NET311Computer Network Management

Tools, Systems and EngineeringDr. Mostafa H. Dahshan

Department of Computer EngineeringCollege of Computer and Information Sciences

King Saud Universitymdahshan@ksu.edu.sa

Acknowledgements

• Notes are based on slides of:• Network Management: Principles and Practice, 2E, Mani Subramanian.

2

Basic Network Software Tools

• Status monitoring tools

• Traffic monitoring tools

• Route monitoring tools

• Basic tools are available as • Part of the Operating System

• Add-on applications

3

Status Monitoring Tools

Name OS Description

ifconfig UNIX/Linux Obtains and configures networking interface parameters and status

netsh Windows Displays or modifies the network configuration of a computer

ping UNIX/LinuxWindows

Checks the status of node / host

nslookup UNIX/LinuxWindows

Looks up DNS for name-IP address translation

dig UNIX/Linux Queries DNS server

host UNIX/Linux Displays information on Internet hosts / domains

4

Ifconfig

• Used to assign/read an address to/of an interface

• Option -a is to display all interfaces

5

Netsh

• Allows displaying or modify the network configuration in Windows

6

Ping

• Most basic tool for internet management

• Based on ICMP ECHO_REQUEST message

• Available on all TCP/IP stacks

• Useful for measuring connectivity

• Useful for measuring packet loss

• Can do auto discovery of TCP/IP equipped stations on single segment

7

Ping

8

nslookup

• An interactive program for querying Internet DNS servers

• Converts a hostname into an IP address and vice versa querying DNS

• Useful to identify the subnet a host or node belongs to

• Lists contents of a domain, displaying DNS record

• Available with UNIX/Linux and Windows

9

Dig

• Used to gather lots of information on hosts from DNS

10

Host

• Displays host names using DNS

11

Traffic Monitoring Tools

Name OS Description

ping UNIX / Windows Used for measuring roundtrip packet loss

bing UNIX Measures point-to-point bandwidth of a link

tcpdump UNIX Dumps traffic on a network

Wireshark Linux / Windows Graphical tool to capture, inspect , and to save Ethernet packets

12

bing

• Used to determine throughput of a link

• Uses icmp_echo utility

• Knowing packet size and delay, calculates bandwidth

• bing L1 and L2 and the difference yields the bandwidth of link L1-L2

• Bandwidth of link L1-L2 could be higher than the intermediate links

13

L1 L2bing

Wireshark

14

tcpdump

• Command: tcpdump

• Interprets and prints headers for several network protocols

• Useful for examining and evaluating the traffic

• Available in UNIX/Linux

15

Network Routing Tools

Name OS Descriptionnetstat UNIX Displays the contents of various network-related

data structuresarprarp

UNIX, Windows Displays and modifies the Internet-to-Ethernet address translation tables

traceroute UNIX Traces route to a destination with routing delays

tracert Windows Traces route to a destination with routing delays

16

Network Status

17

Show routing table

Show TCP connections

Route Tracing

• Command: traceroute (UNIX) / tracert (Windows)

• TIME-EXCEED error report

• ICMP Also available from uc.msc.unm.edu

Traceroute Uses

• Discovers route taken by packets from source to destination

• Useful for diagnosing route failures

• Useful for detecting bottleneck nodes

18

Route Tracing

19

SNMP Tools

• SNMP command-line tools• Net-SNMP package contains the SNMP command-line tools

• SNMP MIB Browser with graphical interface• SnmpB

• ManagineEngine MIB Browser

• iReasoning MIB Browser

• SolarWinds SNMP MIB Browser

20

SNMP Command Tools

Command Description

snmptest Interactive tool to get values of several managed objects, one at a time

snmpget Sends the SNMP GET request PDU, returns the SNMP RESPONSE PDU

snmpgetnext Sends the SNMP GETNEXT request PDU, returns the SNMP RESPONSE PDU

snmpset Sends the SNMP SET request PDU, returns the SNMP RESPONSE PDU

snmptrap Sends an SNMP notification to a manager

snmpwalk Retrieve a subtree of management values using SNMP GETNEXT requests

snmpnetstatDisplays networking status and configuration information from a network entity via SNMP

