Chapter 3 Basic Foundations: Standards, Models, and Language

advertisement
Chapter 3
Basic Foundations:
Standards, Models, and Language
Outline
1.
2.
3.
4.
5.
6.
7.
8.
NM Standards
Organization Model
Information Model
Communication Model
Functional Model
ASN.1
BER Encoding
Macro
Introduction
• Standards
• Standards organizations
• Protocol standards of transport layers
• Protocol standards of management
(application) layer
• Management Models
• Language
1. NM Standards
Table 3.1 Network Management Standards
Standard
OSI / CMIP
Salient Points
 International standard (ISO / OSI)
 Management of data communications network - LAN and
WAN
 Deals with all 7 layers
 Most complete
 Object oriented
 Well structured and layered
 Consumes large resource in implementation
SNMP /
Internet
 Industry standard (IETF)
 Originally intended for management of Internet components,
currently adopted for WAN and telecommunication systems
 Easy to implement
 Most widely implemented
TMN
 International standard (ITU-T)
 Industry standard (IETF)
SNMP /
Internet
 Originally intended for management of Internet components,
currently adopted for WAN and telecommunication systems
NM Standards
(cont.)
Easy to implement
 Most widely implemented
TMN
 International standard (ITU-T)
 Management of telecommunications network
 Based on OSI network management framework
 Addresses both network and administrative aspects of
management
IEEE
 IEEE standards adopted internationally
 Addresses LAN and MAN management
 Adopts OSI standards significantly
 Deals with first two layers of OSI RM
Web-based
Management
 Web-Based Enterprise Management (WBEM)
 Java Management Application Program Interface (JMAPI)
OSI Architecture and Model
Network
Mangement
Organization
Model
Information
Model
Communication
Model
Figure 3.1 OSl Network Management Model
Functional
Model
OSI NM
• Organization Model
• Network management components
• Functions of components
• Relationships
• Information Model
Structure of management information (SMI)
• Syntax and semantics
• Management information base (MIB)
• Organization of management information
• Object-oriented
•
OSI NM
• Communication Model
• Transfer syntax with bi-directional messages
• Transfer structure (PDU)
• Functional Model
• Application functions
• Configure components (CM)
• Monitor components (FM)
• Measure performance (PM)
• Secure information (SM)
• Usage accounting (AM)
SNMP Architecture and Model
• Organization Model
• Same as OSI model
• Information Model
• Same as OSI, but scalar
• Communication Model
• Messages less complex than OSI
and unidirectional
• Transfer structure (PDU)
• Functional Model
• Application functions
• Operations
• Administration
• Security
TMN Architecture
• Addresses management of telecommunication
networks
• Based on OSI model
• Superstructure on OSI network
• Addresses network, service, and business
management
TMN & Telecommunication network
2. Organization Model


Describes the components of network
management and their relationships.
NM Components



Manager
Agent
Managed Objects
NM Components
• Manager
• Sends requests to agents
• Monitors alarms
• Houses applications
• Provides user interface
• Agent
• Gathers information from objects
• Configures parameters of objects
• Responds to managers’ requests
• Generates alarms and sends them to
mangers
• Managed object
• Network element that is managed
• Houses management agent
• All objects are not managed / manageable
Two-Tier NM Organization Model
MDB
Manager
Managed objects
Unmanaged objects
MDB Management Database
Agent process
Figure 3.2 Two-Tier Network Mangement Organization Model
Three-Tier Model
MDB
Manager
MDB
Agent / Manager
Managed objects
MDB Management Database
Agent process
Figure 3.3 Three-Tier Network Mangement Organiza
NM Organization Model with MoM
Peer NMSs
Agent NMS
Manager NMS
Manager NMS
Agent NMS
RoleRole
of Management
Process
Figure Dual
3.5 Dual
of Management
Process
3. Information Model


Structure and Storage of Management
Information
SMI (Structure of Management Information)


Defines the syntax and semantics of
management information.
MIB (Management Information Base)

