1. Optical Core Networks Management protocols
Place for logos of authors’ institutions
Optical Core Networks Management protocols
Barbara Martini, Scuola Superiore Sant’Anna,
Fabio Baroncelli, Scuola Superiore Sant’Anna,

2. Outline Basic foundations of Network Management:
Overview on Management classification
Motivation for Network Management
Management paradigm
Terminology and Basic Concept
Standardization activity
Description on the Management Information
Simple Network Management Protocol (SNMP)
Revision: date

3. Management Classification (1)
Provider structure
(processes, services, policies)
Service management
Applications
Applications
Applications
Information management
data
data
System management
From a technical point of view, we have 4 management concepts/category.
They represents different aspects of the ICT management and are actually closely tied/related.
The term Service Management is responsible for service delivery, such as order management, inventory management, provisioning and activation, network topology management and maintenance, and stability/performance diagnostics of communication service providers and their networks. A service management system automates manual operations of the network, delivery services, and support, making these areas more efficient and error-free.
Information management is the handling of information acquired by one or many disparate sources in a way that optimizes access by all who have a share in that information or a right to that information. This involves the applications that handle this information.
System management refers to enterprise-wide of distributed computers end-systems. System management is strongly influenced by network initiatives in telecommunication. The most known system management system are IBM Tivoli Framework, MS System Management Server, HP Open View, CA Unicenter.
Network management refer to the communication resources that enable nodes to communicate.
Workstation
Host PC
Printer
Communication Network
(hub, bridge, router, multiplexer,switch)
Network management
Revision: date

4. Management Classification (2)
Information
&
System
Management
LAN
LAN
LAN
MAN
MAN
ISP
WAN
Gestione di rete di backbone (operatore di TLC):
Apparati FR,ATM,SDH, WDM: usano protocolli proprietari per il trasporto di informazioni e gestione/segnalazione in WAN
IP e GbitEth sempre piu’ usati, dunque gestione piu’ open source soprattutto agli edge della rete di dorsale (MAN/WAN)
Gestione di rete locale (LAN system administrator):
IP, ethernet, WLAN
Linux sempre piu’ usato per gestire reti e servizi
Service
Management
MAN
Network management:
Backbone network (WAN,MAN)
Local Area Network (LAN)
LAN
Revision: date

5. The importance of Network management: use case
Data Server
Low performance
Application
TCP IP
LAN Eth
Application
TCP IP
LAN FDDI
User
Throughput reduction
FDDI
Ethernet
Sinchronism loss
on E3 frame
Consider for example a failure that consist in the loss of synchronism on the clock for E3 frame in a mux PCM.
The synchronism loss on E3 traffic flow produces the loss of E3 frames. As a conseguence E1 frames are lost and the flow at 64kbps carried by E1 frames are corrupted.
Therefore a huge amount of TCP connections will be affected by a high bit error rate. Since TCP uses a sliding window mechanism, this means a strong reduction of throughput on all carried TCP connections.
This cause a tangible delay on application program and if the application are sensible to this delay, a huge amount of application transaction will be aborted. The user perceive low performance and protest against the system administrator. Since the Data Service is ok, the complain is reported to the local network administratore (LAN) that is ok, so the problem is reported to the backbone network operator that must pay for the violetion of the agreement.
The importance of network managemant lies in the necessity to respect the traffic agreement and guarantee the cash receipts and payment from customer (business objectives)
ATM
SDH/WDM
64kbps
PDH/SDH E1
MUX PCM E3/E1 E3
34Mbps
Revision: date

6. Network management: basic concept
GUI
LAN
LAN
WAN/MAN
Support for:
Remote investigation
Real-time supervision
Automatic data processing
Planning future evolution
Serve per capire da remoto cosa e’ successo ad un network system (both at a level of network element and network segment LAN/WAN).
Management: set of procedure and tools that guarantees the effective and efficient use of a (communication) system and its resources according to the business objectives
A network management system is a bundle of software designed to significantly improve network efficiency and productivity. Although the network engineer can perform manually the same services that a newtork management system can, it is preferable that the software perform these routine tasks, thus freeing up the engineer to work on sophisticated network issues (strategy definition, staff organization). Because a network management system is expected to accomplish many tasks simultaneously, it must have enough computing power. A common platform employed is a desktop workstation that uses a graphical window interface.
Network management is the process of controlling a complex data network so as to maximize its efficiency and productivity
Target:
Increase the network reliability
Minimize the network costs
Improve network performance and QoS
Plan future network evolution
LAN
LAN
Revision: date

