Chapter 3
Chapter 3
Basic Foundations:
Standards, Models, and Language
And
Chapter 13
Network Management Applications
Network Management: Principles and Practice
© Mani Subramanian 2000
1
Chapter 3
Introduction
• Standards
• Standards organizations
• Protocol standards of transport layers
• Protocol standards of management
(application) layer
• Management Models
• Language
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
2
Chapter 3
Table 3.1 Network Management Standards
Standard
OSI / CMIP
Salient Points
 International standard (ISO / OSI)
(Common
 Management of data communications network - LAN and WAN
Management  Deals with all 7 OSI layers
Information
 Most complete
Protocol)
 Object oriented – classes, inheritance
 Well structured and layered
 Consumes large resource in implementation – complex
SNMP /
Internet
 Industry standard (IETF)
TMN
 International standard (ITU-T)
 Originally intended for management of Internet components,
(Simple
currently adopted for WAN and telecommunication systems
Network
 Easy to implement – uses scalar objects
Management
 Most widely implemented
Protocol)
(Telecom
 Management of telecommunications network – service
Management
providers
Network)
 Based on OSI network management framework
 Addresses both network and administrative aspects of
management – Service and Business Management
IEEE
 IEEE standards adopted internationally
 Addresses LAN and MAN management
 Adopts OSI standards significantly
 Deals with first two layers of OSI RM – Physical and Data Link
Web-based
 Web-Based Enterprise Management (WBEM) – spec by DMTF
Management  Java Management Extensions (JMX) – called earlier JMAPI
Network Management: Principles and Practice
© Mani Subramanian 2000
3
Chapter 3
OSI NM Architecture and Model
Network
Mangement
Organization
Model
Information
Model
Communication
Model
Functional
Model
Figure 3.1 OSl Network Management Model
Notes
• Organization model
• Network management components
• object, agent, and manager
• Functions of components
• Relationships
• Information model
• Structure of management information (SMI)
• Syntax and semantics
• Management information base (MIB)
• Organization of management information
• Object-oriented
Network Management: Principles and Practice
© Mani Subramanian 2000
4
Chapter 3
OSI NM Architecture and Model
Network
Mangement
Organization
Model
Information
Model
Communication
Model
Functional
Model
Figure 3.1 OSl Network Management Model
Notes
• Communication model
• Transfer syntax with bi-directional messages
• M-SET, M-GET
• Transfer structure (PDU)
• Functional model – User oriented requirements of NM
• Application functions (Covered in chapter 13)
• Configure components (CM)
• Monitor components (FM)
• Measure performance (PM)
• Secure information (SM)
• Usage accounting (AM)
Network Management: Principles and Practice
© Mani Subramanian 2000
5
Chapter 3
SNMP Architecture and Model
(Not defined explicitly)
Network
Mangement
Organization
Model
Information
Model
Communication
Model
Functional
Model
Figure 3.1 OSl Network Management Model
Notes
• Organization model
• Same as OSI model
• Information model
• Same as OSI, but scalar
•Communication model
• Messages less complex than OSI
and unidirectional (request, response)
• Transfer structure (PDU)
• Functional model
• Application functions in terms of
• Operations (get, set)
• Administration – who has access to what
• Security – community-based
Network Management: Principles and Practice
© Mani Subramanian 2000
6
Chapter 3
TMN Architecture
• Addresses management of telecommunication
networks
• Based on OSI model
• Superstructure on OSI network
• Addresses network, service, and business
management
• See chapter 11 for more details
Business Management
q3
Service Management
q3
Network Management
q3
Element Management
q3
Managed Network Element
Figure 11.11 TMN Service Architecture
Network Management: Principles and Practice
© Mani Subramanian 2000
7
Chapter 11
Example (NMF)
TMN Logical
Layered Architecture
Business
Management
q3
Ref. Point
Service
Management
q3
Ref. Point
Network
Management
q3
Ref. Point
Element
Management
Physical Realization of
TMN Architecture
Customer
Service
Management
Q3
Service
Details
Service Mgmt
Tarif/Charging
Service Mgmt
Provisioning
Service
Configuration
Net Mgmt
Routing Admin
Equipment
Configuration
Net Element
Cust Admin
Q3
Performance and
Billing Data
Service Mgmt
Other
Serviceimpacting
Events
Net Mgmt
Traffic Admin
Q3
Net Mgmt
Restoration
Equipment
Alarms
Net Element
Switch Mgmt
Net Element
Trans Eqpt
Mgmt
Figure 11.14 TMN Realization Example (NMF)
Network Management: Principles and Practice
© Mani Subramanian 2000
8
Chapter 3
Organization Model
• Manager
• Manages the managed elements
• Sends requests to agents, retrieves
management information & stores it in MDB
• Monitors alarms – unsolicited
traps/notifications from agents
• Houses applications, e.g., CM, FM, etc.