Conceptual storage of management information
SMI (Structure of Management Information)
• SMI defines for a managed object
• Syntax
• Semantics
• plus additional information such as status
• Example
sysDescr: { system 1 }
Syntax:
OCTET STRING
Definition: "A textual description of
the entity. "
Access:
read-only
Status:
mandatory
Management Information Base (MIB)
• Information base contains information about
objects
• Organized by grouping of related objects
• Defines relationship between objects
• It is NOT a physical database. It is a virtual
database that is compiled into management
module.
• Agent MIB vs. Manager MIB  MIB View
MIB View: An Analogy
•
•
•
•
A County library system has many branches
Each branch has a set of books
The books in each branch is a different set
The information base of the county has the
view (catalog) of all books
• The information base of each branch has the
catalog of books that belong to that branch.
That is, each branch has its view (catalog) of
the information base
• Let us apply this to MIB view
MIB View and Object Access
• A managed object has many attributes - its
information base
• There are several operations that can be
performed on the objects
• A user (manager) can view and perform only
certain operations on the object by invoking
the management agent
• The view of the object attributes that the agent
perceives is the MIB view
• The operation that a user can perform is the
MIB access
MDB vs. MIB

MDB



MDB
Manager
Management Data Base
physical database
MIB


Management Information
Base
virtual database
Managed objects
MIB
Managed Objects (MOs) in MIB
• Managed objects can be
• Network elements (hardware, system)
• hubs, bridges, routers, transmission
facilities
• Software (non-physical)
• programs, algorithms
• Administrative information
• contact person, name of group of objects
(IP group)
Management Information Tree (MIT)

MOs are uniquely defined by a tree
structure specified by OSI model.
Root
Level 1
Level 2
Level 3
Figure 3.7 Generic Representation of Management Information Tree
OSI Management Information Tree
•Designation:
• iso
1
• org
1.3
• dod
1.3.6
• internet 1.3.6.1
itu
0
iso
1
org
3
dod
6
internet
1
iso-itu
2
Three Trees in Network Management

Inheritance Tree


Containment Tree


NE / Switch / Ethernet Switch
NE / Module / Interface / Physical Address
Registration Tree

