Management

CHAPTER 30

Internet Management

Albert 30.1, 2, 3

Yifan 30.4, 5, 6, 7

Jianxin 30.8

Huaidong 30.9

Lai Yee 30.10

Daniel 30.11, 12, 13

1

Internet Management





Activities in Internet management:



 Debug problems

 Control routing

 Find computer that violate protocol standard







2

Network Management



Originally, many wide area networks included

management protocols as part of their link

level protocols.



Advantage:

Managers were often able to control switches

even if higher level protocols failed.





3

Internet management differs from

network management



 A single manager can control heterogeneous

devices including IP routers, bridges,

modems, work-stations, and printers.

 The controlled entities may not share a

common link level protocol.

 The set of machines a manager controls may

lie at arbitrary points in an internet.





4

Internet management operates at the

application level

Advantages:

• One set of protocol can be used for all networks.

• Same protocols can be used for all managed devices.

• A manager can control the routers across an entire

TCP/IP internet without having direct attached to

every physical network or router.

Disadvantage:

• If the operating system, IP software, or transport

protocol software does not work correctly, the

manager may not be able to contact a router that

needs managing.

5

Architectural Model









6

Architectural Model

• Client software usually runs on the manager’s

workstation.

• Each participating router or host runs a server

program called management agent.

• Most managers only control devices at their local

sites; a large site may have multiple managers.



Internet management software uses an

authentication mechanism to ensure only

authorized managers can access or control a

particular device.



7

Protocol Framework

It’s all about management information!





 SNMP How to exchange?



 MIB How to store and operate?



 SMI How to define and identify?



 ASN. 1 Formal notation used by SMI.





8

SNMP v3 – how to communicate?

 Stands for Simple Network

Management Protocol version 3

 A standard Network Management

Protocol

 Defines:

- message format, form of names and addresses

- how to use transport protocol

- set of operations and their meaning

- approach is minimalistic

9

MIB – How about data?

 Stands for Management Information Base

 Defines:

- What data should be kept for the manager?

- What operations are allowed on these data?

- Categories of data

- Variables in each category



 MIB definition is independent of the network

management protocol.

- All managed devices speaks the same language

(MIB)

10

__MIB category includes informationabout________

system The host or router operating system

interfaces Individual network interfaces

at Address translation (e.g. ARP)

ip Internet protocol software

icmp Internet Control Protocol software

tcp Tansmission Control Protocol software

udp User datagram Protocol software

ospf Open shortest path first software

bgp Border Gateway Protocol software

rmon Remote network monitoring

rip-2 Routing Information Protocol software

dns Domain Name System software

11

MIB Variable Category Meaning______________

sysUptime system Time since last reboot

ifNumber interfaces Number of network interface

ifMTU interfaces MTU for a particular interface

ipDefaultTTL ip Value IP uses in TTL field

ipInReceives ip Number of datagrams received

ipForwdatagrams ip Number of datagrams forwarded

ipOutNoroutes ip Number of routing failures

ipReasmOKs ip Number of datagrams reassembled

ipFragOKs ip Number of datagrams fragmented

ipRoutingTable ip IP routing table

icmpInEchos icmp # of ICMP echo requests received

tcpRtoMin tcp Min retransmision time TCP allows

tcpMaxConn tcp Max TCP connection allowed

tcpInSegs tcp # of segments TCP has received

12

udpInDatagrams udp # of UDP datagrams received

MIB variables

 Each variable can be stored as

- A single integer

- A complex structure

e.g., an entire Routing Table



 Also defines table entries.

 Presentation only has logical meaning.

- Router may use different internal data structures





13

SMI – rules to define and identify variables



 Stands for Structure of Management

Information

 Specifies:

- What variable types are allowed?

- What naming rules should be followed?

- How to refer to the tables of values?

e.g., the IP routing table





14

ASN. 1 – a formal notation used by SMI

 Stands for ISO’s Abstract Syntax Notation 1

 A formal notation of defining variable names

and types

- In documents: human can read

- In communication: compact encoded representation

 Benefits:

- Makes the form and contents of variables

unambiguous.

- Simplifies the implementation of protocols

- guarantees interoperability

15

30.8 Structure And Representation Of MIB

Object Names --- Jianxin



 Object Identifier Namespace:

1. Names used for MIB variables are taken

from the object identifier namespace

administered by ISO and ITU.



2. The object identifier namespace is

absolute, meaning that names are

structured to make them globally unique.



16

Hierarchy of namespace



 The root of the object identifier hierarchy is

unnamed.

 It has three direct descendants managed by:

ISO ITU jointly by ISO and ITU

 The descendants are assigned both short text

strings and integers.

 ISO has allocated one subtree for use by

other national or international standards

organizations.

17

18

Name an object and MIB categories



 The name of an object in the hierarchy is the

sequence of numeric labels on the nodes

along a path from the root to the object.

