CS 453 Computer Networks Lecture 22 Network Management

We have discussed a lot of network examples that have a very small number of hosts, routers, switches and links …but in the real world networks can have thousands of devices and links, and span cities, countries, continents, and the globe In many important ways, networks are the life blood of many organizations and critically important to individuals

Network Management A network that does not run reliably, stably and efficiently can have devastating consequences… Imagine a network failure for an airlines operations system… …or the Air Traffic control system… …or the electric power grid

Network Management This becomes more and more important with network delivered services like VoIP Streaming video On-demand Hi-Res video/audio Collaboration and video conferencing

Network Management Bottom line- We need to monitor, manage, Troubleshoot Repair Networks and do this very well

Network Management Some network management activities Detecting an interface or component failure Monitor hosts on the network Traffic monitoring and resource deployment Recognizing frequent changes in router tables Setting standards for SLAs Intrusion detection and other security threats

Network Management International Standards Organization’s Five Areas of Network Management Performance Management Quantify, measure, track, analyze and control network performance Fault management Identify, log and respond to faults in a network Like performance management, but short-term specific problem focused

Network Management International Standards Organization’s Five Areas of Network Management Configuration management How are network devices configured …and keeping track of these configurations Accounting Tracking resource utilization Quota management, usage charges, resource access Security management Monitoring and managing network (and related) access in accordance with defined policies

Network Management Network Management Architecture –very high level Managing entity Network administrator/network management workstation NOC (most likely) Managed devices Routers, switches, hosts, hubs, printers, etc. MIB – Management Information Base (more on this…) Network management protocol A well defined protocol for communications and control between managing entities and managed devices

Network Management Network Management Architecture –very high level From:

Network Management Network management protocol There are several, notably… OSI –Common Management Information Services Element/Common Management Information Protocol (CMISE/CMIP) Simple Network Management Protocol – SNMP For IP networks

Network Management MIB – Management Information Base Collections of discrete and organized pieces of information about managed devices Sort of a virtual database …to be collected from managed devices by managing entities… …usually as needed

Network Management MIB – made up of MIB objects MIB objects are the information elements maintained by managed devices MIB tables – MIB objects with recurrent or multiple instances of data elements MIB modules – groupings of related MIB objects

Network Management Each type of managed object has its own set of MIB objects MIB objects are defined by a data definition language – Structure of Management Information – SMI Subset of ANS.1 - abstract syntax notation 1

Network Management Object descriptors

Network Management SMI has several constructs OBJECT-TYPE Defines objects MODULE-IDENTITY Defines modules of objects NOTIFICATION-TYPE Defines the kinds of messages that agents generate MODULE-COMPLIANCE Defines the set of objects that must be defined within a module AGENT-CAPABILITIES Defines agents cabilities regarding object and event notifications

Network Management SMI basic data types INTEGER – 32 bit integers or list of named constants INTEGER32 – 32 bit integers Unsigned32 – 32 bit unsigned integer OCTET STRING – byte string up to 65K bytes long OBJECT IDENTIFER – defined structure name IPaddress – 32 bit IP address in network byte order Counter32 – 32 bit modulo 2 32 counter Counter64 – 64 bit modulo 2 64 counter Gauge32 – counter with limit TimeTicks – Time in 1/100 seconds Opaque – uninterrupted string

Network Management SMI object definition ipInDelievers OBJECT-TYPE SYNTAXCounter32 MAX-ACCESSread-only STATUScurrent Descriptions “IP datagrams delivered” ::={ ip 9 }

Network Management IETF – has developed many MIB object definitions Network vendors develop their own MIB object definitions There are 100s of MIB objects

Network Management SNMPv1 Simple objects, simple protocol, MIB tables SNMPv2 Modules SNMPv3 Message integrity Source authenication encryption

Network Management SMI basic data types INTEGER – 32 bit integers or list of named constants INTEGER32 – 32 bit integers Unsigned32 – 32 bit unsigned integer OCTET STRING – byte string up to 65K bytes long OBJECT IDENTIFER – defined structure name IPaddress – 32 bit IP address in network byte order Counter32 – 32 bit modulo 2 32 counter Counter64 – 64 bit modulo 2 64 counter Gauge32 – counter with limit TimeTicks – Time in 1/100 seconds Opaque – uninterrupted string

Network Management Example – managed objects in MIB-2 system group NameData typeDescription (RFC 1213) sysDescrOCTET STRINGName & version of system hw, OS, Network software sysObjectIDOBJECT IDENTIFER ID – kind of box it is sysUpTimeTimeTicksTime since last reboot sysContactOCTET STRINGWho manages this thing sysNameOCTET STRINGAssigned name for this device sysLocationOCTET STRINGPhysical location for this device sysServicesInteger32Code for services available

Network Management Example – managed objects in MIB-2 udp module NameData typeDescription (RFC 1213) udpInDatagramsCounter32UDP datagrams delivered udpNoPortsCounter32Number of received datagram where there was no app assigned to port udpInErrorsCounter32No. of received datagrams that could not be delivered udpOutDatagramsNo. of datagrams sent from this device udpTableSequence of udpEntry Sequence of udpEntry objects – port open by an application

Network Management Two more PDUs in SNMPv2 GET BULK REQUEST – iterative GET REQUEST (from manager to agent) INFORM – an acknowledged trap NOTIFY – event notification – same as trap, added in SNMPv2

Network Management SNMPv2 PDU From: PDU type—Identifies the type of PDU transmitted (Get, GetNext, Inform, Response, Set, or Trap). Request ID—Associates SNMP requests with responses. Error status—Indicates one of a number of errors and error types. Only the response operation sets this field. Other operations set this field to zero. Error index—Associates an error with a particular object instance. Only the response operation sets this field. Other operations set this field to zero. Variable bindings—Serves as the data field of the SNMPv2 PDU. Each variable binding associates a particular object instance with its current value (with the exception of Get and GetNext requests, for which the value is ignored).

Network Management SNMPv1 Trap PDU From: Enterprise—Identifies the type of managed object generating the trap. Agent address—Provides the address of the managed object generating the trap. Generic trap type—Indicates one of a number of generic trap types. Specific trap code—Indicates one of a number of specific trap codes. Time stamp—Provides the amount of time that has elapsed between the last network reinitialization and generation of the trap. Variable bindings—The data field of the SNMPv1 Trap PDU. Each variable binding associates a particular object instance with its current value.

Network Management

More things to see TCP/IP