Network Management
-
Upload
vivek-garg -
Category
Engineering
-
view
51 -
download
2
Transcript of Network Management
FUNCTIONS OF NETWORK MANAGEMENT SYSTEM
Copyright@IITBHU_CSEVivek Garg (12100EN009)
IIT(BHU), Varanasi
Functions of a network management system
1.Configuration management
2.Fault management
3.Performance management
4.Security management
5.Accounting management
Configuration management
Reconfiguration
• hardware reconfiguration
• software reconfiguration
• user-account reconfiguration
Documentation
• hardware documentation
• maps
• specifications
• software documentation
Fault management
Reactive fault management:
it is responsible for detecting, isolating, correcting and recording faults
• it handles short term solutions to fault
Proactive fault management
• it tries to prevent faults from occurring
• e.g. If a fault happens frequently at one particular point of network , it is wise to carefully reconfigure the network to prevent the fault from happening again
Performance management
Capacity
Traffic
Throughput
Response time
Security management
responsible for controlling access to
the network based on predefined policy
Discussed by next group in detail
Accounting management
It is the control of users access to network resources through charges
o It prevents users from monopolizing limited network resources
o It prevents users from using the system inefficiently
o Network managers can do short and long term planning based on the demand for network use.
Simple network management protocol(SNMP)
Concept
SNMP uses the concept of manager and agent
Manager usually a host controls and monitors a set of agnts usually routers
A management station,called a manager ,is a host that runs the SNMP client program
A managed station,called an agent is a router that runs the SNMP server program
Management is achieved through simple interaction between a manager and an agent
Concept
Agent keeps performance information in database .The manager can access to the values in the database
Management with SNMP is based on three basic ideas :
1. A manager checks an agent by requesting information that reflects the behaviour of the agent.
2. A manager forces an agent to perform a task by resetting the values in the agent database
3. An agent contributes to the management process by warning the manager of an unusual situation.
Management Components
There are 3 components:
SNMP (Simple network management protocol)
SMI (Structure of management information)
MIB (Management of information base)
Note: SNMP uses SMI and MIB protocols for management.
Comparison b/w Network
management task and task of writing a program
Both task need rules. Handled by SMI in NM.
Both task need variable declarations. Handled by MIB in NM.
Both task have actions performed by statements. Handled by SNMP in NM.
Role of SNMP
It defines the format of packet
exchanged between a manager and a agent.
SNMP packet contains some
status(Value) and object(variable) fields.
It reads and change the status and objects in SNMP packet.
Role of SMI
It defines the general rules for
1. Naming objects
2. Defining object types ( Like range , length etc)
3. Showing how to encode object and values.
Note: It doesn't define the association between object and values.
Role of MIB
MIB creates a collection of
1. Named objects
2. Their types
3. Their relationship to each other in an entity to be managed.
Structure of Management Information (SMI)
SMI - Functions
• To name objects
• To define the type of data that can be stored in an object
• To show how to encode the data for transmission over the network
SMI - Functions
SMI is a guideline for SNMP. It has three attributes to handle an object: name, data type and encoding method
Object Attributes
Name TypeEncoding Method
Name
• Each managed object (such as a router, a variable in a router, or a value) needs to have a unique name.
• To name objects globally, SMI uses an object identifier, which is a hierarchical identifier based on a tree structure.
Name
The tree structure starts with an unnamed root.
Each object can be identified by using a sequence of integers separated by dots.
The tree structure can also define an object by using a sequence of textual names separated by dots.
The integer-dot representation is used in SNMP. The name-dot notation is used by people.
The objects that are used in SNMP are located under the mib-2 object, so their identifiers always start with 1.3.6.1.2.1.
Type
• To define the data type, SMI uses fundamental Abstract Syntax Notation 1 (ASN.1)
• SMI has two broad categories of data type: simple and structured.
Data
Simple Stuctured
Simple Type
The simple data types are atomic data types. Some of them
are taken directly from ASN.1; others are added by SMI.
Structured Type
By combining simple and structured data types, we can make
new structured data types. SMI defines two structured data types:
• Sequence: A sequence data type is a combination of simple data types, not necessarily of the same type. It is analogous to the concept of a struct or a record used in programming languages such as C.
Simple variable Sequence
Structured Type
• Sequence of: A sequence of data type is a combination of simple data types all of the same type or a combination of sequence data types all of the same type. It is analogous to the concept of an array used in programming languages such as C.
Sequence of (simple variables)
Sequence of (sequences)
Encoding Method
• SMI uses another standard, Basic Encoding Rules (BER), to encode data to be transmitted over the network.
• BER specifies that each piece of data be encoded in triplet format: tag, length, and value.
Tag Length Value
Tag
• The tag is a 1-byte field that defines the type of data. It is composed of three subfields: class (2 bits),format (1 bit), and number (5 bits).
Class2 bits
Format1 bit
Number5 bits
Tag : Class
• The class subfield defines the scope of the data. • Four classes are defined: universal (00),
applicationwide (01), context-specific (10), and private (11). – The universal data types are those taken from ASN1
(INTEGER, OCTET STRING, and ObjectIdentifier). – The applicationwide data types are those added by
SMI (IPAddress, Counter, Gauge, and TimeTicks). – The five context-specific data types have meanings
that may change from one protocol to another. – The private data types are vendor-specific.
Tag : Format and Number
• The format subfield indicates whether the data are simple (0) or structured (1).
• The number subfield further divides simple or structured data into subgroups. For example, in the universal class, with simple format, INTEGER has a value of 2, OCTET STRING has a value of 4, and so on.
Tag : Codes for data types
Length
• The length field is 1 or more bytes.
– If it is 1 byte, the most significant bit must be 0. The other 7 bits define the length of the data.
