1 / 22

IP Network Management

IP Network Management. ICT 138: Network Management and Security. Lesson Overview.

corin
Download Presentation

IP Network Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IP Network Management ICT 138: Network Management and Security

  2. Lesson Overview • This lesson gives an overview of centralized and standardized techniques for remote management of the devices that make up a network. The term network management is used to cover all aspects of configuration, control, and reporting that are useful to a network operator who is trying to understand how a network is functioning, commissioning new equipment, directing traffic along specific paths, or performing maintenance on parts of the network.

  3. Choosing to manage your network • At some level all network devices require some management. Even the most simple devices have physical management needs as they are commissioned and connected to a power supply. But most devices need some form of configuration to tell them what role they are to play in the network and precisely how to behave.

  4. Choosing to manage your network • Even when autoconfiguration protocols like the Dynamic Host Configuration Protocol (DHCP) are used to dynamically assign IP addresses and to download basic configuration information, a network operator will still want to use management operations to inspect the devices to discover what addresses they are using.

  5. Choosing to manage your network • In practice, many network devices are complex, requiring a large number of configuration parameters. Many, if not most, of these parameters can usually use default values, but fine tuning may be necessary to ensure optimal functioning of the network, and that requires some form of management access to the device.

  6. Choosing to manage your network • Network management is an area in which most Internet service providers (ISPs) seem to struggle. The nature of their networks is constantly changing, and the market is continually driving them to provide new and different services. These changes put a strain on existing network management tools and require the ISPs to race to adapt their techniques to their customers’ requirements.

  7. Choosing a configuration Method • There are many ways to configure devices, from automatic configuration protocols such as BOOTP and DHCP, through command line interface and configurationfiles, to graphical user interfaces. These techniques may use a mixture of proprietary manufacturer information and techniques and standardized protocols and data formats. As will be shown in the next slides, there are benefits and disadvantages to using the vendor-specific approaches, but the standardized methods give a great benefit in providing a centralized and coherent view of the network.

  8. Choosing a configuration Method • Command Line Interfaces • It is the easiest management tool for a manufacturer of network equipment to write • A CLI is a set of text-based commands issued by the operator at a terminal. The commands have specific (sometimes complex and esoteric) syntaxes specified by the manufacturer and are very specific to the hardware being managed. • It should be noted that the one great benefit of a CLI is that it is easily able to give a very fine level of control over a device and allows a user to examine every last detail of the device’s operation. Debug commands are rarely available in any other form.

  9. Choosing a configuration Method • Graphical User Interfaces • Graphical user interfaces (GUIs) are a more user-friendly configuration tool. The operator does not need to remember a command language, but is led through a series of screens with spaces to fill in the necessary configuration information. • It is worth noting that despite the user-friendly aspects of a GUI, an experienced network operator or field engineer will often prefer to use the CLI. The CLI gives access to a finer level of control and a greater amount of information than the GUI, even if that information is not always formatted in the most readable way.

  10. Choosing a configuration Method • Standardized Data Representations and Access • Network managers dream of having a single application that they can use to manage their entire network. This application must be capable of controlling all of the devices in the network, and of collecting and integrating the information and statistics stored on each device. The advantages for the operator are a coherent view and a less complex management task because he or she doesn’t have to learn to speak the different command languages for the different equipment vendors and the different dialects for the different devices and models from the same vendor. • Three popular standards-based configuration techniques have emerged: CORBA, SNMP, and XML.

  11. Choosing a configuration Method • Making the choice between configuration methods may be constrained by what protocols and techniques are supported by the equipment in your network. At the worst, you will need to use the CLI on each piece of equipment, operating via Telnet and possibly with the use of a terminal server. • If standardized management protocol support is available there are many advantages to using it, but it should not be forgotten that there will often be more detail and flexibility available through proprietary configuration interfaces than are available through the standards. Nevertheless, except for the configuration of advanced features or for debugging, the benefits of a consolidated management system dictate the use of a standardized technique.

  12. Management Information Base • One problem in the management of networks is deciding how the statistics and configuration data should be represented. Each device (switch, router, host, etc.) will have different configuration requirements and internal data structures according to its implementation. • Similarly, each network management tool will have different commands and management screens displaying and requiring subtly different pieces of information. Nevertheless, any two devices that perform the same function in the network (e.g., two OSPF routers) require substantially the same configuration to enable them to operate their IP-based protocols.