• Provides user interface, e.g., HPOpenview
• Agent
• Gathers information from objects – get
• Configures parameters of objects – set
• Responds to managers’ requests –
response
• Generates alarms and sends them to
managers (unsolicited) – trap
• Managed object
• Network element that is managed, e.g.,
hubs, bridges, etc.
• Houses management agent – process
running
• All objects are either not managed or
manageable (more expensive)
Network Management: Principles and Practice
© Mani Subramanian 2000
9
Chapter 3
Two-Tier Model
MDB
Manager
Managed objects
Unmanaged objects
MDB Management Database
Agent process
Figure 3.2 Two-Tier Network Mangement Organization Model
Notes
• Agent built into network element
Example: Managed hub, managed router
• A manager can manage multiple elements
Example: Switched hub, ATM switch
• MDB is a physical database
• Unmanaged objects are network elements
that are not managed - both physical (unmanaged
hub) and logical (passive elements)
Network Management: Principles and Practice
© Mani Subramanian 2000
10
Chapter 3
Three-Tier Model
MDB
Manager
MDB
Agent / Manager
Managed objects
MDB Management Database
Agent process
Figure 3.3 Three-Tier Network Mangement Organization Model
Notes
• Middle layer plays the dual role
• Agent to the top-level manager
• Manager to the managed objects - e.g., collects data
• Example of middle level: Remote monitoring
agent (RMON)
• Examples:
• Statistical measurement on a network
• Local site passes information to a remote site
Network Management: Principles and Practice
© Mani Subramanian 2000
11
Chapter 3
Manager of Managers
MoM
Agent
Agent NMS
Manager
MDB
Agent
Agent NMS
MDB
Manager
MDB
Managed objects
Managed objects
Agent NMS
MoM Manager of Managers
MDB Management Database
Agent
Manager
Agent process
Figure 3.4 Network Mangement Organization Model with MoM
Notes
• Agent NMS manages the domain
• MoM presents integrated view of domains
• Domain may be geographical (cities), administrative
(departments), vendor-specific products (Cisco), etc.
Network Management: Principles and Practice
© Mani Subramanian 2000
12
Chapter 3
Peer NMSs
Agent NMS
Manager NMS
Manager NMS
Agent NMS
Figure 3.5 Dual Role of Management Process
Notes
• NMSs configured in a peer-to-peer relationship
• Network management system acts as peers
• Dual role of both NMSs
• Example: Two network service providers exchange
Management information
• Dumbbell architecture discussed in Chapter 1
• Notice that the manager and agent functions are
processes and not systems
Network Management: Principles and Practice
© Mani Subramanian 2000
13
Chapter 1
Interoperability
NMS
Vendor A
Messages
Services & Protocols
NMS
Vendor B
Network
Agent
Network
Agent
Network
Agent
Network
Agent
Network
Objects
Network
Objects
Network
Objects
Network
Objects
Application
Services
Objects
Objects
Vendor A
Management
Protocol
Vendor B
Objects
Objects
Transport
Protocols
(b) Services and Protocols
Figure 1.23 Network Management Dumbbell Architecture
Notes
• Message exchange between NMSs managing
different domains
Network Management: Principles and Practice
© Mani Subramanian 2000
14
Chapter 3
Information Model:
Analogy
• Information model – Structure & storage of information
• Figure in a book uniquely identified by
• ISBN, Chapter, and Figure number in that
hierarchical order
• ID: {ISBN, chapter, figure} – Hierarchy of designation
• The three elements above define the syntax – format
• Semantics is the meaning of the three
entities according to Webster’s dictionary
• The information comprises syntax and semantics
about an object
Notes
• Management information model =
objects representation (SMI) +
management information of objects (MIB)
• SMI defines the syntax & semantics of management
information stored in the MIB
• Information model specifies the information base to
describe managed objects and their relationships
(i.e., MIB)
Network Management: Principles and Practice
© Mani Subramanian 2000
15
Chapter 3
Structure of Management Information
(SMI)
• SMI defines for a managed object:
• Syntax
• Semantics – i.e., definition
• plus additional information such as status
• Example
sysDescr:
{ system 1 }
Syntax:
OCTET STRING
Definition: "A textual description of the entity. "
Access:
read-only
Status:
mandatory
Notes
• Uses ASN.1: Abstract Syntax Notation One
• See RFC 1155:
• Section 4. Managed objects
• Section 4.3. Macros
Network Management: Principles and Practice
© Mani Subramanian 2000
16
Chapter 3
Management Information Base (MIB)
• Used by manager & agents to store & exchange
management information
• Information base contains information about objects
• Organized by grouping of related objects (e.g., IP group)
• Defines relationship between objects (e.g., object system
is a parent of object sysDescr)
• It is NOT a physical database. It is a virtual
database that is compiled into management module
Notes
• The agent MIB is used for accessing local information
requested by the manager, and sending a response back
• The manager MIB is used for accessing information
on all network components the manager manages.
