Embed Size (px)
Citation preview
Network Management
2110472 Computer Networks
Natawut Nupairoj, Ph.D.
Department of Computer Engineering
Chulalongkorn University
Outline
Introduction to Network Management. Overview. Sample Applications.
Simple Network Management Protocol. History of SNMP. Basic SNMP Concepts. MIB Standards. SNMPv3.
ASN.1.
Overview
Typical System Administrator’s Life Manage many hosts and network devices. Detect and response to the PROBLEMS.
Administrators should know the problems BEFORE the users.
Must promise for some Service Level Agreement (SLA) levels System availability. Response time. Throughput.
Overview
What is the scope of network management ? Monitor for problems
Hosts and services. Levels of status: up, minor, major, critical. To reach SLA.
Monitor for tune-up Should we add more network bandwidth ? For how
much ? Detect the intrusion
Intrusion detection against the hackers.
Overview
Why is it so hard ? SLA is usually difficult to achieve without good
planning and tools Availability (uptime) – Five Nines = 99.999% Thus, each host can be down only for
1 Year = 365 * 24 * 60 = 525,600 minutes. 0.001% (acceptable downtime) of 1 Year = 5.256 minutes.
This includes maintenance period !!! How about Six Nines ???
There are MANY…MANY devices.
System Reliability
Cause of downtime (by Gartner Group)
Sample Network Monitoring Applications
There are several network management applications OS Tools
Ping, tracerout, netstat, etc. Freewares
Netsaint, MRTG, snort, etc. Commercial
CA Unicenter, HP Openview, IBM Trivoli, CiscoWorks.
SNMP
Simple Network Management Protocol.
1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999
pro
pos
ed
s ta
nd
ard
imp
lem
enta
t ion
e xpe
r ien
ce
SGMP SNMPSNMP
SMPSNMPv2(parties)security
SNMPv2(community) SNMPv3
dr a
fts t
an
dar
d
full
s ta
nd
ard
dr a
fts t
an
dar
d
pro
pos
ed
s ta
nd
ard
dr a
fts t
an
dar
d
Basic SNMP Concepts
MANAGER
AGENTS
SNMP
MIB
Operational Modes
MANAGER
AGENTS
TRAPS
POLLING
MIB
SNMP StructureMANAGER AGENT
CONNECTIONLESS TRANSPORT SERVICE PROVIDER
SNMP PDUs
UDP
Management ApplicationMIB
SNMP Frameworks – MIB
Management Information Base MIB Objects
Variables that represent the resources of the system. Can have several types of values.
MANAGER AGENT
SNMP
address
name
uptime
SNMP Frameworks - MIB
Structure of Management Information (SMI) Define a standard way to reference the information. Describe what includes / what not for each device.
NEW-MIB:
address (1) info (2)
name (1) uptime (2)
1
130.89.16.2
printer-1 123456
SMI - Example address
Object ID = 1.1 Value of Instance = 130.89.16.2
info Object ID = 1.2
name Object ID = 1.2.1 Value of Instance = printer-1
uptime Object ID = 1.2.2 Value of Instance = 123456
ALTERNATIVE: Object ID = NEW-MIB info
uptime
NEW-MIB:
address (1) info (2)
name (1) uptime (2)
1
130.89.16.2
printer-1 123456
Standard SMIroot
ccitt (0) iso (1) joint-iso-ccitt (2)
stnd (0) reg-auth (1) mb (2) org (3)
dod (6)
internet (1)
security (5)mngt (2) experimental (3) private (4)
mib-2 (1)
directory (1) snmpV2 (6)
enterprises (1)
snmpDomains (1)
snmpProxys (2)
snmpModules (3)
MIB-II – Internet MIB
...
root
ccitt (0) iso (1) joint-iso-ccitt (2)
stnd (0) reg-auth (1) mb (2) org (3)
dod (6)
internet (1)
directory (1) mngt (2) experimental (3) private (4)
mib-2 (1)
system (1) interfaces (2) ... transmission (10) snmp (11) ospf (14) bgp (15)
ethernet (6) token ring (9) fddi (15) adsl (94)
...
