CHAPTER 30 Internet Management

1
CHAPTER 30Internet Management

• Albert 30.1, 2, 3
• Yifan 30.4, 5, 6, 7
• Jianxin 30.8
• Huaidong 30.9
• Lai Yee 30.10
• Daniel 30.11, 12, 13

2
Internet Management

• Activities in Internet management
• Debug problems
• Control routing
• Find computer that violate protocol standard

3
Network Management

• Originally, many wide area networks included
  management protocols as part of their link level
  protocols.
• Advantage
• Managers were often able to control switches
  even if higher level protocols failed.

4
Internet management differs from network
management

• A single manager can control heterogeneous
  devices including IP routers, bridges, modems,
  work-stations, and printers.
• The controlled entities may not share a common
  link level protocol.
• The set of machines a manager controls may lie at
  arbitrary points in an internet.

5
Internet management operates at the application
level

• Advantages
• One set of protocol can be used for all
  networks.
• Same protocols can be used for all managed
  devices.
• A manager can control the routers across an
  entire TCP/IP internet without having direct
  attached to every physical network or router.
• Disadvantage
• If the operating system, IP software, or
  transport protocol software does not work
  correctly, the manager may not be able to contact
  a router that needs managing.

6
Architectural Model
7
Architectural Model

• Client software usually runs on the managers
  workstation.
• Each participating router or host runs a server
  program called management agent.
• Most managers only control devices at their
  local sites a large site may have multiple
  managers.
• Internet management software uses an
  authentication mechanism to ensure only
  authorized managers can access or control a
  particular device.

8
Protocol Framework Its all about management
information!

• SNMP How to exchange?
• MIB How to store and operate?
• SMI How to define and identify?
• ASN. 1 Formal notation used by SMI.

9
SNMP v3 how to communicate?

• Stands for Simple Network Management Protocol
  version 3
• A standard Network Management Protocol
• Defines
• - message format, form of names and addresses
• - how to use transport protocol
• - set of operations and their meaning
• - approach is minimalistic

10
MIB How about data?

• Stands for Management Information Base
• Defines
• - What data should be kept for the manager?
• - What operations are allowed on these data?
• - Categories of data
• - Variables in each category
• MIB definition is independent of the network
  management protocol.
• - All managed devices speaks the same language
  (MIB)

11

• __MIB category includes informationabout_____
  ___
• system The host or router
  operating system
• interfaces Individual network
  interfaces
• at Address translation (e.g. ARP)
• ip Internet protocol software
• icmp Internet Control Protocol software
• tcp Tansmission Control Protocol software
• udp User datagram Protocol software
• ospf Open shortest path first software
• bgp Border Gateway Protocol software
• rmon Remote network monitoring
• rip-2 Routing Information Protocol software
• dns Domain Name System software

12

• MIB Variable Category
  Meaning______________
• sysUptime system Time since last
  reboot
• ifNumber interfaces Number of network
  interface
• ifMTU interfaces MTU for a
  particular interface
• ipDefaultTTL ip Value IP uses in
  TTL field
• ipInReceives ip Number of datagrams
  received
• ipForwdatagrams ip Number of datagrams
  forwarded
• ipOutNoroutes ip Number of
  routing failures
• ipReasmOKs ip Number of
  datagrams reassembled
• ipFragOKs ip Number of
  datagrams fragmented
• ipRoutingTable ip IP routing table
• icmpInEchos icmp of ICMP echo
  requests received
• tcpRtoMin tcp Min retransmision time
  TCP allows
• tcpMaxConn tcp Max TCP connection
  allowed
• tcpInSegs tcp of segments TCP has
  received
• udpInDatagrams udp of UDP datagrams
  received

13
MIB variables

• Each variable can be stored as
• - A single integer
• - A complex structure
• e.g., an entire Routing Table
• Also defines table entries.
• Presentation only has logical meaning.
• - Router may use different internal data
  structures

14
SMI rules to define and identify variables

• Stands for Structure of Management Information
• Specifies
• - What variable types are allowed?
• - What naming rules should be followed?
• - How to refer to the tables of values?
• e.g., the IP routing table

15
ASN. 1 a formal notation used by SMI

• Stands for ISOs Abstract Syntax Notation 1
• A formal notation of defining variable names and
  types
• - In documents human can read
• - In communication compact encoded
  representation
• Benefits
• - Makes the form and contents of variables
  unambiguous.
• - Simplifies the implementation of protocols
• - guarantees interoperability

16
30.8 Structure And Representation Of MIB Object
Names --- Jianxin

• Object Identifier Namespace
• Names used for MIB variables are taken from the
  object identifier namespace administered by ISO
  and ITU.
• The object identifier namespace is absolute,
  meaning that names are structured to make them
  globally unique.

17
Hierarchy of namespace

• The root of the object identifier hierarchy is
  unnamed.
• It has three direct descendants managed by
• ISO ITU jointly by ISO and ITU
• The descendants are assigned both short text
  strings and integers.
• ISO has allocated one subtree for use by other
  national or international standards organizations.