  13. Management Information Base • The MIB is an ordered, structured view of all of the information in all networks, all at the same time. This is a pretty ambitious claim that is, in fact, true only within the global uniqueness of identifierssuch as IP addresses and router identifiers. The secret to meeting this aim lies in the way that data values (or objects) are given unique object identifiers(OIDs) in a hierarchical and somewhat long-winded way.

  14. Management Information Base • To illustrate this, consider the part of the OID tree shown. This shows the root of the tree and the branches down as far as some individual MIB modules. As can be seen, the MIB is broken into branches according to the standards-making body. Within the ISO branch, the American Department of

  15. Management Information Base • Below these points in the OID tree come the individual MIB modules. An MIB module contains all of the configuration and reporting information for a single type of logical component. This may be a line card or router, as shown for Company X in Figure 2.2, or may be a component of a protocol such as an interface as managed by the Interfaces MIB (IF-MIB) module. In other words, MIB modules are definedto manage all instances of a single type of manageable entity.

  16. MIB : Representing Managed Objects • The Structure of Management Information (SMI) describes a subset of the Abstract Syntax Notation One (ASN.1) that may be used to defineMIB modules and to encode MIB objects when they are passed from one node to another in management requests. ASN.1 was devised by the Open Standards Organization (OSI) and provides a text-based, macro language that may be used to definedata structures in a form that is both intelligible to humans and machine readable. At the same time, ASN.1 also provides a set of rules for encoding data when they are passed on the wire between network nodes called the Basic Encoding Rules (BER).

  17. MIB : Representing Managed Objects

  18. Simple Network Management Protocol (SNMP) • Once the management station and the managed devices have a common view of the management data (that is, MIB objects) all that remains is to provide a mechanism for the management station to create, write, read, and delete those objects. • This is achieved using the Simple Network Management Protocol (SNMP), which, like anything that calls itself “simple,” should be taken with a pinch of salt.

  19. Simple Network Management Protocol (SNMP) • SNMP is a client-server protocol. Management agents connect to the managed devices and issue requests. Managed devices return responses. • The basic requests are very simple. They are GET and SET to read and write to an individual MIB object identified by its OID and, if the object is in a table, by the appropriate index values. • Index objects are read and write protected—there is no need to specificallyread an index because it is always supplied in a GET request and returned in a GET response to give context to the read request, and clearly it would be a bad idea to allow the index of a row to be changed dynamically. • Some MIB modules also make some of their objects read-only so that the device may report information (such as statistics) without it being modifiableby an external component

  20. Simple Network Management Protocol (SNMP) • it would be hugely inefficientto manage the configurationof a remote device one object at a time, so SNMP allows multiple objects within a single MIB row to be read or written in a single request. That is, a single GET or SET command can operate on multiple objects within a single row. • The GET-BULK command allows a management station to read multiple rows from a table, improving the retrieval time when an entire table is being read. Similarly, the GET-NEXT request allows a management agent to “walk” the OID tree to find the next object in a MIB row, or more usually to navigate a MIB table (which may be sparsely populated) reading one row at a time.

  21. Simple Network Management Protocol (SNMP) • Row creation and deletion are special functions that are handled using the SET command and not through their own special messages. • MIB rows contain a special writable object called the row status that is used to control the creation and deletion of the row. • When a management station creates a row for the firsttime, it writes the value create to the row status object—if the row already exists, the operation will be failed by the managed device. • If the row creation was successful, the management status goes on to write the other objects, and when the row is ready for use, it sets the row status to active. At this point, the configuration information is available and the device or component can be activated. • At any time the management station can move the row back into the not ready state by writing that value into the row status object. This effectively takes the row back into the state it was in as it was being created. • To delete the row, the row status is set to the value deleted and the managed device must stop the corresponding process or device and delete the corresponding information.

  22. Simple Network Management Protocol (SNMP) • A finalSNMP message called a TRAP (sometimes known as a notification) may be issued by the managed device to report a specificevent (e.g., the crossing of a threshold).

More Related