Ch 9. Network Management Myungchul Kim [email protected].
-
Upload
albert-roberts -
Category
Documents
-
view
215 -
download
0
Transcript of Ch 9. Network Management Myungchul Kim [email protected].
![Page 2: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/2.jpg)
2
Network management tools– Detecting failure of an interface card at a host or a router– Host monitoring– Monitoring traffic to aid in resource deployment– Detecting rapid change in routing tables– Monitoring for Service Level Agreements
SLA: service availability (outage), latency, throughput, and outage notification requirements
– Intrusion detection
Five areas of network management (by ISO)– Performance, fault, configuration, accounting, and security man
agements
![Page 3: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/3.jpg)
3
Definition of network management [Saydam 1996]– Network mangement includes the deployment, integration, and
coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a resonable cost.
![Page 4: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/4.jpg)
4
Infrastructure for network management
agent data
agent data
agent data
agent data
managed device
managed device
managed device
managed device
managingentity data
networkmanagement
protocol
definitions:
managed devices containmanaged objects whose data is gathered into a
Management InformationBase (MIB)
managing entity
![Page 5: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/5.jpg)
5
The Internet-standard management framework The framework
– Definitions of network management objects: Management Information Base (MIB)
– Data definition language known as SMI(Structure of Management Information)
– Protocol: SNMP– Security and admininstration capabilities
![Page 6: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/6.jpg)
6
SMI: data definition language
Purpose: syntax, semantics of management data well-defined, unambiguous
base data types: – straightforward, boring
OBJECT-TYPE– data type, status, semantics of
managed object MODULE-IDENTITY
– groups related objects into MIB module
Basic Data Types
INTEGERInteger32
Unsigned32OCTET STRING
OBJECT IDENTIFIEDIPaddressCounter32Counter64Guage32
Time TicksOpaque
![Page 7: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/7.jpg)
7
SNMP Naming
question: how to name every possible standard object (protocol, data, more..) in every possible network standard??
answer: ISO Object Identifier tree: – hierarchical naming of all objects– each branchpoint has name, number
1.3.6.1.2.1.7.1ISO
ISO-ident. Org.US DoDInternet
udpInDatagramsUDPMIB2management
![Page 8: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/8.jpg)
8
![Page 9: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/9.jpg)
9
SNMP protocol
Two ways to convey MIB info, commands:
agent data
Managed device
managingentity
response
agent data
Managed device
managingentity
trap msgrequest
request/response mode trap mode
![Page 10: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/10.jpg)
10
SNMP security and administration
encryption: DES-encrypt SNMP message authentication: compute, send MIC(m,k): compute hash
(MIC) over message (m), secret shared key (k) protection against playback: use nonce view-based access control
– SNMP entity maintains database of access rights, policies for various users
– database itself accessible as managed object!
![Page 11: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/11.jpg)
11
The presentation problem
Q: does perfect memory-to-memory copy solve “the communication problem”?
A: not always!
problem: different data format, storage conventions
struct { char code; int x; } test;test.x = 256;test.code=‘a’
a0000000100000011
a
0000001100000001
test.codetest.x
test.code
test.x
host 1 format host 2 format
![Page 12: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/12.jpg)
12
![Page 13: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/13.jpg)
13
ASN.1: Abstract Syntax Notation 1
ISO standard X.680– used extensively in Internet– like eating vegetables, knowing this “good for you”!
defined data types, object constructors – like SMI
BER: Basic Encoding Rules– specify how ASN.1-defined data objects to be transmitted– each transmitted object has Type, Length, Value (TLV)
encoding
![Page 14: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/14.jpg)
14
![Page 15: Ch 9. Network Management Myungchul Kim mckim@icu.ac.kr.](https://reader036.fdocuments.us/reader036/viewer/2022082821/5697c02b1a28abf838cd8529/html5/thumbnails/15.jpg)
15
TLV encoding: example
Value, 5 octets (chars)Length, 5 bytes
Type=4, octet string
Value, 259Length, 2 bytes
Type=2, integer