• See RFC 1213
Network Management: Principles and Practice
© Mani Subramanian 2000
17
Chapter 3
Information Base View: An Analogy
• Fulton County library system has many branches
• Each branch has a set of books
• The books in each branch is a different set
• The information base of the county has the
view (catalog) of all books
• The information base of each branch has the
catalog of books that belong to that branch.
That is, each branch has its view (catalog) of
the information base
• Let us apply this to MIB view
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
18
Chapter 3
MIB View and Access of an Object
• A managed object has many attributes - its
information base (e.g., IPAddress, # of ports)
• There are several operations that can be
performed on the objects (get, set)
• A user (manager) can view and perform only
certain operations on the object by invoking
the management agent – privileges depends on
the user and the managed object
• The view of the object attributes that the agent
perceives is the MIB view
• The operation that a user can perform is the
MIB access
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
19
Chapter 3
Management Data Base / Information Base
Manager
MDB
MIB
MDB Management Database
MIB Management Information Base
Agent process
Managed objects
Figure 3.6 Network Configuration with Data and Information Base
Notes
• Distinction between MDB and MIB
• MDB physical database; e.g.. Oracle, Sybase
• MIB virtual database; schema compiled into
management software (for processes to
exchange information)
• An NMS can automatically discover a managed
object, such as a hub, when added to the network
• The NMS can identify the new object as hub only
after the MIB schema of the hub is compiled into
NMS software
Network Management: Principles and Practice
© Mani Subramanian 2000
20
Chapter 3
Managed Object
• Managed objects can be
• Network elements (hardware, system)
• hubs, bridges, routers, transmission facilities
• Software (non-physical)
• programs, algorithms
• Administrative information
• contact person, name of group of objects
(IP group)
Notes
• In fact, any type of info that can be included in the
MIB can be managed.
Network Management: Principles and Practice
© Mani Subramanian 2000
21
Chapter 3
Management Information Tree
Root
Level 1
Level 2
Level 3
Figure 3.7 Generic Representation of Management Information Tree
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
22
Chapter 3
OSI Management Information Tree
itu
0
iso
1
iso-itu
2
org
3
dod
6
internet
1
Figure 3.8 OSI Management Information Tree
Notes
• iso
International Standards Organization
itu
International Telecommunications Union
dod Department of Defense
• Designation:
• iso
1
• org
1.3
• dod
1.3.6
• internet 1.3.6.1 – all internet managed
objects will start with this
Network Management: Principles and Practice
© Mani Subramanian 2000
23
Chapter 3
Object Type and Instance
• Type
• Name
• Syntax
• Definition
• Status
• Access
• Instance
Notes
• Example of a circle
• “circle” is syntax
• Semantics is definition from dictionary
“A plane figure bounded by a single curved
line, every point of which is of equal distance
from the center of the figure.”
• Analogy of nursery school
Network Management: Principles and Practice
© Mani Subramanian 2000
24
Chapter 3
Managed Object:
Internet Perspective
Access:
Access
privilege
Object Type:
Object ID and
Descriptor
circle
Status:
Implementaion
requirements
Syntax :
model of object
Defintion:
Semantics textual description
Figure 3.9(a) Internet Perspective
Notes
object ID
unique ID
and descriptor
syntax
and name for the object
used to model the object
access
access privilege to a managed object
status
implementation requirements
definition
textual description of the semantics
of object type
Network Management: Principles and Practice
© Mani Subramanian 2000
25
Chapter 3
Managed Object:
OSI Perspective
Object Class:
Circular
object
Behaviour
Object Class:
Elliptical
object
Notifications :
Notify changes in
attribute values
Operations:
Push
Attributes :
circle, dimension
Attributes:
ellipse, dimension
Figure 3.9(b) OSI Perspective
Notes
object class
managed object
attributes
attributes visible at its boundary
operations
operations which may be applied to it
behaviour
behaviour exhibited by it in response to operation
notifications
notifications emitted by the object
Network Management: Principles and Practice
© Mani Subramanian 2000
26
Chapter 3
