37
1 CHAPTER 30 Internet Management Albert 30.1, 2, 3 Yifan 30.4, 5, 6, 7 Jianxin 30.8 Huaidong 30.9 Lai Yee 30.10 Daniel 30.11, 12, 13
| Date post: | 11-Jan-2016 |
| Category: |
Documents |
| Upload: | grace-sutton |
| View: | 212 times |
| Download: | 0 times |
1
CHAPTER 30Internet Management
Albert 30.1, 2, 3
Yifan 30.4, 5, 6, 7
Jianxin 30.8
Huaidong 30.9
Lai Yee 30.10
Daniel 30.11, 12, 13
2
Internet Management
Activities in Internet management:
Debug problems Control routing Find computer that violate protocol standard
3
Network Management
Originally, many wide area networks included management protocols as part of their link level protocols.
Advantage:
Managers were often able to control switches even if higher level protocols failed.
4
Internet management differs from network management
A single manager can control heterogeneous devices including IP routers, bridges, modems, work-stations, and printers.
The controlled entities may not share a common link level protocol.
The set of machines a manager controls may lie at arbitrary points in an internet.
5
Internet management operates at the application level
Advantages:• One set of protocol can be used for all networks.• Same protocols can be used for all managed devices.• A manager can control the routers across an entire
TCP/IP internet without having direct attached to every physical network or router.
Disadvantage:• If the operating system, IP software, or transport
protocol software does not work correctly, the manager may not be able to contact a router that needs managing.
6
Architectural Model
7
Architectural Model
• Client software usually runs on the manager’s workstation.
• Each participating router or host runs a server program called management agent.
• Most managers only control devices at their local sites; a large site may have multiple managers.
Internet management software uses an authentication mechanism to ensure only authorized managers can access or control a particular device.
8
Protocol Framework It’s all about management information!
SNMP How to exchange?
MIB How to store and operate?
SMI How to define and identify?
ASN. 1 Formal notation used by SMI.
9
SNMP v3 – how to communicate?
Stands for Simple Network Management Protocol version 3
A standard Network Management Protocol
Defines:- message format, form of names and
addresses- how to use transport protocol- set of operations and their meaning- approach is minimalistic
10
MIB – How about data? Stands for Management Information Base Defines:
- What data should be kept for the manager?- What operations are allowed on these data?- Categories of data - Variables in each category
MIB definition is independent of the network management protocol.
- All managed devices speaks the same language (MIB)
11
__MIB category includes informationabout________
system The host or router operating system
interfaces Individual network interfaces
at Address translation (e.g. ARP)
ip Internet protocol software
icmp Internet Control Protocol software
tcp Tansmission Control Protocol software
udp User datagram Protocol software
ospf Open shortest path first software
bgp Border Gateway Protocol software
rmon Remote network monitoring
rip-2 Routing Information Protocol software
dns Domain Name System software
12
MIB Variable Category Meaning______________
sysUptime system Time since last reboot
ifNumber interfaces Number of network interface
ifMTU interfaces MTU for a particular interface
ipDefaultTTL ip Value IP uses in TTL field
ipInReceives ip Number of datagrams received
ipForwdatagrams ip Number of datagrams forwarded
ipOutNoroutes ip Number of routing failures
ipReasmOKs ip Number of datagrams reassembled
ipFragOKs ip Number of datagrams fragmented
ipRoutingTable ip IP routing table
icmpInEchos icmp # of ICMP echo requests received
tcpRtoMin tcp Min retransmision time TCP allows
tcpMaxConn tcp Max TCP connection allowed
tcpInSegs tcp # of segments TCP has received
udpInDatagrams udp # of UDP datagrams received
13
MIB variables
Each variable can be stored as
- A single integer
- A complex structure
e.g., an entire Routing Table
Also defines table entries. Presentation only has logical meaning.
- Router may use different internal data structures
14
SMI – rules to define and identify variables
Stands for Structure of Management Information
Specifies:
- What variable types are allowed?
- What naming rules should be followed?
- How to refer to the tables of values?
e.g., the IP routing table
15
ASN. 1 – a formal notation used by SMI
Stands for ISO’s Abstract Syntax Notation 1 A formal notation of defining variable names
and types
- In documents: human can read
- In communication: compact encoded representation
Benefits:
- Makes the form and contents of variables unambiguous.
- Simplifies the implementation of protocols
- guarantees interoperability
16
30.8 Structure And Representation Of MIB Object Names --- Jianxin
Object Identifier Namespace:
1. Names used for MIB variables are taken from the object identifier namespace administered by ISO and ITU.
2. The object identifier namespace is absolute, meaning that names are structured to make them globally unique.
17
Hierarchy of namespace
The root of the object identifier hierarchy is unnamed.
It has three direct descendants managed by: ISO ITU jointly by ISO and ITU
The descendants are assigned both short text strings and integers.