21

NMS Design

• NMS Functional Requirements

• NMS Software Components

• NMS Server Architecture• Discovery Module

• Performance Manager

• Fault Manager

• NMS Client Design

22

NMS Functional Requirements

• Scalability• Heterogeneity• Geographic spread• Real-time response• Batch processing• Diverse users• Local and remote management• Ease of use• Security• Data management

23

NMS Software Components

• NMS Server• Centralized

• Distributed

• Local NMS / EMS

• Integrated NMS / MoM

• NMS Client• Local / Console

• Remote• Dedicated

• Browser-based

24

NMS Server Architecture

• Modular architecture• Managed object database

• Configuration Manager / Discovery Module

• Fault Manager

• Performance Manager

• Module Layers• Lower (core) layer: Performs

business logic

• Upper layer: Graphical User Interface (GUI

25

S N M P C O R B A C M I P Proprietary

Config.

Mgr

Discovery

Data

Collector

Perf.

MgrFault

Mgr

MODB

Reports

User

InterfaceG U I W e b E m a i l S M S . . .

. . .

T C P / U D P

I P

To NEs

Mgmt

Protocols

Discovery Module

• Discovers topology of network

• Auto-discovery

• Manual configuration

• Discovery queries for NEs in specified range of IP

• Found IP NEs are queried for specific details

• Discovery process is configures with parameters given in the above table

• Module

26

Discovery Parameters

Parameter Value Description

IP addresses10.0.0.1 – 10.0.0.254, 192.168.0.0 / 24

A range or list of IP addresses

Wait Interval 10 secsWaiting time between discovery of successive IPs to minimize load on the network

SNMP version v1 v1, v2c, or v3

SNMP community “public” A commonly-used value

Discover types Router, server, switch Only elements of these types are added to the MODB

Ignore types PC, UPS Elements of these types are not added to the MODB

27

Notes• Discovery parameters are set in the discovery configuration file• Discovery parameters chosen to manage the scope of NEs discovered and the time for discovery run

Performance Manager

• Two major functions• Data Collection

• Analysis and report generation

• Data Collection• Offline: Use local data collector and periodic batch transmittal to NMS. Should

have NE id, OID, Value and timestamp

• Online: For real-time performance analysis

28

Performance Manager

• Online data collection issues• Overloading of the server

• Overloading the network

• Overloading the agent

• Poll configuration

• Database schema

29

Fault Manager

• Event generation: • Notification or trap indicator of fault• Multiple consecutive status polls fail to receive response• Threshold crossing, e.g. performance limit• Internal escalation of fault resolution

• Event filtering of unwanted events

• Event correlation of repeated receipt of same fault event

• Conversion of event to alarm by alarm register

• Root cause analysis of multiple alarms done alarm correlator

• Alarm indications: Visual, audio, SMS / phone call, email, log

30

Fault Manager

31

Timeouts

NE

EventDetectors

Event Event Event

Event

Alarm E

Traps

Polls

Recent

Events

Event

Filter

Event

Correlator

Alarm

Register

Alarm

Correlator

CurrentAlarms

Figure 9.31 Path of an Event through the Fault Manager

NMS Client Design

• Design approaches• Terminal client

• Graphical (GUI) client

• Browser or Web client

32

Terminal Client

• “dumb” character-oriented terminal

• Terminal emulation software (xterm, Putty) on PC

• Connection to NMS via telnet or ssh over TCP/IP

• No GUI

33

Graphical Client

• PC runs special client application that works with server

• Advantages• Graphical interface

• Runs NMS functionalities

• Problems• Lack of portability

• Requires update with NMS server update

• High degree of incompatibility with multiple servers

34

Browser or Web Client

• de-facto standard now

• Advantages• GUI capability

• Minimal NMS-dependent software in the client

• Problems• Portability between different browsers still a problem, but minimized

35

NMS Solutions

• Commercial• HP Network Node Manager NNMi (formerly OpenView)

• SolarWinds

• Free• OpenNMS

• Nagios

36

References

Using Netsh https://technet.microsoft.com/en-us/library/bb490939.aspx

Using PowerShell to Find Connected Network Adapters

https://blogs.technet.microsoft.com/heyscriptingguy/2014/01/15/using-powershell-to-find-connected-network-adapters/

Net-SNMP Documentation http://www.net-snmp.org/docs/man/

37