Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006, Monash University, Australia CSE4884 Network Design and Management Lecturer: Dr Carlo Kopp, MIEEE, MAIAA, PEng Lecture 19-20 Simple Network Management.

Similar presentations


Presentation on theme: "© 2006, Monash University, Australia CSE4884 Network Design and Management Lecturer: Dr Carlo Kopp, MIEEE, MAIAA, PEng Lecture 19-20 Simple Network Management."— Presentation transcript:

1 © 2006, Monash University, Australia CSE4884 Network Design and Management Lecturer: Dr Carlo Kopp, MIEEE, MAIAA, PEng Lecture Simple Network Management Protocol Family

2 © 2006, Monash University, Australia References and Reading Burke J.R., Network Management; Concepts and Practice, Pearson/Prentice-Hall, 2004 – Ch.2 onward Wikipedia - nt_Protocol nt_Protocol ov04.ppt ov04.ppt Cisco SNMP Command Reference Dcoument - e/ios123/123cgcr/fun_r/cfr_1g11.pdf ; also /snmp.htm e/ios123/123cgcr/fun_r/cfr_1g11.pdf /snmp.htm Request for Comments: 1441; Introduction to version 2 of the Internet-standard Network Management Framework -

3 © 2006, Monash University, Australia Situational Awareness A critical problem for any network manager is maintaining situational awareness about the state of the network. The manager must know at all times what devices are in what state and how this impacts overall network performance and function. With situational awareness the network manager is flying blind and thus is not aware of malfunctions or performance problems as they arise. Network management software tools can provide situational awareness by automating monitoring of networks. SNMP is the most widely used management tool in IP networks.

4 © 2006, Monash University, Australia Network Management Protocols - Background Mid to early 1980s – proprietary network management software, usually designed to be mutually incompatible – Simple Gateway Monitoring Protocol (SGMP) defined in RFC 1028 ; SGMP designed to monitor interface type, status, route type and route protocol in use; implemented to run over UDP.RFC 1028 Common Management Information Protocol (CMIP) defined in ITU X.700 and RFC 1095 as a replacement to SGMP, based on the OSI protocol suite rather than IP; developed in competition with SNMP; more complex than SNMP; not as widely used as SNMP; CMIP over TCP (CMOT) abandoned in 1989.RFC – SNMPv1 recommended standard for IP networks – SNMPv2 introduced; – SNMPv3.

5 © 2006, Monash University, Australia Network Management (Cisco)

6 © 2006, Monash University, Australia SNMP Protocol SNMP was devised to manage network devices. SNMP is literally a simple protocol, which provides a limited command set. SNMP runs a Master Agent server program or daemon as a background process on a network device, or as a foreground task on a simpler network device. The SNMP Master Agent server responds to commands issued by an SNMP client program on a management system. SNMP defines a Management Information Base (MIB) for devices. A MIB is a heirarchical database of objects each of which describes the state of a device.

7 © 2006, Monash University, Australia SNMP Design Aims – IETF RFC 1157 (1) The development cost for management agent software necessary to support the protocol is accordingly reduced. (2) The degree of management function that is remotely supported is accordingly increased, thereby admitting fullest use of internet resources in the management task. (3) The degree of management function that is remotely supported is accordingly increased, thereby imposing the fewest possible restrictions on the form and sophistication of management tools. (4) Simplified sets of management functions are easily understood and used by developers of network management tools. Must be extensible, and device independent.

8 © 2006, Monash University, Australia SNMP Model (Cisco)

9 © 2006, Monash University, Australia SNMP Functions – IETF RFC 1157 The strategy implicit in the SNMP is that the monitoring of network state at any significant level of detail is accomplished primarily by polling for appropriate information on the part of the monitoring center(s). A limited number of unsolicited messages (traps) guide the timing and focus of the polling. Limiting the number of unsolicited messages is consistent with the goal of simplicity and minimizing the amount of traffic generated by the network management function. In plain language, SNMP aims to minimise complexity by using a very simple model for accessing devices, but retains the capability to generate asynchronous traps when important conditions arise.

10 © 2006, Monash University, Australia Limitations of Polling Technique Polling involves a client station periodically interrogating the status of individual devices to collect information. The large the number of devices to be polled, the greater the interval between visits. Polling is acceptable for the monitoring of slow changing events; most network management information is slow changing. The trap mechanism in SNMP is used to handle small numbers of critical events, which cannot wait for the duration of a whole polling cycle.

11 © 2006, Monash University, Australia Four Basic SNMP Operations The Get command is generated by a client to monitor managed devices. Variables that are maintained by managed devices are read back. The Set command is generated by a client to control managed devices. The values of variables stored within managed devices are changed. The Trap command is generated by managed devices; it asynchronously signals events to theclient. When specific events occur, the managed device sends a trap to the client. Traversal operations are used by clients to establish which variables a managed device can support; also to sequentially gather information in variable tables, such as a routing table.