iso / org / dod / internet / management
Object Type and Instance
• Each object type has a unique identification (Object
Identifier, OID) and name (Descriptor).
• Object Type
• Name
• Syntax
• Definition
• Status
• Access
•
sysName
Octet String
“The name of a system”
Mandatory
Read-Only
Object Instance
• Each object type has one or more instances.
Managed Object:
Internet Perspective
Access:
Access
privilege
Object Type:
Object ID and
Descriptor
circle
Status:
Implementaion
requirements
Syntax :
model of object
Defintion:
Semantics textual description
Figure 3.9(a) Internet Perspective
Managed Object:
Internet Perspective
object ID
and descriptor
syntax
access
status
definition
unique ID (OID)
and name for the object
used to model the object
access privilege to a managed
object
implementation requirements
textual description of the semantics
of object type
References: RFC 1155, RFC 1212
Managed Object:
OSI Perspective
Object Class:
Circular
object
Behaviour
Object Class:
Elliptical
object
Notifications :
Notify changes in
attribute values
Operations:
Push
Attributes :
circle, dimension
Attributes:
ellipse, dimension
Managed Object:
OSI Perspective
object class
attributes
operations
behavior
notifications
managed object
attributes visible at its boundary
operations which may be applied to it
behavior exhibited by it in response
to operation
notifications emitted by the object
Managed information communication architecture.
Source: IEEE Communications Magazine • May 1993
Source: IEEE Communications Magazine • May 1993
Packet Counter Example
Characteristics
Example
Object type
PktCounter
Syntax
Counter
Access
Read-only
Status
Mandatory
Description
Counts number of packets
Figure 3.10(a) Internet Perspective
Characteristics
Example
Object class
Packet Counter
Attributes
Single-valued
Operations
get, set
Behavior
Retrieves or resets values
Notifications
Generates notifications on new
value
Figure 3.10 (b) OSI Perspective
Internet vs. OSI Managed Object
• Scalar object (Internet) vs. Object-oriented (OSI)
• Operations, behavior, and notification in OSI are
part of communication model in Internet: get/set
and response/alarm
• Internet syntax is absorbed as part of OSI attributes
• Internet access is part of OSI security model
• Internet status is part of OSI conformance
application
• OSI permits creation and deletion of objects;
Internet does not: Enhancement in SNMPv2
4. Communication Model
Operations /
Requests
Manager
Applications
Responses
Agent
Notifications /
Traps
Network Elements /
Managed Objects
Figure 3.11 Management Message Communication Model
OSI: Operations
 Internet: Request/Response
OSI: Notifications
 Internet: Traps/Notifications
Transfer Protocols
Manager
Applications
Operations / Requests / Responses
Traps / Notifications
Agent
Applications
Manager
Communication
Module
SNMP (Internet)
CMIP (OSI)
Agent
Communication
Module
Transport Layers
UDP / IP (Internet)
OSI Lower Layer Profiles (OSI)
Transport Layers
c-l vs. c-o/c-l
Physical Medium
Figure 3.12 Management Communication Transfer Protocols
5. Functional Model
OSI
Functional Model
Configuration
Management
Fault
Management
Performance
Management
Security
Management
Accounting
Management
6. Abstract Syntax Notation One:
- ASN.1
• ASN.1 is more than a syntax; it’s a language
• Addresses both syntax and semantics
• Two type of syntax
• Abstract syntax: set of rules that specify data type and
structure for information storage
• Transfer syntax: set of rules for communicating
information between systems
• Makes application layer protocols independent of lower
layer protocols
• Can generate machine-readable code: Basic Encoding
Rules (BER) is used in management modules
http://www.strongsec.com/zhw/KSy_ASN1.pdf
Abstract Syntax & Transfer Syntax
Backus-Nauer Form (BNF)
Definition: (Production)
<name> ::= <definition>
Rules:
<digit> ::= 0|1|2|3|4|5|6|7|8|9
<number> ::= <digit> | <digit><number>
<op> ::= +|-|x|/
<SAE> ::= <number>|<SAE>|<SAE><op><SAE>
Example:
• 9 is primitive 9
• 19 is construct of 1 and 9
• 619 is construct of 6 and 19
Data Type and Value
• Assignments
• <BooleanType> ::= BOOLEAN
• <BooleanValue> ::= TRUE | FALSE
• Primitive ASN.1 data types in SNMPv1
•
•
•
•
INTEGER
OCTET STRING
OBJECT IDENTIFIER
NULL
• All in Capital letters  keywords
Type and Value Assignments
Subtype
Syntax: <subtype name> ::= <type> ( <constraint> )
Examples:
Counter ::= INTEGER ( 0..4294967295 )
IpAddress ::= OCTET STRING ( SIZE(4) )
Spring ::= Months ( march | april | may )
Summer ::= Months ( june | july | august )
SmallPrime ::= INTEGER ( 2 | 3 | 5 | 7 | 11 )
ExportKey ::= BIT STRING ( SIZE(40) )
ASN.1 Data Types

Basic Types


BOOLEAN, INTEGER, BIT STRING, OCTET STRING,
NULL, OBJECT IDENTIFIER, REAL, ENUMERATED,
NumericString, PrintableString, IA5String, UTCTime,
GeneralizedTime, CharacterString
Constructed Types



