chu-sing yang department of electrical engineering national cheng kung university introduction to...

Chu-Sing Yang

Department of Electrical EngineeringNational Cheng Kung University

Introduction to Network Management

Outline

Introduction Network Management Requirement SNMP Family OSI Management Function Areas Network Management System Network Management Software Architecture Distributed Network Management Proxies

The Case for Management

Typical problemRemote user arrives at regional office and experiences slow or no response from corporate web server

Where do you begin?Where is the problem?What is the problem?What is the solution?

Without proper network management, these questions are difficult to answer Corp Network

Regional Offices

WWW ServersWWW Servers

Remote UserRemote User

Corp Network

Regional Offices

WWW ServersWWW Servers

Remote UserRemote User

The Case for Management

With proper management tools and procedures in place, you may already have the answer

Consider some possibilities 1. What configuration changes were

made overnight? 2. Have you received a device fault

notification indicating the issue? 3. Have you detected a security

breach? 4. Has your performance baseline

predicted this behavior on an increasingly congested network link?

An accurate database of your network’s topology, configuration, and performance

A solid understanding of the protocols and models used in communication between your management server and the managed devices

Methods and tools that allow you to interpret and act upon gathered information

Response TimesResponse Times High AvailabilityHigh Availability

PredictabilityPredictability

SecuritySecurity

Solving Problem Procedure

Introduction

Large Scale Network Management can be difficult to implement due to the diversity of managed equipment, the far-flung locations and raw data polling and storage requirements.

Introduction

Network Management System (NMS)Automatic versus human effort Increased network size Increased complexity

Heterogeneous equipment Equipment from multiple vendors

Outline


Network Management Requirements

Ease of use Security features Restoral capability Ability to delete/add Ability to monitor network availability Traffic rerouting Improved automation User registration Improved reporting Ability to monitor response time

Network Management Requirements

Control corporate strategic assets Control complexity Improve service Balance various needs Reduce downtime Control cost

Outline


Introduction to SNMP

Simple Network Management ProtocolProvides a tool

for multi-vender, interoperable network management used across a broad spectrum of product types

include end systems, bridges, switches, routers and telecommunications equipment

TCP/IP based

Simple Network Management Protocol

A set of standards for network managementa protocola data base structure specificationa set of data objects

SNMP Family

SNMPv1Proposed in 1989

SNMPv2Proposed in 1993Revised in 1995An upgrade to SNMPv1Add functional enhancements to SNMP and codify

the use of SNMP on OSI-based networks

SNMP Family (cont.)

SNMPv3 Issued in 1998Define a security capability for SNMP and an

architecture for future enhancementsUsed with the functionality provided by SNMPv2

or SNMPv1

SNMP Operations Get

A management station retrieves a scalar object value from a managed station

SetA management station updates a scalar object

value in a managed station ifAdminStatus(RW,up/down/test)

TrapA managed station sends an unsolicited scalar

object value to a management station

MIB-II Groups System

overall information about the system Interfaces

information about each of the interfaces from the system to a subnetwork

at (address translation; deprecated) description of address translation table for internet-to-

subnet address mapping Ip

information related to the implementation and execution experience of IP on system

MIB-II Groups Icmp

information related to the implementation and execution experience of ICMP on system

tcp information related to the implementation and execution

experience of TCP on this system Udp

information related to the implementation and execution experience of UDP on this system

Egp information related to the implementation and execution

experience of EGP on this system

MIB-II Groups

dot3(transmission) information about the transmission schemes and

access protocol at each system interface Snmp

information related to the implementation and execution experience of SNMP on this system

RMON

Remote network MONitoring a supplement to SNMP extend the capabilities of SNMP to include

management of LANs as well as the devices attached to those networks

RMON 1 issued in 1991 RMON 2 issued in 1995

The RMON MIB

Incorporated into MIB-II with a subtree Identifier of 16 Divided into 10 groups

Each group is used to store data and statictics derived from data collected by the monitor

A monitor may have more than one physical interface All of the groups are optional

There are some dependencies Alarm group vs. event group hostTopN group vs. host group Packet capture group vs. filter group

The RMON MIB Statistics

Maintains low-level utilization and error statistics for each subnetwork monitored by the agent

History Records periodic statistical samples from information available in the

statistics group Alarm

Allows the manager to set a sampling interval and alarm threshold for any counter or integer recorded by the RMON probe

Host Contains counters for various types of traffic to and from hosts attached

to the subnetwork hostTopN

Contains sorted host statistics that report on the hosts that top a list based on some parameter in the host table

The RMON MIB (cont.) Matrix

Shows error and utilization information in matrix form Filter

Allows the monitor to observe packets that match a filter Packet capture

Governs how data is sent to a management console Event

Gives a table of all events generated by the RMON probe tokenRing

Maintains statistics and configuration information for token ring subnetwork

Outline


OSI Management Functional Areas

Fault management Configuration management Accounting management Performance management Security management