7. Management Activity Loop
Monitor status and receive event reports
Interpret policy and make decisions
Perform management operations
Monitor the system to obtain up-to-date status information and to receive event reports
Interpret the overall policy pertaining to the goals or requirements of the organization that owns the system in order to make decisions about what behaviour is required from the system
Perform control actions on the system resources to change their behaviour and implement the management decisions
Revision: date

8. Network Management definition
Network management is a service that employs a variety of tools, applications, and devices to assist human network managers in the control and maintenance of a network.
Network management includes the deployment, integration and coordination of the hardware, software and human elements to monitor, test, poll, configure, analyze, evaluate the network resources to meet the real-time, operational performance and QoS requirements at a reasonable cost.
The combination of hardware and software used to monitor and administer a network is called Network Management System (NMS)
A Network Management System (NMS) is a combination of hardware and software used to monitor and administer a network.
Network Management
The execution of the set of functions required for controlling, planning, allocating, deploying, coordinating, and monitoring the resources of a network, including performing functions such as initial network planning, frequency allocation, predetermined traffic routing to support load balancing, cryptographic key distribution authorization, configuration management, fault management, security management, performance management, and accounting management.
to be an end in itself
Revision: date

9. Management System Requirements (1)
Guarantee the availability of the newtork operation
Service maintenance (availability, response time) need to face with technological changes
Security of the services through the control of security components
Human mistake prevention and bottleneck identification/recovery
Automatic or semiautomatic reaction on operation anomalies:
Real-time configuration modification in case of error
Activation of redundant components in case of error
Dynamic reactions to changes on the network and environment:
Changes regarding applications, users, components, services or fees
Dynamic adaptation of the available transmission bandwidth according to request originated by the management system
Target:
Increase the network reliability
Minimize the network costs
Improve network performance and QoS
Plan future network evolution
Revision: date

10. Management System Requirements (2)
Network control:
Collection and (compressed) representation of relevant network information
Definition and maintenance of a database of network configurations
When applicable, centralization of the control over peripherals and implemented functions (central management console)
Integration of management procedures on heterogeneous environment
Improvement of network administrators work conditions:
Identify and implement gradual automation of management functions
Good integration of tools into the existing operational sequences
Progress through standardization:
transition of existing, often proprietary, solutions in a standardized environment
8 by deri
Revision: date

11. Functional Areas (OSI Management)
Fault Management
Configuration management
Performance management
Security management
Accounting Management
Fault management is the process of locating problems, or faults on the data network.
Configuration management is the process of finding and setting up critical device in the network. The problem here is a congruent configuration of different systems the inter-work each-others.
The goal of performance management is to measure and make available various aspects of network performance so that internetwork performance can be maintained at an acceptable level.
Security management is the process of controlling access to information on the data network. This is a very important question in this period.
Accounting management involves tracking each individual and group user’s utilization of network resources so that engineer can better ensure users are provided the quantity of resources they need. The accounting is the driving force in network management because ensure incoming to the company.
Revision: date

12. Managed Object (1) Management System Real telephone Managed Object
Attributes
Operations
Behaviour
Notifications
Push
button
receiver
Warning: telephone equipment is operational but no voice is heard
line
represented as
sees
Management System
Real telephone
Managed Object
Control, co-ordination and monitoring of network resources take place via the manipulation from Managed Objects (MO)s
MO are an abstract representation of a network resource, both physical and logical
The boundary of a management object specifies which details are accessible to a management system and which ones are shielded (black box)
MO is an abstract representation of a physical (router, telephone, coffee machine) or logical (communication protocol) network entitiy
The boundary of a management object specifies which details are accessible to a management system and which ones are shielded (black box).
A managed object is caracterized by some attributes which represent its properties, its characteristics that need to be visible from the outside, the operations (methods) to which the MO responds, its behaviour and events (notifications) the MO emits asynchronously.
The line can be free, engaged, working…
Revision: date

