BK

TP.HCM
Introduction
Network Administration Tasks
Basic Tools
Network Analyzer and Monitoring
Network Management Softwares
SNMP-based Softwares
SMI
MIB
Network Management Plat-forms
Network Backup
Chapter 8 : Network Management
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
2
Computer Network 2
Network Management
Objective :
Maintenance of computer hardwares and softwares
that comprises a computer network
Deployment, configuration, maintenance and
monitoring of active network equipment
>>>>>>> Network Administrators
A related role is that of the Network Specialist, or
Network Analyst, who concentrate on network design
and security
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
3
Computer Network 2
Network Administration Tasks
Installing and maintaining networking hardwares and softwares
Assigning names and addresses to each computer or device on
the network
Assigning names and identification numbers (IDs) to network
users and groups
Performing the commands required to share, remove, and
restrict resources
Updating all appropriate networking files on your network's
machines
Troubleshooting network activity
Performance tuning
Report in regular basic
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
4
Computer Network 2
Basic Tools (1/3)
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
5
Computer Network 2
Basic Tools (2/3)
BK
TP.HCM
Basic Tools (3/3)
BK
TP.HCM
Network Analyzer and Monitoring Softwares
http://www.slac.stanford.edu/xorg/nmtf/nmtf-
tools.html
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
8
Computer Network 2
Network Analyzer and Monitoring
Wireshark, Sniffer Pro, Packet Tracer
BK
TP.HCM
Infrastructure for Network Management
agent
data
agent
data
agent
data
agent
data
managed device
managed device
managed device
managed device
managing
entity
data
network
management
protocol


managing entity
Basic components
* Managed device
= Slave device
* Agent =
software which runs
on Slave device
* Network
management system
(NMS) = software
which runs on Master

BK
TP.HCM
Network Management Standards
OSI CMIP:
Common Management
Information
Protocol
designed 1980s: the
unifying net
management
standard
too slowly
standardized
SNMP: Simple Network
Management
Protocol
Internet roots (SGMP)
started simple
deployed, adopted
rapidly
growth: size,
complexity
currently: SNMP V3
de facto network
management standard
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
11
Computer Network 2
SNMP-based Administration
SNMP v.1/2c/3 : SNMP is used in network
management systems to monitor network-attached
devices. It consists of a set of standards for network
management, including an Application Layer protocol,
a database schema, and a set of data objects
Implementations
* Net-SNMP (Net-SNMP: Open source SNMP
implementation)
* Netsnmpj: Open source SNMP for Java
* SnmpB: Open source MIB Browser
* OpenSNMP: multi-threaded SNMPv3 engine
* PySNMP: pure-Python module, BSD license
* Ruby SNMP: Open source SNMPv1 and v2 for Ruby
* iReasoning MIB Browser / SNMP Manager (Free)
* Net::SNMP : a pure Perl module that implements
SNMPv1, v2 and v3 on IPv4 and IPv6
* SNMP4J - Free SNMP API for Java Managers and
Agents
* Nstrument Snmp Library for .Net
* Snmp++/Agent++ Libraries
* SNMP Manager LoriotPro free edition
* BSNMP - mini SNMP daemon
BK
TP.HCM
Internet-standard Management Framework
SNMP protocol
convey manager<->managed object info, commands
Structure of Management Information (SMI):
data definition language for MIB objects
Management information base (MIB):
distributed information store of network
management data
Security, administration capabilities
major addition in SNMPv3
BK
TP.HCM
SNMP Component Translation
BK
TP.HCM
Simple Network Management Protocol
SNMP defines the format of packets exchanged
between a manager and an agent. It reads and changes
the status (values) of objects (variables) in SNMP
packets