Packet Counter Example
Characteristics
Example
Object type
PktCounter
Syntax
Counter
Access
Read-only
Status
Mandatory
Description
Counts number of packets
Figure 3.10(a) Internet Perspective
Characteristics
Example
Object class
Packet Counter
Attributes
Single-valued
Operations
get, set
Behavior
Retrieves or resets values
Notifications
Generates notifications on new
value
Figure 3.10 (b) OSI Perspective
Figure 3.10 Packet Counter As Example of Managed Object
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
27
Chapter 3
Internet Vs OSI Managed Object
• Scalar object in Internet vs. Object-Oriented
approach in OSI
• OSI characteristics of operations, behavior, and
notification are part of communication model in
Internet: get/set and response/alarm
• Internet syntax is absorbed as part of OSI attributes
• Internet access is part of OSI security model
• Internet status is part of OSI conformance application
• OSI permits creation and deletion of objects;
Internet does not. However, enhancement in SNMPv2
include:
• Defining new data types
• Adding or deleting conceptual rows in tables
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
28
Chapter 3
Mgmt. Communication Model
Operations /
Requests
Manager
Applications
Responses
Agent
Notifications /
Traps
Network Elements /
Managed Objects
Figure 3.11 Management Message Communication Model
Notes
• In Internet requests/responses, in OSI operations
• In Internet traps and notifications (SNMPv2),
in OSI notifications
Network Management: Principles and Practice
© Mani Subramanian 2000
29
Chapter 3
Transfer Protocols
Manager
Applications
Operations / Requests / Responses
Traps / Notifications
Agent
Applications
Manager
Communication
Module
SNMP (Internet)
CMIP (OSI)
Agent
Communication
Module
Transport Layers
UDP / IP (Internet)
OSI Lower Layer Profiles (OSI)
Transport Layers
Physical Medium
Figure 3.12 Management Communication Transfer Protocols
Notes
• Internet is based on SNMP; OSI is based on CMIP
• OSI uses CMISE (Common Management Information
Service Element) application with CMIP
• OSI specifies both c-o and connectionless transport
protocol; SNMPv2 extended to c-o, but rarely used
Network Management: Principles and Practice
© Mani Subramanian 2000
30
Chapter 3
Abstract Syntax Notation One
• ASN.1 is more than a syntax; it’s a formal language
• Addresses both syntax and semantics
• Two type of syntax
• Abstract syntax: set of rules that specify
data type and structure for information storage
• Transfer syntax: set of rules for communicating
information between systems
• Makes application layer protocols independent
of lower layer protocols
• Can generate machine-readable code: Basic
Encoding Rules (BER) is used in management
modules
Notes
• ASN.1 developed jointly by ITU-T and ISO
• Abstract syntax → Information model
• Transfer syntax → communication model
Network Management: Principles and Practice
© Mani Subramanian 2000
31
Chapter 3
Backus-Nauer Form (BNF)
Definition:
<name> ::= <definition>
Rules:
<digit> ::= 0|1|2|3|4|5|6|7|8|9
<number> ::= <number> | <digit> <number>
<op> ::= +|-|x|/
<SAE> ::= <number>|<SAE>|<SAE><op><SAE>
Example:
• 9 is primitive 9
• 19 is construct of 1 and 9
• 619 is construct of 6 and 19
Notes
• BNF is used for ASN.1 constructs
• Constructs developed from primitives
• The above example illustrates how numbers
are constructed from the primitive <digit>
• Simple Arithmetic Expression entity (<SAE>) is
constructed from the primitives <digit> and
<op>
Network Management: Principles and Practice
© Mani Subramanian 2000
32
Chapter 3
Simple Arithmetic Expression
<SAE> ::= <number> | <SAE><op><number>
Example: 26 = 13 x 2
Constructs and primitives
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
33
Chapter 3
Type and Value
• Assignments
• <BooleanType> ::= BOOLEAN
• <BooleanValue> ::= TRUE | FALSE
• ASN.1 module is a group of assignments
person-name Person-Name::=
{
first
"John",
middle "I",
last
"Smith"
}
Notes
• Two basic parameters associated with
an entity (e.g., BOOLEAN)
• Data type
• Value (assigned to this data type)
• Keywords: entities with all capital letters
(e.g., TRUE)
Network Management: Principles and Practice
© Mani Subramanian 2000
34
Chapter 3
Data Type: Example 1
PersonnelRecord ::= SET
{
Name,
title
GraphicString,
division CHOICE {
marketing
[0] SEQUENCE
{Sector,
Country},
research
[1] CHOICE
{product-based [0] NULL,
basic
[1] NULL},
production
[2] SEQUENCE
{Product-line,
Country }
} }
etc.