13. Managed Object (2) Attributes:
describe the state/condition of managed objects
can change when the condition of the real object changes
can be manipulated by means of management operation
Operations:
make it possible to access a managed object.
the number and type of operation influence the object performance and complexity
Behaviour:
determines the semantics and interaction with the real resources
is normally defined using text in plain english
Notifications
the quantity and type of the messages, which can be generated by predefined situations by a managed object when specific situation occur
Manageable resources are modelled by managed objects at different level of abstraction.
Managed object encapsulate teh underlying resource and offer access interface at the boundary.
The management aspects of entities such as network element or distributed applications are modeled trrough cluster of managed objects, seen collectively across a management interface.
The management interface is defined thought as “exported” by applications in agent role and “imported” by applications in manager role.
Manager applications access managed objects across interfaces in order to implement management policies.
Typical opeartion are: get, set, create and delete
Revision: date

14. Managed Object (3)
“A managed object is the abstracted view of a resource that present its properties as seen by (and for the purpose of) management (ISO )”
A managed object may represent a relationship between several resources.
Multiple managed objects may represent a single resources to provide different abstract view of the resource for different management purpose.
Managed objects do not necessarily correspond to objects, as one knows from object-oriented programming.
Simple variables correspond to the MOs in the Internet Management
A managed object may represent a relationship between several resources, or a combination of resources such as an entire network. A single resources may be represented by multiple managed objects which provide different abstract view of the resource for different management purpose.
Revision: date

15. Manager-Agent paradigm
operation (get,set)
notification
Manager
Agent MO MO
Management
Communication
protocol
int’l
object MO
In the Manager-Agent paradigm, an application process called “manager” which reside in managing system and application process called “agent” which reside in the managed system. Manager and agent co-operate via standard protocols within a shared schema of management knowledge.
The managed objects are system and network resources that are subject to management.
Management activities are effected through the interrogation and manipulation of the managed objects. Using the management services expressed as messages and the messaging protocols, a manager can direct an agent to perform an operation on a managed object for which it is responsible. Such operation may involves setting an attribute, retrieving an attribute value or performing some action and returning the result.
In addition the agent may spontaneously generate notification messages to the manager indicating the occurrence of events in the managed objects under its control.
Although the protocols themselves make no assuptions about the asymmetry or otherwise of the relationships between the communicating application processes, the manager is considered to have the superior role and the agent correspondingly the subordinate role.
Note that manager and agent applications contain other internal objects that support the implementation of relevant functionality. There are not visible externally, so they are depicted with dotted lines.
Network Management System
Managed Device
Management
Interface
Revision: date

16. Agent role Implements the MOs by accessing the real resources
Receives requests from a manager, processes them and transmits appropriate responses
Dispatches notifications about important changes in the MOs
Protects MOs against unauthorised accesses using access control rules and communication authentication with the partner
The manager/agent paradigm is a concept for the hierarchical exchange of management information between systems.
A managing system assume the role of “manager” for the purpose of issuing directives and receiving notifications.
A managed system assumes the role of “agent” for hte purpose of carrlying out directives and emitting notifications.
A system that plays the role of “manager” to a lower system may simultaneously play the role of agent to a higher level system, allowing for a cascaded management hierarchy
Revision: date

17. Manager role
Exercises control: it controls functions hence it is the crucial instance
Starts up management operations by appropriate protocol operations for the manipulation of MOs
Receives messages from agents and passes them (for handling) to appropriate applications
Revision: date

18. Management Protocol MOs Manager Agent
Implements access to distant managed objects by encoding management data that is then secure during the transfer
Several protocols can be used for the implementation of the defined services
The service primitive and the appropriate protocols operations influence considerably the efficiency and the complexity of the management system
MOs
Algorithm for the solution of management problem
CMIP, SNMP
Management protocol -- A management protocol is used to convey management information between agents and NMSs. SNMP is the Internet community's de facto standard management protocol.
Mngm Prot
Mngm Prot
OSI layer 7
Communication protocol
Manager
Revision: date
Agent

