FUNCTIONS OF NETWORK MANAGEMENT SYSTEM

Copyright@IITBHU_CSEVivek Garg (12100EN009)

IIT(BHU), Varanasi

Functions of a network management system

1.Configuration management

2.Fault management

3.Performance management

4.Security management

5.Accounting management

Configuration management

Reconfiguration

• hardware reconfiguration

• software reconfiguration

• user-account reconfiguration

Documentation

• hardware documentation

• maps

• specifications

• software documentation

Fault management

Reactive fault management:

it is responsible for detecting, isolating, correcting and recording faults

• it handles short term solutions to fault

Proactive fault management

• it tries to prevent faults from occurring

• e.g. If a fault happens frequently at one particular point of network , it is wise to carefully reconfigure the network to prevent the fault from happening again

Performance management

Capacity

Traffic

Throughput

Response time

Security management

responsible for controlling access to

the network based on predefined policy

Discussed by next group in detail

Accounting management

It is the control of users access to network resources through charges

o It prevents users from monopolizing limited network resources

o It prevents users from using the system inefficiently

o Network managers can do short and long term planning based on the demand for network use.

Simple network management protocol(SNMP)

Concept

SNMP uses the concept of manager and agent

Manager usually a host controls and monitors a set of agnts usually routers

A management station,called a manager ,is a host that runs the SNMP client program

A managed station,called an agent is a router that runs the SNMP server program

Management is achieved through simple interaction between a manager and an agent

Concept

Agent keeps performance information in database .The manager can access to the values in the database

Management with SNMP is based on three basic ideas :

1. A manager checks an agent by requesting information that reflects the behaviour of the agent.

2. A manager forces an agent to perform a task by resetting the values in the agent database

3. An agent contributes to the management process by warning the manager of an unusual situation.

Management Components

There are 3 components:

SNMP (Simple network management protocol)

SMI (Structure of management information)

MIB (Management of information base)

Note: SNMP uses SMI and MIB protocols for management.

Comparison b/w Network

management task and task of writing a program

Both task need rules. Handled by SMI in NM.

Both task need variable declarations. Handled by MIB in NM.

Both task have actions performed by statements. Handled by SNMP in NM.

Role of SNMP

It defines the format of packet

exchanged between a manager and a agent.

SNMP packet contains some

status(Value) and object(variable) fields.

It reads and change the status and objects in SNMP packet.

Role of SMI

It defines the general rules for

1. Naming objects

2. Defining object types ( Like range , length etc)

3. Showing how to encode object and values.

Note: It doesn't define the association between object and values.

Role of MIB

MIB creates a collection of

1. Named objects

2. Their types

3. Their relationship to each other in an entity to be managed.

Structure of Management Information (SMI)

SMI - Functions

• To name objects

• To define the type of data that can be stored in an object

• To show how to encode the data for transmission over the network

SMI - Functions

SMI is a guideline for SNMP. It has three attributes to handle an object: name, data type and encoding method

Object Attributes

Name TypeEncoding Method

Name

• Each managed object (such as a router, a variable in a router, or a value) needs to have a unique name.

• To name objects globally, SMI uses an object identifier, which is a hierarchical identifier based on a tree structure.

Name

The tree structure starts with an unnamed root.

Each object can be identified by using a sequence of integers separated by dots.

The tree structure can also define an object by using a sequence of textual names separated by dots.

The integer-dot representation is used in SNMP. The name-dot notation is used by people.

The objects that are used in SNMP are located under the mib-2 object, so their identifiers always start with 1.3.6.1.2.1.

Type

• To define the data type, SMI uses fundamental Abstract Syntax Notation 1 (ASN.1)

• SMI has two broad categories of data type: simple and structured.

Data

Simple Stuctured

Simple Type

The simple data types are atomic data types. Some of them

are taken directly from ASN.1; others are added by SMI.

Structured Type

By combining simple and structured data types, we can make

new structured data types. SMI defines two structured data types:

• Sequence: A sequence data type is a combination of simple data types, not necessarily of the same type. It is analogous to the concept of a struct or a record used in programming languages such as C.

Simple variable Sequence

Structured Type

• Sequence of: A sequence of data type is a combination of simple data types all of the same type or a combination of sequence data types all of the same type. It is analogous to the concept of an array used in programming languages such as C.

Sequence of (simple variables)

Sequence of (sequences)

Encoding Method

• SMI uses another standard, Basic Encoding Rules (BER), to encode data to be transmitted over the network.

• BER specifies that each piece of data be encoded in triplet format: tag, length, and value.

Tag Length Value

Tag

• The tag is a 1-byte field that defines the type of data. It is composed of three subfields: class (2 bits),format (1 bit), and number (5 bits).

Class2 bits

Format1 bit

Number5 bits

Tag : Class

• The class subfield defines the scope of the data. • Four classes are defined: universal (00),

applicationwide (01), context-specific (10), and private (11). – The universal data types are those taken from ASN1

(INTEGER, OCTET STRING, and ObjectIdentifier). – The applicationwide data types are those added by

SMI (IPAddress, Counter, Gauge, and TimeTicks). – The five context-specific data types have meanings

that may change from one protocol to another. – The private data types are vendor-specific.

Tag : Format and Number

• The format subfield indicates whether the data are simple (0) or structured (1).

• The number subfield further divides simple or structured data into subgroups. For example, in the universal class, with simple format, INTEGER has a value of 2, OCTET STRING has a value of 4, and so on.

Tag : Codes for data types

Length

• The length field is 1 or more bytes.

– If it is 1 byte, the most significant bit must be 0. The other 7 bits define the length of the data.