Figure 3.13 ASN.1 Data Type Definition Example 1
Notes
• Module name starts with capital letters
• Tags uniquely identify a data type
• Data types:
• Primitives: NULL, GraphicString
• Constructs
• Alternatives : CHOICE
• List maker: SET, SEQUENCE
• Repetition: SET OF, SEQUENCE OF
• Difference between SET and SEQUENCE
Network Management: Principles and Practice
© Mani Subramanian 2000
35
Chapter 3
Data Type: Example 2
Trade-message ::= SEQUENCE
{invoice-no
INTEGER
name
GraphicString,
details
SEQUENCE OF
SEQUENCE
{part-no
INTEGER
quantity
INTEGER},
charge
REAL,
authenticator
Security-Type}
Security-Type ::= SET
{
…
…
… }
Figure 3.14 ASN.1 Data Type Definition Example 2
Notes
• SET
– No order required
– Order not important
– Data types should all be distinct
• SEQUENCE
– The order in the list is maintained
• SEQUENCE OF SEQUENCE makes tables of rows
Network Management: Principles and Practice
© Mani Subramanian 2000
36
Chapter 3
Modules
Formal Definition:
<module name> DEFINITIONS ::= BEGIN
<name> ::= <definition>
<name> ::= <definition>
END
Example:
RFC1213 DEFINITIONS ::= BEGIN
…
…
END
Notes
• A module is a group of assignments.
• Modules can be imported into and exported
from other modules.
Network Management: Principles and Practice
© Mani Subramanian 2000
37
Chapter 3
ASN.1 Symbols
Symbol
Meaning
::=
Defined as
|
or, alternative, options of a list
-
Signed number
--
Following the symbol are comments
{}
Start and end of a list
[]
Start and end of a tag
()
Start and end of subtype
..
Range
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
38
Chapter 3
Keyword Examples
• CHOICE
• SET
• SEQUENCE
• OF
• NULL
Notes
• Keywords are in all UPPERCASE letters
Network Management: Principles and Practice
© Mani Subramanian 2000
39
Chapter 3
ASN.1 Data Type Conventions
Data Types
Convention
Example
Object name
Initial lowercase letter
sysDescr, etherStatsPkts
Application data type
Initial uppercase letter
Counter, IpAddress
Module
Initial uppercase letter
PersonnelRecord
Macro, MIB module
All uppercase letters
RMON-MIB
Keywords
All uppercase letters
INTEGER, BEGIN
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
40
Chapter 3
Data Type: Structure & Tag
Data Type
Tag
Structure
Number
Simple
Structured
Tagged
Other
Universal
Class
Application
Contextspecific
Private
Figure 3.15 ASN.1 Data Type Structure and Tag
Notes
• A Data Type is defined based on a structure and a tag
• Structure defines how data type is built
• Tag uniquely identifies the data type
Network Management: Principles and Practice
© Mani Subramanian 2000
41
Chapter 3
Structure
• Simple
• PageNumber ::= INTEGER
• ChapterNumber ::= INTEGER
• Structured / Construct
• BookPageNumber ::=
SEQUENCE
{ChapterNumber, Separator, PageNumber}
Example: {1-1, 2-3, 3-39}
• Tagged
• Derived from another type; given a new ID
• In Fig. 3-14, INTEGER could be either universal
or application specific
• Other types:
• CHOICE, ANY
Notes
• BookPages ::= SEQUENCE OF { BookPageNumber}
or
BookPages ::=
SEQUENCE OF
{
SEQUENCE
{ChapterNumber, Separator, PageNumber}
}
Network Management: Principles and Practice
© Mani Subramanian 2000
42
Chapter 3
Tag
• Tag uniquely identifies a data type
• Comprises class and tag number
• Class:
• Universal - always true
• Application - only in the application used
• Context-specific - specific context in application
• Private - used extensively by commercial
vendors
• Example (RFC 1155):
• IpAddress ::= [APPLICATION 0] IMPLICIT OCTET
STRING (SIZE (4))
• Counter ::= [APPLICATION 1] IMPLICIT INTEGER
(0..4294967295)
Notes
Example:
BOOLEAN
INTEGER
research
product-based
Universal 1
Universal 2
[Application 1] (Figure 3.13)
Context-specific under research [0]
Network Management: Principles and Practice
© Mani Subramanian 2000
43
Chapter 3
Enumerated Integer
RainbowColors ::= ENUMERATED
{
}
violet
(0)
indigo
(1)
blue
(2)
green
(3)
yellow
(4)
orange
(5)
red
(6)
Example From the SNMP MIB (RFC
1157):
ErrorStatus ::=
INTEGER {
noError (0),
tooBig (1),
noSuchName (2),
badValues (3),
readOnly(4),
genErr (5)
}
Notes
• ENUMERATED is a special case of INTEGER
• Does not have INTEGER semantics → Arithmetic
operations should not be performed on enumerated
values.
