Network Management 8-1
Chapter 8
Network Management
Computer Networking,
A Top Down Approach
Featuring the Internet,
2nd edition,
Jim Kurose,Keith Ross
Addison-Wesley,July
2002,
The PowerPoint Slides are based on the
material provided by
J.F Kurose and K.W,Ross.
Network Management 8-2
Chapter 8,Network Management
Chapter goals:
? introduction to network management
? motivation
? major components
? Internet network management framework
? MIB,management information base
? SMI,data definition language
? SNMP,protocol for network management
? security and administration
? presentation services,ASN.1
Network Management 8-3
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? ASN.1
Network Management 8-4
What is network management?
? autonomous systems (aka,network”),100s or 1000s
of interacting hardware/software components
? other complex systems requiring monitoring,control:
? jet airplane
? nuclear power plant
? others?
"Network management includes the deployment,integration
and coordination of the hardware,software,and human
elements to monitor,test,poll,configure,analyze,evaluate,
and control the network and element resources to meet the
real-time,operational performance,and Quality of Service
requirements at a reasonable cost."
Network Management 8-5
Infrastructure for network management
agent data
agent data
agent data
agent data
managed device
managed device
managed device
managed device
managing
entity data
network
management
protocol
definitions:
managed devices contain
managed objects whose
data is gathered into a
Management Information
Base (MIB)
managing entity
Network Management 8-6
Network Management standards
OSI CMIP
? Common Management
Information Protocol
? designed 1980’s,the
unifying net
management standard
? too slowly
standardized
SNMP,Simple Network
Management Protocol
? Internet roots (SGMP)
? started simple
? deployed,adopted rapidly
? growth,size,complexity
? currently,SNMP V3
? de facto network
management standard
Network Management 8-7
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? ASN.1
Network Management 8-8
SNMP overview,4 key parts
?Management information base (MIB):
? distributed information store of network
management data
?Structure of Management Information (SMI):
? data definition language for MIB objects
?SNMP protocol
? convey manager<->managed object info,commands
?security,administration capabilities
? major addition in SNMPv3
Network Management 8-9
SMI,data definition language
Purpose,syntax,semantics of
management data well-
defined,unambiguous
? base data types,
? straightforward,boring
? OBJECT-TYPE
? data type,status,
semantics of managed
object
? MODULE-IDENTITY
? groups related objects
into MIB module
Basic Data Types
INTEGER
Integer32
Unsigned32
OCTET STRING
OBJECT IDENTIFIED
IPaddress
Counter32
Counter64
Guage32
Time Ticks
Opaque
Network Management 8-10
SNMP MIB
OBJECT TYPE:
OBJECT TYPE:OBJECT TYPE:
objects specified via SMI
OBJECT-TYPE construct
MIB module specified via SMI
MODULE-IDENTITY
(100 standardized MIBs,more vendor-specific)
MODULE
Network Management 8-11
SMI,Object,module examples
OBJECT-TYPE,ipInDelivers MODULE-IDENTITY,ipMIB
ipInDelivers OBJECT TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
“The total number of input
datagrams successfully
delivered to IP user-
protocols (including ICMP)”
::= { ip 9}
ipMIB MODULE-IDENTITY
LAST-UPDATED,941101000Z”
ORGANZATION,IETF SNPv2
Working Group”
CONTACT-INFO
,Keith McCloghrie
……”
DESCRIPTION
“The MIB module for managing IP
and ICMP implementations,but
excluding their management of
IP routes.”
REVISION,019331000Z”
………
::= {mib-2 48}
Network Management 8-12
MIB example,UDP module
Object ID Name Type Comments
1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered
at this node
1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams
no app at portl
1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams
all other reasons
1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent
1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port
in use by app,gives port #
and IP address
Network Management 8-13
SNMP Naming
question,how to name every possible standard object
(protocol,data,more..) in every possible network
standard
answer,ISO Object Identifier tree:
? hierarchical naming of all objects
? each branchpoint has name,number
1.3.6.1.2.1.7.1
ISO
ISO-ident,Org.
US DoD
Internet
udpInDatagrams
UDP
MIB2
management
Network Management 8-14
Check out www.alvestrand.no/harald/objectid/top.html
OSI
Object
Identifier
Tree
Network Management 8-15
SNMP protocol
Two ways to convey MIB info,commands:
agent data
Managed device
managing
entity
response
agent data
Managed device
managing
entity
trap msg
request
request/response mode trap mode
Network Management 8-16
SNMP protocol,message types
GetRequest
GetNextRequest
GetBulkRequest
Mgr-to-agent:,get me data”
(instance,next in list,block)
Message type Function
InformRequest Mgr-to-Mgr,here’s MIB value
SetRequest Mgr-to-agent,set MIB value
Response Agent-to-mgr,value,response to
Request
Trap Agent-to-mgr,inform manager
of exceptional event
Network Management 8-17
SNMP protocol,message formats
Network Management 8-18
SNMP security and administration
?encryption,DES-encrypt SNMP message
?authentication,compute,send MIC(m,k),
compute hash (MIC) over message (m),
secret shared key (k)
?protection against playback,use nonce
?view-based access control
? SNMP entity maintains database of access
rights,policies for various users
? database itself accessible as managed object!
