Transcript ch11

Guide to TCP/IP, Third
Edition
Chapter 11:
Monitoring and Managing IP
Networks
Objectives
• Understand the basic principles and practices
involved in managing modern networks
• Explain the role that the SNMP can play on an IPbased network, and understand its basic structure
and function
• Understand how to install, configure, and use
SNMP consoles, tools, and utilities
Monitoring and Managing IP Networks
2
Objectives (continued)
• Deploy tools and utilities to maintain an SNMP
network management system
• Explain the issues involved in integrating SNMPbased network management tools with other
network management environments
• Understand common SNMP errors and how to
troubleshoot them
Monitoring and Managing IP Networks
3
Understanding Network Management
Practices and Principles
• Tasks involved in managing a network
– Depend on the ability to collect data about a network
and detect network-related occurrences
• End stations
– Usually known as managed devices
– Any kind of system where management-related
software is installed and running
• Management entities
– Usually function within the context of a network
management system (NMS)
Monitoring and Managing IP Networks
4
Monitoring and Managing IP Networks
5
The OSI Network Management Model
• OSI network management model incorporates the
following five layers
–
–
–
–
–
Accounting management
Configuration management
Fault management
Performance management
Security management
Monitoring and Managing IP Networks
6
Practical Network Management
• OSI network management model
– Does an excellent job of categorizing and cataloging
tasks and activities
• Make systematic network management a priority
• Obtain right mix of software components and tools
that can be used as part of a program of
– Regular, scheduled network maintenance and care
Monitoring and Managing IP Networks
7
In-band Versus Out-of-band
Management
• In-band management
– Traffic travels along the regular network data path.
• Out-of-band management
– Traffic alerts travel on a separate non-data path
– Solution supports communications between
management agents and the manager device
Monitoring and Managing IP Networks
8
Monitoring and Managing IP Networks
9
Monitoring and Managing IP Networks
10
Understanding SNMP
• Request/response-based protocol used to
– Transport management messages between an
SNMP agent and an SNMP manager
• SNMP version 1 (SNMPv1)
– Uses plain text passwords
• SNMP version 2 (SNMPv2)
– Includes two improvements: protocol enhancements
and security enhancements
• SNMP version 3 (SNMPv3)
– Addresses shortcomings of previous versions
Monitoring and Managing IP Networks
11
Understanding SNMP (continued)
• SNMPv1 consists of the following basic elements:
–
–
–
–
Management Information Base objects
SNMP agents
SNMP managers
SNMP messages
Monitoring and Managing IP Networks
12
Management Information Base
Objects
• Management Information Base (MIB)
– Database of manageable objects for a device
• Structure of Management Information (SMI)
– Defines object formats in any MIB using a particular
form of notation called Abstract Syntax Notation One
(ASN.1)
• ASN.1
– Language used to describe a type of object and the
object identifier (OID)
Monitoring and Managing IP Networks
13
Management Information Base
Objects (continued)
• OID
– Sequence of non-negative integers that traverses an
object tree
• Subordinates
– Branches of the object tree
• In SNMP
– Object is identified by the path used to get to a
specific device identifier on an object tree
Monitoring and Managing IP Networks
14
Monitoring and Managing IP Networks
15
Monitoring and Managing IP Networks
16
Monitoring and Managing IP Networks
17
Monitoring and Managing IP Networks
18
Remote Monitoring
• Used to monitor and administer remote segments
of a distributed network
• Places agents, called network probes, at various
locations on the distributed network
• Probes
– Standalone devices that contain a NIC, a processor,
memory, and software
Monitoring and Managing IP Networks
19
ROM Ethernet
• First version of RMON
– Ethernet based
– Has nine distinct groups of objects
•
•
•
•
•
Ethernet statistics, History control
Alarm, Host
HostTopN, Matrix
Filter, Packet capture
Event
Monitoring and Managing IP Networks
20
SNMP Agents
• SNMP agent software
– Placed on devices that can be managed by SNMP
managers
• SNMP agents
– Answer to SNMP manager’s queries for information
about the objects in agent’s MIB
• SNMP managers
– Query SNMP agents for the information maintained
about MIB objects
Monitoring and Managing IP Networks
21
SNMP Messages
• SNMP managers and agents communicate over
UDP with a specific set of commands
–
–
–
–
–
GET-REQUEST
GET-RESPONSE
GET-NEXT
SET
TRAP
Monitoring and Managing IP Networks
22
Monitoring and Managing IP Networks
23
SNMP Security
• SNMPv1
– Offers only a simple password system, and cannot
be considered truly secure
• Basic community names
– Read-Only (or Monitor) community name
– Read/Write (or Control) community name
– Alert (or Trap) community name
Monitoring and Managing IP Networks
24
Installing and Configuring SNMP
Agents and Consoles
•
•
•
•
Installing a network management console is more
complex than installing agent software
Many proprietary consoles that differ greatly from
one another
Console configuration also is fairly complex
For many packages, completing an initial
configuration may take six months or longer
– Configuration is never truly finished
– Typically require dedicated resources and constant
maintenance
Monitoring and Managing IP Networks
25
SNMP Consoles, Tools, Utilities, and
Key Files
• Lion’s share of market belongs to three products
– HP OpenView’s Network Node Manager (NNM)
Advanced Edition
– IBM’s Tivoli NetView
– Computer Associates’ Unicenter
Monitoring and Managing IP Networks
26
Integrating SNMP with Other
Management Environments
• Common modules
–
–
–
–
–
–
PING
Database change control modules
Dynamic topological maps
Inventory modules
Service-level tracking
To effectively use data gathered via SNMP
• Other managed environments usually have reporting
capabilities
Monitoring and Managing IP Networks
27
Troubleshooting SNMP
• Community names
– Must match on both the SNMP agent and the
network management station
– Case sensitive
– Three levels of community strings
• Read-Only (Monitor)
• Read/Write (Control)
• Alert (Trap)
Monitoring and Managing IP Networks
28
Summary
• Network management
– Involves placing specific software components,
called management agents, into managed devices
• Network management systems rely on two kinds of
activities to perform management tasks
– The ability of managed devices to issue alerts when
specific events occur
– The ability of management entities to poll managed
devices regularly
Monitoring and Managing IP Networks
29
Summary (continued)
• Most NMSs
– Provide various methods for out-of-band
management
• Discipline of network management
– Described in the OSI network management model
• For IP-based networks
– SNMP carries management-related messages and
data among network management agents and
entities
Monitoring and Managing IP Networks
30
Summary (continued)
• SNMP’s management data
– Resides in a database of manageable objects called
a Management Information Base
• Order is important
– When loading MIBs into a management station
• Remote Monitoring MIB
– Used to monitor and manage remote segments on a
distributed network
Monitoring and Managing IP Networks
31
Summary (continued)
• SNMP messages
– Use UDP for transport and IP for network access
• Ensuring SNMP security requires
– Changing default community names
– Managing the transit of SNMP messages across
organizational network Boundaries
• Troubleshooting SNMP requires
– Good working knowledge of local network conditions
Monitoring and Managing IP Networks
32