Chapter 11 Advanced NOS Administration

1
Chapter 11 Advanced NOS Administration

• 11.1 Backups
• 11.2 Drive Mapping
• 11.3 Partition and Processes Management
• 11.4 Monitoring Resources
• 11.5 Analyzing and Optimizing Network
  Performance

2
Backups
3
Overview of Backup Methods

• The backup process involves copying data from one
  computer to some other reliable storage medium
  for safekeeping.
• Once the data has been archived, the system
  administrator can then restore data to the system
  from any previously recorded backup.
• Considerations that are relevant for storage
  devices
• Cost
• Size
• Manageability
• Reliability

4
Overview of Backup Methods

• There are four types of backup procedures that
  define how the backup will take place
• Full - will backup everything on the hard drive
  at the scheduled point in the day
• Partial - backs up selected files
• Incremental - only the files that have changed
  since the last backup will be selected for back
  up
• Differential - backs up files created or changed
  since the last normal or incremental backup

5
Drive Mapping
6
What is Drive Mapping?

• Drive mapping is a useful tool that allows an
  administrator to share resources that are stored
  on a server.
• The client computers that are connected to the
  network assign a drive letter that will act as a
  direct path to access those resources stored on a
  server over the network.
• After a user identifies a network resource to be
  used locally, the resource can be "mapped" as a
  drive.

7
Mapping Drives in Windows Networks

• To map a drive with Windows Explorer, navigate to
  the folder on the remote system in Windows
  Explorer by selecting Network gt Neighborhood gt
  Server name gt Shared folder name.
• Another way to do this is to choose the Tools
  menu, and then choose Map Network Drive.
• The net use command can be used instead of
  mapping drives through Windows Explorer.
• net use can also be incorporated into a login
  script that automatically runs when the user logs
  in to the network.

8
Mapping Drives in Linux Networks

• A client computer running Linux must be mapped in
  a slightly different way.
• Use the mount command to establish a connection
  to the shared directory on the server.
• Entering the syntax will map a drive to a
  Linux/UNIX share.
• The local directory designation that points to
  the remote share denoted by the first part of the
  command is called the directory mount point.
• The mount point location must already exist
  before a share can be mapped to it.

9
Partition and Processes Management
10
Using fdisk, mkfs, and fsck

• fdisk is a text-based and requires the use of
  one-letter commands to manipulate the options.
• type m or ? at the fdisk prompt to obtain a list
  of the commands that can be used.
• Once the partition changes have been made, a
  filesystem must be created on the partition.
• This is also referred to as formatting the
  partition.
• Use the mkfs utility to create a filesystem in
  Linux.

11
Using fdisk, mkfs, and fsck

• The fsck utility is used to check file systems
  for errors, which occur more frequently than the
  need to add, remove, or format partitions.
• It is a good idea to use this utility often to
  check for file system integrity.

12
Managing System Processes with cron Jobs

• The way to schedule tasks to run at regular
  intervals on a Linux system is with Cron
  Programs.
• Also known as Cron jobs, they schedule system
  maintenance tasks that are performed
  automatically.
• System Cron jobs are controls via the/etc/cron.d
  directories and /etc/crontab file.
• The file begins with set of environmental
  variables. These set certain parameters for the
  Cron jobs such as the PATH and MAILTO
• The other lines in this file, specify the minute,
  hour, day, month, and day of the week the job
  will run.

13
Core Dumps

• Core Dump is a recording of the memory that a
  program was using at the time it crashed.
• The purpose of Core Dumps is to allow programmers
  to study the file to figure out exactly what
  caused the program to crash.
• The processes that are currently running on a
  Linux system can be viewed by using the ps
  command.

14
Core Dumps

• The ps command has a variety of options that can
  be used with the command to manipulate its
  output.
• These options can be used together to display the
  output wanted using the ps command.
• There can be some considerable output that is
  generated when the command such as ps-A forest
  command.

