Internet Standard Management Framework w.lilakiatakun.
57
Internet Standard Internet Standard Management Framework Management Framework w.lilakiatakun w.lilakiatakun
-
Upload
britton-hodges -
Category
Documents
-
view
272 -
download
0
Transcript of Internet Standard Management Framework w.lilakiatakun.
Internet Standard Internet Standard Management FrameworkManagement Framework
w.lilakiatakunw.lilakiatakun
Internet Standard Management Internet Standard Management FrameworkFramework• Definitions of network management Definitions of network management
objects, known as objects, known as MIB objectsMIB objects• A data definition languageA data definition language, , known asknown as SMI SMI
(structure of Management Information)(structure of Management Information)– Define data types, an object model and rules for Define data types, an object model and rules for
writing and revising management informationwriting and revising management information• A protocol,A protocol, SNMP SNMP (Simple Network (Simple Network
Management Protocol)Management Protocol)– For conveying information between a manager For conveying information between a manager
and agentand agent• Security and administration capabilitiesSecurity and administration capabilities
– Major enhancement in SNMPv3 over SNMPv2Major enhancement in SNMPv3 over SNMPv2
SMI SMI (Structure of Management (Structure of Management
Information)Information)
SMI (Structure of Management SMI (Structure of Management Information) Information)
• SMI is the language used to define SMI is the language used to define the management information the management information residing in a managed entityresiding in a managed entity
• SMI(v2) for SNMPv3 are RFC SMI(v2) for SNMPv3 are RFC 2578,RFC2579, RFC25802578,RFC2579, RFC2580
• SMI is based on the ASN.1 (Abstract SMI is based on the ASN.1 (Abstract Syntax Notation One, ISO1987) Syntax Notation One, ISO1987)
SMI base data typesSMI base data types
Object typesObject types
• Scalar – object types that will be Scalar – object types that will be instantiated only once in an agent instantiated only once in an agent
• Columnar – object types that can be Columnar – object types that can be instantiated multiple times instantiated multiple times – It impose a tabular structure on an It impose a tabular structure on an
ordered collection of MIB objects using ordered collection of MIB objects using the the SEQUENCE OF constructSEQUENCE OF construct
SMI higher-level Constructs SMI higher-level Constructs (1)(1)• SMI provides higher-level language constructsSMI provides higher-level language constructs
• The The OBJECT-TYPE constructOBJECT-TYPE construct is used to specify is used to specify the data type, status and semantics of a the data type, status and semantics of a managed object managed object
• The The MODULE-IDENTITY constructMODULE-IDENTITY construct allows related allows related objects to be grouped together within a module objects to be grouped together within a module
• The The NOTIFICATION-TYPE constructNOTIFICATION-TYPE construct is used to is used to specify information regarding SNMPv2-Trap specify information regarding SNMPv2-Trap and InformationRequest messages generated and InformationRequest messages generated by an agent or a managing entityby an agent or a managing entity
SMI higher-level Constructs SMI higher-level Constructs (2)(2)
• The The MODULE-COMPLIANCE constructMODULE-COMPLIANCE construct defines the set of managed objects defines the set of managed objects within a module that an agent must within a module that an agent must implementimplement
• The The AGENT-CAPABILITIES constructAGENT-CAPABILITIES construct specifies the capabilities of agents specifies the capabilities of agents with respect to object ad event with respect to object ad event notification definitionsnotification definitions
The OBJECT-TYPE constructThe OBJECT-TYPE construct
• SYNTAX SYNTAX – specify the basic data type – specify the basic data type associated with the objectassociated with the object
• MAX-ACCESSMAX-ACCESS – specify whether the managed – specify whether the managed object can be read, be written, be created.object can be read, be written, be created.