Fault Management

The facilities that enable the detection, isolation, and correction of abnormal operation of the OSI environment

What is “a fault”? an abnormal condition that requires management attention (or

action) to repair indicated by failure to operate correctly or by excessive

errors Communication line is cut A crimp in the cable Certain errors may occur occasionally and are not normally considered

to be faults

Fault Management

When a fault occursDetermine “exactly” where the fault is Isolate the rest of the network from the failureReconfigure or modify the network to minimize the

impact of operationRepair or replace the failed components

User requirements for Fault Management

Fast and reliable problem resolution Receive notification and correct the problem immediately Requires rapid and reliable fault detection and diagnostic management Provides fault tolerance

Redundant components and alternate communication routes Fault management capability itself should be redundant

Keep informed of the network status Reassurance of correct network operation through mechanisms that use tests

or analyze dumps, logs, alerts, or statistics Problem tracking and control

Ensure the problem is truly resolved and no new problems are introduced Fault management should have minimal effect on network

performance

Configuration Management

Configuration management is concerned with Initializing a networkGracefully shutting down part or all of the networkMaintaining, adding, and updating the relationships

among components and the status of components themselves during network operation

Requirements for Configuration Management

The network manager needs the capability to Identify initially the components that comprise the network Define and change the connectivity of components Define and modify default attributes, and load the predefined sets of

attributes into the specified network components Reconfigure a network for performance evaluation, network upgrade, fault

recovery or security checks End users want to inquire about the upcoming status of resources and their

attributes before reconfiguration Generate configuration reports

Periodic basis Response for a request

Only authorized end users can manage and control network operation (software distribution and updating)

Accounting Management

The facilities that enable charges to be established for the use of managed

objectscosts to be identified for the use of those managed

objects

Accounting Management Network managers track the use of network

resources by end user or end-user classAn end user or group of end users may be abusing its

access privileges and burdening the network at the expense of other users

End users may be making inefficient use of the network, and network manager can assist in changing procedures to improve performance

The network manager is easier to plan for network growth if end user activity is known in sufficient detail

Requirements for Accounting Management

The network manager can specify the kinds of accounting information to be recorded at

various nodes the desired interval between sending the recorded

information to higher-level management nodes the algorithms to be used in calculating the charging

Generate accounting reports Provide the capability to verify end users’

authorization to access and manipulate the information

Performance Management

The facilities needed to evaluate the behavior of managed objects the effectiveness of communication activities

Functions of performance managementMonitoring

Tracks activities on the networkControlling

Enables performance management to make adjustments to improve network performance

Issues of Performance Management

What is the level of capacity utilization? Is there excessive traffic? Has throughput been reduced to unacceptable

levels? Are there bottlenecks? Is response time increasing?

To Deal the Issues of PM

The network manager focus on some initial set of resources to be monitored in order to assess performance levels Appropriate metrics and values with relevant network

resources as indicators of different levels of performance The count of retransmission on a transport connection

Monitor many resources to provide information in determining network operating level

Collect and analyze information, and then using the resultant analysis as feedback to the prescribed set of values

User Requirements for Performance Management

End users want to know the average and worst case response times the reliability of network services

Performance statistics can help managersPlan, manage and maintain large networksRecognize potential bottlenecks in advance

balance or redistribute traffic load by changing routing tables

Security Management

The facilities that address those aspects of OSI security essential to Operate OSI network management correctly Protect managed objects

network resources end user information

End users want to know the proper security policies are in force and effective the management of security facilities is itself secure

Issues of Security Management

Managing information protection, and access control facilities Generating, distributing and storing encryption keys Passwords, authorization or access control information must be

maintained and distributed Monitoring and controlling access to computer networks

and to all or part of the network management information SM involves with the collection, storage, and examination of

audit records and security logs the enabling and disabling of these logging facilities

Outline


Network Management Systems (NMS)

NMS is a collection of tools for network monitoring and control Designed to view the entire network as a unified architecture

addresses and labels assigned to each point specific attributes of each element and link known to the system

Single operator interface with a powerful but user-friendly set of commands

a minimal amount of separate equipment (hardware/software) is necessary

NMS software resides in the host computers and communications processors (bridges, routers)

Network Management Systems

The active elements of the network provide regular feedback of status information to the network control center

NMS for single vendor equipment versus for multiple-vendor network

Two or more network control centers are used for high availability (backup) one center is idle or collecting statistics the other center is used for control

NMA = network management application

NME = network management entity

Appl = application

Comm = communications software

OS = Operating system

NMA

NME Appi

Comm

OS

Network control

Host (manager)

NME

Comm

OS

Appi

Server

(agent)

Workstation

(agent)

NME

Comm

OS

AppiNME

Comm

OS

Router

(agent)

Network Management System

Network Management Configuration

Network Management Element (NME) Contains a collection of software devoted to the NM task in each network

node collects statistics Stores statistics locally Responds to commands from network control center (manager)