...
security (5) snmpV2 (6)
MIB ExampleHost Resources MIB
MIB-2
host (25)
hrSystem (1)
hrStorage (2)
hrDevice (3)
hrSWRun (4)
hrSWRunPerf (5)
hrSWInstalled (6)
hrMIBAdminInfo (7)
hrSystemUptime (1)
hrSystemdate (2)
hrSystemInitialLoadDevice (3)
hrSystemInitialLoadParameters (4)
hrSystemNumUsers (5)
hrSystemProcesses (6)
hrSystemMaxProcesses (7)
SNMP Operations
getNext
response
MIB
manager agent
set
response
MIB
manager agent
get
response
MIB
manager agent
trap
manager agent
PDU Structure
NAME 1 VALUE 1 NAME 2 VALUE 2 ••• ••• NAME n VALUE n
PDU TYPE* ERROR
VARIABLE BINDINGSSTATUSREQUEST
IDERRORINDEX
VERSION COMMUNITY SNMP PDU
variable bindings:
SNMP PDU:
SNMP message:
SNMPv3 – Security Enhancements
MIB
MANAGER
APPLICATION PROCESSES
TRANSPORT SERVICE
MANAGER AGENT
GET / GET-NEXT / GETBULKSET / TRAP / INFORM
SECURE COMMUNICATION
ACCESS CONTROL
ASN.1
Abstract Syntax Notation 1 Similar to BNF notation for programming
language. Define how data should be sent, in what order. The protocol designer must write ASN.1 to define
the protocol Programming language designer uses BNF to define
the grammar of the language. Encode in binary format.
ASN.1 - Example
How can I send an integer 65534 ? 2 bytes: 1111 1111 1111 1110 Big-endian or little-endian ?
Sender uses little-endian, receiver uses big-endian. 1111 1110 1111 1111 = 65279
What if I want to send a whole structure ?struct {char code;int x;
}
ASN.1 Syntax Definition
Define a data type Define based on built-in types and other data
types defined in the file. Built-in types: INTEGER, OCTET STRING,
REAL, BOOLEAN, etc. Newly-defined data type can be complicated
SEQUENCE, SEQUENCE OF, CHOICE, etc.
Format <name> ::= <description -- components>
ASN.1 Examples
---- The currency codes from ISO 4217-- are used to identify a currency --Currency ::= OCTET STRINGObjectId ::= INTEGER
DateTime ::= SEQUENCE { timeOffsetCode TimeOffsetCode,
localTimeStamp LocalTimeStamp}
ASN.1 Encoding Rules
Syntax definition defines the components of the data.
Encoding defines how to actually store the data.
Data can be encoded in several ways. Basic Encoding Rule (BER). Distinguished Encoding Rule (DER). Packed Encoding Rule (PER).
BER Encoding
Basic Encoding Rule (BER) Tag Length Value (TLV).
TAG LENGTH VALUE
MyId ::= [APPLICATION 12] INTEGER
12 4 1234(this is not the actual encoded data.)
BER Encoding
Constructed Encoded Form
T L T L T L V T L V
DateTime ::= [APPLICATION 83] SEQUENCE
{
timeOffsetCode TimeOffsetCode,
localTimeStamp LocalTimeStamp
}
TimeOffsetCode ::= [APPLICATION 232] Code
LocalTimeStamp ::= [APPLICATION 16] NumberString
Code ::= [APPLICATION 243] INTEGER
References J. Kurose and K. Ross, Computer Networking: A Top-Down
Approach Featuring the Internet, Addison Wesley, 2001. Netsaint, http://www.netsaint.org. The SimpleWeb Tutorials, http://www.simpleweb.org/tutorials/. Electronic and telecommunication Institute, Lessons about SNMP,
http://www.et.put.poznan.pl/snmp/main/mainmenu.html. Yoram Cohen, SNMP – Simple Network Management Protocol,
http://www.rad.com/networks/1995/snmp/snmp.htm.