 The sequence is written with periods

separating the individual components.

example: 1.3.6.1.2 --- denotes the node

‘mgmt’

 The MIB groups variables into categories,

each category is the sub-tree of the ‘mib’

node of the object identifier namespace.

19

20

Simple category naming examples



 The category labeled ip has been assigned the value

4.

 The names of all MIB variables corresponding to ip

have an identifier that begins with the prefix:

1.3.6.1.2.1.4

The textual label would be:

iso.org.dod.internet.mgmt.mib.ip

 When network management protocols use names of

MIB variables in messages, each name has a suffix

appended. For simple variables, the suffix is 0.



21

Complex example



 How about the variable ipAddrTable

 A list of the IP addresses for each network

interface

 It’s a sub-tree under ip node, with prefix:

iso.org.dod.internet.mgmt.mib.ip.ipAddrTable

 How to represent such data structures.

 MIB defines a uniform, virtual interface to

access data



22

 ipAddrTable can be defined as:

ipAddrTable ::= SEQUENCE OF IpAddrEntry

 Each entry in the array is defined by five

fields:

IpAddrEntry ::= SEQUENCE {

ipAdEntAddr IpAddress,

ipAdEntIfIndex INTEGER,

ipAdEntNetMask IpAddress,

ipAdEntBcastAddr IpAddress,

ipAdEntReasmMaxSize

INTEGER(0..65535) }

23

 Assign numeric values to entry and

each item of the entry:

ipAddrEntry {ipAddrTable 1}

ipAdEntNetMask{ipAddrEntry 3}

 Use a suffix appended onto the name to

select a specific element in the table,

not the index.

suffix = IP address

variable name.IP address



24

Simple Network Management

Protocol (SNMP)





Huaidong Meng



Instructor: Dr. Sharon Hall





25

Simple Network Management

protocol

 Network Management protocol:

– specify communication between client

program a network manager invoked and

server program executing on a host or

router.

– which defines the form and meaning of

message exchanged

– representation of names and values of

message

– define administrative relationships among

routers between managed. 26

Network Management Protocol

 Allow the manager

– Reboot the system

– Add or delete the router

– Disable or enable a particular network interface

– Remove cached address binding



 The main disadvantage: the resulting

complexity

– For example, the command to delete a routing

table entry differs from the command to disable an

interface.

27

SNMP takes an interesting alternative

approach to network management

 casts all operations in a fetch-store

paradigm, instead of defining a large set

of commands:

– Stability

• Its definition remains fixed.

– Simple to implement, understand, and debug

• It avoids the complexity of having special cases

for each command.

– Flexible

• Accommodate arbitrary commands in an elegant

framework 28

SNMP commands

 get-request fetch a value from a specific

variable

 get-next-request fetch a value without knowing

its exact name

 get bulk-request fetch a large volume of data

 Response a response to any of above

request

 set-request store a value in a specific

variable

 inform-request reference to a third-party data

 snmpv2-trap reply triggered by an event

 Report undefined at present 29

Searching Table Using Names

 get-next-request

– Allows a client to iterate through a table by

supplies a prefix of a valid object identifier,

without knowing how many items the table

contains.

– The server returns a network mask field of

the first entry in ipAddrTable, and the client

uses the full object identifier returned by

the server to request the next item in the

table.

– See page 566 for the example

30

SNMP Message Format



SNMPv3Message ::=

SEQUENCE {

msgVersion INTEGER (0..2147483647),

msgGlobalData HeaderData,

msgSecurityParameters OCTET STRING,

msgData ScopedPduData

}



31

Definition of SNMP HeaderData



HeaderData ::= SEQUENCE {

msgID INTEGER (0..2147483647)

msgMaxSize INTEGER (484..2147483647)

msgFlags OCTET STRING (SIZE(1))

msgSecurityModel INTEGER

(1..2147483647)

}





32

Definition of SNMP PDU



PDU ::=

CHOICE {

get-request

get-next-request

get-bulk-request

response

set-request

inform request

snmpV2-trap

report

}

33

Internet Management

-Example Encoded SNMP Message



 Figure 30.11 contains an encoded get-

request message for data item sysDescr

 Each term used is further defined until it can

be defined by primitive data type, e.g. integer,

string. -Let’s compare the message with the

specified format

 Hence, the encoded items have variable-

length fields



34

Internet Management

-New Features In SNMPv3



 Scope: Security and administration

 Goal: generality, flexibility and ease of admin.

 Example new features

– Message Authentication

– Privacy

– Authorization & View-based Access Control

– Remote Configuration





35

Internet Management

-Summary



 An application level client program accesses

and controls agents running on devices

 SNMP is the standard TCP/IP network

management protocol that uses 2 conceptual

operation, fetch and store

 A companion standard, MIB, defines the

variables that are maintained by the agents

 MIB variables are described by ASN.1, which

uses a hierarchical namespace to ensure

global uniqueness

36

THANK YOU