15
Core Dumps

• The top command functions much like the Windows
  2000 Performance tool by providing detailed
  information regarding CPU and RAM usage.
• Sometimes a process will cause the system to lock
  up.
• The kill command can be used to terminate the
  process.
• The signal option represents the specified signal
  that is sent to the process.
• There are 63 different parameters that can be
  entered for the signal that is sent to the
  process.

16
Assigning Permissions for Processes

• Typically, programs have the same types of
  permission and can read the same files as the
  user who runs that program.
• There are certain programs that require
  additional permission to be run by certain users.
• Regular users cannot execute the su command,
  because it requires root account privileges.
• Programs such as these are run using the SUID or
  SGID bit, which allows these programs to be run
  under the permission of another user.

17
Monitoring Resources
18
Disk Management

• By regularly using error-checking and
  defragmentation programs and continually managing
  free disk space, the system administrator can
  maintain a healthy hard drives.
• One preventive disk management tool available to
  system administrators is the use of "quotas" for
  user accounts.
• A quota acts as a storage ceiling that limits the
  amount of data each user can store on the network.

19
Memory Usage

• Memory diagnostic tools that allow RAM intensive
  applications to be discovered, and stopped if
  necessary, are typically built into most NOS
  platforms.
• System administrators can compensate for the lack
  of memory through the use of "virtual memory".
• Virtual memory allocates space on the hard drive
  and treats it as an extension of the system RAM.

20
CPU Usage

• All information used by the NOS, including the
  NOS itself, is processed millions of times per
  second by the CPU to display this information to
  the user.
• Built-in tools are commonly provided to allow
  system administrators to monitor the current
  level of CPU activity.
• This feedback is often presented in terms of the
  percentage of the CPU currently being used and is
  refreshed at frequent intervals.

21
Reviewing Daily Logs

• Most computer programs, servers, login processes,
  as well as the system kernel, record summaries of
  their activities in log files.
• These summaries can be used and reviewed for
  various things, including software that might be
  malfunctioning or attempts to break into the
  system.
• In Windows 2000, the Computer Management tool
  allows users to browse the logged events
  generated by the NOS.

22
Reviewing Daily Logs

• Linux uses log daemons to control the events that
  are entered in the system log.
• Most of the Linux systems log files are located
  in the /var/log directory.
• The log files that are located in this directory
  maintained by the system log daemon (Syslogd) and
  the kernel log daemon (klogd).
• These two daemons are configured using the
  syslog.conf file.

23
Checking Resource Usage on Windows 2000 and
Windows XP

• System resources are monitored in Windows 2000
  and Windows XP with the Performance tool.
• This application is found under the Start menu gt
  Programs gt System Administration gt Performance
  menu option.
• Users can then right-click on the graph and
  select Add Counters to specify which system
  resources to monitor in the graph.

24
Checking Resource Usage on Linux

• The df command is used to display the amount of
  disk space currently available to the various
  filesystems on the machine.
• When a directory name is specified, the du
  command returns the disk usage for both the
  contents of the directory and the contents of any
  subdirectories beneath it.
• The top command functions much like the Windows
  2000 Performance tool by providing detailed
  information regarding CPU and RAM usage.

25
Analyzing and Optimizing Network Performance
26
Key Concepts in Analyzing and Optimizing Network
Performance

• The network administrator should make time to
  devise a proactive plan for managing the network.
  
• This plan enables the detection of small problems
  before they become large ones.
• The three key concepts in analyzing and
  optimizing network performance include
• Bottlenecks
• Baselines
• Best practices

27
Bottleneck

• It is the point in the system that limits the
  data throughput, which is the amount of data that
  can flow through the network.
• The primary performance-monitoring tool for
  Microsofts Windows 2000 Server is called
  Performance.
• Performance can monitor nearly all hardware and
  software components on a Windows 2000 server.

28
Bottleneck

• The various versions of the UNIX/Linux operating
  systems have command-line utilities that can be
  used to monitor performance of the UNIX/Linux
  network server.
• The primary tools are sar, vmstat, iostat, and
  ps.
• The flags used by these commands can vary among
  the different versions of UNIX/Linux.
• Use the UNIX/Linux man command to get specifics
  about the use of these commands.
• The information displayed by the man command also
  tells how to interpret the output generated by
  the command.