19. Management Information Base (MIB)MO
MIB
Management Information Base (MIB)
The collection of MOs is stored in a specific data base, called Managment Information Base (MIB)
A MIB should be known both to the agent and the manager
It represents a sort of “shared knowledge” of network resources
The set of managed object classes and instances under the control of an agent is called MIB.
The MIB is an abstraction of network resources, properties and states for the purpose of management.
A managed object may represent a relationship between several resources, or a combination of resources such as an entire network. A single resources may be represented by multiple managed objects which provide different abstract view of the resource for different management purpose.
Agent alias the implementer that make resource information available.
Revision: date

20. Management Information Structure
Structure of the management information:
Defines the rules of the description of Managed Objects
Identification and designation of MOs
Composition of MOs
Behaviour of MOs
Relations to other MOs
Possible operations and internal messages of the MOs
Definition of the datatypes, structure and syntaxt for the description of the MOs
The quantity of the descriptions of MOs in accordance with these rules defines the Management Information Base (MIB)
Revision: date

21. Network Management Architecture
Network Management System
NMS
Manager
Management
Protocol
Management
Data
Managed
Network
Most network management architectures use the same basic structure and set of relationships. End stations (managed devices), such as computer systems and other network devices, run software that enables them to send alerts when they recognize problems (for example, when one or more user-determined thresholds are exceeded). Upon receiving these alerts, management entities are programmed to react by executing one, several, or a group of actions, including operator notification, event logging, system shutdown, and automatic attempts at system repair.
Management entities also can poll end stations to check the values of certain variables. Polling can be automatic or user-initiated, but agents in the managed devices respond to all polls. Agents are software modules that first compile information about the managed devices in which they reside, then store this information in a management database, and finally provide it (proactively or reactively) to management entities within network management systems (NMSs) via a network management protocol. Well-known network management protocols include the Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP). Management proxies are entities that provide management information on behalf of other entities. Figure 6-1 depicts a typical network management architecture.
Agent
Agent
Agent
MIB
MIB
MIB
Managed Devices
Revision: date

22. Management Network Data Network
The management network is to be considered a logically separated network from data network
Management Interface
Rete di gestione separata dalla rete gestita
Management Data
Management Network
Revision: date

23. Target of the Current Developments
Implementation of integrated management systems which cover all the requirements for the management of heterogeneous networks and systems
Good expandiblity and adaptability to the local network environment
Good support during the automation of management flows and conversion of management guidelines
Protection of the management against attacks of unauthorized people
Scalability of both the size of the network and increasing demanding requests of the management systems
Open interfaces to the existing infrastructure and their integration into operational sequences.
Revision: date

24. Infrastructure for network management
Management Interface
Management Information Base (MIB)
Network Management System
MIB
Agent
Managed Device
Manager
MIB
Agent
Managed Device
Network Management Protocol
MIB
Agent
Managed Device
Managed devices represented as a set of managed objects whose data is gathered into a MIB
Revision: date

25. Management of the Internet
"Internet" refers to a set of devices that
is logically linked together by a globally unique address space based on the Internet Protocol (IP)
is able to support communications using the Transmission Control Protocol/Internet Protocol (TCP/IP) suite
These devices contain information (like parameters and statistics) that need to be managed about their:
Configuration
Running conditions
Healthy
neighborhoods
Revision: date

26. Management of the Internet
Network
Browser
Packet
Router
Route
Webserver
Software
The global
Internet has
thousands of
networks
Revision: date

27. Requirements
Measurement tools to quickly, accurately and automatically identify Internet communication problems
A common network management model for managing the TCP/IP protocols and the Internet devices as well
Web services are in their early days, they have a steep learning curve, the schemas and not mature
Revision: date

28. Why is internet management so important?
End users & network managers should be able to identify & track internet problems
End users need to verify the service level agreement (SLA) stipulated with the Internet Service Provider (ISP)
The ISP should be able to set expectations:
Deciding which links need upgrading
Deciding where to place network devices (e.g., routers)
Forecast how well an application (e.g., VoIP) will work
Revision: date

29. Why is internet management so difficult?
Internet's evolution is a composition of independently developed and deployed protocols, technologies, and core applications
The phone connection oriented model (Poisson distributions of session length etc.) does not work for Internet traffic
Internet management is not in the priority list of the vendors:
Resources/skill focus on more interesting an profitable issues
Tools lacking or inadequate
Implementations poor & not fully tested with new releases
For privacy issues, the ISPs worried about providing access to their core network making results public
Revision: date

