You are on page 1of 27

Chapter 9 Network Management

A note on the use of these ppt slides:


Were making these slides freely available to all (faculty, students, readers). Theyre in o!er oint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of !ork on our part. "n return for use, !e only ask the follo!ing: "f you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, !ed like people to use our book#) "f you post any slides in substantially unaltered form on a !!! site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and en$oy# %&'('W) All material copyright *++,-.//, %.& 'urose and '.W. )oss, All )ights )eserved

Computer Networking: A Top Down Approach Featuring the Internet,


3rd edition. Jim uro!e, eith "o!! Addi!on#$e!%e&, Ju%& '(().

Network

9-1

Chapter 9: Network Management


Chapter goa%!: introduction to network management moti*ation ma+or component! Internet network management ,ramework MI-: management in,ormation .a!e /MI: data de,inition %anguage /NM0: protoco% ,or network management !ecurit& and admini!tration pre!entation !er*ice!: A/N.1 Network 9-2

Chapter 9 out%ine
$hat i! network management2 Internet#!tandard management ,ramework /tructure o, Management In,ormation: /MI Management In,ormation -a!e: MI /NM0 0rotoco% 3peration! and Tran!port Mapping! /ecurit& and Admini!tration A/N.1

Network

9-3

$hat i! network management2


autonomou! !&!tem! 4aka 5network67: 1((! or 1(((!

o, interacting hardware8!o,tware component! other comp%e9 !&!tem! re:uiring monitoring, contro%: +et airp%ane nuc%ear power p%ant other!2
;Network management inc%ude! the dep%o&ment, integration and coordination o, the hardware, !o,tware, and human e%ement! to monitor, te!t, po%%, con,igure, ana%&<e, e*a%uate, and contro% the network and e%ement re!ource! to meet the rea%#time, operationa% per,ormance, and =ua%it& o, /er*ice re:uirement! at a rea!ona.%e co!t.;

Network

9-4

In,ra!tructure ,or network management


de,inition!:
managing entit&
managing data entit& agent data managed de*ice agent data managed de*ice agent data agent data managed de*ice managed de*ice

network management protoco%

managed de*ice! contain managed o.+ect! who!e data i! gathered into a Management In,ormation -a!e 4MI-7

Network

9-5

Network Management !tandard!


3/I CMI0 Common Management In,ormation 0rotoco% de!igned 19>(?!: the uni,&ing net management !tandard too !%ow%& !tandardi<ed /NM0: /imp%e Network Management 0rotoco% Internet root! 4/@M07 !tarted !imp%e dep%o&ed, adopted rapid%& growth: !i<e, comp%e9it& current%&: /NM0 A3 de ,acto network management !tandard

Network

9-6

Chapter 9 out%ine
$hat i! network management2 Internet#!tandard management ,ramework /tructure o, Management In,ormation: /MI Management In,ormation -a!e: MI /NM0 0rotoco% 3peration! and Tran!port Mapping! /ecurit& and Admini!tration A/N.1

Network

9-7

/NM0 o*er*iew: ) ke& part!


Management in,ormation .a!e 4MI-7: di!tri.uted in,ormation !tore o, network management data /tructure o, Management In,ormation 4/MI7: data de,inition %anguage ,or MI- o.+ect! /NM0 protoco% con*e& managerB#Cmanaged o.+ect in,o, command! !ecurit&, admini!tration capa.i%itie! ma+or addition in /NM0*3

Network

9-8

/MI: data de,inition %anguage


0urpo!e: !&nta9, !emantic! o, management data we%%# de,ined, unam.iguou! .a!e data t&pe!: !traight,orward, .oring 3-JDCT#TE0D data t&pe, !tatu!, !emantic! o, managed o.+ect M3DFGD#IDDNTITE group! re%ated o.+ect! into MI- modu%e

