Www.infotech.monash.edu Models of Network Administration Burgess (2 nd Ed) Chapter 6.

www.infotech.monash.edu

Models of Network Administration

Burgess (2nd Ed) Chapter 6

www.infotech.monash.edu2

Understanding the system as a whole

• Requires ability to see relationships and dependencies between distinct parts

• The idea of a “causal web”• Complex system may have multiple operating modes –

adaptive behaviour


Models for Management

• IETF (SNMP RFC1155) and ISO (TMN) have defined models for management of systems

• These don’t always scale well– Focus on managing devices– Require a Human controller– Micro-manage the system

• Best model are those which automate functions and regulate interactions of components


Management metaData


Information Models

• Represent the data used by an organisation eg database of Personnel, Assets and Services

• Uses a Directory service (eg X.500)– Structured: hierarchical, object-oriented– Common schema: allows interoperability– Access Control: per record– Optimised for read-only use. Not updated during use

• Specific vs General search– “White pages” vs “Yellow pages”


Network Directory X.500

• ISO 9594 (1988)• Uses ASN.1 to define format of protocols• Access method (DAP) defined in ISO terms• LDAPv3 (RFC 2251–2256)• Now replacing or being integrating into vendor solutions

eg NDS and MS ActiveDirectory


Lightweight Directory Access Protocol (LDAP)

• Contains Name-Value(s) pairs (“attributes”)• Attributes have rules (sub-attributes) controlling

– Method of value matching during search– Order of value matching during search– Whether attribute is mandatory or optional

• Attributes identified by Distinguished Name (DN) or Relative Distinguished Name (RDN)

• RDN is a Name-Value pair eg cn=“Chris Freeman”• DN is a concatenation of RDNs in hierarchy


Hierarchical Directory Services

• Well suited to distributed environment; Allows delegation of parts to separate hosts

• Directory tree may be partitioned into sub-trees with no overlap

• Cooperating groups with can then manage their own data locally and share with others

• May allow Availability and Redundancy through replication of data and service


Hierarchical Directory Services


Querying Directory Services

• Usually built-in to application software– Unix system call: GetHostByName( )– Uses “nsswitch” to select one of several directory services– See also “Pluggable Authentication Modules” (PAM)

• Original UNIX methods based on /etc files• Later used NIS (aka “YellowPages” or yp)

– Non-hierarchical, lacked security– Replaces by NIS+


Other Directory Services

• OpenLDAP– Versatile, common platform– Difficult syntax and sensitive to network LoS

• Novell Directory Service (NDS)– Consistent distributed physical organisation of devices and

software objects– Directly implements the information model

• Microsoft Active Directory– Replaced NT4 Domain model– Compatible with simplified version of LDAP


Managing Network Infrastructure


System Infrastructure

• A network is a “community of cooperating and competing” components…

• Administrator selects components and assigns roles depending on tasks required

• This may involve machines and users (staff)– Computing machinery: functional infrastructure– Staff: build and maintain infrastructure


System Infrastructure

• Identify purpose of computer system• Choose hardware and software

– Appropriate to task• Set policies and procedures


Aspects of System Infrastructure• Homogeneity

– All systems identical or Configure for purpose?• Load Balancing

– One service per host or multi-service hosts?– Separate data storage and data processing can double network traffic

• Human limitations on group size: max150 objects• Mobile and AdHoc networks• Peer-to-Peer: Scaled approach to management


Network Administration Models

• Central management – “star” model


Network Administration Models

• Centralised policy and enforcement• JobRatecontroller=Rate1+Rate2+…Raten

• If sum of Requests exceeds maxCapacity/n then work will queue at the controller

• Disadvantage of centralised control:bottleneck in communications with controller


Other Network Administration Models

• Star with intermittently connected hosts• Mesh: centralised policy & local enforcement

– Each host gets own copy of common policy. Does not need constant connection to controller

– Each host updates itself according to policy– But: Is policy up-to-date? Has policy been applied?

• Mesh: partial host autonomy & local enforcement• Mesh: partial autonomy and peer policy exchange


Network management Technologies

SNMP, OSI TMS, WBEM, etc…


Network Management Technologies

• SNMP• OSI TMN and Others• Java Management Extensions (JMX)• Jini and UPnP: management-free networks• WMI and WBEM


Building an Infrastructure

What is the correct way to build a complex networked application ?

1. NIC drivers2. Local host config: Host name, SysLog3. IP configuration (DHCP)4. Domain Name configuration (Resolver, dDNS)5. Middleware services (NIS, Kerberos, RADIUS)6. Application services (MySQL, httpd, java, …)7. Client applications (Browser, java, client APIs)


Aspects of Infrastructure

• Creating uniformity through Automation • Revision control: HostFactory, RCS• Software distribution & synchronisation

– Push model: rdist– Pull model: cfengine, rsync

• Reliability through parallelism


System Maintenance models

• Reboot– return to original (if it still exists!)

• Manual administration– not scalable, relies on knowledgable user

• Central control– HP Openview, Tivoli, Sun Solstice– star model problems

• Immunology (self-maintenance)– Eg. Windows automatic restore


Multiple Operating Systems in a LAN

Real situations are rarely “Green Field” systems. Management involves compromise between:

• Convenience vs Differentiation• Simple file transfer vs Open file sharing?• Software compatibility between systems• Problems:

– Different object naming schemes– File System sharing: different Naming & ACLs– Different User ID and password schemes– User Authentication


End…

Www.infotech.monash.edu Models of Network Administration Burgess (2 nd Ed) Chapter 6.

Documents

Transcript of Www.infotech.monash.edu Models of Network Administration Burgess (2 nd Ed) Chapter 6.