Transcript Chapter 30m

CHAPTER 30
Internet Management
Albert
30.1, 2, 3
Yifan
30.4, 5, 6, 7
Jianxin
30.8
Huaidong
30.9
Lai Yee
30.10
Daniel
30.11, 12, 13
1
Internet Management
Activities in Internet management:

Debug problems
 Control routing
 Find computer that violate protocol standard
2
Network Management
Originally, many wide area networks included
management protocols as part of their link
level protocols.
Advantage:
Managers were often able to control switches
even if higher level protocols failed.
3
Internet management differs from
network management

A single manager can control heterogeneous
devices including IP routers, bridges,
modems, work-stations, and printers.
 The controlled entities may not share a
common link level protocol.
 The set of machines a manager controls may
lie at arbitrary points in an internet.
4
Internet management operates at the
application level
Advantages:
• One set of protocol can be used for all networks.
• Same protocols can be used for all managed devices.
• A manager can control the routers across an entire
TCP/IP internet without having direct attached to
every physical network or router.
Disadvantage:
• If the operating system, IP software, or transport
protocol software does not work correctly, the
manager may not be able to contact a router that
needs managing.
5
Architectural Model
6
Architectural Model
• Client software usually runs on the manager’s
workstation.
• Each participating router or host runs a server
program called management agent.
• Most managers only control devices at their local
sites; a large site may have multiple managers.
Internet management software uses an
authentication mechanism to ensure only
authorized managers can access or control a
particular device.
7
Protocol Framework
It’s all about management information!
 SNMP
How to exchange?
 MIB
How to store and operate?
 SMI
How to define and identify?
 ASN.
1
Formal notation used by SMI.
8
SNMP v3 – how to communicate?
Stands for Simple Network
Management Protocol version 3
 A standard Network Management
Protocol
 Defines:

- message format, form of names and addresses
- how to use transport protocol
- set of operations and their meaning
- approach is minimalistic
9
MIB – How about data?

Stands for Management Information Base
 Defines:
- What data should be kept for the manager?
- What operations are allowed on these data?
- Categories of data
- Variables in each category

MIB definition is independent of the network
management protocol.
- All managed devices speaks the same language
(MIB)
10
__MIB category
system
interfaces
at
ip
icmp
tcp
udp
ospf
bgp
rmon
rip-2
dns
includes informationabout________
The host or router operating system
Individual network interfaces
Address translation (e.g. ARP)
Internet protocol software
Internet Control Protocol software
Tansmission Control Protocol software
User datagram Protocol software
Open shortest path first software
Border Gateway Protocol software
Remote network monitoring
Routing Information Protocol software
Domain Name System software
11
MIB Variable
Category
sysUptime
system
ifNumber
interfaces
ifMTU
interfaces
ipDefaultTTL
ip
ipInReceives
ip
ipForwdatagrams ip
ipOutNoroutes
ip
ipReasmOKs
ip
ipFragOKs
ip
ipRoutingTable
ip
icmpInEchos
icmp
tcpRtoMin
tcp
tcpMaxConn
tcp
tcpInSegs
tcp
udpInDatagrams udp
Meaning______________
Time since last reboot
Number of network interface
MTU for a particular interface
Value IP uses in TTL field
Number of datagrams received
Number of datagrams forwarded
Number of routing failures
Number of datagrams reassembled
Number of datagrams fragmented
IP routing table
# of ICMP echo requests received
Min retransmision time TCP allows
Max TCP connection allowed
# of segments TCP has received
12
# of UDP datagrams received
MIB variables

Each variable can be stored as
- A single integer
- A complex structure
e.g., an entire Routing Table


Also defines table entries.
Presentation only has logical meaning.
- Router may use different internal data structures
13
SMI – rules to define and identify variables

Stands for Structure of Management
Information
 Specifies:
- What variable types are allowed?
- What naming rules should be followed?
- How to refer to the tables of values?
e.g., the IP routing table
14
ASN. 1 – a formal notation used by SMI


Stands for ISO’s Abstract Syntax Notation 1
A formal notation of defining variable names
and types
- In documents: human can read
- In communication: compact encoded representation

Benefits:
- Makes the form and contents of variables
unambiguous.
- Simplifies the implementation of protocols
- guarantees interoperability
15
30.8 Structure And Representation Of MIB
Object Names --- Jianxin

Object Identifier Namespace:
1. Names used for MIB variables are taken
from the object identifier namespace
administered by ISO and ITU.
2. The object identifier namespace is
absolute, meaning that names are
structured to make them globally unique.
16
Hierarchy of namespace

The root of the object identifier hierarchy is
unnamed.

It has three direct descendants managed by:
ISO
ITU
jointly by ISO and ITU

The descendants are assigned both short text
strings and integers.

ISO has allocated one subtree for use by
other national or international standards
organizations.
17
18
Name an object and MIB categories

The name of an object in the hierarchy is the
sequence of numeric labels on the nodes
along a path from the root to the object.