0asic 1ata Types


"2T343) "nteger5. 6nsigned5. 78T3T 9T)"24 70%38T "132T"&"31 " address 8ounter5. 8ounter,: 4uage5. Time Ticks 7pa;ue Network 9-9

/NM0 MIMI- modu%e !peci,ied *ia /MI M3DFGD#IDDNTITE 41(( !tandardi<ed MI-!, more *endor#!peci,ic7 M3DFGD

70%38T T< 3:

70%38T T< 3: 70%38T T< 3:

o.+ect! !peci,ied *ia /MI 3-JDCT#TE0D con!truct Network 9-

/MI: 3.+ect, modu%e e9amp%e!


3-JDCT#TE0D:

ipInDe%i*er!

M3DFGD#IDDNTITE:

ipMI-

ip"n1elivers 70%38T T< 3 9<2TA= 8ounter5. >A=-A88399 read-only 9TAT69 current 1398)" T"72 ?The total number of input datagrams successfully delivered to " userprotocols (including "8> )@ ::A B ip +C

ip>"0 >716D3-"132T"T< DA9T-6 1AT31 ?+:**/*///E@ 7)4A2EAT"72 ?"3T& 92 v. Working 4roup@ 872TA8T-"2&7 ? 'eith >c8loghrie FF@ 1398)" T"72 ?The >"0 module for managing " and "8> implementations, but eGcluding their management of " routes.@ )3H"9"72 ?/*+55*///E@ FFF ::A Bmib-. :IC

Network

9-

MI- e9amp%e: FD0 modu%e


3.+ect ID
1.3.H.1.'.1.I.1 1.3.H.1.'.1.I.' 1.3.H.1.'.1.I.3 1.3.H.1.'.1.I.) 1.3.H.1.'.1.I.K

Name

T&pe

Comment!
at thi! node

FD0InDatagram! Counter3' tota% J datagram! de%i*ered FD0No0ort! FDInDrror! Counter3' J under%i*era.%e datagram! no app at port% Counter3' J unde%i*era.%e datagram! a%% other rea!on! FD03utDatagram! Counter3' J datagram! !ent udpTa.%e
/D=FDNCD one entr& ,or each port

in u!e .& app, gi*e! port J and I0 addre!!

Network

9-

/NM0 Naming
:ue!tion: how to name e*er& po!!i.%e !tandard o.+ect 4protoco%, data, more..7 in e*er& po!!i.%e network !tandard22 an!wer: I/3 3.+ect Identi,ier tree: hierarchica% naming o, a%% o.+ect! each .ranchpoint ha! name, num.er

1.3.H.1.'.1.I.1
I/3 I/3#ident. 3rg. F/ DoD Internet udpInDatagram! FD0 MI-' management Network 9-

3/I 3.+ect Identi,ier Tree

Check out www.a%*e!trand.no8hara%d8o.+ectid8top.htm%

Network

9-

/NM0 protoco%
Two wa&! to con*e& MI- in,o, command!:
managing entit& managing entit&

re:ue!t re!pon!e
agent data Managed de*ice

trap m!g
agent data Managed de*ice

re:ue!t8re!pon!e mode

trap mode Network 9-

/NM0 protoco%: me!!age t&pe!


Me!!age t&pe @et"e:ue!t @etNe9t"e:ue!t @et-u%k"e:ue!t In,orm"e:ue!t /et"e:ue!t "e!pon!e Trap Function Mgr#to#agent: 5get me data6 4in!tance,ne9t in %i!t, .%ock7 Mgr#to#Mgr: here?! MI- *a%ue Mgr#to#agent: !et MI- *a%ue Agent#to#mgr: *a%ue, re!pon!e to "e:ue!t Agent#to#mgr: in,orm manager o, e9ceptiona% e*ent Network 9-

/NM0 protoco%: me!!age ,ormat!

