li>Response </li></ul><ul><ul><li>Response to GetRequest or GetNext Request; contains values or variable requested </li></ul></ul><ul><li>Trap </li></ul><ul><ul><li>Sent from an agent to manager to report an event </li></ul></ul>
  99. 100. Types of SNMP packets <ul><li>InformRequest </li></ul><ul><ul><li>Sent from one manager to another remote manager to get a value of some value from an agents under control of remote manager </li></ul></ul><ul><li>Report </li></ul><ul><ul><li>Designed to reports some types of errors between managers (not currently used) </li></ul></ul>
  100. 101. 21.5 SNMP SNMP is an application program that allows 1) a manager to retrieve the value of an object defined in an agent; 2) a manager to store a value in an object defined in an agent; and 3) an agent to send an alarm message about an abnormal situation to the manager The topics discussed in this section include: PDUs Format SNMP
  101. 102. SNMP PDUs
  102. 104. Overview of PDUs
  103. 105. Example MIB
  104. 106. Get Example
  105. 107. Set
  106. 108. Set Example
  107. 109. Get-Next
  108. 110. Get-Next Example
  109. 111. Trap
  110. 112. Defined Traps
  111. 113. Trap PDU Format
  112. 114. SNMP Message Encoding
  113. 115. SNMP PDU format
  114. 116. Format <ul><li>The format for eight SNMP PDU is shown on next slide. The GetBulkRequest PDU differs from the others in two areas as shown in fig. </li></ul>
  115. 117. Format <ul><li>The field are listed below: </li></ul><ul><ul><li>PDU type. The field define the type of PDU (see table on next slide) </li></ul></ul><ul><ul><li>Request ID. This field is a sequence number used by the manager in a request PDU and repeated by the agent in a response. It is used to match a request to a response. </li></ul></ul><ul><ul><li>Error status. This is an integer that is used only in response PDU to show the type of errors reported by the agent. Table on slide 12 lists the type of errors that can occur. </li></ul></ul>
  116. 118. Format <ul><li>Non-repeaters. This field is used only in GetBulkRequest and replaces the error status field, which is empty in request PDU. </li></ul><ul><li>Error index. The error index is an offset that tells the manager which variable caused the error. </li></ul><ul><li>Max-repetition . This filed is also used in GetBulkRequest and replaces the error index field, which is empty in request PDUs. </li></ul><ul><li>VarBindList. This is a set of variables with corresponding values the manager wants to retrieve or set </li></ul>
  117. 119. Codes for SNMP messages
  118. 120. Types of errors
  119. 121. 21.6 MESSAGES Messages A message in SNMP is made of four elements: version, header, security parameters, and data (which includes the encoded PDU).
  120. 122. SNMP message
  121. 123. <ul><li>Any Questions……………….. </li></ul>
  122. 124. Network Management Architecture <ul><li>The network management platform can use various architectures to provide functionality: </li></ul><ul><ul><li>The three most common are: </li></ul></ul><ul><ul><ul><li>Centralized </li></ul></ul></ul><ul><ul><ul><li>Hierarchical </li></ul></ul></ul><ul><ul><ul><li>Distributed </li></ul></ul></ul>
  123. 125. Centralized Architecture <ul><li>The network management platform reside on a single computer </li></ul><ul><li>For a full redundancy, the computer system is backed by another system </li></ul><ul><li>Can allow access and forward events to other consoles on network </li></ul>
  124. 126. Centralized Architecture <ul><li>Used for: </li></ul><ul><ul><li>All network alerts and events </li></ul></ul><ul><ul><li>All network information </li></ul></ul><ul><ul><li>Access all management applications </li></ul></ul>
  125. 127. Centralized Architecture <ul><li>Pros: </li></ul><ul><ul><li>Single location to view events and alerts </li></ul></ul><ul><ul><li>Single place to access network management application and information </li></ul></ul><ul><ul><li>Security is easier to maintain </li></ul></ul>
  126. 128. Centralized Architecture <ul><li>Cons: </li></ul><ul><ul><li>Single system is not redundant or fault tolerant </li></ul></ul><ul><ul><li>As network elements are added, may be difficult or expensive to scale system to handle load </li></ul></ul><ul><ul><li>Having to query all devices from single location </li></ul></ul>
  127. 129. Hierarchical Architecture <ul><li>Uses multiple computer system </li></ul><ul><ul><li>One system acting as the central server </li></ul></ul><ul><ul><li>Other systems working as clients </li></ul></ul><ul><li>Central server requires backup for redundancy </li></ul>
  128. 130. Hierarchical Architecture <ul><li>Key features: </li></ul><ul><ul><li>Not dependent on a single system </li></ul></ul><ul><ul><li>Distribution of management network tasks </li></ul></ul><ul><ul><li>Network monitoring distributed through out network </li></ul></ul><ul><ul><li>Centralized information storage </li></ul></ul>
  129. 131. Hierarchical Architecture <ul><li>Pros </li></ul><ul><ul><li>Multiple systems to manage the network </li></ul></ul><ul><li>Cons </li></ul><ul><ul><li>Information gathering is more difficult and time consuming </li></ul></ul><ul><ul><li>The list of managed devices managed by each clients needs to be predetermined and manually configured </li></ul></ul>
  130. 132. Distributed Architecture <ul><li>Combines the centralized and hierarchical architecture </li></ul><ul><li>Uses multiple peer network management systems </li></ul><ul><ul><li>Each peer can have a complete database </li></ul></ul><ul><ul><li>Each peer can perform various tasks and report back to a central system. </li></ul></ul>
  131. 133. Distributed Architecture <ul><li>Contains advantages from central & hierarchical architecture </li></ul><ul><ul><li>Single location for all network information, alerts & events. </li></ul></ul><ul><ul><li>Single location to access all management applications </li></ul></ul><ul><ul><li>Not dependent on a single system </li></ul></ul><ul><ul><li>Distribution of network management tasks </li></ul></ul><ul><ul><li>Distribution of network monitoring through out the network </li></ul></ul>
  132. 134. Network Management Applications <ul><li>Goals: </li></ul><ul><ul><li>Effectively manage a specific set of devices </li></ul></ul><ul><ul><li>Avoid functionality overlap with the platform </li></ul></ul><ul><ul><li>Integrate with a platform through the API and menu system </li></ul></ul><ul><ul><li>Reside on multiple platforms </li></ul></ul><ul><li>Application do not share information </li></ul>
  133. 135. Network Management Applications <ul><li>Application that exists today </li></ul><ul><ul><li>Cisco’s ciscoworks </li></ul></ul><ul><ul><li>3com’s Transcend </li></ul></ul>
  134. 136. Choosing a network management system <ul><li>Built from two major components: the platform and applications </li></ul><ul><ul><li>A practical approach follows these steps: </li></ul></ul><ul><ul><ul><li>Perform device inventory </li></ul></ul></ul><ul><ul><ul><li>Prioritize the functional areas of network management </li></ul></ul></ul><ul><ul><ul><li>Survey network management applications </li></ul></ul></ul><ul><ul><ul><li>Choose the network management platform </li></ul></ul></ul>