30. LAN vs WAN Managing the LAN Managing the WAN
Network admin has control so:
Can read information from devices
Can passively sniff traffic (e.g., using Ethereal)
Know the routes between devices (manually for small networks, automated for large networks)
Managing the WAN
No admin control, unless you are an ISP
Can’t read information out of routers
May not be able to sniff/trace traffic due to privacy/security concerns
Don’t know route details between points
Revision: date

31. Passive vs. Active Traffic Monitoring
Active Monitoring
Injects extra artificial traffic
provides explicit control on the generation of packets for measurement scenarios
testing what you want, when you need it
Passive Monitoring
does not inject extra traffic, measures real traffic parameters using:
Probe Devices that capture/watch packets as they pass (e.g., Router, switch, sniffer)
Network device that records network status information
Generally we use both approaches, e.g. start active measurement and look at passively
Revision: date

32. Active Monitoring tools: examples
Ping = for monitoring the destination reachability
Traceroute = for tracing a path
Pingroute = Combines ping & traceroute,
Pathchar, Pipechar/abing = for path characterization
Iperf = for measuring the network throughput
Ping
Traceroute
Source
Destination
Revision: date

33. Passive Monitoring tools
Hardware probes = (e.g., Sniffer, NetScout) can be stand-alone or remotely access from a central management station
Software probes = (e.g., snoop, tcpdump)
Flow measurement = (e.g., netramet, Netflow)
Revision: date

34. The ICMP Protocol
Internet Control Message Protocol (ICMP), documented in RFC 792, is a protocol that uses IP for out-of-band messages related to network operation
Since ICMP uses IP, ICMP packet delivery is unreliable, so hosts cannot count on receiving ICMP packets for any network problem. Some of ICMP's functions are to:
Announce network errors, such as a host unreachable due to any failure.
Announce network congestion. When a router begins buffering too many packets, due to an inability to transmit them as fast as they are being received, it will generate ICMP Source Quench messages. Directed at the sender, these messages should cause the rate of packet transmission to be slowed.
Assist Troubleshooting. ICMP supports an Echo function, which just sends a packet on a round-trip between two hosts. Ping, a common network management tool, is based on this feature. Ping will transmit a series of packets, measuring average round-trip times and computing loss percentages.
Announce Timeouts. If an IP packet's TTL field drops to zero, the router discarding the packet will often generate an ICMP packet announcing this fact.
Revision: date

35. Ping Ping is common network management tool based on ICMP:
Client sends ICMP echo request, server sends reply
Client measures average round-trip times and computes loss percentages
Client can specify the number of data bytes transmitted, can puts timestamp in data bytes and can compares timestamp with time when echo comes back
Revision: date

36. Ping (2) “Host Unreachable” Error Message Router “Echo” “Echo Reply”
ICMP Message
IP Header
Revision: date

37. Ping example Remote host Repeat count Summary
syrup:/home$ ping -n 6 thumper.bellcore.com
PING thumper.bellcore.com ( ): 64 data bytes
72 bytes from : icmp_seq=0 ttl=240 time=641.8 ms
72 bytes from : icmp_seq=2 ttl=240 time= ms
72 bytes from : icmp_seq=3 ttl=240 time= ms
72 bytes from : icmp_seq=4 ttl=240 time=758.5 ms
72 bytes from : icmp_seq=5 ttl=240 time=482.1 ms
--- thumper.bellcore.com ping statistics packets transmitted, 5 packets received, 16% packet loss round-trip min/avg/max = 482.1/880.5/ ms
Repeat count
Summary
Revision: date

38. Traceroute
Traceroute is an ICMP utility that traces a packet from local to a remote host, showing how many hops the packet requires to reach the remote host and how long each hop takes.
If you're visiting a Web site and pages are appearing slowly, you can use traceroute to figure out where the longest delays are occurring.
TraceRoute maps network routes by sending packets with small Time-to-Live (TTL) values and watching the ICMP timeout announcements.
Revision: date