18
(No Transcript)
19
Name an object and MIB categories

• The name of an object in the hierarchy is the
  sequence of numeric labels on the nodes along a
  path from the root to the object.
• The sequence is written with periods separating
  the individual components.
• example 1.3.6.1.2 --- denotes the node
  mgmt
• The MIB groups variables into categories, each
  category is the sub-tree of the mib node of the
  object identifier namespace.

20
(No Transcript)
21
Simple category naming examples

• The category labeled ip has been assigned the
  value 4.
• The names of all MIB variables corresponding to
  ip have an identifier that begins with the
  prefix
• 1.3.6.1.2.1.4
• The textual label would be
• iso.org.dod.internet.mgmt.mib.ip
• When network management protocols use names of
  MIB variables in messages, each name has a suffix
  appended. For simple variables, the suffix is 0.

22
Complex example

• How about the variable ipAddrTable
• A list of the IP addresses for each network
  interface
• Its a sub-tree under ip node, with prefix
• iso.org.dod.internet.mgmt.mib.ip.ipAddrTable
• How to represent such data structures.
• MIB defines a uniform, virtual interface to
  access data

23

• ipAddrTable can be defined as
• ipAddrTable SEQUENCE OF IpAddrEntry
• Each entry in the array is defined by five
  fields
• IpAddrEntry SEQUENCE
• ipAdEntAddr IpAddress,
• ipAdEntIfIndex INTEGER,
• ipAdEntNetMask IpAddress,
• ipAdEntBcastAddr IpAddress,
• ipAdEntReasmMaxSize
• INTEGER(0..65535)

24

• Assign numeric values to entry and each item of
  the entry
• ipAddrEntry ipAddrTable 1
• ipAdEntNetMaskipAddrEntry 3
• Use a suffix appended onto the name to select a
  specific element in the table, not the index.
• suffix IP address
• variable name.IP address

25
Simple Network Management Protocol (SNMP)

• Huaidong Meng
• Instructor Dr. Sharon Hall

26
Simple Network Management protocol

• Network Management protocol
• specify communication between client program a
  network manager invoked and server program
  executing on a host or router.
• which defines the form and meaning of message
  exchanged
• representation of names and values of message
• define administrative relationships among routers
  between managed.

27
Network Management Protocol

• Allow the manager
• Reboot the system
• Add or delete the router
• Disable or enable a particular network interface
• Remove cached address binding
• The main disadvantage the resulting complexity
• For example, the command to delete a routing
  table entry differs from the command to disable
  an interface.

28
SNMP takes an interesting alternative approach to
network management

• casts all operations in a fetch-store paradigm,
  instead of defining a large set of commands
• Stability
• Its definition remains fixed.
• Simple to implement, understand, and debug
• It avoids the complexity of having special cases
  for each command.
• Flexible
• Accommodate arbitrary commands in an elegant
  framework

29
SNMP commands

• get-request fetch a value from a specific
  variable
• get-next-request fetch a value without knowing
  its exact name
• get bulk-request fetch a large volume of data
• Response a response to any of above
  request
• set-request store a value in a specific
  variable
• inform-request reference to a third-party data
• snmpv2-trap reply triggered by an event
• Report undefined at present

30
Searching Table Using Names

• get-next-request
• Allows a client to iterate through a table by
  supplies a prefix of a valid object identifier,
  without knowing how many items the table
  contains.
• The server returns a network mask field of the
  first entry in ipAddrTable, and the client uses
  the full object identifier returned by the server
  to request the next item in the table.
• See page 566 for the example

31
SNMP Message Format

• SNMPv3Message
• SEQUENCE
• msgVersion INTEGER (0..2147483647),
• msgGlobalData HeaderData,
• msgSecurityParameters OCTET STRING,
• msgData ScopedPduData

32
Definition of SNMP HeaderData

• HeaderData SEQUENCE
• msgID INTEGER (0..2147483647)
• msgMaxSize INTEGER (484..2147483647)
• msgFlags OCTET STRING (SIZE(1))
• msgSecurityModel INTEGER (1..2147483647)

33
Definition of SNMP PDU

• PDU
• CHOICE
• get-request
• get-next-request
• get-bulk-request
• response
• set-request
• inform request
• snmpV2-trap
• report

34
Internet Management-Example Encoded SNMP Message

• Figure 30.11 contains an encoded get-request
  message for data item sysDescr
• Each term used is further defined until it can be
  defined by primitive data type, e.g. integer,
  string. -Lets compare the message with the
  specified format
• Hence, the encoded items have variable-length
  fields

35
Internet Management-New Features In SNMPv3

• Scope Security and administration
• Goal generality, flexibility and ease of admin.
• Example new features
• Message Authentication
• Privacy
• Authorization View-based Access Control
• Remote Configuration

36
Internet Management-Summary

• An application level client program accesses and
  controls agents running on devices
• SNMP is the standard TCP/IP network management
  protocol that uses 2 conceptual operation, fetch
  and store
• A companion standard, MIB, defines the variables
  that are maintained by the agents
• MIB variables are described by ASN.1, which uses
  a hierarchical namespace to ensure global
  uniqueness

37
THANK YOU