The sequence is written with periods
separating the individual components.
example: 1.3.6.1.2 --- denotes the node
‘mgmt’

The MIB groups variables into categories,
each category is the sub-tree of the ‘mib’
node of the object identifier namespace.
19
20
Simple category naming examples



The category labeled ip has been assigned the value
4.
The names of all MIB variables corresponding to ip
have an identifier that begins with the prefix:
1.3.6.1.2.1.4
The textual label would be:
iso.org.dod.internet.mgmt.mib.ip
When network management protocols use names of
MIB variables in messages, each name has a suffix
appended. For simple variables, the suffix is 0.
21
Complex example

How about the variable ipAddrTable
 A list of the IP addresses for each network
interface
 It’s a sub-tree under ip node, with prefix:
iso.org.dod.internet.mgmt.mib.ip.ipAddrTable

How to represent such data structures.
 MIB defines a uniform, virtual interface to
access data
22

ipAddrTable can be defined as:
ipAddrTable ::= SEQUENCE OF IpAddrEntry

Each entry in the array is defined by five
fields:
IpAddrEntry ::= SEQUENCE {
ipAdEntAddr
IpAddress,
ipAdEntIfIndex
INTEGER,
ipAdEntNetMask IpAddress,
ipAdEntBcastAddr IpAddress,
ipAdEntReasmMaxSize
INTEGER(0..65535)
}
23
Assign numeric values to entry and
each item of the entry:
ipAddrEntry {ipAddrTable 1}
ipAdEntNetMask{ipAddrEntry 3}
 Use a suffix appended onto the name to
select a specific element in the table,
not the index.
suffix = IP address
variable name.IP address

24
Simple Network Management
Protocol (SNMP)
Huaidong Meng
Instructor: Dr. Sharon Hall
25
Simple Network Management
protocol

Network Management protocol:
– specify communication between client
program a network manager invoked and
server program executing on a host or
router.
– which defines the form and meaning of
message exchanged
– representation of names and values of
message
– define administrative relationships among
routers between managed.
26
Network Management Protocol

Allow the manager
–
–
–
–

Reboot the system
Add or delete the router
Disable or enable a particular network interface
Remove cached address binding
The main disadvantage: the resulting
complexity
– For example, the command to delete a routing
table entry differs from the command to disable an
interface.
27
SNMP takes an interesting alternative
approach to network management

casts all operations in a fetch-store
paradigm, instead of defining a large set
of commands:
– Stability
• Its definition remains fixed.
– Simple to implement, understand, and debug
• It avoids the complexity of having special cases
for each command.
– Flexible
• Accommodate arbitrary commands in an elegant
framework
28
SNMP commands

get-request
fetch a value from a specific
variable

get-next-request
fetch a value without knowing
its exact name
get bulk-request
 Response


set-request
inform-request
 snmpv2-trap
 Report

fetch a large volume of data
a response to any of above
request
store a value in a specific
variable
reference to a third-party data
reply triggered by an event
undefined at present
29
Searching Table Using Names

get-next-request
– Allows a client to iterate through a table by
supplies a prefix of a valid object identifier,
without knowing how many items the table
contains.
– The server returns a network mask field of
the first entry in ipAddrTable, and the client
uses the full object identifier returned by
the server to request the next item in the
table.
– See page 566 for the example
30
SNMP Message Format
SNMPv3Message ::=
SEQUENCE {
msgVersion INTEGER (0..2147483647),
msgGlobalData HeaderData,
msgSecurityParameters OCTET STRING,
msgData ScopedPduData
}
31
Definition of SNMP HeaderData
HeaderData ::= SEQUENCE {
msgID INTEGER (0..2147483647)
msgMaxSize INTEGER (484..2147483647)
msgFlags OCTET STRING (SIZE(1))
msgSecurityModel INTEGER
(1..2147483647)
}
32
Definition of SNMP PDU
PDU ::=
CHOICE {
get-request
get-next-request
get-bulk-request
response
set-request
inform request
snmpV2-trap
report
}
33
Internet Management
-Example Encoded SNMP Message

Figure 30.11 contains an encoded getrequest message for data item sysDescr
 Each term used is further defined until it can
be defined by primitive data type, e.g. integer,
string. -Let’s compare the message with the
specified format

Hence, the encoded items have variablelength fields
34
Internet Management
-New Features In SNMPv3

Scope: Security and administration
 Goal: generality, flexibility and ease of admin.
 Example new features
–
–
–
–
Message Authentication
Privacy
Authorization & View-based Access Control
Remote Configuration
35
Internet Management
-Summary

An application level client program accesses
and controls agents running on devices
 SNMP is the standard TCP/IP network
management protocol that uses 2 conceptual
operation, fetch and store
 A companion standard, MIB, defines the
variables that are maintained by the agents
 MIB variables are described by ASN.1, which
uses a hierarchical namespace to ensure
global uniqueness
36
THANK YOU