39. Lost packet or router ignores
Traceroute example
Max hops
Remote host
-m 20 lhr.comsats.net.pk
traceroute to lhr.comsats.net.pk ( ), 20 hops max, 40 byte packets
1 RTR-CORE1.SLAC.Stanford.EDU ( ) ms
2 RTR-MSFC-DMZ.SLAC.Stanford.EDU ( ) ms
3 ESNET-A-GATEWAY.SLAC.Stanford.EDU ( ) ms
4 snv-slac.es.net ( ) ms
5 nyc-snv.es.net ( ) ms
6 nynap-nyc.es.net ( ) ms
7 gin-nyy-bbl.teleglobe.net ( ) ms
8 if bb5.NewYork.Teleglobe.net ( ) ms
9 if bb6.NewYork.Teleglobe.net ( ) ms
( ) ms
( ) ms
12 islamabad-gw2.comsats.net.pk ( ) ms
13 *
14 lhr.comsats.net.pk ( ) ms
No response:
Lost packet or router ignores
Revision: date

40. Pingroute Pingroute = Ping + Traceroute
It runs traceroute, then ping each founded router n times
Pingroute helps identify the route where the problem starts to occur
Revision: date

41. Path characterization
sends multiple packets of varying sizes to each router along route
measures minimum response time
plot min RTT vs packet size to get bandwidth
calculate differences to get individual hop characteristics
measures for each hop: BW, queuing, delay/hop
can take a long time
Pipechar/abing
Also sends back-to-back packets and measures separation on return
Much faster
Finds bottleneck
Bottleneck
Min spacing
At bottleneck
Spacing preserved
On higher speed links
Revision: date

42. Iperf Iperf measures the network throughput
Client generates & sends UDP or TCP packets
Server receives receives packets
Can select port, maximum window size, port , duration, Mbytes to send etc.
Client/server communicate packets seen etc.
Reports on throughput
Requires sever to be installed at remote site, i.e. friendly administrators or logon account and password
Revision: date

43. Iperf example 3 parallel streams Max window size TCP port Remote host
-p w 512K -P 3 -c sunstats.cern.ch
Client connecting to sunstats.cern.ch, TCP port 5008
TCP window size: 512 KByte
[ 6] local port connected with port 5008
[ 5] local port connected with port 5008
[ 4] local port connected with port 5008
[ ID] Interval Transfer Bandwidth
[ 4] sec MBytes Mbits/sec
[ 5] sec MBytes Mbits/sec
[ 6] sec MBytes Mbits/sec
Total throughput =3*15.3Mbits/s = 45.9Mbits/s
Remote host
Revision: date

44. Questions OK the monitoring of the traffic but…
how about the management of the network devices?
Revision: date

45. The fundamental of internet management
Internet Architecture Board (IAB) released RFC 1052 entitled "IAB Recommendations for the Development of Internet Network Management Standards" in April 1988.
This RFC explains that the network management must :
Be as large as possible.
Have the wider diversity of implementation as possible.
Have the wider diversity of administration/management as possible.
Cover as many protocol layer as possible.
Revision: date

46. The SNMP
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices.
SNMP is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite.
Nowadays SNMP is not limited to TCP/IP devices
SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
Revision: date

47. SNMP RFCs
The following RFCs are the first documents dealing with SNMP published in 1988 :
RFC Structure and Identification of Management Information for TCP/IP-based internets
RFC Management Information Base for Network Management of TCP/IP-based internets
RFC A Simple Network Management Protocol (SNMP)
Revision: date

48. SNMP nodes
An SNMP nodes is a device of an SNMP managed network. There are different types of SNMP nodes:
Managed nodes = Typically runs an agent process that services requests from a management node
Management nodes = Typically a workstation running some network management & monitoring software
Not manageable nodes = A node may not support SNMP, but may be manageable by SNMP through a proxy agent running on another machine
Nodes can be both managed nodes and a management node at the same time
Revision: date

49. SNMP Components
SNMP agent is a software that runs on network nodes (host, router, printer, or others) and that maintains information in a database about its configuration and current state
Management Information Bases (MIBs) is the database of the managed information
An SNMP manager is an application program that contacts an SNMP agent to query or modify the database at the agent.
SNMP protocol is the application layer protocol used by SNMP agents and managers to send and receive data.
Revision: date

