1 / 125

Network Management Protocols

Network Management Protocols. Network Management Spring 2014 Bahador Bakhshi CE & IT Department, Amirkabir University of Technology. This presentation is based on the slides listed in references. Outline. Introduction Communication Patterns SNMP CLI syslog Netconf NetFlow /IPFIX.

crevan
Download Presentation

Network Management Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Management Protocols Network Management Spring 2014 Bahador Bakhshi CE & IT Department, Amirkabir University of Technology This presentation is based on the slides listed in references.

  2. Outline • Introduction • Communication Patterns • SNMP • CLI • syslog • Netconf • NetFlow/IPFIX

  3. Outline • Introduction • Communication Patterns • SNMP • CLI • syslog • Netconf • NetFlow/IPFIX

  4. The Basic Ingredients of Network Management Out-of-band & In-Band Current Lecture: Protocols Monitoring Configuration Log …

  5. Introduction • Management protocols realize the access to MOs contained in a MIB • 1) Management protocols’ approaches • Data-centric, Command-centric, Object-centric, Document-centric • 2) Management protocols’ requirements • Configuration, Monitoring, Notification, Security, … • 3) Management protocols implementation

  6. Protocol Approach: Data-centric • The device is represented as a collection of data (parameter & value) representing all the properties and capabilities of a device • The management protocol retrieves manipulates the data (get/set parameters) • Manipulation of data objects might cause side effects (to implement actions) • Example: Internet management (SNMP)

  7. Protocol Approach: Command-centric • The device is considered to be a stateful black box • A sequence of commands can be send to the device • To change the state of the device or to • To retrieve data about the current state of the device • Determining the right sequence of commands to bring a device into a certain state might not be trivial • Example: Command line interfaces of routers

  8. Protocol Approach: Object-centric • The device is represented as a collection of objects (data with associated methods) • This can be seen as a combination of the data- and the command-centric approaches • Usually leads to object-oriented modeling and thus object-oriented approaches • A critical design decision is the granularity of the objects and the level of interdependencies between objects  complexity in agent!!! • Example: OSI management (CMIP), DMTF

  9. Protocol Approach: Document-centric • The configuration and state of a device is represented as a structured document • Management operations are realized by manipulating the structured document • Allows to use general document processors for management purposes • Closely related to data-centric approaches • Example: Most XML-based management approaches follow this model, NetConf

  10. Configuration Protocols Requirements • Must provide primitives to prevent errors due to concurrent configuration changes • Multiple concurrent configuration channel may exist • Must provide primitives to apply configuration in a robust and transaction-oriented way • Must distinguish between the distribution of configurations and the activation of a certain configuration. • Devices should be able to hold multiple configurations • Protocol must be able to distinguish between several configurations • Must be able to report configuration change events to help tracing back configuration changes • Other requirements?

  11. Monitoring Protocols Requirements • Should support the discovery of capabilities of a device • Must scale to a large number of devices as well as a large number of data items to be monitored • It must be possible to perform monitoring operations on selected subsets of management data • Must support a naming scheme • Should have low impact on primary functions of a device • Should have low network traffic overhead • Other requirements?

  12. Notification Protocols Requirements • Must have sufficient information to identify source, time, part of system, and severity of event • It is desirable to be able to verify the integrity of event notifications and the authenticity of the event source (since it is not requested by manager) • Notification senders should provide effective controlling mechanisms in order to deal with notification storms • A reliable event notification transport is desirable • A reliable transport layer protocol does not by itself provide a reliable notification, why? • Highly reliable protocols must provide confirmed event notification protocols and logging facilities • Should include machine readable structured data as well as human readable event descriptions • Other requirements?

  13. Management Protocols Implementation • Network management is based on protocols stack (the layering) • Similar to other networked applications • Management protocol is an application layer protocol • Provides primitives for management applications • E.g., Whole web application use HTTP • To simplify & organize the discussion • Layering of network management protocol

  14. Network Management Protocol Layers

  15. NM Protocol: Transport • A L4/7 protocol for end-to-end communication • In fact, it is a separated independent protocol • However, NM protocols impose restrictions on transport protocols • Make assumptions and depend on it • Management interface specifies it • E.g., • SNMP: UDP • NetConf: SSH (which is on TCP)