• Example: RainbowColors (5) is orange
Network Management: Principles and Practice
© Mani Subramanian 2000
44
Chapter 3
Subtype Data Type
• A subtype data type is derived from a
parent type.
Example:
PageNumber ::= INTEGER (0..255)
→ Limits the maximum page number to 255
Example (RFC 1213):
sysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS …
…
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
45
Chapter 3
ASN.1 Module Example
• An entry of the address translation table in
SNMP IP MIB (RFC 1213) is the following:
IpNetToMediaEntry ::= SEQUENCE {
ipNetToMediaIfIndex
INTEGER,
ipNetToMediaPhysAddress
PhysAddress,
ipNetToMediaNetAddress
IpAddress,
ipNetToMediaType
INTEGER}
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
46
Chapter 3
ASN.1 Example from ISO 8824
Name:
John P Smith
Title:
Director
Employee Number 51
Date of Hire:
17 September 1971
Name of Spouse; Mary T Smith
Number of Children 2
Child Information
Name
Ralph T Smith
Date of Birth 11 November 1957
Child Information
Name
Susan B Jones
Date of Birth 17 July 1959
(a) Informal description of personnel record
--------------------------------------------------------------------------------------------------------PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
Name,
title [0] VisibleString,
number EmployeeNumber,
dateOfHire [1] Date,
nameOfSpouse [2] Name,
children [3] IMPLICIT SEQUENCE OF ChildInformation DEFAULT { } }
ChildInformation ::= SET {
Name,
dateOfBirth [0] Date }
Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
givenName VisibleString,
initial VisibleString,
familyName VisibleString }
EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
(b) ASN.1 description of the record structure
--------------------------------------------------------------------------------------------------------{ {givenName “John”, initial “T”, familyName “Smith”},
title
“Director”
number
“51”
dateOfHire
“19710917”
nameOfSpouse
{givenName “Mary”, initial “T”, familyName “Smith”},
children
{{
{givenName “Ralph”, initial “T”, familyName “Smith”},
dateOfBirth “19571111”},
{
{givenName “Susan”, initial “B”, familyName “Jones”}
dateOfBirth “19590717”}}}
(c) ASN.1 description of a record value
Network Management: Principles and Practice
© Mani Subramanian 2000
47
Chapter 3
Object Name
itu
0
iso
1
iso-itu
2
org
3
dod
6
internet
1
private
4
enterprise
1
IBM
2
Notes
• Example from RFC 1155:
internet OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) 1}
Network Management: Principles and Practice
© Mani Subramanian 2000
48
Chapter 3
TLV Encoding
Type
Class
(7-8th bits)
Length
P/C
(6th bit)
Class
Universal
Application
Context-specific
Private
Value
Tag Number
(1-5th bits)
th
th
8 bit 7 bit
0
0
0
1
1
0
1
1
P/C bit:
0: primitive
1: construct
Notes
• ASN.1 syntax containing management info is encoded
using the BER (Basic Encoding Rules) → defined for
the transfer syntax.
• ASCII text data is converted to bit-oriented data.
• TLV: Type, Length, and Value are components
of the structure.
• Length: of the Value field in number of octets.
• Value: is encoded based on the data type.
Network Management: Principles and Practice
© Mani Subramanian 2000
49
Chapter 3
TLV Encoding- INTEGER
Type
Class
(7-8th bits)
Class
Universal
Application
Context-specific
Private
Length
P/C
(6th bit)
th
Value
Tag Number
(1-5th bits)
th
8 bit 7 bit
0
0
0
1
1
0
1
1
P/C bit:
0: primitive
1: construct
• INTEGER: Universal 2
• Type: 00000010 [Class (00), P/C (0), Tag (00010)]
• Length:
• If Value length ≤ 127 → Use 1 octet (with b8 = 0)
• If Value length > 127 → Use >1 octet (with b8 = 1)
 First octet indicates number of octets
that follow to specify the Value length.
 Example: 128 → 10000001 10000000
• Value:
• If Value > 0 (always MSB = 0 → add more octets if needed)
 Example: 255 → 00000000 11111111
• If Value < 0 → twos-complement
 Takes the absolute value and inverts all 1s to 0s
and all 0s to 1s, then adds 1.
 Example: -5 → 11111011
• Example: TLV for 255
→ 00000010 00000010 00000000 11111111
Network Management: Principles and Practice
© Mani Subramanian 2000
50
Chapter 3
TLV Encoding- OCTET STRING
Type
Class
(7-8th bits)
Class
Universal
Application
Context-specific
Private
Length
P/C
(6th bit)
th
Value
Tag Number
(1-5th bits)
th
8 bit 7 bit
0
0
0
1
1
0
1
1
P/C bit:
0: primitive
1: construct
Notes
• OCTET STRING: Universal 4
• Type: 00000100 [Class (00), P/C (0), Tag (00100)]
• Length: Number of octets in Value.
