Chapter 8 : Network Management

boundlessbazaarServers

Dec 9, 2013 (3 years and 8 months ago)

184 views

BK

TP.HCM


Introduction


Network Administration Tasks


Basic Tools


Network Analyzer and Monitoring


Network Management
Softwares


SNMP
-
based
Softwares


SMI


MIB


Network Management Plat
-
forms


Network Backup

Chapter
8

:
Network Management

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

2

Computer Network 2

Network Management


Objective :


Maintenance of computer hardwares and softwares
that comprises a computer network


Deployment, configuration, maintenance and
monitoring of active network equipment


>>>>>>>
Network Administrators


A related role is that of the
Network Specialist
, or
Network Analyst
, who concentrate on network design
and security

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

3

Computer Network 2

Network Administration Tasks


Installing and maintaining networking hardwares and softwares


Assigning names and addresses to each computer or device on
the network


Assigning names and identification numbers (IDs) to network
users and groups


Performing the commands required to share, remove, and
restrict resources


Updating all appropriate networking files on your network's
machines


Troubleshooting network activity


Performance tuning


Report in regular basic

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

4

Computer Network 2

Basic Tools (1/3)

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

5

Computer Network 2

Basic Tools (2/3)

BK

TP.HCM

Basic Tools (3/3)

BK

TP.HCM

Network Analyzer and Monitoring Softwares


http://www.slac.stanford.edu/xorg/nmtf/nmtf
-
tools.html

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

8

Computer Network 2

Network Analyzer and Monitoring


Wireshark, Sniffer Pro, Packet Tracer

BK

TP.HCM

Infrastructure for Network Management

agent

data

agent

data

agent

data

agent

data

managed device

managed device

managed device

managed device

managing

entity

data

network

management

protocol



managing entity

Basic components


* Managed device
= Slave device


* Agent =
software which runs
on Slave device


* Network
management system
(NMS) = software
which runs on Master


BK

TP.HCM

Network Management Standards

OSI CMIP:

Common Management
Information
Protocol


designed
1980
’s: the
unifying net
management
standard


too slowly
standardized

SNMP: Simple Network
Management
Protocol


Internet roots (SGMP)


started simple


deployed, adopted
rapidly


growth: size,
complexity


currently: SNMP V
3


de facto

network
management standard

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

11

Computer Network
2

SNMP
-
based Administration


SNMP v.
1
/
2
c/
3
: SNMP is used in network
management systems to monitor network
-
attached
devices. It consists of a set of standards for network
management, including an Application Layer protocol,
a database schema, and a set of data objects


Implementations


* Net
-
SNMP (Net
-
SNMP: Open source SNMP
implementation)


* Netsnmpj: Open source SNMP for Java


* SnmpB: Open source MIB Browser


* OpenSNMP: multi
-
threaded SNMPv
3
engine


* PySNMP: pure
-
Python module, BSD license


* Ruby SNMP: Open source SNMPv
1
and v
2
for Ruby


* iReasoning MIB Browser / SNMP Manager (Free)


* Net::SNMP : a pure Perl module that implements
SNMPv
1
, v
2
and v
3
on IPv
4
and IPv
6


* SNMP
4
J
-

Free SNMP API for Java Managers and
Agents


* Nstrument Snmp Library for .Net


* Snmp++/Agent++ Libraries


* SNMP Manager LoriotPro free edition


* BSNMP
-

mini SNMP daemon

BK

TP.HCM

Internet
-
standard Management Framework

SNMP protocol


convey manager<
-
>managed object info, commands


Structure of Management Information (SMI):



data definition language for MIB objects


Management information base (MIB):


distributed information store of network
management data


Security, administration capabilities


major addition in SNMPv3

BK

TP.HCM

SNMP Component Translation

BK

TP.HCM

Simple Network Management Protocol


SNMP defines the format of packets exchanged
between a manager and an agent. It reads and changes
the status (values) of objects (variables) in SNMP
packets



SNMP is an application program that allows:

1)
a manager to retrieve the value of an object defined in
an agent

2)
a manager to store a value in an object defined in an
agent

3)
an agent to send an alarm message about an abnormal
situation to the manager

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

15

Computer Network 2

SNMP Protocol

BK

TP.HCM

Manager
-
Agent Exchanges

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

17

Computer Network 2

BK

TP.HCM

SNMP Protocol: Message Types

GetRequest

GetNextRequest

GetBulkRequest

Mgr
-
to
-
agent: “get me data”