12 © 2006, Monash University, Australia SNMP MIBs (Cisco) A Management Information Base (MIB) is a hierarchically organized collection of information. A MIB comprises managed objects which are identified by object identifiers. managed object - MIB object - an object – MIB – common industry usage of language. Managed objects are scalar or tabular. Scalar objects will define a single instance of an object. Tabular objects will define multiple instances of related objects, grouped in MIB tables. Object identifier / object ID will uniquely identify a managed object in the MIB hierarchy. The MIB hierarchy is tree structured.

13 © 2006, Monash University, Australia SNMP MIBs (Cisco) Top-level MIB object IDs belong to different standards organizations. Lower-level object IDs are allocated by associated organizations. Vendors can define private branches in the MIB tree, which include managed objects for their own products. MIBs that have not been standardized are usually positioned in the experimental branch.

14 © 2006, Monash University, Australia MIB Hierarchy (Cisco)

15 © 2006, Monash University, Australia MIB Hierarchy (Cisco)

16 © 2006, Monash University, Australia SNMP vs Security SNMP has only trivial authentication therefore is vulnerable to unauthorised accesses. SNMP security risks: 1. Masquerading. 2. Modification by unauthorised users. 3. Sequence and timing modification – replaying messages. 4. Disclosure – unauthorised gathering of data. Often Set operations not implemented at expense of utility.

17 © 2006, Monash University, Australia SNMP V1 Messaging (Cisco) Version Number Community Name Identifies PDU type Protocol Data Unit Associates Response with Request Objects and Values Get, GetNext, Response, and Set PDU Format

18 © 2006, Monash University, Australia SNMP V1 Messaging (Cisco) Version Number Community Name Type of managed object generating the trap Protocol Data Unit Objects and Values Trap PDU Format

19 © 2006, Monash University, Australia SNMP V2 Messaging (Cisco) Identifies PDU type Version Number Community Name Protocol Data Unit Associates Response with Request Objects and Values Get, GetNext, Inform, Response, Set, and Trap PDU Format

20 © 2006, Monash University, Australia SNMP PDU (Message) Classes SNMPv3 PDU Class DescriptionSNMPv1 PDUs SNMPv2/SNMPv3 PDUs Read Messages that read management information from a managed device using a polling mechanism. GetRequest-PDU, GetNextRequest-PDU GetRequest-PDU, GetNextRequest-PDU, GetBulkRequest-PDU Write Messages that change management information on a managed device to affect the device's operation. SetRequest-PDU Response Messages sent in response to a previous request. GetResponse-PDUResponse-PDU Notification Messages used by a device to send an interrupt-like notification to an SNMP manager. Trap-PDU Trapv2-PDU, InformRequest-PDU

21 © 2006, Monash University, Australia SNMP MIB Model MIB Objects described in Structure of Management Information Version 2 (SMIv2) format, based on ISO/ITU Abstract Syntax Notation One (ASN.1) syntax.ASN.1 There are a very large number of MIBs defined for specific network devices and entities. Example index is at index.html or index.htmlhttp://www.mibdepot.com/index.shtml Specific MIB entries might be: 1. ADSL-LINE-EXT-MIB 2. ADSL-LINE-EXT-MIB 3. IPV6-ICMP-MIB 4. DIFFSERV-POLICY-MIB

22 © 2006, Monash University, Australia SNMP MIB Model MIBs are often specific or peculiar to particular devices and may include proprietary extensions. An SNMP client must understand the MIBs used by an SNMP agent server. Managing MIBs is an issue in its own right. For instance the mibDepot website hosts ~7300 SNMP MIBs covering ~1,000,000 MIB object definitions.

23 © 2006, Monash University, Australia Example - MG-SOFT MIB Compiler

24 © 2006, Monash University, Australia Example – NuDesign Visual MIBrowser®

25 © 2006, Monash University, Australia RMON: Remote Monitoring MIBs RMON1 and RMON2 MIBs permit monitoring of network traffic. Implemented to support management of LAN segments. RMON1 objects - Statistics, History, Alarm, Host, HostTopN, Matrix, Filters, Packet Capture, Events. RMON2 objects - Protocol Directory, Protocol Distribution, Address mapping, Network Layer host, Network layer matrix, Application layer host, Application layer matrix, Probe configuration. RMON1 or 2 agent usually implemented as a daemon or background task embedded in the firmware of a network device. The SNMP client must access the objects to gather the statistics. Filters

26 © 2006, Monash University, Australia RMON: Remote Monitoring MIBs Javvin Technologies, Inc Image

27 © 2006, Monash University, Australia Example - iReasoning MIB browser

28 © 2006, Monash University, Australia Tutorial Q&A + Discussion


Download ppt "© 2006, Monash University, Australia CSE4884 Network Design and Management Lecturer: Dr Carlo Kopp, MIEEE, MAIAA, PEng Lecture 19-20 Simple Network Management."

Similar presentations


Ads by Google