• Value: Binary representation of string.
• Example: TLV for ‘0C1B’ →
00000100 00000010 00001100 00011011
Network Management: Principles and Practice
© Mani Subramanian 2000
51
Chapter 3
Macro
<macroname> MACRO ::=
BEGIN
TYPE NOTATION ::= <syntaxOfNewType>
VALUE NOTATION ::= <syntaxOfNewValue>
<auxiliaryAssignments>
END
Macro from RFC 2578 (SMIv2):
OBJECT-IDENTITY MACRO ::=
BEGIN
TYPE NOTATION ::=
"STATUS" Status
"DESCRIPTION" Text
ReferPart
VALUE NOTATION ::= value (VALUE OBJECT IDENTIFIER)
Status ::= "current" | "deprecated" | "obsolete“
ReferPart ::= "REFERENCE" Text | empty
Text ::= value(IA5String)
END
Example:
CS8803 OBJECT-IDENTITY
STATUS
current
DESCRIPTION "A graduate-level network
management course offered every fall by
College of Computing in Georgia Institute of
Technology."
::= {csclasses 50}
Notes
• Macro is used to create new data types
• TYPE NOTATION → defines the syntax of new types
• VALUE NOTATION → defines the syntax of new values
Network Management: Principles and Practice
© Mani Subramanian 2000
52
Chapter 3
Part II
Chapter 13
Network Management Applications
Network Management: Principles and Practice
© Mani Subramanian 2000
53
Chapter 13
Network and Systems Mgmt
Business
Management
Service
Management
Network
Management
System
Management
Element
Management
Resource
Management
Network
Elements
System
Resources
Networked Information Systems
Figure 13.1 Network and System Management
Notes
• TMN architecture expanded to include systems
management
Network Management: Principles and Practice
© Mani Subramanian 2000
54
Chapter 3
Functional Model
OSI
Functional Model
Configuration
Management
Fault
Management
Performance
Management
Security
Management
Accounting
Management
Notes
• Configuration management
• Set and change network configuration and
component parameters
• Network provisioning
• Inventory management
• Network topology
• Set up alarm thresholds
• Fault management
• Detection and isolation of failures in network
• Trouble ticket administration
• Performance management
• Monitor performance of network
• Security management
• Authentication
• Authorization
• Encryption
• Accounting management
• Functional accounting of network usage
Network Management: Principles and Practice
© Mani Subramanian 2000
55
Chapter 13
Network Provisioning
(Configuration Management)
• Provisioning of network resources
• Design
• Installation and maintenance
• Circuit provisioning in telephone industry
• Circuit-switched network
• Automated process
• Provisioning for packet-switched network based on:
• Performance statistics
• QoS requirements
• Example: Provisioning of links is based on
average and peak demands
• ATM networks
• Permanent virtual circuit (PVC)
• Switched virtual circuit (SVC)
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
56
Chapter 13
Inventory Management
(Configuration Management)
• Inventory Management of:
• Equipment
• Facilities
• Efficient Database system:
• Indices and keys for easy access and search
• Characteristics of components
• Status of components
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
57
Chapter 13
Network Topology
(Configuration Management)
• Manual
• Filter parameters → impose constraints
• Auto-discovery by NMS using
• Broadcast ping
• ARP table in devices (e.g., local router)
• Mapping of network
• Layout
• Layering
• Views
• Physical
• Logical
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
58
Chapter 13
Traditional LAN Configuration
Hub 1
Port A
Segment A
A1
A2
Router
Port B
Segment B
B1
Hub 2
B2
Figure 13.2 LAN Physical Configuration
A1
A2
Segment A / Hub 1
Router
Segment B / Hub 2
B1
B2
Figure 13.3 Logical Configuration of Two LAN Segments
Notes
• One-to-one mapping between physical and logical
configuration
Network Management: Principles and Practice
© Mani Subramanian 2000
59
Chapter 13
Virtual LAN Configuration
Hub 1
Segment A
A1
B1
Segment B
Port A / Segment A
Port A / Segment B
Segment A
Router
Switch
A2
Segment B
Hub 2
B2
Figure 13.4 VLAN Physical Configuration
A1 (Hub 1)
A2 (Hub 2)
Segment A / Hub 1 & 2
Router
switch
Segment B / Hub 1 & 2
B1 (Hub 1)
B2 (Hub 2)
Figure 13.5 Logical Configuration of Two VLAN Segments
Notes
• Physical and logical configurations different
• Physical location obtained from System group
Network Management: Principles and Practice
© Mani Subramanian 2000
60
Chapter 13
Fault Management
•
Fault is a failure of a network component
•
Results in loss of connectivity
•
Fault management involves a 5-step process:
1. Fault detection
•
Polling
•
Traps: linkDown, egpNeighborLoss
2. Fault location
•
Detect all components that failed and trace
down the tree topology to where the