29
Baselines

• The baseline measurements should include the
  following statistics
• Processor, Memory, Disk subsystem, Network -
  Network queue length
• Determine how efficiently a network is performing
  by comparing various measurements to the same
  measurements taken at an earlier time.
• This point of comparison is called a baseline,
  which is the level of performance that is
  acceptable when the system is handling a typical
  workload.

30
Determining Internet Connection Speed

• The speed of a connection is limited by its
  lowest-speed component or the bottleneck.
• This means that even if the equipment is capable
  of a 50-kbps connection, the connection will be
  at the slower speed if the remote modem supports
  only 33.6-kbps.

31
Determining Internet Connection Speed

• There are many reasons for a slow Internet
  connection
• A poor connection to the ISP remote access server
  can be caused by modem problems on either end and
  noisy lines
• A slow web server, FTP server, or any server on
  the Internet to which requests are being sent
• Congested conditions on the primary backbone
  lines, which can occur during events of national
  or international importance
• Shared bandwidth on the LAN or within the ISP
  network

32
Network Monitoring Software

• The network monitor that comes with Windows NT
  and Windows 2000 is a functional and useful tool
  for performing routine protocol analysis.
• Network Monitor can be used to display the
  individual frames of captured data.
• The figure shows that packets for several
  different protocols have been captured, including
  TCP, UDP, and SMB.

33
Network Monitoring Software

• The Sniffer products enable sophisticated
  filtering based on pattern matches, IP/IPX
  addresses, and so on.
• Sniffer Pro includes a traffic generator to
  assist in testing new devices or applications.
• It can be used to simulate network traffic or to
  measure response times and hop counts.
• Sniffer uses a dashboard-style interface.

34
Network Management Software

• The difference between network monitoring
  software and network management software is the
  latter is generally more comprehensive.
• Managing the network includes a number of tasks
• Documenting the devices on the network and the
  status of each
• Creating an inventory of network software that
  allows deployment of software and updates over
  the network
• Metering software to provide data on what
  applications are being used and how, when, and by
  whom they are being used
• Managing software licensing
• Remotely controlling client machines and servers
  over the network and managing remote desktops
• Notifying administrators of events such as
  failure of network components or a predefined
  disk capacity that is reached or exceeded

35
Network Management Software

• There are several network management programs
  (or, more accurately, suites of programs) on the
  market.
• Microsoft SMS
• Novell ManageWise
• IBM Tivoli Enterprise
• Hewlett Packard OpenView

36
Management software for small and medium-sized
networks

• SNMP is a protocol that is included in most
  implementations of TCP/IP
• CMIP was designed to improve on SNMP and expand
  its functionality. It works in much the same way
  as SNMP, but it has better security features.
  Also, it enables notification when specified
  events occur.

37
Management Service Provider (MSP)

• A new development in network management is the
  Management Service Provider (MSP).
• A company subscribes to an MSP service, which
  provides performance monitoring and network
  management.

38
SNMP concepts and components

• SNMP runs on port 161 by default, it is the only
  way to obtain true statistics of network usage
  under TCP/IP
• Before setting up SNMP, it is necessary to have
  IP addresses or host names of the systems that
  will either be the initiators or those that will
  respond to the requests.
• At least one management system is needed to even
  be able to use the SNMP Service
• The SNMP agent is responsible for complying with
  the requests and responding to the SNMP manager
  accordingly

39
SNMP structure and functions

• The data that the management system requests from
  an agent is contained in a Management Information
  Base (MIB).
• The MIB is the database of information that can
  be queried against.
• The SNMP agent knows what to monitor on the
  network device by looking at a Management
  Information Base (MIB) for the device.
• There really is no established security with
  SNMP.

40
SNMP structure and functions

• The data that the management system requests from
  an agent is contained in a Management Information
  Base (MIB).
• The MIB is the database of information that can
  be queried against.
• The SNMP agent knows what to monitor on the
  network device by looking at a Management
  Information Base (MIB) for the device.
• There really is no established security with
  SNMP.