(instance,next in list, block)

Message type

Function

InformRequest

Mgr
-
to
-
Mgr: here’s MIB value

SetRequest

Mgr
-
to
-
agent: set MIB value

Response

Agent
-
to
-
mgr: value, response to Request

Trap

Agent
-
to
-
mgr: inform manager

of exceptional event

BK

TP.HCM

SNMP Message Format

BK

TP.HCM

Message Format Explanation

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

21

Computer Network
2

SNMP v.3 Message Format

BK

TP.HCM

Structure of Management Information


SMI defines the general rules for
naming objects, defining object types
(including range and length), and
showing how to encode objects and
values. SMI defines neither the number
of objects an entity should manage, nor
names the objects to be managed nor
defines the association between the
objects and their values


SMI use an adapted subset of ASN.1
Language

BK

TP.HCM

ASN.
1
: Abstract Syntax Notation
1


ISO standard

X.680


used extensively in Internet


Defined data types
, object constructors


like SMI


BER: Basic Encoding Rules


specify how ASN.1
-
defined data objects to be
transmitted


each transmitted object has Type, Length, Value
(TLV) encoding

BK

TP.HCM

Object Attributes


All objects managed by SNMP are given
an object identifier


The object identifier always starts with
1.3.6.1.2.1.

BK

TP.HCM

SMI Naming : Object Identifier

BK

TP.HCM

SMI: Data Type Definition

Purpose:

syntax, semantics of
management data well
-
defined,
unambiguous


Base data types: straightforward,
boring


OBJECT
-
TYPE


data type, status, semantics
of managed object


MODULE
-
IDENTITY


groups related objects into
MIB module

Basic Data Types

INTEGER

Integer32

Unsigned32

OCTET STRING

OBJECT
IDENTIFIED

IPAddress

Counter32

Counter64

Guage32

Time Ticks

Opaque

BK

TP.HCM

SMI: Object, Module Examples

OBJECT
-
TYPE
: ipInDelivers


ipInDelivers OBJECT TYPE


SYNTAX Counter32


MAX
-
ACCESS read
-
only


STATUS current


DESCRIPTION


“The total number of input


datagrams successfully


delivered to IP user
-


protocols (including ICMP)”

::= { ip 9}

MODULE
-
IDENTITY
: ipMIB


ipMIB MODULE
-
IDENTITY


LAST
-
UPDATED “941101000Z”


ORGANZATION “IETF SNPv2


Working Group”


CONTACT
-
INFO


“ Keith McCloghrie


……”


DESCRIPTION


“The MIB module for managing IP


and ICMP implementations, but


excluding their management of


IP routes.”


REVISION “019331000Z”


………

::= {mib
-
2 48}

BK

TP.HCM

Base Data Types

BK

TP.HCM

SMI : Encoding Format

BK

TP.HCM

SNMP : MIB

OBJECT TYPE:

OBJECT TYPE:

OBJECT TYPE:

objects specified via SMI

OBJECT
-
TYPE

construct

MIB module specified via SMI

MODULE
-
IDENTITY

(100 standardized MIBs, more vendor
-
specific)


MODULE

A
management information base (MIB)

stems from the
OSI/ISO Network management model. It comprises a
collection of objects in a (virtual) database used to
manage entities (such as routers and switches, etc…) in a
network

BK

TP.HCM

MIB Tree

BK

TP.HCM

SNMP Naming

Question:

how to name every possible standard object
(protocol, data, more..) in every possible network
standard
?

Answer:

ISO Object Identifier tree:

hierarchical naming of
all objects, each branchpoint has name, number

1.3.6.1.2.1.7.1

ISO

ISO
-
ident. Org.

US DoD

Internet

udpInDatagrams

UDP

MIB
2

management

BK

TP.HCM

MIB Browser

BK

TP.HCM

MIB Example: UDP Module

Object ID Name Type Comments

1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered


at this node

1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams












no app at portl

1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams
















all other reasons

1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent

1.3.6.1.2.1.7.5 udpTable





SEQUENCE

one entry for each port












in use by app, gives port #












and IP address

BK

TP.HCM

BK

TP.HCM

UDP Variables and Tables

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

37

Computer Network 2

Usage of SNMP v.
3
Objects


Usage :


Monitoring device uptimes (sysUpTimeInstance)


Inventory of OS versions (sysDescr)


Collect interface information (ifName, ifDescr,
ifSpeed, ifType, ifPhysAddr)


Measuring network interface throughput
(ifInOctets, ifOutOctets)


Querying a remote


ARP cache (ipNetToMedia)

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

38

Computer Network
2

SNMP Applications

BK

TP.HCM

SNMP v
3
Security and Administration


Encryption:

DES
-
encrypt SNMP message


Authentication:

compute, send MIC(m,k): compute hash
(MIC) over message (m), secret shared key (k)


Protection against playback:

use nonce


View
-
based access control


SNMP entity maintains database of access rights,
policies for various users


database itself accessible as managed object!