SNMP is an application program that allows:
1) a manager to retrieve the value of an object defined in
an agent
2) a manager to store a value in an object defined in an
agent
3) an agent to send an alarm message about an abnormal
situation to the manager
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
15
Computer Network 2
SNMP Protocol
BK
TP.HCM
Manager-Agent Exchanges
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
17
Computer Network 2
BK
TP.HCM
SNMP Protocol: Message Types
GetRequest
GetNextRequest
GetBulkRequest
Mgr-to-agent: get me data
(instance,next in list, block)
Message type Function
InformRequest Mgr-to-Mgr: heres MIB value
SetRequest
Mgr-to-agent: set MIB value
Response
Agent-to-mgr: value, response to Request
Trap Agent-to-mgr: inform manager
of exceptional event
BK
TP.HCM
SNMP Message Format
BK
TP.HCM
Message Format Explanation
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
21
Computer Network 2
SNMP v.3 Message Format
BK
TP.HCM
Structure of Management Information
SMI defines the general rules for
naming objects, defining object types
(including range and length), and
showing how to encode objects and
values. SMI defines neither the number
of objects an entity should manage, nor
names the objects to be managed nor
defines the association between the
objects and their values
SMI use an adapted subset of ASN.1
Language
BK
TP.HCM
ASN.1: Abstract Syntax Notation 1
ISO standard X.680
used extensively in Internet
Defined data types, object constructors
like SMI
BER: Basic Encoding Rules
specify how ASN.1-defined data objects to be
transmitted
each transmitted object has Type, Length, Value
(TLV) encoding
BK
TP.HCM
Object Attributes
All objects managed by SNMP are given
an object identifier
The object identifier always starts with
1.3.6.1.2.1.
BK
TP.HCM
SMI Naming : Object Identifier
BK
TP.HCM
SMI: Data Type Definition
Purpose: syntax, semantics of
management data well-defined,
unambiguous
Base data types: straightforward,
boring
OBJECT-TYPE
data type, status, semantics
of managed object
MODULE-IDENTITY
groups related objects into
MIB module
Basic Data Types
INTEGER
Integer32
Unsigned32
OCTET STRING
OBJECT
IDENTIFIED
IPAddress
Counter32
Counter64
Guage32
Time Ticks
Opaque
BK
TP.HCM
SMI: Object, Module Examples
OBJECT-TYPE: ipInDelivers

ipInDelivers OBJECT TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
The total number of input
datagrams successfully
delivered to IP user-
protocols (including ICMP)
::= { ip 9}
MODULE-IDENTITY: ipMIB

ipMIB MODULE-IDENTITY
LAST-UPDATED 941101000Z
ORGANZATION IETF SNPv2
Working Group
CONTACT-INFO
Keith McCloghrie

DESCRIPTION
The MIB module for managing IP
and ICMP implementations, but
excluding their management of
IP routes.
REVISION 019331000Z

::= {mib-2 48}
BK
TP.HCM Base Data Types
BK
TP.HCM
SMI : Encoding Format
BK
TP.HCM
SNMP : MIB
OBJECT TYPE:
OBJECT TYPE:
OBJECT TYPE:
objects specified via SMI
OBJECT-TYPE construct
MIB module specified via SMI
MODULE-IDENTITY
(100 standardized MIBs, more vendor-specific)

MODULE
A management information base (MIB) stems from the
OSI/ISO Network management model. It comprises a
collection of objects in a (virtual) database used to
manage entities (such as routers and switches, etc) in a
network
BK
TP.HCM
MIB Tree
BK
TP.HCM
SNMP Naming
Question: how to name every possible standard object
(protocol, data, more..) in every possible network
standard?
Answer: ISO Object Identifier tree: hierarchical naming of
all objects, each branchpoint has name, number
1.3.6.1.2.1.7.1
ISO
ISO-ident. Org.
US DoD
Internet
udpInDatagrams
UDP
MIB2
management
BK
TP.HCM
MIB Browser
BK
TP.HCM
MIB Example: UDP Module
Object ID Name Type Comments
1.3.6.1.2.1.7.1 UDPInDatagrams Counter32 total # datagrams delivered
at this node
1.3.6.1.2.1.7.2 UDPNoPorts Counter32 # underliverable datagrams
no app at portl
1.3.6.1.2.1.7.3 UDInErrors Counter32 # undeliverable datagrams
all other reasons
1.3.6.1.2.1.7.4 UDPOutDatagrams Counter32 # datagrams sent
1.3.6.1.2.1.7.5 udpTable SEQUENCE one entry for each port
in use by app, gives port #
and IP address
BK
TP.HCM
BK
TP.HCM
UDP Variables and Tables
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
37
Computer Network 2
Usage of SNMP v.3 Objects
Usage :
Monitoring device uptimes (sysUpTimeInstance)
Inventory of OS versions (sysDescr)
Collect interface information (ifName, ifDescr,
ifSpeed, ifType, ifPhysAddr)
Measuring network interface throughput
(ifInOctets, ifOutOctets)
Querying a remote
ARP cache (ipNetToMedia)
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
38
Computer Network 2
SNMP Applications
BK
TP.HCM
SNMP v3 Security and Administration
Encryption: DES-encrypt SNMP message
Authentication: compute, send MIC(m,k): compute hash
(MIC) over message (m), secret shared key (k)
Protection against playback: use nonce
View-based access control
SNMP entity maintains database of access rights,
policies for various users
database itself accessible as managed object!
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
40
Computer Network 2
RMON v.1/2
The Remote Network MONitoring (RMON) MIB
was developed by the IETF to support monitoring and
protocol analysis of LANs
RMON is designed for "flow-based" monitoring,
while SNMP is often used for "device-based"
management
A minimal RMON agent implementation could
support only statistics, history, alarm, and event
The RMON1 MIB consists of ten groups
The RMON2 MIB adds ten more groups
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
41
Computer Network 2
RMON Applications
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
42
Computer Network 2
Configuration using RMON
Using RMON to
analyze and
monitor network
traffic data
within remote
LAN segments
from a central
location