Network Management 8-19
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? The presentation problem,ASN.1
Network Management 8-20
The presentation problem
Q,does perfect memory-to-memory copy
solve,the communication problem”?
A,not always!
problem,different data format,storage conventions
struct {
char code;
int x;
} test;
test.x = 256;
test.code=?a?
a
00000001
00000011
a
00000011
00000001
test.code
test.x
test.code
test.x
host 1 format host 2 format
Network Management 8-21
A real-life presentation problem:
aging 60?s
hippie
?00 teenagergrandma
Network Management 8-22
Presentation problem,potential solutions
1,Sender learns receiver’s format,Sender translates
into receiver’s format,Sender sends.
– real-world analogy?
– pros and cons?
2,Sender sends,Receiver learns sender’s format,
Receiver translate into receiver-local format
– real-world-analogy
– pros and cons?
3,Sender translates host-independent format,Sends,
Receiver translates to receiver-local format.
– real-world analogy?
– pros and cons?
Network Management 8-23
Solving the presentation problem
1,Translate local-host format to host-independent format
2,Transmit data in host-independent format
3,Translate host-independent format to remote-host
format
aging 60?s
hippie ?02 teenagergrandma
Network Management 8-24
ASN.1,Abstract Syntax Notation 1
?ISO standard X.680
? used extensively in Internet
?like eating vegetables,knowing this,good for you”!
?defined data types,object constructors
? like SMI
?BER,Basic Encoding Rules
? specify how ASN.1-defined data objects to be
transmitted
? each transmitted object has Type,Length,Value
(TLV) encoding
Network Management 8-25
TLV Encoding
Idea,transmitted data is self-identifying
? T,data type,one of ASN.1-defined types
? L,length of data in bytes
? V,value of data,encoded according to ASN.1
standard
1
2
3
4
5
6
9
Boolean
Integer
Bitstring
Octet string
Null
Object Identifier
Real
Tag Value Type
Network Management 8-26
TLV
encoding:
example
Value,5 octets (chars)
Length,5 bytes
Type=4,octet string
Value,259
Length,2 bytes
Type=2,integer
Network Management 8-27
Network Management,summary
? network management
?extremely important,80% of network,cost”
? ASN.1 for data description
? SNMP protocol as a tool for conveying
information
? Network management,more art than science
? what to measure/monitor
? how to respond to failures?
? alarm correlation/filtering?
Chapter 8
Network Management
Computer Networking,
A Top Down Approach
Featuring the Internet,
2nd edition,
Jim Kurose,Keith Ross
Addison-Wesley,July
2002,
The PowerPoint Slides are based on the
material provided by
J.F Kurose and K.W,Ross.
Network Management 8-2
Chapter 8,Network Management
Chapter goals:
? introduction to network management
? motivation
? major components
? Internet network management framework
? MIB,management information base
? SMI,data definition language
? SNMP,protocol for network management
? security and administration
? presentation services,ASN.1
Network Management 8-3
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? ASN.1
Network Management 8-4
What is network management?
? autonomous systems (aka,network”),100s or 1000s
of interacting hardware/software components
? other complex systems requiring monitoring,control:
? jet airplane
? nuclear power plant
? others?
"Network management includes the deployment,integration
and coordination of the hardware,software,and human
elements to monitor,test,poll,configure,analyze,evaluate,
and control the network and element resources to meet the
real-time,operational performance,and Quality of Service
requirements at a reasonable cost."
Network Management 8-5
Infrastructure for network management
agent data
agent data
agent data
agent data
managed device
managed device
managed device
managed device
managing
entity data
network
management
protocol
definitions:
managed devices contain
managed objects whose
data is gathered into a
Management Information
Base (MIB)
managing entity
Network Management 8-6
Network Management standards
OSI CMIP
? Common Management
Information Protocol
? designed 1980’s,the
unifying net
management standard
? too slowly
standardized
SNMP,Simple Network
Management Protocol
? Internet roots (SGMP)
? started simple
? deployed,adopted rapidly
? growth,size,complexity
? currently,SNMP V3
? de facto network
management standard
Network Management 8-7
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? ASN.1
Network Management 8-8
SNMP overview,4 key parts
?Management information base (MIB):
? distributed information store of network
management data
?Structure of Management Information (SMI):
? data definition language for MIB objects
?SNMP protocol
? convey manager<->managed object info,commands
?security,administration capabilities
? major addition in SNMPv3
Network Management 8-9
SMI,data definition language
Purpose,syntax,semantics of
management data well-
defined,unambiguous
? base data types,
? straightforward,boring
? OBJECT-TYPE
? data type,status,
semantics of managed
object
? MODULE-IDENTITY
? groups related objects
into MIB module
Basic Data Types
INTEGER
Integer32
Unsigned32
OCTET STRING
OBJECT IDENTIFIED
IPaddress
Counter32
Counter64
Guage32
Time Ticks
Opaque
Network Management 8-10
SNMP MIB
OBJECT TYPE:
OBJECT TYPE:OBJECT TYPE:
objects specified via SMI
OBJECT-TYPE construct
MIB module specified via SMI
MODULE-IDENTITY
(100 standardized MIBs,more vendor-specific)
MODULE
Network Management 8-11
SMI,Object,module examples
OBJECT-TYPE,ipInDelivers MODULE-IDENTITY,ipMIB
ipInDelivers OBJECT TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
“The total number of input
datagrams successfully
delivered to IP user-
protocols (including ICMP)”
::= { ip 9}
ipMIB MODULE-IDENTITY
LAST-UPDATED,941101000Z”
ORGANZATION,IETF SNPv2
Working Group”
CONTACT-INFO
,Keith McCloghrie
……”
DESCRIPTION
“The MIB module for managing IP
and ICMP implementations,but
excluding their management of
IP routes.”