  16. NM Protocol: Remote Operation • Mechanism to implement performing remote operations • Are not a separated protocol • Are provided by the management protocol • May not present in every NM protocol • E.g. Netconf contains this layer but syslog does not • Useful when management operations are complex • Major functionalities • Association control • Remote operation call/invocation • Payload encoding

  17. NM Protocol: Remote Operation (cont’d) • Association control • How to establish and tear down management sessions • It is independent of transport protocol: connection oriented/less • Mutual understanding between manager and agent that transport protocol is not aware of • E.g., to negotiate a particular functional profile to use (allowed methods) • Remote operation call/invoke • Mechanism to define management requests and responses in communication exchanges, E.g., RPC/RMI • Managing Request/Response IDs because of asynchronous communication • Encoding • How to encode management data in PDU: BER, XML, UTF-8, … • Must be standard even if there is not seperated layer for remote operations

  18. NM Protocol: Management Operations • The core of management protocol stack • Management primitives • Typical operations • Read/Get: To read the value of a MO • Write/Set: To modify the value of a MO • Create or Deletion of a MO • Event: To report occurrence of event to manager • Action: To perform an operation on agent • Not every protocol provides all operations

  19. NM Protocol: Management Service • Additional offering to management applications • Builds itself on the Management Operations layer • Combine the management primitives with additional capabilities • Examples • Subscription to specific events • Scheduling management operations • Actually management services are not really a layer because management operations are still accessible to management applications

  20. Outline • Introduction • Communication Patterns • SNMP • CLI • syslog • Netconf • NetFlow/IPFIX

  21. Communication Patterns • Interactions between managers and agents follow certain basic patterns • Regardless of the particular management protocol • The pattern includes • Manager initiated communications • Agent initiated communications • For each pattern, we want to see • What is the pattern used for? • Issues/Challenges?

  22. Manager-Initiated Communications • Request-Response paradigm • A manager makes a request • To get/set/create MO or perform action • Includes request type, parameters, and headers • Agent sends a response • Includes a return code, result, and headers

  23. Manager-Initiated Communications • Information Retrieval: Polling • For what? • Requests for Configuration Information • Requests for Operational Data and State Information • Challenges: Overhead • Configuration Operations • For what? To change the configuration!!! • Challenges: Failure • Actions • For what? To do some thing • Challenges: Failure & Delay

  24. Manager-Initiated: Information Retrieval • Pollingmechanism steps: • 1) The manager asks the agent for a particular piece, or pieces, of management information • 2) The agent checks the validity of the request and retrieves the requested information • 3) The agent then responds, • The requested information • An error-response code why request could not be fulfilled • Does not understand the request • Does not know the type of management information • …

  25. Polling for What? • Requests for configuration information • Physical or logical configuration information • Discovery, Provisioning, Fault, … • Typically infrequent and (maybe) external changes • Caching is efficient  Management DBs • Requests for operational and state information • Network monitoring  Fault detection, performance, accounting, … • Manager cannot change the information • Typically frequent changes • (Typically) no Caching DB; on demand snapshots

  26. Polling Challenges: Overhead • Frequent polling • Expensive & High overhead : high management traffic! • Infrequent polling • Missing critical conditions • Long delay to find out critical conditions

  27. Alternative Polling Mechanism • Advantage? When is applicable?

  28. Alternative Polling Mechanism (cont’d) • Advantage? When is applicable?

  29. Manager-Initiated: Configuration • To change configuration information • Parameter settings to affect agent’s behavior • Some aspects are fundamentally different from information retrieval requests • Response • Response of configuration requests are typically a success/failure status code not huge data • Failure recovery • Configuration is much more sensitive to failures • May not possible to repeat the request

  30. Configuration Challenges: Failure • It is not easy to handle failures in configuration • Different kinds of failures with different behavior effects

  31. Manager-Initiated: Actions • To request device to perform certain action: self-test, ping,… • Manager requests an action • Agent runs the action and sends the output • Challenge: delay • In addition to failure • We have the same problems again here!!!

