Intro to VPNs and SNMP
Download
Report
Transcript Intro to VPNs and SNMP
FYI
VPNs and SNMP
Tahir Azim
Courtesy: Umar Kalim, NIIT
Virtual Private Networks
Courtesy: Umar Kalim, NIIT
Private Networks
• To be used inside the organization
• Intranet: A private network whose access
is only limited to the users inside the
organization
• Extranet
– Same as the intranet, but with one addition
• Some users outside the organization can also
access (some or all) resources
• Limitations defined by the network administrator
Courtesy: Umar Kalim, NIIT
Achieving Privacy
• A small organization can remain isolated
– Single site
• A large organization with multiple sites can have
its private “internet”
Courtesy: Umar Kalim, NIIT
Achieving Privacy in Hybrid
Networks
• Require privacy, but also need to connect to the
Internet
• Solution: Hybrid network
Courtesy: Umar Kalim, NIIT
Drawbacks of Hybrid and Private
Networks
• Private & Hybrid Networks are very costly
– Duplication of equipment
– Leased lines for inter-site connectivity
• Difficult to administer if Internet
connectivity is required (as well as privacy)
Courtesy: Umar Kalim, NIIT
Overview: Virtual Private Networks
• Use the global Internet for Internet access as
well as inter-site access, i.e. both public &
private communication
• R1 & R2 use VPN-tech. to guarantee privacy
Courtesy: Umar Kalim, NIIT
What is a VPN?
• A technology based on two techniques
which guarantee privacy
– Tunneling
• Simple
• TLS/SSL
– IPSec
• Authentication Header (AH)
• Encrypted Security Payload (ESP)
Courtesy: Umar Kalim, NIIT
Tunneling
• VPN specifies that each IP datagram destined
for a private use in the organization must be
encapsulated inside another datagram
Actual source
and destination
Routers
connecting
the two sites
Courtesy: Umar Kalim, NIIT
Addressing in VPN
Courtesy: Umar Kalim, NIIT
Simple Network Management
Protocol
Courtesy: Umar Kalim, NIIT
SNMP
• A framework for managing devices in an internet
using the TCP/IP protocol suite
– It provides the fundamental operations for monitoring
and maintaining an internet
• Application level protocol
– So that it may monitor devices made by different
manufacturers, installed on different networks
– Limitations of the type of the network as well as the
type of the device is removed
Courtesy: Umar Kalim, NIIT
Concept of SNMP
• Uses the concept of a manager and an agent
– Manager is the host that controls/monitors a (set of)
agent(s)
– Agents are hosts that are being monitored
• Mostly routers
Courtesy: Umar Kalim, NIIT
Manager and Agents
• Manager runs the SNMP client
• Agent runs the SNMP server
• Management is achieved by the simple interaction b/w the client and
the server
• Agents maintain information about parameters affecting
performance
• e.g. # of packets received, # of packets forwarded etc
• The Manager has access to these parameters
• Manager can also have the agent perform certain actions
• e.g. Reboot the router
Courtesy: Umar Kalim, NIIT
Manager and Agents
• Agents can also contribute to the
management process
• The server program checks the parameters for
certain defined thresholds
• If a threshold is reached, or there is some unusual
activity, the agent sends a warning message
(called a trap) to the manager
Courtesy: Umar Kalim, NIIT
Concept of SNMP
• Manager checks an agent by requesting
information that reflects the behaviour of
the agent
• A manager can force an agent to perform
a task (by resetting certain values in the
agents database)
• An agent can help in the management by
generating trap messages/warning in case
of an unusual activity
Courtesy: Umar Kalim, NIIT
Management Components
• SNMP uses two other protocols to achieve its
objectives
– Structure of Management Information (SMI)
– Management Information Base (MIB)
Courtesy: Umar Kalim, NIIT
Role of SNMP
• It defines the format of the packet to be
sent from a manager to an agent and vice
versa
– Packets exchanged contain object names and
their status
– SNMP is responsible for reading and
changing these values
• It interprets the results and creates
statistics (often using other s/w)
Courtesy: Umar Kalim, NIIT
Role of SMI
• To use SNMP we require rules
– To name objects using a uniform convention
for open access
– To define what type of objects can be used
(simple or structured, which simple types are
available, their sizes etc), again for open
access
• SMI defines such rules
– How to define objects
– How to list their types
Courtesy: Umar Kalim, NIIT
Role of MIB
• For each entity to be managed, we must
define
– The number of objects
– Name them
– Associate a type with each
• MIB creates a collection of named objects,
their types, and their relationships to each
other in an entity to be managed
Courtesy: Umar Kalim, NIIT
An Analogy to understand the
relationship
• Before we write a computer program, the
syntax must be defined. Also, the available
data types must be defined etc [SMI]
• Declaration of variables in the program
[MIB]
• Write code to read, change the variables,
interpret their meaning etc [SNMP]
Courtesy: Umar Kalim, NIIT
Operational Overview
Courtesy: Umar Kalim, NIIT
THE END!
Good Luck!
Courtesy: Umar Kalim, NIIT