50. SNMP Components
MIB
MIB
MIB
Revision: date

51. SNMP Manager-Agent interaction
MIB
SNMP MESSAGES
UDP
UDP IP IP
ETHERNET
ETHERNET
Revision: date

52. Ports & UDP
SNMP uses User Datagram Protocol (UDP) as the transport mechanism for SNMP messages
Ethernet Frame
IP Packet
SNMP Message
CRC
UDP Datagram
Like FTP, SNMP uses two standard ports to operate:
UDP Port SNMP Messages
UDP Port SNMP Trap Messages
Revision: date

53. Advantages of using SNMP
Standardized
Universally supported
Extendible
Portable
Allows distributed management access
Lightweight protocol
Revision: date

54. SNMP and Functional Areas of Network Management
Configuration Management - inventory, configuration, provisioning
Fault Management - reactive and proactive network fault management
Performance Management - # of packets dropped, timeouts, collisions, CRC errors
Security Management – configuration of security policy
Accounting Management - cost management and chargeback assessment
Asset Management - statistics of equipment, facility, and administration personnel
Planning Management - analysis of trends to help justify a network upgrade or bandwidth increase
Revision: date

55. SNMP supporting languages
Abstract Syntax Notation One (ASN.1) = It is used to define the format (syntax) of SNMP messages and managed objects (MIB modules) using an unambiguous data description format
Structure of Management Information (SMI) = It defines the rules for describing management information, using ASN.1. specifies the format used for defining managed objects that are accessed via the SNMP protocol
Basic Encoding Rules (BER) = It is used to encode the SNMP messages into a format suitable for transmission across a network
Revision: date

56. SNMP Protocol Stack
Revision: date

57. SNMP Basic Commands
Managed devices are monitored and controlled using four basic SNMP commands:
The Get command is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices.
The Set command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices.
The Trap command is used by managed devices to asynchronously report events to the NMS. When certain types of events occur, a managed device sends a trap to the NMS.
Traversal operations are used by the NMS to determine which variables a managed device supports and to sequentially gather information in variable tables, such as a routing table.
Revision: date

58. SNMP versions Three versions of SNMP exist:
SNMP version 1 (SNMPv1) 1990
SNMP version 2 (SNMPv2) 1996 = same features of SNMPv1 but it offers enhancements, such as additional protocol operations.
SNMP version 3 (SNMPv3) 2002 = augments the original SNMPv1 and the SNMPv2 specifications with additional security and administration capabilities.
All versions are still used today
Many SNMP agents and managers support all three versions of the protocol.
Revision: date

59. SNMPv1
SNMP version 1 (SNMPv1) is the initial implementation of the SNMP protocol.
It is described in RFC 1157 and functions within the specifications of the Structure of Management Information (SMI).
SNMPv1 operates over protocols such as User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless Network Service (CLNS), AppleTalk Datagram-Delivery Protocol (DDP), and Novell Internet Packet Exchange (IPX).
SNMPv1 is widely used and is the de facto network-management protocol in the Internet community.
Revision: date

60. SNMPv1 limitations Authentication is inadequate:
Password (community string) placed in clear in SNMP messages
MIB variables must be polled separately, i.e. entire MIB cannot be fetched with single command
SNMPv2 and v3 attempt to address these and other limitations
Despite limitations, SNMP has been a huge success
Provides device and link utilization (byte, packets) and errors
Lot of facilities/tools built around SNMP to provide reports for sites
Revision: date

61. SNMPv2
SNMP version 2 (SNMPv2) is an evolution of the initial version, SNMPv1.
As with SNMPv1, SNMPv2 functions within the specifications of the Structure of Management Information (SMI).
SNMPv2 offers a number of improvements to SNMPv1, including additional protocol operations.
Revision: date

62. SNMPv3 The new features of SNMPv3 include: Security
Authentication
Privacy authorisation
Access control
Administrative Framework
naming of entities people and policies
user names and key management notification destinations
proxy relationships remotely configurable via SNMP operations
Revision: date

63. SNMP Interoperability
SNMPv2 is incompatible with SNMPv1 in two key areas:
message formats
protocol operations
SNMPv2 messages use different header and protocol data unit (PDU) formats than SNMPv1 messages.
SNMPv2 also uses two protocol operations that are not specified in SNMPv1.
RFC 1908 defines two possible SNMPv1/v2 coexistence strategies: proxy agents and bilingual network-management systems.
Revision: date