• STATUSSTATUS – indicate whether the object – indicate whether the object definition is current and valid, obsolete or definition is current and valid, obsolete or deprecated (obsolete but implement for deprecated (obsolete but implement for backward compatibility) backward compatibility)
• DESCRIPTIONDESCRIPTION – textual definition of the – textual definition of the objectobject
OBJECT-TYPE constructOBJECT-TYPE construct
• Page 796Page 796
MODULE-MODULE-IDENTITY IDENTITY constructconstruct
Management Information Management Information Base Base
Categories of management Categories of management informationinformation
• State informationState information
• Physical configuration informationPhysical configuration information
• Logical configuration informationLogical configuration information
• Historical informationHistorical information
State informationState information• It is about the It is about the current statecurrent state of physical and of physical and
logical resources along with any logical resources along with any operational dataoperational data– Whether the device is functioning properlyWhether the device is functioning properly– What current alarm conditions What current alarm conditions – How long the system has been up How long the system has been up
• It is most relevant for It is most relevant for monitoring a networkmonitoring a network
• Frequent and rapid changeFrequent and rapid change characteristicscharacteristics
• It can be retrieved but cannot be modified It can be retrieved but cannot be modified (owned by the devices)(owned by the devices)
• Not to cache in a management app.Not to cache in a management app.
Physical configuration Physical configuration informationinformation
• It is about how the managed devices It is about how the managed devices is is physically configuredphysically configured– The device typeThe device type– MAC address MAC address – Serial number of devicesSerial number of devices
• Also, it can be Also, it can be retrievedretrieved but but cannot cannot be modified (owned by the devices)be modified (owned by the devices)
• Not change frequently, management Not change frequently, management app. might cache in its database app. might cache in its database
Logical configuration Logical configuration informationinformation• It is about the It is about the parameter setting and parameter setting and
configured logical resourcesconfigured logical resources on the device on the device– IP addressesIP addresses– Protocols Protocols
• It is controlled and can be changed by the It is controlled and can be changed by the management app. management app.
• It might be cached in a management app. It might be cached in a management app. but need to be aware of many app. usagebut need to be aware of many app. usage
• It can be divided It can be divided – Start up configuration informationStart up configuration information– Transient (running) configuration informationTransient (running) configuration information
Historical informationHistorical information
• It includes snapshots of performance-It includes snapshots of performance-related state information related state information – Packet counts for each 15 minute interval Packet counts for each 15 minute interval
over 24 hoursover 24 hours
• It also includes logs of various types of It also includes logs of various types of eventsevents– Firewall log of recent remote connection Firewall log of recent remote connection
• It is different from other types of It is different from other types of management information because it management information because it does not reflect actual managed does not reflect actual managed resourcesresources
MIB (Management Information MIB (Management Information Base)Base)
• It represents as a It represents as a collections of collections of managed objectsmanaged objects that form a virtual that form a virtual information store information store
• MIB is not the same as databaseMIB is not the same as database– Does not store information about the real Does not store information about the real
world in a file systemworld in a file system– It actually connected to the real world It actually connected to the real world
and simply offers a view of itand simply offers a view of it
What is contained in MIBWhat is contained in MIB