Network

9-

/NM0 !ecurit& and admini!tration


encr&ption: DD/#encr&pt /NM0 me!!age authentication: compute, !end MIC4m,k7:

compute ha!h 4MIC7 o*er me!!age 4m7, !ecret !hared ke& 4k7 protection again!t p%a&.ack: u!e nonce *iew#.a!ed acce!! contro%
/NM0

entit& maintain! data.a!e o, acce!! right!, po%icie! ,or *ariou! u!er! data.a!e it!e%, acce!!i.%e a! managed o.+ectL Network 9-

Chapter 9 out%ine
$hat i! network management2 Internet#!tandard management ,ramework /tructure o, Management In,ormation: /MI Management In,ormation -a!e: MI /NM0 0rotoco% 3peration! and Tran!port Mapping! /ecurit& and Admini!tration The pre!entation pro.%em: A/N.1

Network

9-

The pre!entation pro.%em


=: doe! per,ect memor&#to#memor& cop& !o%*e 5the communication pro.%em62 A: not a%wa&!L
struct B char codeJ int GJ C testJ test.G A .K,J test.codeALa test.code test.G a ///////* //////** test.code test.G a //////** ///////*

ho!t 1 ,ormat

ho!t ' ,ormat

pro.%em: di,,erent data ,ormat, !torage con*ention! Network 9-

A rea%#%i,e pre!entation pro.%em:

grandma aging ,/s hippie

.//: teenager

Network

9-

0re!entation pro.%em: potentia% !o%ution!


1. /ender %earn! recei*er?! ,ormat. /ender tran!%ate! into recei*er?! ,ormat. /ender !end!. M rea%#wor%d ana%og&2 M pro! and con!2 '. /ender !end!. "ecei*er %earn! !ender?! ,ormat. "ecei*er tran!%ate into recei*er#%oca% ,ormat M rea%#wor%d#ana%og& M pro! and con!2 3. /ender tran!%ate! ho!t#independent ,ormat. /end!. "ecei*er tran!%ate! to recei*er#%oca% ,ormat. M rea%#wor%d ana%og&2 M pro! and con!2

Network

9-

/o%*ing the pre!entation pro.%em


1. Tran!%ate %oca%#ho!t ,ormat to ho!t#independent ,ormat '. Tran!mit data in ho!t#independent ,ormat 3. Tran!%ate ho!t#independent ,ormat to remote#ho!t ,ormat

grandma

aging ,/s hippie

.//: teenager

Network

9-

A/N.1: A.!tract /&nta9 Notation 1


I/3 !tandard N.H>( u!ed e9ten!i*e%& in Internet %ike eating *egeta.%e!, knowing thi! 5good ,or &ou6L de,ined data t&pe!, o.+ect con!tructor! %ike /MI -D": -a!ic Dncoding "u%e! !peci,& how A/N.1#de,ined data o.+ect! to .e tran!mitted each tran!mitted o.+ect ha! T&pe, Gength, Aa%ue 4TGA7 encoding

Network

9-

TGA Dncoding
Idea: tran!mitted data i! !e%,#identi,&ing
T:

data t&pe, one o, A/N.1#de,ined t&pe! G: %ength o, data in .&te! A: *a%ue o, data, encoded according to A/N.1 !tandard Tag Halue Type
* . 5 : K , + 0oolean "nteger 0itstring 7ctet string 2ull 7b$ect "dentifier )eal

Network

9-

TGA encoding: e9amp%e


Aa%ue, 'K9 Gength, ' .&te! T&peO', integer

Aa%ue, K octet! 4char!7 Gength, K .&te! T&peO), octet !tring

Network

9-

Network Management: !ummar&


network management

important: >(P o, network 5co!t6 A/N.1 ,or data de!cription /NM0 protoco% a! a too% ,or con*e&ing in,ormation Network management: more art than !cience what to mea!ure8monitor how to re!pond to ,ai%ure!2 a%arm corre%ation8,i%tering2

e9treme%&

Network

9-