Poglavlje
This presentation is the property of its rightful owner.
Sponsored Links
1 / 27

Poglavlje 9 Upravljanje mrežom PowerPoint PPT Presentation


  • 77 Views
  • Uploaded on
  • Presentation posted in: General

Poglavlje 9 Upravljanje mrežom. Computer Networking: A Top Down Approach Featuring the Internet , 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2004. Ciljevi : Uvod motiva cija glavne komponente Okvir upravljanja mrežama na Internet -u MIB: baza upravljačkih informacija

Download Presentation

Poglavlje 9 Upravljanje mrežom

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Poglavlje 9 upravljanje mre om

Poglavlje 9Upravljanje mrežom

Computer Networking: A Top Down Approach Featuring the Internet, 3rd edition. Jim Kurose, Keith RossAddison-Wesley, July 2004.

Network Management


Poglavlje 9 upravljanje mre om

Ciljevi:

Uvod

motivacija

glavne komponente

Okvir upravljanja mrežama na Internet-u

MIB: baza upravljačkih informacija

SMI: data definition language

SNMP: protokol za mrežni menadžment

bezbednost i administracija

prezentacioni servisi: ASN.1

Poglavlje 9: upravljanje mrežom

Network Management


Poglavlje 9 kratak pregle d

Šta je mrežni menadžment?

Okvir Internet-standardnog menadžmenta

Structure of Management Information: SMI

Management Information Base: MIB

SNMP Protocol Operations and Transport Mappings

Bezbednost i administracija

Abstract Syntax Notation 1 - ASN.1

Poglavlje 9 kratak pregled

Network Management


Ta je mre ni menad ment

Šta je mrežni menadžment?

  • autonomni sistemi (“mreže”): 100 ili 1000 međusobno povezanih hardversko/softverskih komponenti

  • različiti složeni sistemi zahtevaju monitoring, kontrolu:

    • avioni

    • nuklearne centrale

    • drugi?

"Mrežni menadžmentuključuje razvijanje, integraciju i

koordinaciju hardvera, softvera i ljudi da bi nadgledali, testirali,

ispitivali, konfigurisali, analizirali, razvijali i kontrolisali mrežu

i resurse, da bi ispunili u realnom vremenu performanse rada

i zahteve kvaliteta servisa sa razumnim troškovima"

Network Management


Infrastruktura z a upravljanje mre om

managing

entity

data

data

data

data

data

agent

agent

agent

agent

Infrastruktura za upravljanje mrežom

definicije:

managing entity

managed devicessadrže

managed objectsčije

podatke sakupljaju u

Management Information

Base (MIB)

managed device

network

management

protocol

managed device

managed device

managed device

Network Management


Standardi mre nog menad menta

OSI CMIP

Common Management Information Protocol

projektovan 1980: unificira net management standard

isuviše sporo standardizovan

SNMP: Simple Network Management Protocol

Internet korene (SGMP)

startovan prosto

razvijan, prilagođen rapidno

veličina, kompleksnost

trenutno: SNMP V3

de factostandard za mrežni menadžment

Standardi mrežnog menadžmenta

Network Management


Poglavlje 9 kratak pregle d1

Šta je mrežni menadžment?

Okvir Internet-standardnog menadžmenta

Structure of Management Information: SMI

Management Information Base: MIB

SNMP Protocol Operations and Transport Mappings

Bezbednost i administracija

ASN.1

Poglavlje 9 kratak pregled

Network Management


Snmp pregled 4 klju na dela

SNMP pregled: 4 ključna dela

  • Management information base (MIB):

    • distribuira informacije skladištenja podataka mrežnog menadžmenta

  • Structure of Management Information (SMI):

    • data definition language za MIB objekte

  • SNMP protokol

    • prenosi manager<->managed object informacije, komande

  • security, administration sposobnosti

    • glavni dodatak u SNMPv3

Network Management


Smi data definition language jezik za definiciju podataka

Purpose: syntax, semantics of management data well-defined, unambiguous

base data types:

straightforward, boring

OBJECT-TYPE

data type, status, semantics of managed object

MODULE-IDENTITY

groups related objects into MIB module

SMI: data definition languagejezik za definiciju podataka

Basic Data Types

INTEGER

Integer32

Unsigned32

OCTET STRING

OBJECT IDENTIFIED

IPaddress

Counter32

Counter64

Guage32

Time Ticks

Opaque

Network Management


Snmp mib

MODULE

SNMP MIB

MIB module specified via SMI

MODULE-IDENTITY

(100 standardized MIBs, more vendor-specific)

OBJECT TYPE:

OBJECT TYPE:

OBJECT TYPE:

objects specified via SMI

OBJECT-TYPE construct

Network Management


Smi object module primeri

OBJECT-TYPE:ipInDelivers

MODULE-IDENTITY:ipMIB

SMI: Object, module primeri

ipMIB MODULE-IDENTITY

LAST-UPDATED “941101000Z”

ORGANZATION “IETF SNPv2

Working Group”

CONTACT-INFO

“ Keith McCloghrie

……”

DESCRIPTION

“The MIB module for managing IP

and ICMP implementations, but

excluding their management of

IP routes.”