• Many individual pieces of management Many individual pieces of management information about the managed entity information about the managed entity
• Individual pieces of management Individual pieces of management information are referred as “information are referred as “managed managed objectsobjects””– PhysicalPhysical
•Ports/ interfaces / line cardPorts/ interfaces / line card
– Logical Logical •Version of installed softwareVersion of installed software•ProtocolsProtocols•Features of communication servicesFeatures of communication services
MIB and Managed ObjectsMIB and Managed Objects
Arrangement of MIBArrangement of MIB
• It is arranged into It is arranged into a conceptual treea conceptual tree
• Every definitionEvery definition in a MIB module is in a MIB module is represented by represented by a nodea node in that tree in that tree
• Each node is named as the “ object Each node is named as the “ object identifier (OID)”identifier (OID)”
• OID consists of a sequence of integerOID consists of a sequence of integer– OID (internet ) = 1.3.6.1OID (internet ) = 1.3.6.1
MIB-2 Object Identifier Tree MIB-2 Object Identifier Tree
• Fig 9.3Fig 9.3
An Example: MIB-2An Example: MIB-2
RFC1213-MIB DEFINITIONS::= BEGINRFC1213-MIB DEFINITIONS::= BEGIN
mib-2 OBJECT IDENTIFIER ::= {mgmt 1}mib-2 OBJECT IDENTIFIER ::= {mgmt 1}
- Establish - Establish mib-2mib-2 as a new node as a new node underneath a supernode called underneath a supernode called mgmt mgmt inside the Internet object identifier treeinside the Internet object identifier tree
- - OID is 1.3.6.1.2.1OID is 1.3.6.1.2.1
Groups in MIB-2Groups in MIB-2
• Fig – page 193Fig – page 193
MIB-2 naming structureMIB-2 naming structure
• Fig 6-13Fig 6-13
Example of modulesExample of modules
• Fig page 194-195Fig page 194-195
Definition of object typeDefinition of object type• SYNTAX – using the universal and SYNTAX – using the universal and
application -wide type such asapplication -wide type such as– DisplayString with a maximum length 255 DisplayString with a maximum length 255
chars.chars.– TimeTicks TimeTicks
• ACCESS – specify whether the object is a ACCESS – specify whether the object is a parameter that can be set (read-write) or parameter that can be set (read-write) or only readonly read– Read-only/read-write/write-only/Not-accessibleRead-only/read-write/write-only/Not-accessible
• Status – definition life cycle Status – definition life cycle – Mandatory/optionalMandatory/optional– Current/deprecated/obsolete Current/deprecated/obsolete
• Description – explanation of the object typeDescription – explanation of the object type• OID relative to containing nodeOID relative to containing node
Definition of a table (columnar) Definition of a table (columnar) objectobject
Definition of the rows of the Definition of the rows of the tabletable
TcpConnEntry data typeTcpConnEntry data type
• Fig 197Fig 197
Sequence of Vs SequenceSequence of Vs Sequence
• The overall table consists of a The overall table consists of a SEQUENCE OFSEQUENCE OF TcpConnEntry TcpConnEntry– One or more elements, all of the same typeOne or more elements, all of the same type
• Each row consists of a Each row consists of a SEQUENCESEQUENCE that that include 5 scalar elementsinclude 5 scalar elements– Fixed number of elements, possibly more Fixed number of elements, possibly more
than one typethan one type– Ex. Contains element of type INTEGER, Ex. Contains element of type INTEGER,
IpAddress, IpAddress, INTEGER(..65535),IpAddress,INTEGER(..655INTEGER(..65535),IpAddress,INTEGER(..65535)35)
tcpConnStatetcpConnState
tcpConnLocalAddresstcpConnLocalAddresstcpConnLocalPorttcpConnLocalPort• Fig 198Fig 198
tcpConnRemAddresstcpConnRemAddresstcpConnRemPorttcpConnRemPort• Fig 199Fig 199
Structure of SNMP MIB OIDStructure of SNMP MIB OID
• Fig 6-14Fig 6-14
Object identifier tree for MIB Object identifier tree for MIB tablestables• Fig 6-15Fig 6-15
Identification of instancesIdentification of instances
• Scalar – add .0 to the OID Scalar – add .0 to the OID – sysUPtime is 1.3.6.1.2.1.1.3.0sysUPtime is 1.3.6.1.2.1.1.3.0
• Columnar – add index to the OIDColumnar – add index to the OID– Local address – 167.8.15.92Local address – 167.8.15.92– Local port – 227Local port – 227– Remote address – 176.15.53.216Remote address – 176.15.53.216– Remote address – 228.Remote address – 228.– OID -OID -