  32. Manager-Initiated: Actions (cont’d)

  33. Agent-Initiated Communications • Agent sends the manager an event (trap) message • To bring something to the manager’s attention • To inform manager about something • Unsolicited communications • For what? (Event Categories) • Alarms: Requires management attention • Threshold-crossing: Performance-related state variable has exceeded a certain value • Might require management attention • Configuration-change: Inform of a configuration change in the device. • Logging: Occur regularly in network operation • Typically, do not require an operator’s attention • But need to be logged

  34. Event: Alarms • Alarm: unexpected event has occurred that likely requires management attention • Examples • Router line card failure • Loss of connectivity • Alarm: condition that persists over a period of time; two states • On: Abnormal condition starts • Off: Conditions back to normal case • Additional information in alarm messages • Alarm severity: Critical, Major, Minor, Warning, Cleared • Additional information to troubleshoot the alarm

  35. Event: Threshold Crossing • A monitored MO has crossed a certain preconfigured value (threshold) • Similar to alarms • Two states: on & off • Information included in this event • The name & value of the monitored MIB • The value of the threshold • Whether the threshold has been crossed or cleared • Oscillation around the threshold • Lot of cross & clear events • Hysteresis threshold to clear the event

  36. Event: Configuration Change • 1) Many applications need accurate information of network configuration • 2) Due to infrequent changes, configuration information are cached • 3) Configuration can be modified externally (not through the NM application), e.g., CLI • 1 + 2 + 3  configuration change event • To keep update the cache • Without wasting bandwidth • Without out-of-date cache periods

  37. Event: Configuration Change Ideal Practice Modified MOs New Values Source of change Config modified!

  38. Agent-Initiated Challenges: Reliability • How to make sure that event is received to manager? • Reliable transport? • Overhead • E.g., TCP: SYN, SYN & ACK, ACK • What happen in notification storm? • Acknowledgement? • Extra overhead • Must used in mission critical networks

  39. Manager-Initiated vs. Agent-Initiated • Overhead • Event-based management is more efficient • Less wasteful, more scalable, more responsive • Capability • Event-based is not possible in every case • Example: Service provisioning • Reliability • In polling based, initiator wait for response  can detect failures • In event based, acknowledge can be used

  40. Outline • Introduction • Communication Patterns • SNMP • CLI • syslog • Netconf • NetFlow/IPFIX

  41. SNMP • Simple Network Management Protocol • Widely to retrieve operational data, not for configuration • Original SNMP: SNMPv1 • Keep SNMP agent implementations simple • User extensible with new management information • Next version: SNMPv2 • Performance enhancement • Current version: SNMPv3 • Not quite as simple, more complex than original one • Adds security and modularity to design goals

  42. SNMP Standard • SNMP is a series of IETF RFCs: • 1) The protocol itself • 2) The MIB specification language • SMI • SMIv2 • 3) Series of standard MIB definitions • 4) The architecture of agent implementations

  43. SNMP Fundamental Principles • Separate definition of management information from definition of management protocol • Management information • Specified in MIB modules • MIB specification language (SMI, SMIv2) • Extensible by users: Enterprises can define their own • Standardized MIB modules for commonly used information available • Management protocol itself • Fixed set of basic services that operate on management information • Retrieve and modify information, report events • Encoding of management information: Basic Encoding Rules (BER) • Not extensible by users

  44. SNMP Protocol Stack

  45. SNMP Operations

  46. SNMP Summary • Agent describes manageable parameters as the MIB by SMI • Moreover, some standard MIBs are supported • Manager uses the MIB to find the ID of MO • Manager creates a request message for the ID • get-request, get-next-request, set-request • The message is encapsulated in UDP and sent • Agent processes the message and response • get-response

  47. Outline • Network Management Protocol • Communication Patterns • SNMP • CLI • syslog • Netconf • NetFlow/IPFIX

  48. CLI • CLI: Command Line Interface • Administrator interface for networking devices • It is for humanoperator to interact with the device • Not intended for (but also used by) electronic applications issues • Accessible via Console, Telnet, SSH • Very comprehensive and complete • Anything you can configure you can do through CLI • Most (not all) information can be viewed using CLI • Not a standard – different flavors exist but same concepts • Different vendors – Cisco, Juniper, Huawei, … • Not fixed set of command, new features add new commands • Different from SNMP which has fixed set of primitives

  49. CLI Basic Concepts by Cisco IOS • Internet Operating System • OS on the vast majority of Cisco routers and switches • 1) Different privileges • user EXEC: view information, status, statistics • privileged EXEC: control the router (e.g. change how it is configured) • Switch from user to privileged EXEC using “enable” command • 2) Commands hierarchy • Not all commands are available in all context • Simplifying the management

  50. Cisco IOS CLI Example • Configuration of IP address on an interface

More Related