1. This teaching material is a part of e-Photon/ONe Master study in Optical Communications and Networks Course and module: Author(s): http://www.e-photon-one.org This tutorial is licensed under the Creative Commons creativecommons.org/licenses/by-nc-sa/3.0/ Optical Core Networks Management protocols Barbara Martini, Scuola Superiore Sant’Anna, barbara.martini@cnit.it Fabio Baroncelli, Scuola Superiore Sant’Anna, fabio.baroncelli@cnit.it

2. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 2 ( 63 ) Outline Basic foundations of Network Management:  Overview on Management classification  Motivation for Network Management  Management paradigm  Terminology and Basic Concept  Standardization activity  Description on the Management Information  Simple Network Management Protocol (SNMP)

3. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 3 ( 63 ) Management Classification (1) Provider structure (processes, services, policies) Applications data Service management Information management WorkstationHostPCPrinter System management Communication Network (hub, bridge, router, multiplexer,switch) Network management

4. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 4 ( 63 ) Management Classification (2) LAN MAN WAN Network management: Backbone network (WAN,MAN) Local Area Network (LAN) Information & System Management ISP Service Management LAN

5. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 5 ( 63 ) The importance of Network management: use case PDH/SDH MUX PCM E3/E1 Ethernet ATM SDH/WDM FDDI Application TCP IP LAN Eth Application TCP IP LAN FDDI Data Server User Low performance Throughput reduction E3 E1 64kbps Sinchronism loss on E3 frame 34Mbps

6. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 6 ( 63 ) Network management: basic concept Support for: Remote investigation Real-time supervision Automatic data processing Planning future evolution WAN/MAN LAN GUI

7. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 7 ( 63 ) Management Activity Loop Monitor status and receive event reports Interpret policy and make decisions Perform management operations

8. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 8 ( 63 ) Network Management definition Network management is a service that employs a variety of tools, applications, and devices to assist human network managers in the control and maintenance of a network. Network management includes the deployment, integration and coordination of the hardware, software and human elements to monitor, test, poll, configure, analyze, evaluate the network resources to meet the real-time, operational performance and QoS requirements at a reasonable cost. The combination of hardware and software used to monitor and administer a network is called Network Management System (NMS)

9. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 9 ( 63 ) Management System Requirements (1) Guarantee the availability of the newtork operation Service maintenance (availability, response time) need to face with technological changes Security of the services through the control of security components Human mistake prevention and bottleneck identification/recovery Automatic or semiautomatic reaction on operation anomalies: Real-time configuration modification in case of error Activation of redundant components in case of error Dynamic reactions to changes on the network and environment: Changes regarding applications, users, components, services or fees Dynamic adaptation of the available transmission bandwidth according to request originated by the management system

10. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 10 ( 63 ) Management System Requirements (2) Network control: Collection and (compressed) representation of relevant network information Definition and maintenance of a database of network configurations When applicable, centralization of the control over peripherals and implemented functions (central management console) Integration of management procedures on heterogeneous environment Improvement of network administrators work conditions: Identify and implement gradual automation of management functions Good integration of tools into the existing operational sequences Progress through standardization: transition of existing, often proprietary, solutions in a standardized environment

11. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 11 ( 63 ) Functional Areas (OSI Management) Fault Management Configuration management Performance management Security management Accounting Management

12. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 12 ( 63 ) Managed Object (1) Managed Object Management System Warning: telephone equipment is operational but no voice is heard Real telephone sees  Control, co-ordination and monitoring of network resources take place via the manipulation from Managed Objects (MO)s  MO are an abstract representation of a network resource, both physical and logical  The boundary of a management object specifies which details are accessible to a management system and which ones are shielded (black box) Push button receiver line represented as Attributes Operations Behaviour Notifications

13. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 13 ( 63 ) Managed Object (2) Attributes: describe the state/condition of managed objects can change when the condition of the real object changes can be manipulated by means of management operation Operations: make it possible to access a managed object. the number and type of operation influence the object performance and complexity Behavior: determines the semantics and interaction with the real resources is normally defined using text in plain English Notifications the quantity and type of the messages, which can be generated by predefined situations by a managed object when specific situation occur

14. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 14 ( 63 ) Managed Object (3) “A managed object is the abstracted view of a resource that present its properties as seen by (and for the purpose of) management (ISO 7498-4)” A managed object may represent a relationship between several resources. Multiple managed objects may represent a single resources to provide different abstract view of the resource for different management purpose. Managed objects do not necessarily correspond to objects, as one knows from object-oriented programming. ! Simple variables correspond to the MOs in the Internet Management

15. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 15 ( 63 ) Manager-Agent paradigm Agent Manager Management Interface Management Communication protocol Network Management System operation (get,set) notification MO Managed Device MO int’l object

16. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 16 ( 63 ) Agent role Implements the MOs by accessing the real resources Receives requests from a manager, processes them and transmits appropriate responses Dispatches notifications about important changes in the MOs Protects MOs against unauthorized accesses using access control rules and communication authentication with the partner

17. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 17 ( 63 ) Manager role Exercises control: it controls functions hence it is the crucial instance Starts up management operations by appropriate protocol operations for the manipulation of MOs Receives messages from agents and passes them (for handling) to appropriate applications

18. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 18 ( 63 ) Management Protocol Implements access to distant managed objects by encoding management data that is then secure during the transfer Several protocols can be used for the implementation of the defined services The service primitive and the appropriate protocols operations influence considerably the efficiency and the complexity of the management system Mngm Prot Manager Agent Algorithm for the solution of management problem MOs OSI layer 7 Communication protocol CMIP, SNMP

19. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 19 ( 63 ) Management Information Base (MIB) The collection of MOs is stored in a specific data base, called Management Information Base (MIB) A MIB should be known both to the agent and the manager It represents a sort of “shared knowledge” of network resources MO Management Information Base (MIB) MIB

20. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 20 ( 63 ) Management Information Structure Structure of the management information: Defines the rules of the description of Managed Objects Identification and designation of MOs Composition of MOs Behaviour of MOs Relations to other MOs Possible operations and internal messages of the MOs Definition of the datatypes, structure and syntax for the description of the MOs The quantity of the descriptions of MOs in accordance with these rules defines the Management Information Base (MIB)

21. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 21 ( 63 ) Network Management Architecture Network Management System Manager Agent Managed Devices Managed Network MIB Management Protocol NMS Management Data

22. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 22 ( 63 ) Management Network The management network is to be considered a logically separated network from data network Management Network Management Interface Data Network Management Data

23. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 23 ( 63 ) Target of the Current Developments  Implementation of integrated management systems which cover all the requirements for the management of heterogeneous networks and systems  Good expandiblity and adaptability to the local network environment  Good support during the automation of management flows and conversion of management guidelines  Protection of the management against attacks of unauthorized people  Scalability of both the size of the network and increasing demanding requests of the management systems  Open interfaces to the existing infrastructure and their integration into operational sequences.

24. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 24 ( 63 ) Infrastructure for network management Managed Device MIB Management Information Base (MIB) Managed Device Agent Manager Network Management Protocol Network Management System Managed devices represented as a set of managed objects whose data is gathered into a MIB Management Interface

25. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 25 ( 63 ) Management of the Internet  "Internet" refers to a set of devices that  is logically linked together by a globally unique address space based on the Internet Protocol (IP)  is able to support communications using the Transmission Control Protocol/Internet Protocol (TCP/IP) suite  These devices contain information (like parameters and statistics) that need to be managed about their:  Configuration  Running conditions  Health  neighborhoods

26. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 26 ( 63 ) Network Browser Packet Router Packet Router Packet Route Webserver Software Router The global Internet has thousands of networks Management of the Internet

27. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 27 ( 63 ) Requirements  Measurement tools to quickly, accurately and automatically identify Internet communication problems  A common network management model for managing the TCP/IP protocols and the Internet devices as well

28. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 28 ( 63 ) Why is internet management so important?  End users & network managers should be able to identify & track internet problems  End users need to verify the service level agreement (SLA) stipulated with the Internet Service Provider (ISP)  The ISP should be able to set expectations:  Deciding which links need upgrading  Deciding where to place network devices (e.g., routers)  Forecast how well an application (e.g., VoIP) will work

29. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 29 ( 63 ) Why is internet management so difficult?  Internet's evolution is a composition of independently developed and deployed protocols, technologies, and core applications  The phone connection oriented model (Poisson distributions of session length etc.) does not work for Internet traffic  Internet management is not in the priority list of the vendors:  Resources/skill focus on more interesting an profitable issues  Tools lacking or inadequate  Implementations poor & not fully tested with new releases  For privacy issues, the ISPs worried about providing access to their core network making results public

30. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 30 ( 63 ) LAN vs WAN  Managing the LAN  Network admin has control so:  Can read information from devices  Can passively sniff traffic (e.g., using Ethereal)  Know the routes between devices (manually for small networks, automated for large networks)  Managing the WAN  No admin control, unless you are an ISP  Can’t read information out of routers  May not be able to sniff/trace traffic due to privacy/security concerns  Don’t know route details between points

31. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 31 ( 63 ) Passive vs. Active Traffic Monitoring  Active Monitoring  Injects extra artificial traffic  provides explicit control on the generation of packets for measurement scenarios  testing what you want, when you need it  Passive Monitoring  does not inject extra traffic, measures real traffic parameters using:  Probe Devices that capture/watch packets as they pass (e.g., Router, switch, sniffer)  Network device that records network status information  Generally we use both approaches, e.g. start active measurement and look at passively

32. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 32 ( 63 ) Active Monitoring tools: examples  Ping = for monitoring the destination reachability  Traceroute = for tracing a path  Pingroute = Combines ping & traceroute,  Pathchar, Pipechar/abing = for path characterization  Iperf = for measuring the network throughput Ping Traceroute Source Destination

33. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 33 ( 63 ) Passive Monitoring tools  Hardware probes = (e.g., Sniffer, NetScout) can be stand- alone or remotely access from a central management station  Software probes = (e.g., snoop, tcpdump)  Flow measurement = (e.g., netramet, Netflow)

34. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 34 ( 63 ) The ICMP Protocol  Internet Control Message Protocol (ICMP), documented in RFC 792, is a protocol that uses IP for out-of-band messages related to network operation  Since ICMP uses IP, ICMP packet delivery is unreliable, so hosts cannot count on receiving ICMP packets for any network problem. Some of ICMP's functions are to:  Announce network errors, such as a host unreachable due to any failure.  Announce network congestion. When a router begins buffering too many packets, due to an inability to transmit them as fast as they are being received, it will generate ICMP Source Quench messages. Directed at the sender, these messages should cause the rate of packet transmission to be slowed.  Assist Troubleshooting. ICMP supports an Echo function, which just sends a packet on a round-trip between two hosts. Ping, a common network management tool, is based on this feature. Ping will transmit a series of packets, measuring average round-trip times and computing loss percentages.  Announce Timeouts. If an IP packet's TTL field drops to zero, the router discarding the packet will often generate an ICMP packet announcing this fact.

35. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 35 ( 63 ) Ping  Ping is common network management tool based on ICMP:  Client sends ICMP echo request, server sends reply  Client measures average round-trip times and computes loss percentages  Client can specify the number of data bytes transmitted, can puts timestamp in data bytes and can compares timestamp with time when echo comes back

36. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 36 ( 63 ) Ping (2) “Host Unreachable” Error Message Router “Echo” “Echo Reply” ICMP MessageIP Header

37. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 37 ( 63 ) Ping example syrup:/home$ ping -n 6 thumper.bellcore.com PING thumper.bellcore.com (128.96.41.1): 64 data bytes 72 bytes from 128.96.41.1: icmp_seq=0 ttl=240 time=641.8 ms 72 bytes from 128.96.41.1: icmp_seq=2 ttl=240 time=1072.7 ms 72 bytes from 128.96.41.1: icmp_seq=3 ttl=240 time=1447.4 ms 72 bytes from 128.96.41.1: icmp_seq=4 ttl=240 time=758.5 ms 72 bytes from 128.96.41.1: icmp_seq=5 ttl=240 time=482.1 ms --- thumper.bellcore.com ping statistics --- 6 packets transmitted, 5 packets received, 16% packet loss round-trip min/avg/max = 482.1/880.5/1447.4 ms Repeat count Remote host Summary

38. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 38 ( 63 )  Traceroute is an ICMP utility that traces a packet from local to a remote host, showing how many hops the packet requires to reach the remote host and how long each hop takes.  If you're visiting a Web site and pages are appearing slowly, you can use traceroute to figure out where the longest delays are occurring.  TraceRoute maps network routes by sending packets with small Time-to- Live (TTL) values and watching the ICMP timeout announcements. Traceroute

39. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 39 ( 63 ) 17cottrell@flora06:~>traceroute -m 20 lhr.comsats.net.pk traceroute to lhr.comsats.net.pk (210.56.16.10), 20 hops max, 40 byte packets 1 RTR-CORE1.SLAC.Stanford.EDU (134.79.19.2) 0.642 ms 2 RTR-MSFC-DMZ.SLAC.Stanford.EDU (134.79.135.21) 0.616 ms 3 ESNET-A-GATEWAY.SLAC.Stanford.EDU (192.68.191.66) 0.716 ms 4 snv-slac.es.net (134.55.208.30) 1.377 ms 5 nyc-snv.es.net (134.55.205.22) 75.536 ms 6 nynap-nyc.es.net (134.55.208.146) 80.629 ms 7 gin-nyy-bbl.teleglobe.net (192.157.69.33) 154.742 ms 8 if-1-0-1.bb5.NewYork.Teleglobe.net (207.45.223.5) 137.403 ms 9 if-12-0-0.bb6.NewYork.Teleglobe.net (207.45.221.72) 135.850 ms 10 207.45.205.18 (207.45.205.18) 128.648 ms 11 210.56.31.94 (210.56.31.94) 762.150 ms 12 islamabad-gw2.comsats.net.pk (210.56.8.4) 751.851 ms 13 * 14 lhr.comsats.net.pk (210.56.16.10) 827.301 ms Max hopsRemote host No response: Lost packet or router ignores Traceroute example

40. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 40 ( 63 ) Pingroute  Pingroute = Ping + Traceroute  It runs traceroute, then ping each founded router n times  Pingroute helps identify the route where the problem starts to occur

41. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 41 ( 63 ) Path characterization Pathchar  sends multiple packets of varying sizes to each router along route  measures minimum response time  plot min RTT vs packet size to get bandwidth  calculate differences to get individual hop characteristics  measures for each hop: BW, queuing, delay/hop  can take a long time Pipechar/abing  Also sends back-to-back packets and measures separation on return  Much faster  Finds bottleneck Bottleneck Min spacing At bottleneck Spacing preserved On higher speed links

42. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 42 ( 63 ) Iperf Iperf measures the network throughput  Client generates & sends UDP or TCP packets  Server receives receives packets  Can select port, maximum window size, port, duration, Mbytes to send etc.  Client/server communicate packets seen etc.  Reports on throughput  Requires sever to be installed at remote site, i.e. friendly administrators or logon account and password

43. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 43 ( 63 ) Iperf example 25cottrell@flora06:~>iperf -p 5008 -w 512K -P 3 -c sunstats.cern.ch ------------------------------------------------------------ Client connecting to sunstats.cern.ch, TCP port 5008 TCP window size: 512 KByte ------------------------------------------------------------ [ 6] local 134.79.16.101 port 57582 connected with 192.65.185.20 port 5008 [ 5] local 134.79.16.101 port 57581 connected with 192.65.185.20 port 5008 [ 4] local 134.79.16.101 port 57580 connected with 192.65.185.20 port 5008 [ ID] Interval Transfer Bandwidth [ 4] 0.0-10.3 sec 19.6 MBytes 15.3 Mbits/sec [ 5] 0.0-10.3 sec 19.6 MBytes 15.3 Mbits/sec [ 6] 0.0-10.3 sec 19.7 MBytes 15.3 Mbits/sec Total throughput =3*15.3Mbits/s = 45.9Mbits/s TCP port Max window size 3 parallel streams Remote host

44. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 44 ( 63 ) Questions  OK the monitoring of the traffic but… how about the management of the network devices?

45. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 45 ( 63 ) The fundamental of internet management  Internet Architecture Board (IAB) released RFC 1052 entitled "IAB Recommendations for the Development of Internet Network Management Standards" in April 1988.  This RFC explains that the network management must :  Be as large as possible.  Have the wider diversity of implementation as possible.  Have the wider diversity of administration/management as possible.  Cover as many protocol layer as possible.

46. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 46 ( 63 ) The SNMP  The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices.  SNMP is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite.  Nowadays SNMP is not limited to TCP/IP devices  SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.

47. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 47 ( 63 ) SNMP RFCs The following RFCs are the first documents dealing with SNMP published in 1988 :  RFC 1065 - Structure and Identification of Management Information for TCP/IP-based internets  RFC 1066 - Management Information Base for Network Management of TCP/IP-based internets  RFC 1067 - A Simple Network Management Protocol (SNMP)

48. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 48 ( 63 ) SNMP nodes An SNMP nodes is a device of an SNMP managed network. There are different types of SNMP nodes:  Managed nodes = Typically runs an agent process that services requests from a management node  Management nodes = Typically a workstation running some network management & monitoring software  Not manageable nodes = A node may not support SNMP, but may be manageable by SNMP through a proxy agent running on another machine Nodes can be both managed nodes and a management node at the same time

49. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 49 ( 63 ) SNMP Components  SNMP agent is a software that runs on network nodes (host, router, printer, or others) and that maintains information in a database about its configuration and current state  Management Information Bases (MIBs) is the database of the managed information  An SNMP manager is an application program that contacts an SNMP agent to query or modify the database at the agent.  SNMP protocol is the application layer protocol used by SNMP agents and managers to send and receive data.

50. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 50 ( 63 ) SNMP Components MIB

51. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 51 ( 63 ) SNMP Manager-Agent interaction MANAGER UDP IP ETHERNET AGENT UDP IP ETHERNET SNMP MESSAGES MIB

52. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 52 ( 63 ) Ports & UDP  SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages  Like FTP, SNMP uses two standard ports to operate:  UDP Port 161 - SNMP Messages  UDP Port 162 - SNMP Trap Messages Ethernet Frame IP Packet UDP Datagram SNMP Message CRC

53. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 53 ( 63 ) Advantages of using SNMP  Standardized  Universally supported  Extendible  Portable  Allows distributed management access  Lightweight protocol

54. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 54 ( 63 ) SNMP and Functional Areas of Network Management  Configuration Management - inventory, configuration, provisioning  Fault Management - reactive and proactive network fault management  Performance Management - # of packets dropped, timeouts, collisions, CRC errors  Security Management – configuration of security policy  Accounting Management - cost management and chargeback assessment  Asset Management - statistics of equipment, facility, and administration personnel  Planning Management - analysis of trends to help justify a network upgrade or bandwidth increase

55. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 55 ( 63 ) SNMP supporting languages  Abstract Syntax Notation One (ASN.1) = It is used to define the format (syntax) of SNMP messages and managed objects (MIB modules) using an unambiguous data description format  Structure of Management Information (SMI) = It defines the rules for describing management information, using ASN.1. specifies the format used for defining managed objects that are accessed via the SNMP protocol  Basic Encoding Rules (BER) = It is used to encode the SNMP messages into a format suitable for transmission across a network

56. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 56 ( 63 ) SNMP Protocol Stack

57. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 57 ( 63 ) SNMP Basic Commands  Managed devices are monitored and controlled using four basic SNMP commands:  The Get command is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices.  The Set command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices.  The Trap command is used by managed devices to asynchronously report events to the NMS. When certain types of events occur, a managed device sends a trap to the NMS.  Traversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables, such as a routing table.

58. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 58 ( 63 ) SNMP versions Three versions of SNMP exist:  SNMP version 1 (SNMPv1) 1990  SNMP version 2 (SNMPv2) 1996 = same features of SNMPv1 but it offers enhancements, such as additional protocol operations.  SNMP version 3 (SNMPv3) 2002 = augments the original SNMPv1 and the SNMPv2 specifications with additional security and administration capabilities.  All versions are still used today  Many SNMP agents and managers support all three versions of the protocol.

59. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 59 ( 63 ) SNMPv1  SNMP version 1 (SNMPv1) is the initial implementation of the SNMP protocol.  It is described in RFC 1157 and functions within the specifications of the Structure of Management Information (SMI).  SNMPv1 operates over protocols such as User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless Network Service (CLNS), AppleTalk Datagram-Delivery Protocol (DDP), and Novell Internet Packet Exchange (IPX).  SNMPv1 is widely used and is the de facto network- management protocol in the Internet community.

60. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 60 ( 63 ) SNMPv1 limitations  Authentication is inadequate:  Password (community string) placed in clear in SNMP messages  MIB variables must be polled separately, i.e. entire MIB cannot be fetched with single command  SNMPv2 and v3 attempt to address these and other limitations  Despite limitations, SNMP has been a huge success  Provides device and link utilization (byte, packets) and errors  Lot of facilities/tools built around SNMP to provide reports for sites

61. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 61 ( 63 ) SNMPv2  SNMP version 2 (SNMPv2) is an evolution of the initial version, SNMPv1.  As with SNMPv1, SNMPv2 functions within the specifications of the Structure of Management Information (SMI).  SNMPv2 offers a number of improvements to SNMPv1, including additional protocol operations.

62. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 62 ( 63 ) SNMPv3  The new features of SNMPv3 include:  Security  Authentication  Privacy authorisation  Access control  Administrative Framework  naming of entities people and policies  user names and key management notification destinations  proxy relationships remotely configurable via SNMP operations

63. Authors: Fabio Baroncelli, Barbara Martini Course: Optical Core Networks Module: Management Protocols Revision 11/2/2008 63 ( 63 ) SNMP Interoperability  SNMPv2 is incompatible with SNMPv1 in two key areas:  message formats  protocol operations  SNMPv2 messages use different header and protocol data unit (PDU) formats than SNMPv1 messages.  SNMPv2 also uses two protocol operations that are not specified in SNMPv1.  RFC 1908 defines two possible SNMPv1/v2 coexistence strategies: proxy agents and bilingual network-management systems.