1.3.6.1.2.6.13.1.1.1.3.6.1.2.6.13.1.1.167.8.15.92.167.8.15.92.227.227.176.15.53.21176.15.53.216.6.228228
Subtree under MIB-II Subtree under MIB-II (RFC1213) (1)(RFC1213) (1)
• system(1): overall information about system(1): overall information about the systemthe system
• interfaces(2); information about the interfaces(2); information about the interfacesinterfaces
• at(3) (Address translation)at(3) (Address translation)
• ip(4): information related to the ip(4): information related to the implementation of IP implementation of IP
Subtree under MIB-II (2)Subtree under MIB-II (2)• tcp(5): information related to the tcp(5): information related to the
implementation of TCP implementation of TCP • udp(6): information related to the udp(6): information related to the
implementation of UDP implementation of UDP • egp(7): information related to the egp(7): information related to the
implementation of EGP implementation of EGP • dot3(8): information related to dot3(8): information related to
Ethernet protocol at each interfaceEthernet protocol at each interface• snmp(9): information related to the snmp(9): information related to the
implementation of SNMPimplementation of SNMP
System Group (1)System Group (1)
• sysServices(7)sysServices(7) – has a value that is – has a value that is interpreted as a 7-bit code interpreted as a 7-bit code – Each bit corresponds to a layer in TCP/IP Each bit corresponds to a layer in TCP/IP
or OSI architecture or OSI architecture – Ex. Host offering app. services would Ex. Host offering app. services would
have binary of 1001000 have binary of 1001000 – It means services are provided for layer It means services are provided for layer
4 (transport layer) and layer 7 4 (transport layer) and layer 7 (application layer)(application layer)
System Group (2)System Group (2)
• sysUptime (3)sysUptime (3) indicate amount of time indicate amount of time since the network management portion since the network management portion of the system was last reinitiated.of the system was last reinitiated.
• Determine how much the counters have Determine how much the counters have changed over a specific time interval changed over a specific time interval
• Fault monitoring : current value < most Fault monitoring : current value < most recent value recent value
System System group (3)group (3)
System group (4)System group (4)
• Table 6-1Table 6-1
Interfaces GroupInterfaces Group
• ifPhysAddress(6) : physical address ifPhysAddress(6) : physical address – For all LAN, it contains MAC addressFor all LAN, it contains MAC address
• ifOperStatus(8) : current operational ifOperStatus(8) : current operational statusstatus– Up (1) /down (2)Up (1) /down (2)
• ifSpeed (5) : current capacity of ifSpeed (5) : current capacity of interface in bit per secondinterface in bit per second
• Used to detect congestion Used to detect congestion – Measured total number of octets into or out Measured total number of octets into or out
of the system oof the system o– The queue length for outputThe queue length for output
Address Translation GroupAddress Translation Group
• Consists of a single tableConsists of a single table
• Each row in the table corresponds to Each row in the table corresponds to one of the physical interface of the one of the physical interface of the system system
• The row provide a mapping from a The row provide a mapping from a network address to a physical network address to a physical addressaddress
IP Group (MIB-II con’t) IP Group (MIB-II con’t)
• Contains some basic counters of traffic Contains some basic counters of traffic flow into and out of IP layerflow into and out of IP layer
• 3 tables are included in the IP group3 tables are included in the IP group• ipAddrTableipAddrTable - information relevant to the - information relevant to the
IP address assigned to this entity IP address assigned to this entity • ipRouteTableipRouteTable – information used for – information used for
Internet routingInternet routing• ipNetToMediaTableipNetToMediaTable – an address – an address
translation table that provides a translation table that provides a correspondence between physical address correspondence between physical address and IP address and IP address
ipAddrEntryipAddrEntry