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

40

Computer Network
2

RMON v.
1
/
2


The
R
emote Network
MON
itoring (
RMON
) MIB
was developed by the IETF to support monitoring and
protocol analysis of LANs


RMON is designed for "flow
-
based" monitoring,
while SNMP is often used for "device
-
based"
management


A minimal RMON agent implementation could
support only statistics, history, alarm, and event


The RMON1 MIB consists of ten groups


The RMON2 MIB adds ten more groups

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

41

Computer Network 2

RMON Applications

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

42

Computer Network
2

Configuration using RMON


Using RMON to
analyze and
monitor network
traffic data
within remote
LAN segments
from a central
location



Detect, isolate,
diagnose, and
report potential
and actual
network
problems before
they escalate to
crisis situations

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

43

Computer Network
2

Network Administration Platforms


A suite of software applications which allow large
-
scale system and network management of an
organization's IT infrastructure. It included optional
modules from property company as well as third
parties which connect within the well
-
defined
framework and communicate with one another


Example : HP OpenView, IBM Tivoli, Computer
Associates Unicenter, Cabletron Spectrum, Cisco
Network Assistant, and some OpenSource like
ZenOss, Nagios, MRTG, RRDTools, etc…

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

44

Computer Network
2

Introduction of ZenOss Software


Zenoss (Zenoss Core) is an open source application,
server and network management platform based on the
Zope application server. It's released under the GNU
General Public License (GPL) version
2


Zenoss Core provides a web interface that allows
system administrators to monitor availability,
inventory/ configuration, performance, and events


Platforms :

Red Hat Enterprise Linux / CentOS (
4
,
5
), Fedora (Core
6
,
7
,
8
), Ubuntu (
6.10
,
7.04
,
7.10
,
8.04
), FreeBSD (
6.1
,
6.2
), Debian (Sarge),
SuSE (
10
,
10.2
), Solaris
10
, Gentoo, Mac OS X, VMWare Appliance



BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

45

Computer Network
2

ZenOss : Functional Devices


Zenoss delivers a single product to monitor the
entire
IT infrastructure
:


Networks

-

Routers, Switches, Firewalls, Access Points


Servers

-

Microsoft Windows, Linux, Unix, HP, NetApp,
Dell


Virtualization

-

Complete VMware Virtual Infrastructure
(VI
3
) Management, XenSource Monitoring


Applications

-

Processes, Ports, Web Apps, Web Services,
Databases, Middleware, Commercial Apps


BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

46

Computer Network
2

ZenOss : A unique approach


Using
agentless

collection and
standards
-
based

management protocols : WMI, PerfMon, SNMP,
JMX, HTTP, Telnet, SSH, Syslog, ICMP, FTP,
SMTP, etc.

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

47

Computer Network
2

ZenOss : A full lifecycle


Configuration Management

-

Auto
-
discovery,
inventory, CMDB, change tracking


Availability Management

-

Active tests up and down
the stack


Performance Monitoring

-

Collect and analyze
metrics up and down the stack


Event/Log Management

-

Central collection and
management of alarms and breaches


Automatic Remediation

-

Respond to and resolve
issues as they occur

BK

TP.HCM

Trườ
ng ĐHBK TP
.
HCM
-

Khoa Khoa
họ
c
&
Kỹ thuậ
t
má
y
tí
nh
2008

48

Computer Network
2

Network Backup : Features


Opened File Backup, Continuous backup


Multi
-
platform, Multi
-
site


Online Access to files


Data Compression


Differential Data Compression


Data Encryption


Bandwidth Usage


Cost factors : total amount of data, number of
machines, maximum number of versions

BK

TP.HCM

Network Management: Summary


Network Management


Extremely important:
80
% of network “cost”


ASN.
1
for data description


SNMP protocol as a tool for conveying
information


Network management: more art than science


What to measure/monitor


How to respond to failures?


Alarm correlation/filtering?