CS 453CS 453Computer NetworksComputer Networks

Lecture 22Lecture 22

Network ManagementNetwork Management

Network Management

We have discussed a lot of network examples that have a very small number of hosts, routers, switches and links…but in the real world networks can have thousands of devices and links, and span cities, countries, continents, and the globeIn many important ways, networks are the life blood of many organizations and critically important to individuals

Network Management

A network that does not run reliably, stably and efficiently can have devastating consequences…

Imagine a network failure for an airlines operations system…

…or the Air Traffic control system…

…or the electric power grid

Network Management

This becomes more and more important with network delivered services like VoIP Streaming video On-demand Hi-Res video/audio Collaboration and video conferencing

Network Management

Bottom line- We need to monitor, manage, Troubleshoot Repair

Networks and do this very well

Network Management

Some network management activities Detecting an interface or component failure Monitor hosts on the network Traffic monitoring and resource deployment Recognizing frequent changes in router tables Setting standards for SLAs Intrusion detection and other security threats

Network Management

International Standards Organization’s Five Areas of Network Management Performance Management

Quantify, measure, track, analyze and control network performance

Fault managementIdentify, log and respond to faults in a network

Like performance management, but short-term specific problem focused

Network Management

International Standards Organization’s Five Areas of Network Management

Configuration managementHow are network devices configured

…and keeping track of these configurations Accounting

Tracking resource utilization

Quota management, usage charges, resource access Security management

Monitoring and managing network (and related) access in accordance with defined policies

Network Management

Network Management Architecture –very high level

Managing entityNetwork administrator/network management workstationNOC (most likely)

Managed devicesRouters, switches, hosts, hubs, printers, etc.

MIB – Management Information Base (more on this…)

Network management protocolA well defined protocol for communications and control between managing entities and managed devices

Network ManagementNetwork Management Architecture –very high level

From: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm

Network Management

Network management protocol There are several, notably… OSI –Common Management Information

Services Element/Common Management Information Protocol (CMISE/CMIP)

Simple Network Management Protocol – SNMP

For IP networks

Network Management

MIB – Management Information Base Collections of discrete and organized pieces

of information about managed devices Sort of a virtual database …to be collected from managed devices by

managing entities… …usually as needed

Network Management

MIB – made up of MIB objects MIB objects are the information elements

maintained by managed devices MIB tables – MIB objects with recurrent or

multiple instances of data elements MIB modules – groupings of related MIB

objects

Network Management

Each type of managed object has its own set of MIB objects

MIB objects are defined by a data definition language – Structure of Management Information – SMI Subset of ANS.1 - abstract syntax notation 1

Network Management

Object descriptors

1.3.6.1.4.1.9.3.3.1

Network Management

SMI has several constructs OBJECT-TYPE

Defines objects MODULE-IDENTITY

Defines modules of objects NOTIFICATION-TYPE

Defines the kinds of messages that agents generate MODULE-COMPLIANCE

Defines the set of objects that must be defined within a module

AGENT-CAPABILITIESDefines agents cabilities regarding object and event notifications

Network Management

SMI basic data types INTEGER – 32 bit integers or list of named constants INTEGER32 – 32 bit integers Unsigned32 – 32 bit unsigned integer OCTET STRING – byte string up to 65K bytes long OBJECT IDENTIFER – defined structure name IPaddress – 32 bit IP address in network byte order Counter32 – 32 bit modulo 232 counter Counter64 – 64 bit modulo 264 counter Gauge32 – counter with 0-232 limit TimeTicks – Time in 1/100 seconds Opaque – uninterrupted string

Network ManagementSMI object definition

ipInDelievers OBJECT-TYPESYNTAX Counter32MAX-ACCESS read-onlySTATUS currentDescriptions

“IP datagrams delivered”::={ ip 9 }

Network ManagementIETF – has developed many MIB object definitions

Network vendors develop their own MIB object definitions

There are 100s of MIB objects

Network ManagementSNMPv1

Simple objects, simple protocol, MIB tables

SNMPv2 Modules

SNMPv3 Message integrity Source authenication encryption

Network Management

SMI basic data types INTEGER – 32 bit integers or list of named constants INTEGER32 – 32 bit integers Unsigned32 – 32 bit unsigned integer OCTET STRING – byte string up to 65K bytes long OBJECT IDENTIFER – defined structure name IPaddress – 32 bit IP address in network byte order Counter32 – 32 bit modulo 232 counter Counter64 – 64 bit modulo 264 counter Gauge32 – counter with 0-232 limit TimeTicks – Time in 1/100 seconds Opaque – uninterrupted string

Network Management

Example – managed objects in MIB-2 system groupName Data type Description (RFC 1213)

sysDescr OCTET STRING Name & version of system hw, OS, Network software

sysObjectID OBJECT IDENTIFER

ID – kind of box it is

sysUpTime TimeTicks Time since last reboot

sysContact OCTET STRING Who manages this thing

sysName OCTET STRING Assigned name for this device

sysLocation OCTET STRING Physical location for this device

sysServices Integer32 Code for services available

Network Management

Example – managed objects in MIB-2 udp moduleName Data type Description (RFC 1213)

udpInDatagrams Counter32 UDP datagrams delivered

udpNoPorts Counter32 Number of received datagram where there was no app assigned to port

udpInErrors Counter32 No. of received datagrams that could not be delivered

udpOutDatagrams No. of datagrams sent from this device

udpTable Sequence of udpEntry

Sequence of udpEntry objects – port open by an application

Network Management

Two more PDUs in SNMPv2 GET BULK REQUEST – iterative GET

REQUEST (from manager to agent) INFORM – an acknowledged trap

NOTIFY – event notification – same as trap, added in SNMPv2

Network ManagementSNMPv2 PDU

From: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm

PDU type—Identifies the type of PDU transmitted (Get, GetNext, Inform, Response, Set, or Trap). • Request ID—Associates SNMP requests with responses. • Error status—Indicates one of a number of errors and error types. Only the response operation sets this field. Other operations set this field to zero. • Error index—Associates an error with a particular object instance. Only the response operation sets this field. Other operations set this field to zero. • Variable bindings—Serves as the data field of the SNMPv2 PDU. Each variable binding associates a particular object instance with its current value (with the exception of Get and GetNext requests, for which the value is ignored).

Network ManagementSNMPv1 Trap PDU

From: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/snmp.htm

Enterprise—Identifies the type of managed object generating the trap. • Agent address—Provides the address of the managed object generating the trap. • Generic trap type—Indicates one of a number of generic trap types. • Specific trap code—Indicates one of a number of specific trap codes. • Time stamp—Provides the amount of time that has elapsed between the last network reinitialization and generation of the trap. • Variable bindings—The data field of the SNMPv1 Trap PDU. Each variable binding associates a particular object instance with its current value.

Network Management

Network Management

Network Management

Network Management

Network Management

Network Management

More things to see http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/

snmp.htm http://en.wikipedia.org/wiki/Network_performance_management http://en.wikipedia.org/wiki/Snmp http://www.cotse.com/tools/netman.htm

TCP/IP http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/gg243376.html?Open