• Each entry consists of 5 columnsEach entry consists of 5 columns– ipAdEntAddr (RO) – IP address ipAdEntAddr (RO) – IP address – ipAdEntIfIndex (RO) – Index ipAdEntIfIndex (RO) – Index – ipAdEntNetMask (RO) – Subnet MaskipAdEntNetMask (RO) – Subnet Mask– ipAdEntBcastAddr (RO) – Least ipAdEntBcastAddr (RO) – Least
significant bytesignificant byte– ipAdEntReasmMaxSize (RO) – size of ipAdEntReasmMaxSize (RO) – size of
largest IP datagram that can reassemble largest IP datagram that can reassemble
Other scalar objects in IP Other scalar objects in IP GroupGroup• ipForwarding (RW) – acting as IP ipForwarding (RW) – acting as IP
Gateway : 1 - yes , 2 -no Gateway : 1 - yes , 2 -no • ipInReceives (RO) – total number of input ipInReceives (RO) – total number of input
datagram received from interfacesdatagram received from interfaces• ipInHdrErrors (RO) – total number of ipInHdrErrors (RO) – total number of
input datagram discarded due to error in input datagram discarded due to error in IP headerIP header
• ipIndiscards (RO) – number of discarded ipIndiscards (RO) – number of discarded datagram that are non-error packets datagram that are non-error packets (lack of buffer)(lack of buffer)
• ipOutNoRoutes (RO) -ipOutNoRoutes (RO) - number of number of discarded datagram that no route discarded datagram that no route
ICMP GroupICMP Group
• ICMP provides feedback about problems in ICMP provides feedback about problems in the communication environmentthe communication environment
• icmpInMsgs (RO) – total number of ICMP icmpInMsgs (RO) – total number of ICMP messages that the entity receivedmessages that the entity received
• icmpInError (RO) – number of ICMP icmpInError (RO) – number of ICMP messages received but determined to messages received but determined to have ICMP-specific errorhave ICMP-specific error
• icmpInDestUnreachs (RO) – number of icmpInDestUnreachs (RO) – number of ICMP Destination Unreachable messages ICMP Destination Unreachable messages receivedreceived
• icmpOutDestUnreachs (RO) – number of icmpOutDestUnreachs (RO) – number of ICMP destination Unreachable messages ICMP destination Unreachable messages sentsent
• icmpOutTimeExcds (RO) – number of ICMP icmpOutTimeExcds (RO) – number of ICMP Time Exceeded messages sentTime Exceeded messages sent
• icmpOutEchos (RO) – number of ICMP Echo icmpOutEchos (RO) – number of ICMP Echo (request) messages sent(request) messages sent
• icmpOutEchoReps (RO) – number of ICMP icmpOutEchoReps (RO) – number of ICMP Echo Reply messages sentEcho Reply messages sent
TCP GroupTCP Group
• Only one table – Only one table – tcpConnTabletcpConnTable sequence of tcpConnEntrysequence of tcpConnEntry– tcpConnState (RW) – TCP connection statetcpConnState (RW) – TCP connection state– tcpConnLocalAddress (RO) – Local IP tcpConnLocalAddress (RO) – Local IP
address address – tcpConnLocalPort (RO) – Local Port numbertcpConnLocalPort (RO) – Local Port number– tcpConnRemoteAddress (RO) – Remote IP tcpConnRemoteAddress (RO) – Remote IP
addressaddress– tcpConnRemotePort (RO) – Remote Port tcpConnRemotePort (RO) – Remote Port
numbernumber
TCP scalar objectsTCP scalar objects
• tcpActiveOpens (RO) – number of active open tcpActiveOpens (RO) – number of active open connectionconnection
• tcpCurrEstab (RO) – number of TCP connection tcpCurrEstab (RO) – number of TCP connection in ESTABLISH or CLOSE-WAIT statein ESTABLISH or CLOSE-WAIT state
• tcpAttemptFails (RO) – number of failed tcpAttemptFails (RO) – number of failed connection attemptsconnection attempts
• tcpInsegs (RO) – total number of segment tcpInsegs (RO) – total number of segment received including error segmentreceived including error segment
• tcpOutSegs (RO) – total number of segment tcpOutSegs (RO) – total number of segment sent sent
UDP GroupUDP Group
• Only one table – udpTable sequence of Only one table – udpTable sequence of udpEntry udpEntry – udpLocalAddress (RO)udpLocalAddress (RO)– udpLocalPort (RO) udpLocalPort (RO)
• udpInDatagrams (RO) – total number of udpInDatagrams (RO) – total number of UDP datagrams delivered to UDP usersUDP datagrams delivered to UDP users
• udpInError (RO) – total number of UDP udpInError (RO) – total number of UDP datagram that could not be delivereddatagram that could not be delivered
• udpOutDatagrams (RO) – total number of udpOutDatagrams (RO) – total number of UDP datagram sentUDP datagram sent