ISO has allocated one subtree for use by other national or international standards organizations.
18
19
Name an object and MIB categories
The name of an object in the hierarchy is the sequence of numeric labels on the nodes along a path from the root to the object.
The sequence is written with periods separating the individual components.
example: 1.3.6.1.2 --- denotes the node ‘mgmt’
The MIB groups variables into categories, each category is the sub-tree of the ‘mib’ node of the object identifier namespace.
20
21
Simple category naming examples
The category labeled ip has been assigned the value 4.
The names of all MIB variables corresponding to ip have an identifier that begins with the prefix:
1.3.6.1.2.1.4
The textual label would be:
iso.org.dod.internet.mgmt.mib.ip When network management protocols use names of
MIB variables in messages, each name has a suffix appended. For simple variables, the suffix is 0.
22
Complex example
How about the variable ipAddrTable A list of the IP addresses for each network
interface It’s a sub-tree under ip node, with prefix:
iso.org.dod.internet.mgmt.mib.ip.ipAddrTable
How to represent such data structures. MIB defines a uniform, virtual interface to
access data
23
ipAddrTable can be defined as:
ipAddrTable ::= SEQUENCE OF IpAddrEntry
Each entry in the array is defined by five fields:
IpAddrEntry ::= SEQUENCE {
ipAdEntAddr IpAddress,
ipAdEntIfIndex INTEGER,
ipAdEntNetMask IpAddress,
ipAdEntBcastAddr IpAddress,
ipAdEntReasmMaxSize
INTEGER(0..65535) }
24
Assign numeric values to entry and each item of the entry:
ipAddrEntry {ipAddrTable 1}
ipAdEntNetMask{ipAddrEntry 3} Use a suffix appended onto the name to
select a specific element in the table, not the index.
suffix = IP address
variable name.IP address
25
Simple Network Management Protocol (SNMP)
Huaidong Meng
Instructor: Dr. Sharon Hall
26
Simple Network Management protocol
Network Management protocol:– specify communication between client
program a network manager invoked and server program executing on a host or router.
– which defines the form and meaning of message exchanged
– representation of names and values of message
– define administrative relationships among routers between managed.
27
Network Management Protocol
Allow the manager– Reboot the system– Add or delete the router– Disable or enable a particular network interface– Remove cached address binding
The main disadvantage: the resulting complexity– For example, the command to delete a routing
table entry differs from the command to disable an interface.
28
SNMP takes an interesting alternative approach to network management
casts all operations in a fetch-store paradigm, instead of defining a large set of commands: – Stability
• Its definition remains fixed.
– Simple to implement, understand, and debug• It avoids the complexity of having special cases
for each command.
– Flexible• Accommodate arbitrary commands in an elegant
framework
29
SNMP commands get-request fetch a value from a specific
variable get-next-request fetch a value without
knowing its exact name get bulk-request fetch a large volume of data
Response a response to any of above request
set-request store a value in a specific variable
inform-request reference to a third-party data
snmpv2-trap reply triggered by an event
Report undefined at present
30
Searching Table Using Names get-next-request
– Allows a client to iterate through a table by supplies a prefix of a valid object identifier, without knowing how many items the table contains.
– The server returns a network mask field of the first entry in ipAddrTable, and the client uses the full object identifier returned by the server to request the next item in the table.
– See page 566 for the example
31
SNMP Message Format
SNMPv3Message ::=
SEQUENCE {
msgVersion INTEGER (0..2147483647),
msgGlobalData HeaderData,
msgSecurityParameters OCTET STRING,
msgData ScopedPduData
}
32
Definition of SNMP HeaderData
HeaderData ::= SEQUENCE {
msgID INTEGER (0..2147483647)
msgMaxSize INTEGER (484..2147483647)
msgFlags OCTET STRING (SIZE(1))
msgSecurityModel INTEGER (1..2147483647)
}
33
Definition of SNMP PDU
PDU ::=
CHOICE {
get-request
get-next-request
get-bulk-request
response
set-request
inform request
snmpV2-trap
report
}
34
Internet Management-Example Encoded SNMP Message
Figure 30.11 contains an encoded get-request message for data item sysDescr
Each term used is further defined until it can be defined by primitive data type, e.g. integer, string. -Let’s compare the message with the specified format
Hence, the encoded items have variable-length fields
35
Internet Management-New Features In SNMPv3
Scope: Security and administration Goal: generality, flexibility and ease of admin. Example new features
– Message Authentication– Privacy– Authorization & View-based Access Control– Remote Configuration
36
Internet Management-Summary
An application level client program accesses and controls agents running on devices
SNMP is the standard TCP/IP network management protocol that uses 2 conceptual operation, fetch and store
A companion standard, MIB, defines the variables that are maintained by the agents
MIB variables are described by ASN.1, which uses a hierarchical namespace to ensure global uniqueness
THANK YOU