REVISION,019331000Z”
………
::= {mib-2 48}
Network Management 8-12
MIB example,UDP module
Object ID Name Type Comments
1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered
at this node
1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams
no app at portl
1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams
all other reasons
1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent
1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port
in use by app,gives port #
and IP address
Network Management 8-13
SNMP Naming
question,how to name every possible standard object
(protocol,data,more..) in every possible network
standard
answer,ISO Object Identifier tree:
? hierarchical naming of all objects
? each branchpoint has name,number
1.3.6.1.2.1.7.1
ISO
ISO-ident,Org.
US DoD
Internet
udpInDatagrams
UDP
MIB2
management
Network Management 8-14
Check out www.alvestrand.no/harald/objectid/top.html
OSI
Object
Identifier
Tree
Network Management 8-15
SNMP protocol
Two ways to convey MIB info,commands:
agent data
Managed device
managing
entity
response
agent data
Managed device
managing
entity
trap msg
request
request/response mode trap mode
Network Management 8-16
SNMP protocol,message types
GetRequest
GetNextRequest
GetBulkRequest
Mgr-to-agent:,get me data”
(instance,next in list,block)
Message type Function
InformRequest Mgr-to-Mgr,here’s MIB value
SetRequest Mgr-to-agent,set MIB value
Response Agent-to-mgr,value,response to
Request
Trap Agent-to-mgr,inform manager
of exceptional event
Network Management 8-17
SNMP protocol,message formats
Network Management 8-18
SNMP security and administration
?encryption,DES-encrypt SNMP message
?authentication,compute,send MIC(m,k),
compute hash (MIC) over message (m),
secret shared key (k)
?protection against playback,use nonce
?view-based access control
? SNMP entity maintains database of access
rights,policies for various users
? database itself accessible as managed object!
Network Management 8-19
Chapter 8 outline
? What is network management?
? Internet-standard management framework
? Structure of Management Information,SMI
? Management Information Base,MIB
? SNMP Protocol Operations and Transport Mappings
? Security and Administration
? The presentation problem,ASN.1
Network Management 8-20
The presentation problem
Q,does perfect memory-to-memory copy
solve,the communication problem”?
A,not always!
problem,different data format,storage conventions
struct {
char code;
int x;
} test;
test.x = 256;
test.code=?a?
a
00000001
00000011
a
00000011
00000001
test.code
test.x
test.code
test.x
host 1 format host 2 format
Network Management 8-21
A real-life presentation problem:
aging 60?s
hippie
?00 teenagergrandma
Network Management 8-22
Presentation problem,potential solutions
1,Sender learns receiver’s format,Sender translates
into receiver’s format,Sender sends.
– real-world analogy?
– pros and cons?
2,Sender sends,Receiver learns sender’s format,
Receiver translate into receiver-local format
– real-world-analogy
– pros and cons?
3,Sender translates host-independent format,Sends,
Receiver translates to receiver-local format.
– real-world analogy?
– pros and cons?
Network Management 8-23
Solving the presentation problem
1,Translate local-host format to host-independent format
2,Transmit data in host-independent format
3,Translate host-independent format to remote-host
format
aging 60?s
hippie ?02 teenagergrandma
Network Management 8-24
ASN.1,Abstract Syntax Notation 1
?ISO standard X.680
? used extensively in Internet
?like eating vegetables,knowing this,good for you”!
?defined data types,object constructors
? like SMI
?BER,Basic Encoding Rules
? specify how ASN.1-defined data objects to be
transmitted
? each transmitted object has Type,Length,Value
(TLV) encoding
Network Management 8-25
TLV Encoding
Idea,transmitted data is self-identifying
? T,data type,one of ASN.1-defined types
? L,length of data in bytes
? V,value of data,encoded according to ASN.1
standard
1
2
3
4
5
6
9
Boolean
Integer
Bitstring
Octet string
Null
Object Identifier
Real
Tag Value Type
Network Management 8-26
TLV
encoding:
example
Value,5 octets (chars)
Length,5 bytes
Type=4,octet string
Value,259
Length,2 bytes
Type=2,integer
Network Management 8-27
Network Management,summary
? network management
?extremely important,80% of network,cost”
? ASN.1 for data description
? SNMP protocol as a tool for conveying
information
? Network management,more art than science
? what to measure/monitor
? how to respond to failures?
? alarm correlation/filtering?