Transmit collect statistics to manager Change a parameters (a timer in a transport protocol) Provide status information Generate artificial traffic for testing

Send messages to network control center for significant changes in local conditions

be referred to as an agent Agents are implemented in end systems and nodes

Network Management Configuration

Network Management Application (NMA) include an operator interface to allow an

authorized user to manage the networkRespond to user commands

display information issue commands to NMEs through the network

Communicate with and control NME in other nodes

Application-level network management protocol

Outline


Network Management Software Architecture

Three categoriesUser presentation softwareNetwork management softwareCommunications and database support software

Unifieduser

Interface

Presentation of network managementInformation to users

MIBaccessmodule

Communicationsprotocol

stack

NetworkManagementapplication


Applicationelement

Applicationelement

Applicationelement

Network management data transport service

. . .

. . .



Applicationelement

Applicationelement

Applicationelement


. . .

. . .

Unifieduser

Interface


MIBaccessmodule


stack



Applicationelement

Applicationelement

Applicationelement


. . .

. . .



Applicationelement

Applicationelement

Applicationelement


. . .

. . .

Managementinformation

base

Managed networks

Unifieduser

Interface


MIBaccessmodule


stack



Applicationelement

Applicationelement

Applicationelement


. . .

. . .



Applicationelement

Applicationelement

Applicationelement


. . .

. . .

Unifieduser

Interface


MIBaccessmodule


stack



Applicationelement

Applicationelement

Applicationelement


. . .

. . .



Applicationelement

Applicationelement

Applicationelement


. . .

. . .

Managementinformation

base

Managed networksManaged networks

Architectural Model of NMS

User Presentation Software

An interface in manager systems monitor and control the network

An interface in agent systems network testing and debugging view or set parameters locally

Presentation tools to organize, summarize, and simplify the information as

much as possible to avoid information overload graphical presentations user interface should be the same at any node, regardless

of vender

Network Management Software

Three-layer architectureNetwork management application layerApplication element layerNetwork management data transport service layer

Network Management Software (Cont’)

Network management application Provides services of interest to users

FCAPS Each application covers a broad area of network management

and should exhibit consistency over various types of configurations (LAN, WAN, ..)

Application elements Implement primitive and general-purpose network management

functions generating alarms or summarizing data

Implement basic tools used by one or more network management applications

Developed based on software reuse

Network Management Software (Cont’)

Network Management Data Transport Servicea NM protocol used to exchange management

information among managers and agentsa service interface to the application elements

Provides very primitive functions (get, set and trap)

Communication & Database Support Software

Network management software needs access to a local MIB, and to remote agents and managers

Local MIB at an agent contains Information reflecting the configuration and behavior of this

node Parameters used to control the operation of this node

Local MIB at a manager contains node-specific information summary information about agents under control

Communication & Database Support Software (Cont’)

MIB access module Include basic file management software that enables

access to the MIB Convert local MIB format to a standardized form across the

NMS Communications protocol stack

OSI or TCP/IP stack Support the network management protocol Support communications among agents and managers

Outline


Distributed Network Management

A centralized NMS enables the manager to maintain control over the entire configuration, balancing resource against needs and optimizing the overall utilization of resources

Why distributed network management? the proliferation of low-cost, high power PCs & workstations the proliferation of departmental LANs local control and optimization of distributed applications distributed computing

Architecture of distributed network management hierarchical architecture department-level managers

manage downsized applications and PC LANs


Benefits network management traffic overhead is minimized Offers greater scalability eliminates single-point failure

Elements for hierarchical architecture distributed management workstations

be given limited access for monitoring and control manage the departmental resources

one central workstation (with a backup) global access rights to manage all network resources interact with less-enabled management stations


Distributed management system architecture management clients

Provide the user access to management services and information

Provide a graphical user interface may access one or more management servers

management servers are the heart of the system support a set of management applications and a MIB store common management data models route management information to applications and clients

managed network devices Are managed directly by one or more management servers through a vendor-specific element manager or proxy

Typical Distributed Management System Architecture

Network

Management server

Management application

MIB

Management server

Management application

MIB

Network

Elementmanager

Elementmanager

Network resources ( servers, routers, hosts ) with management agents

Management clients ( PCs, workstations )

Outline


Proxies

Why proxies? older systems may not support network management

standards small systems are not suitable to be implemented full-

blown NME some components do not support agent software

Modems and multiplexers

Operations of proxies translate requests and responses among managers and

the target system act on behalf of one or more other nodes

Server

stub

Client proxy

stub

Protocol

stack

Protocol

stack

Proxy managerManagement

application

Client

stub

Protocol

stack

Management

application

Client

stub

Protocol

stack

Standard operations and event reports

Proprietary operations and event reports

Proxy manager architecture

chu-sing yang department of electrical engineering national cheng kung university introduction to...

Documents