problem starts
3. Restoration of service (has higher priority)
4. Fault isolation
• Identification of root cause of the problem
• Fault isolation by network and SNMP tools
to determine source of problem
→ Trouble ticket generated
• Use artificial intelligence /
correlation techniques
5. Problem resolution → Trouble ticket closed
Network Management: Principles and Practice
© Mani Subramanian 2000
61
Chapter 13
Performance Management
• Tools
• Performance Metrics
• Data Monitoring (e.g., RMON)
• Problem Isolation (process similar to FM)
• Performance Statistics
Notes
• Tools:
• Protocol analyzers
• RMON
• MRTG
Network Management: Principles and Practice
© Mani Subramanian 2000
62
Chapter 13
Performance Metrics
• Macro-level
• Throughput
• Response time
• Availability
• Reliability
• Micro-level
• Bandwidth
• Utilization
• Error rate
• Peak load
• Average load
Notes
• Macro-level parameters can be defined in terms
of micro-level parameters
• Response time depends on both network and
system performance.
Network Management: Principles and Practice
© Mani Subramanian 2000
63
Chapter 13
Data Monitoring and
Problem Isolation
• Data monitoring
• Normal behavior
• Abnormal behavior (e.g., excessive collisions,
high packet loss, etc)
• Set up traps (e.g., parameters in alarm group
in RMON on object identifier of interest)
• Set up alarms for criticality
• Manual and automatic clearing of alarms
• Problem isolation
• Manual mode using network and SNMP tools
• Problems in multiple components needs
tracking down the topology
• Automated mode using correlation technology
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
64
Chapter 13
Performance Statistics
• Traffic statistics
• Error statistics
• Used in
• QoS tracking
• Performance tuning
• Validation of SLA
• Trend analysis
• Facility planning
• Functional accounting
Notes
• Statistics require large amount of data sampling →
overhead traffic on the network.
• One solution is RMON → Collecting statistical data is
done locally → Improves overall network performance.
Network Management: Principles and Practice
© Mani Subramanian 2000
65
Chapter 13
Security Management
• Security threats
• Policies and Procedures
• Resources to prevent security breaches
• Firewalls
• Cryptography
• Authentication and Authorization
• Client/Server authentication system
• Message transfer security
• Network protection security
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
66
Chapter 7
Security Threats (RFC 3414)
Modification of information
Masquerade
Message stream modification
Management
Entity A
Management
Entity B
Disclosure
Figure 7.10 Security Threats to Management Information
Notes
• Modification of information: Contents modified by
unauthorized user, does not include address change
• Masquerade: change of originating address by
unauthorized user
• Message Stream Modification: Fragments of message
altered by an unauthorized user to modify the meaning
of the message
• Disclosure: is eavesdropping. This does not require
interception of message
• Denial of service and traffic analysis are not
considered as threats
Network Management: Principles and Practice
© Mani Subramanian 2000
67
Chapter 13
Security Threats
Modification of information
Masquerade
Message stream modification
Management
Entity A
Management
Entity B
Disclosure
Figure 7.10 Security Threats to Management Information
Notes
• SNMPv3 addressed security threats using USM
(user-based security model)
• USM has two modules:
• Authentication module
• Data integrity
• Data origin
• Privacy module
• Data confidentiality
• Message timeliness
• Message protection
Network Management: Principles and Practice
© Mani Subramanian 2000
68
Chapter 13
Policies and Procedures
Basic guidelines to set up policies and procedures:
1. Identify what you are trying to protect.
2. Determine what you are trying to protect it from.
3. Determine how likely the threats are.
4. Implement measures, which will protect your assets in
a cost-effective manner.
5. Review the process continuously and make
improvements to each item if a weakness is found.
Notes
• References:
• Formal statement of rules for protecting
organization’s technology and assets (RFC
2196)
• Introduction to Firewalls (NIST)
• Orange Book by National Computer Security
Center (NCSC) rates computers based on
security design features
Network Management: Principles and Practice
© Mani Subramanian 2000
69
Chapter 13
Accounting Management
• Least developed
• Usage of resources
• Hidden cost of IT usage
• Functional accounting
• Business application
Notes
Network Management: Principles and Practice
© Mani Subramanian 2000
70