REVISION “019331000Z”

………

::= {mib-2 48}

ipInDelivers OBJECT TYPE

SYNTAX Counter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION

“The total number of input

datagrams successfully

delivered to IP user-

protocols (including ICMP)”

::= { ip 9}

Network Management


Mib primer udp modul

MIB primer: UDP modul

Object ID Name Type Comments

1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered

at this node

1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams

no app at portl

1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams

all other reasons

1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent

1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port

in use by app, gives port #

and IP address

Network Management


Snmp naming

SNMP Naming

question:kako dati ime svakom mogućem standardnom objektu (protokol, podaci, ...) u svakom mogućem mrežnom standardu??

answer: ISO - Object Identifier tree

- stablo identifikacije objekata:

  • hijerarhijski naming svih objekata

  • svaka grana ima ime i broj

1.3.6.1.2.1.7.1

udpInDatagrams

UDP

MIB2

management

ISO

ISO-ident. Org.

US DoD

Internet

Network Management


Osi stablo identifikacije objekata

OSI Stablo identifikacije objekata

Check out www.alvestrand.no/harald/objectid/top.html

Network Management


Snmp protokol

request

managing

entity

managing

entity

data

data

agent

agent

SNMP protokol

Dva načina da se prenesu MIB informacije, komande:

trap msg

response

Managed device

Managed device

request/response mod

trap mod

Network Management


Snmp proto k ol tipovi poruka

SNMP protokol: tipovi poruka

Function

Message type

GetRequest

GetNextRequest

GetBulkRequest

Mgr-to-agent: “get me data”

(instance,next in list, block)

InformRequest

Mgr-to-Mgr: here’s MIB value

SetRequest

Mgr-to-agent: set MIB value

Agent-to-mgr: value, response to

Request

Response

Agent-to-mgr: inform manager

of exceptional event

Trap

Network Management


Snmp proto k ol formati poruka

SNMP protokol: formati poruka

Network Management


Snmp bezbednost i administra cija

SNMP bezbednosti administracija

  • encryption: DES-enkripcija SNMP poruke

  • authentication: compute, send MIC(m,k): compute hash (MIC) over message (m), secret shared key (k)

  • protection against playback: use nonce

  • view-based access control

    • SNMP entity održava bazu podataka prava pristupa, politike za različite korisnike

    • samoj bazi podataka je moguće pristupiti kao upravljanom objektu!

Network Management


Poglavlje 9 kratak pregle d2

Poglavlje 9 kratak pregled

  • Šta je mrežni menadžment?

  • Okvir Internet-standardnog menadžmenta

    • Structure of Management Information: SMI

    • Management Information Base: MIB

    • SNMP Protocol Operations and Transport Mappings

    • Bezbednost i administracija

  • Problem prezentacije: ASN.1

Network Management


Problem prezentacije

a

00000011

00000001

a

00000001

00000011

Problem prezentacije

Q: da li savršeno memory-to-memory kopiranje rešava “komunikacioni problem”?

A: ne uvek!

struct {

char code;

int x;

} test;

test.x = 256;

test.code=‘a’

test.code

test.x

test.code

test.x

host 2 format

host 1 format

problem:različiti formati poruka, konvencije skladištenja

Network Management


Problem prezentacije iz realnog ivota

Problem prezentacije iz realnog života

grandma

2004 teenager

aging 60’s

hippie

Network Management


Problem prezentacije poten cijalna re enja

Problem prezentacije: potencijalna rečenja

1. Sender learns receiver’s format. Sender translates into receiver’s format. Sender sends.

  • real-world analogy?

  • pros and cons?

    2. Sender sends. Receiver learns sender’s format. Receiver translate into receiver-local format

  • real-world-analogy

  • pros and cons?

    3. Sender translates host-independent format. Sends. Receiver translates to receiver-local format.

  • real-world analogy?

  • pros and cons?

Network Management


Re avanje problema prezentacije

Rešavanje problema prezentacije

1. Translate local-host format to host-independent format

2. Transmit data in host-independent format

3. Translate host-independent format to remote-host format

aging 60’s

hippie

2004 teenager

grandma

Network Management


Asn 1 abstract syntax notation 1

ASN.1: Abstract Syntax Notation 1

  • ISO standard X.680

    • veoma se koristi na Internet-u

    • like eating vegetables, knowing this “good for you”!

  • definisani tipovi podataka, konstruktori objekata

    • like SMI

  • BER: Basic Encoding Rules

    • određuju kako su ASN.1-definisani objekti podataka koji treba da se prenose

    • svaki objekat koji treba da se prenese ima Type, Length, Value (TLV) encoding

Network Management


Tlv encoding

TLV Encoding

Idea: transmitted data is self-identifying

  • T: data type, one of ASN.1-defined types

  • L: length of data in bytes

  • V: value of data, encoded according to ASN.1 standard

Tag ValueType

Boolean

Integer

Bitstring

Octet string

Null

Object Identifier

Real

1

2

3

4

5

6

9

Network Management


Tlv encoding primer

TLV encoding:primer

Value, 259

Length, 2 bytes

Type=2, integer

Value, 5 octets (chars)

Length, 5 bytes

Type=4, octet string

Network Management


Upravljanje mre om zaklju ak

mrežni menadžment

ekstremno važan: 80% mrežnih “troškova”

ASN.1 za opis podataka

SNMP protokol kao alat za dopremanje informacija

Mrežni menadžment: više umetnost nego nauka

šta da se izmeri/nadgleda

kako da se odgovori na greške?

Upravljanje mrežom: zaključak

Network Management


  • Login