COMM3D Network Administration and Management

1
COMM3DNetwork Administration and Management

• Configuration Management
• http//osiris.sunderland.ac.uk/cs0cst/

2
Objectives
In todays lecture Introduction to Configuration
Management Accomplishing Configuration Management
Configuration Management as part of a Network
Management System Learning outcomes Students
should understand the purpose of performing
configuration management. Students should be able
to identify the various tasks associated with
documenting the configuration of
equipment. Knowledge of various configuration
management techniques.
3
Configuration Management
Definition Configuration management is the
process of obtaining data from the network and
using that data to manage the setup of network
devices. (Leinwand and Conroy, 1996) What is it
Documenting the network layout. Documenting
the configuration of devices. Modifying the
network configuration on-the-fly. What is it not
Not just software or imaging. Not just
allocating IP addresses. Not just asset
tracking.
4
Why do we do it ?
Patching Every instance of a certain piece of
software needs updating due to a recent
vulnerability Longevity As network managers and
administrators move on how can the people who
come after manage the network Resource Integrity
Illicit use of bandwidth or infrastructure. Licens
ing How many copies of software X does your
company license how many does it run?
5
What are the Benefits?
Inventory Hardware, software, interconnections,
leased line IDs etc,etc Redundancy Do we have
spare equipment in the organisation , can the
network be reconfigured to eliminate a
problem? Back-out If we reconfigure something
and need to reverse the changes we should have
historical data to allow that. Standardisation A
standard desktop configuration so that all
worksations have the same software and set-up
6
3 Steps to Configuration Management
Gather information about what's currently in
place Perform an audit of the network so that
you have a baseline understanding of what
equipment is attached and how its set-up. Might
even require a tour of the organisation! Use and
Maintain the Data pointless collecting it if you
dont keep it up-to-date and use it management
reports , fault diagnostics , feeds into
accounting, fault and performance management
activities Make informed decisions management
decision , purchasing decisions , maintenance and
expansion of the network all rely on you having a
clear understanding of what you have and where
you want to be.
7
Gathering the Data
Manual Discovery This is often the only way to
determine some features of your network
particularly if trying to document intermittent
links such as redundant systems and
services. Difficult, error prone, time consuming,
costly, monotonous Autodiscovery develop tools
to allow you to automatically map your network.
Detect when its configuration changes and
evaluate the impact of the change. E.g. A simple
tool to ping every IP address in a given range
and report a list of the available hosts. E.g. A
Port scanner a piece of software that scans for
open ports so that it can identify services
running on the network
8
Gathering the Data
traceroute map the path that traffic takes as it
moves through the network. Log parsing What
equipment does each router know about , what has
it seen recently How do you manage IP addresses ,
or external connections can you get info from
DHCP logs or NAT gateways? Automapping Software
that can generate a network diagram based on
autodiscovery techniques
9
Automapping a Network
10
What can we store?
Each network device has a variety of version
information associated with it. An engineering
workstation, for example, may be configured as
follows Operating system, Version 3.2 Ethernet
interface, Version 5.4 TCP/IP software, Version
2.0 NetWare software, Version 4.1 NFS software,
Version 5.1 Serial communications controller,
Version 1.1 X.25 software, Version 1.0 SNMP
software, Version 3.1 Interfaces
access data Administrative owner
11
What else can we store?
Relationships A relationship describes an
association, connection, or condition that exists
between network resources or network
components e.g. a physical connection, a
topology, a hierarchy, a management
domain Change logs if an engineer patches
several computers in paris and the knock on
effect is the new york reports a loss of
connectivity we need a way to try and determine
cause?
12
How can we describe it?
ASN.1 Abstract Syntax Notation One A way of
describing any hierarchical data , primarily used
in network management as a way of formally
encoding information about a feature of the
network such as a managed object. What is it a
machine independent data description
language define abstract syntax of application
data define SNMP and OSI Management Information
Base (MIB) For those of you familiar with XML it
plays a similar role
13
ASN.1 Basics
Power to express both simple and complex
types. Types may be constrained in size and/or
value. More powerful constraints are
available. Fields may be marked as OPTIONAL. Type
extensibility allows for smooth enhancements. Age
INTEGER (0..7) User SEQUENCE
name IA5String (SIZE(1..128)), age
Age, address IA5String OPTIONAL,
14
ASN.1 Types

• SEQUENCE
• SEQUENCE OF
• GeneralizedTime
• IA5String
• BMPString
• UTF8String
• SET
• SET-OFF
• CHOICE
• SELECTION

• BOOLEAN
• INTEGER
• BIT STRING
• OCTET STRING
• NULL
• REAL
• ENUMERATED

15
ASN.1 An Example
Name James W Hong Title Associate
Professor Employee Number 20292 Date of
Hire May 26, 1995 Name of Spouse In-Young B
Hong Number of Children 2 Child
Information Name Suk D Hong Date of
Birth 29 March 1988 Child Information Name
Myungdo M Hong Date of Birth 10 August 1994
16
ASN.1 An Example
PersonalRecord APPLICATION 0 IMPLICIT SET
Name, title 0 VisibleString, number Em
ployeeNo, dateOfHire 1 Date, nameOfSpouse
2 Name, children 3 IMPLICIT SEQUENCE OF
ChildInfo DEFAULT ChildInfo
SET Name, dateOfBirth 0 Date
Name APPLICATION 1 IMPLICIT SEQUENCE
givenName VisibleString, initial VisibleSt
ring, familyName VisibleString
EmployeeNo APPLICATION 2 IMPLICIT
INTEGER Date APPLICATION 3 IMPLICIT
VisibleString
17
ASN.1 An Example
givenName James, initial W,
familyName Hong, title Associate
Professor number 20292 dateOfHire 1995052
6 nameOfSpouse givenName In-Young, initial
B, familyName Hong, children
givenName Suk, initial D,familyName
Hong, dateOfBirth 19880329
givenName Myungdo, initial M, familyName
Hong, dateOfBirth 19940810
18
Using Config. Management
Define configuration information Set and modify
attribute values Define and modify
relationships Initialize and terminate network
operations Distribute software Examine values and
relationships Report on configuration status
19
Using Configuration Management
State Management Take static snapshots of device
configurations and archive them such that you can
return a device to a previous state. This can be
completed all the way up to the operating system
level. Autoconf have network services build
their configuration automatically from a central
database. More than archiving pro-active
configuration tools! ISP in a box solutions!
20
Summary
Configuration Focused primarily on documenting
the relationships and interdependencies in a data
network Management - Identify the configuration
of all network elements - Catalogue it, use it
and then keep it up to date - Secure access to
it - Maintain historical records Implementation
Combination of existing network tools through
ping, traceroute , port scanners , manual
processes and automatic vendor solutions such as
automapping and management aware devices ASN.1
Industry Standard Notation