Detect, isolate,
diagnose, and
report potential
and actual
network
problems before
they escalate to
crisis situations
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
43
Computer Network 2
Network Administration Platforms
A suite of software applications which allow large-
scale system and network management of an
organization's IT infrastructure. It included optional
modules from property company as well as third
parties which connect within the well-defined
framework and communicate with one another
Example : HP OpenView, IBM Tivoli, Computer
Associates Unicenter, Cabletron Spectrum, Cisco
Network Assistant, and some OpenSource like
ZenOss, Nagios, MRTG, RRDTools, etc
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
44
Computer Network 2
Introduction of ZenOss Software
Zenoss (Zenoss Core) is an open source application,
server and network management platform based on the
Zope application server. It's released under the GNU
General Public License (GPL) version 2
Zenoss Core provides a web interface that allows
system administrators to monitor availability,
inventory/ configuration, performance, and events
Platforms : Red Hat Enterprise Linux / CentOS (4, 5), Fedora (Core 6,
7, 8), Ubuntu (6.10, 7.04, 7.10, 8.04), FreeBSD (6.1, 6.2), Debian (Sarge),
SuSE (10, 10.2), Solaris 10, Gentoo, Mac OS X, VMWare Appliance


BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
45
Computer Network 2
ZenOss : Functional Devices
Zenoss delivers a single product to monitor the entire
IT infrastructure:
Networks - Routers, Switches, Firewalls, Access Points
Servers - Microsoft Windows, Linux, Unix, HP, NetApp,
Dell
Virtualization - Complete VMware Virtual Infrastructure
(VI3) Management, XenSource Monitoring
Applications - Processes, Ports, Web Apps, Web Services,
Databases, Middleware, Commercial Apps

BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
46
Computer Network 2
ZenOss : A unique approach
Using agentless collection and standards-based
management protocols : WMI, PerfMon, SNMP,
JMX, HTTP, Telnet, SSH, Syslog, ICMP, FTP,
SMTP, etc.
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
47
Computer Network 2
ZenOss : A full lifecycle
Configuration Management - Auto-discovery,
inventory, CMDB, change tracking
Availability Management - Active tests up and down
the stack
Performance Monitoring - Collect and analyze
metrics up and down the stack
Event/Log Management - Central collection and
management of alarms and breaches
Automatic Remediation - Respond to and resolve
issues as they occur
BK
TP.HCM
Trng HBK TP.HCM - Khoa Khoa hoc & Ky thut may tinh 2008
48
Computer Network 2
Network Backup : Features
Opened File Backup, Continuous backup
Multi-platform, Multi-site
Online Access to files
Data Compression
Differential Data Compression
Data Encryption
Bandwidth Usage
Cost factors : total amount of data, number of
machines, maximum number of versions
BK
TP.HCM
Network Management: Summary
Network Management
Extremely important: 80% of network cost
ASN.1 for data description
SNMP protocol as a tool for conveying
information
Network management: more art than science
What to measure/monitor
How to respond to failures?
Alarm correlation/filtering?