– If it is more than 1 byte, the most significant bit of the first byte must be 1. The other 7 bits of the first byte define the number of bytes needed to define the length.

0 0 0 0 0 0 1 0

1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0

Value

• The value field codes the value of the data according to the rules defined in BER.

Example

• INTEGER 14

Example

• OCTET STRING HI

Example

• ObjectIdentifier 1.3.6.1 (iso.org.dod.internet)

Example

• IP Address 131.21.14.8

ENCODING METHOD

● SMI uses BER (Basic Encoding Rules) to

encode the data.

● BER uses triplet Format: tag (1 byte) ,

length(variable) and Value(variable).

ENCODING METHOD

● Tag

● 1 byte field consists of 3 subfeilds

● Class, Format, Number

● Class : scope of the data.

● 4 classes of data : universal(00), application-wide(01), context-specific(10), private(11).

● Universal data-type are: INTEGER,

OCTET,STRING, ObjectIdentifier

● Application wide data-types: IPAdress, Counter, Gauge, TimeTicks

● Format : data simple(0), data structured(1)

●

ENCODING METHODNumber

● Table

● INTEGER 00010

● OCTET STRING 00100

● OBJECT IDENTIFIER 00110

● NULL00101

● Sequence, Sequence of 10000

● IP ADDRESS 00000

● COUNTER 00001

● INTEGER 00010

● Tag for INTEGER 14 ??

● 00 0 00010

ENCODING METHOD

Length (Variable, measured in bytes)

● 1 byte

●

●

●

● More than 1 byte (length of data not fit in 7 bits)

● Length feild for INTEGER 14 ??

● 0 0000100

●

0 Length of Data0 Length of Data0 Length of DataLength of DataLength of Data0 Length of Data0 Length of Data0 Length of Data0 Length of Data0 Length of Data

1 Length of Length field

Length of data

ENCODING METHOD

● Data

● In binary form

● INTEGER 14 ??

● 00000000 00000000 00000000 00001110

● Ex : OCTET STRING HI ( H- 72 ,I – 73)

● Integer has fixed size of 4 bytes but octet has variable length. 72, 73 can be represented

in 1 byte each

● 00000100 00000010 01001000 01001001

SNMP Working

• It is an application program that allows:

• 1- A manager to retrieve the value of an object defined in an agent.

• 2- A manager to store a value in an object defined in an agent.

• 3- An agent to send an alarm message about an abnormal situation to the manager.

PDUs

• SNMPv3 defines 8 types of packets (or PDUs: Protocol Data Units)• GetRequest: Sent from manager to agent to retrieve the value of a

variable or a set of variables.• GetNextRequest: Sent from manager to agent to retrieve the value

of a variable or a set of variables.The retrieved values is the value of the object following the defined ObjectId in the PDU.Used to get values of entries whose indexes are unknown but ID of table is known.

• GetBulkRequest: Sent from manager to agent to retrieve a large amount of data(instead of using large number of GetRequest).

• SetRequest: Sent from manager to agent to set(store) a value in a variable.

PDUs

• Response: Sent from agent to manager in response to GetRequestor GetNextRequest (contains the values requested).

• Trap: Sent from agent to manager to report an event(e.g-Rebooting).

• InformRequest: Sent from one manager to another remote manager to get values of some variables under

• the control of the remote manager.

• Report: Designed to report some errors between managers (Not in use).

SNMP PDU format

• PDU type: Defines the type of PDU.

• Request ID: sequence number used by manager in a Request PDU and repeated by agent in reponse(sued

• for matching).

• Error Status: Integer used only in response PDUs to show tpeof error reported by agent. (0 for Request

• PDUs).

• E.g- 2 tooBig, 3 badValue,4 readOnly etc..

SNMP PDU format

• NonRepeaters: Used only in GetBulkRequest (replaces error status field).

• Error index: Offset that tells the manager which variable caused error.

• Max-repetition: Also used only in GetBulkRequest (replaces error index field).

• VarBind list: Set of variables and values the manager wants to retrieve or set(null for GetRequest,

• GetNextRequest).

SNMP Messages

Sends not only a PDU but it embeds PDUs in a message.

A message in SNMPv3 is made up of four elements: Version

Header

Security Parameters

Data (which include the encoded PDU)

Length of these elements is variable.

Uses BER (Basic encoding rules) to encode each element as each element is of variable length.

BER uses the tag and the length to define the value.

SNMP message Structure

•Version : Defines Current Version (Here version 3)

•Header : Contains flags for •message identification

•Maximum message size

•Message flag

•Message security model which define security protocol

SNMP message Structure

• Security Parameter : Creates message digest

• Data : Contains PDU

• If data is encrypted then it also

contains information about encryption method else only data.

Codes for SNMP messages

The maximum size of an SNMP message is limited to the minimum of:

(1) the maximum message size which the destination SNMP entity can accept; and,

(2) the maximum message size which the source SNMP entity can generate.

UDP Ports

SNMP uses the services of two ports

• Port 161-Server

• Port 162-Client

Two types of messages are used

• Request/Reply messages

• Trap messages

Request/Response

messages

The server issues passive open on port 161.

The request messages are sent from client to server,

using ephemeral port as the source and the well know

port 161 as the destination port.

The response messages are sent from server to the

client, using well know port 161 as source port and

ephemeral port as the destination port.

Trap Messages

The client issues a passive open on port 162.

It waits for the message from server.

Whenever a trap message has to be sent, the server

issues a active open.

The message is only one-way, from server to the

client.

Security

Main difference between SNMPv3 and SNMPv2 is

enhanced security.

SNMPv3 provides message authentication, privacy,

and authorization.

SNMPv3 allows a manager to remotely change the

security configuration, which means that the manager

does not have to be physically present.