– If it is more than 1 byte, the most significant bit of the first byte must be 1. The other 7 bits of the first byte define the number of bytes needed to define the length.
0 0 0 0 0 0 1 0
1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0
Value
• The value field codes the value of the data according to the rules defined in BER.
Example
• INTEGER 14
Example
• OCTET STRING HI
Example
• ObjectIdentifier 1.3.6.1 (iso.org.dod.internet)
Example
• IP Address 131.21.14.8
ENCODING METHOD
● SMI uses BER (Basic Encoding Rules) to
encode the data.
● BER uses triplet Format: tag (1 byte) ,
length(variable) and Value(variable).
ENCODING METHOD
● Tag
● 1 byte field consists of 3 subfeilds
● Class, Format, Number
● Class : scope of the data.
● 4 classes of data : universal(00), application-wide(01), context-specific(10), private(11).
● Universal data-type are: INTEGER,
OCTET,STRING, ObjectIdentifier
● Application wide data-types: IPAdress, Counter, Gauge, TimeTicks
● Format : data simple(0), data structured(1)
●
ENCODING METHODNumber
● Table
● INTEGER 00010
● OCTET STRING 00100
● OBJECT IDENTIFIER 00110
● NULL00101
● Sequence, Sequence of 10000
● IP ADDRESS 00000
● COUNTER 00001
● INTEGER 00010
● Tag for INTEGER 14 ??
● 00 0 00010
ENCODING METHOD
Length (Variable, measured in bytes)
● 1 byte
●
●
●
● More than 1 byte (length of data not fit in 7 bits)
● Length feild for INTEGER 14 ??
● 0 0000100
●
0 Length of Data0 Length of Data0 Length of DataLength of DataLength of Data0 Length of Data0 Length of Data0 Length of Data0 Length of Data0 Length of Data
1 Length of Length field
Length of data
ENCODING METHOD
● Data
● In binary form
● INTEGER 14 ??
● 00000000 00000000 00000000 00001110
● Ex : OCTET STRING HI ( H- 72 ,I – 73)
● Integer has fixed size of 4 bytes but octet has variable length. 72, 73 can be represented
in 1 byte each
● 00000100 00000010 01001000 01001001
SNMP Working
• It is an application program that allows:
• 1- A manager to retrieve the value of an object defined in an agent.
• 2- A manager to store a value in an object defined in an agent.
• 3- An agent to send an alarm message about an abnormal situation to the manager.
PDUs
• SNMPv3 defines 8 types of packets (or PDUs: Protocol Data Units)• GetRequest: Sent from manager to agent to retrieve the value of a
variable or a set of variables.• GetNextRequest: Sent from manager to agent to retrieve the value
of a variable or a set of variables.The retrieved values is the value of the object following the defined ObjectId in the PDU.Used to get values of entries whose indexes are unknown but ID of table is known.
• GetBulkRequest: Sent from manager to agent to retrieve a large amount of data(instead of using large number of GetRequest).
• SetRequest: Sent from manager to agent to set(store) a value in a variable.
PDUs
• Response: Sent from agent to manager in response to GetRequestor GetNextRequest (contains the values requested).
• Trap: Sent from agent to manager to report an event(e.g-Rebooting).
• InformRequest: Sent from one manager to another remote manager to get values of some variables under
• the control of the remote manager.
• Report: Designed to report some errors between managers (Not in use).
SNMP PDU format
• PDU type: Defines the type of PDU.
• Request ID: sequence number used by manager in a Request PDU and repeated by agent in reponse(sued
• for matching).
• Error Status: Integer used only in response PDUs to show tpeof error reported by agent. (0 for Request
• PDUs).
• E.g- 2 tooBig, 3 badValue,4 readOnly etc..
SNMP PDU format
• NonRepeaters: Used only in GetBulkRequest (replaces error status field).
• Error index: Offset that tells the manager which variable caused error.
• Max-repetition: Also used only in GetBulkRequest (replaces error index field).
• VarBind list: Set of variables and values the manager wants to retrieve or set(null for GetRequest,
• GetNextRequest).
SNMP Messages
Sends not only a PDU but it embeds PDUs in a message.
A message in SNMPv3 is made up of four elements: Version
Header
Security Parameters
Data (which include the encoded PDU)
Length of these elements is variable.
Uses BER (Basic encoding rules) to encode each element as each element is of variable length.
BER uses the tag and the length to define the value.
SNMP message Structure
•Version : Defines Current Version (Here version 3)
•Header : Contains flags for •message identification
•Maximum message size
•Message flag
•Message security model which define security protocol
SNMP message Structure
• Security Parameter : Creates message digest
• Data : Contains PDU
• If data is encrypted then it also
contains information about encryption method else only data.
Codes for SNMP messages
The maximum size of an SNMP message is limited to the minimum of:
(1) the maximum message size which the destination SNMP entity can accept; and,
(2) the maximum message size which the source SNMP entity can generate.
UDP Ports
SNMP uses the services of two ports
• Port 161-Server
• Port 162-Client
Two types of messages are used
• Request/Reply messages
• Trap messages
Request/Response
messages
The server issues passive open on port 161.
The request messages are sent from client to server,
using ephemeral port as the source and the well know
port 161 as the destination port.
The response messages are sent from server to the
client, using well know port 161 as source port and
ephemeral port as the destination port.
Trap Messages
The client issues a passive open on port 162.
It waits for the message from server.
Whenever a trap message has to be sent, the server
issues a active open.
The message is only one-way, from server to the
client.
Security
Main difference between SNMPv3 and SNMPv2 is
enhanced security.
SNMPv3 provides message authentication, privacy,
and authorization.
SNMPv3 allows a manager to remotely change the
security configuration, which means that the manager
does not have to be physically present.