CHOICE
SEQUENCE, SEQUENCE OF
SET, SET OF
Example
Married ::= BOOLEAN
Age ::= INTEGER
Picture ::= BIT STRING
Form ::= SEQUENCE {
name PrintableString,
age Age,
married Married,
marriage-certificate Picture
}
Example
Payment-method ::= CHOICE {
check Check-number,
credit-card SEQUENCE {
number Card-number,
expiry-date Date
}
}
Data Type: Example 1
PersonnelRecord ::= SET
{ Name,
title
GraphicString,
division
CHOICE {
marketing
[0] SEQUENCE
{Sector,
Country},
research
[1] CHOICE
{product-based [0] NULL,
basic
[1] NULL},
production [2] SEQUENCE
{Product-line,
Country }
}
}
Tag
Data Type: Example 2
Trade-message ::= SEQUENCE
{ invoice-no INTEGER,
name
GraphicString,
details
SEQUENCE OF
SEQUENCE
{ part-no
INTEGER,
quantity
INTEGER },
charge
REAL,
authenticator Security-Type
}
Enumerated Integer
IpRouteType ::=
INTEGER {
other(1),
invalid(2),
direct(3),
indirect(4)
}
Object Name
itu
0
internet OBJECT IDENTIFIER ::=
{ iso(1) org(3) dod(6) internet(1) }
private OBJECT IDENTIFIER ::=
{ internet 4 }
 The object identifier (OID) of internet
is 1.3.6.1
 The object identifier (OID) of private
is 1.3.6.1.4
iso
1
org
3
dod
6
internet
1
private
4
enterprise
1
IBM
2
iso-itu
2
ASN.1 Module
• ASN.1 module is a group of assignments
person-name
{
first
middle
last
}
Person-Name ::=
"John",
"I",
"Smith"
• person-name  module name
• Person-name  module
Module
<module name> DEFINITIONS ::= BEGIN
<name> ::= <definition>
<name> ::= <definition>
…
<name> ::= <definition>
END
ASN.1 Keyword Examples
CHOICE
SEQUENCE
SEQUENCE OF
SET
SET OF
INTEGER
NULL
OCTET STRING
List of alternatives
Ordered list maker
Ordered array of repetitive data
Unordered list maker
Unordered list of repetitive data
Any negative or non-negative number
A placeholder
String of octets (8-bit bytes)
OBJECT IDENTIFIER A sequence of non-negative numbers to
uniquely identify an object
ASN.1 Symbols
Symbol
Meaning
::=
Defined as
|
or, alternative, options of a list
-
Signed number
--
Following the symbol are comments
{}
Start and end of a list
[]
Start and end of a tag
()
Start and end of subtype
..
Range
ASN.1 Data Type Conventions
Data Types
Convention
Example
Object name
Initial lowercase letter
Application data
type
Module
Initial uppercase letter
sysDescr,
etherStatsPkts
Counter, IpAddress
Initial uppercase letter
PersonnelRecord
Macro, MIB module
All uppercase letters
RMON-MIB
Keywords
All uppercase letters
INTEGER, BEGIN
Data Type:
Structure & Tag
Data Type
Tag
• Structure defines how data type is built
• Tag uniquely identifies the data type
Structure
Number
Simple
Structured
Tagged
Other
Universal
Class
Application
Figure 3.15 ASN.1 Data Type Structure and Tag
Contextspecific
Private
Structure
•
Simple
PageNumber ::= INTEGER
ChapterNumber ::= INTEGER
•
Structured / Construct
BookPageNumber ::= SEQUENCE
{ChapterNumber, Separator, PageNumber}
•
Tagged
• Derived from another type; given a new ID
• In Fig. 3-14, INTEGER is either universal or
application specific
•
Other
• CHOICE, ANY
Structured Type

SEQUENCE


SEQUENCE OF


Ordered array of repetitive data
SET


Ordered list maker
Unordered list maker
SET OF

Unordered list of repetitive data
Tag
• Tag uniquely identifies a data type
• Comprises class and tag number
• Class:
• Universal - always true
• Application - only in the application used
• Context-specific - specific context in
application
• Private - used extensively by commercial
vendors
Tag Examples
BOOLEAN
INTEGER
PageNumber
product-based
Universal 1
Universal 2
[APPLICATION 3]
Context-specific under
research [0]
Counter ::=
[APPLICATION 1] INTEGER (0..4294967295)
Informal description of personnel record
Name:
John P Smith
Title:
Director
Employee Number
51
Date of Hire:
17 September 1971
Name of Spouse;
Mary T Smith
Number of Children
2
Child Information
Name
Ralph T Smith
Date of Birth
11 November 1957
Child Information
Name
Susan B Jones
Date of Birth 17 July 1959
ASN.1 description of the record structure
PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
Name,
title [0] VisibleString,
number EmployeeNumber,
dateOfHire
[1] Date,
nameOfSpouse [2] Name,
children
[3] IMPLICIT SEQUENCE OF
ChildInformation DEFAULT { }
}
ChildInformation ::= SET {
Name,
dateOfBirth [0] Date }
Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
givenName VisibleString,
initial
VisibleString,
familyName VisibleString }
EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
Date ::= [APPLICATION 3] IMPLICIT VisibleString
-- YYYYMMDD
ASN.1 description of a record value
{
{givenName “John”, initial “T”, familyName “Smith”},
title
“Director”
number
“51”
dateOfHire “19710917”
nameOfSpouse
{givenName “Mary”, initial “T”, familyName
“Smith”},
children
{ { {givenName “Ralph”, initial “T”, familyName “Smith”},
dateOfBirth
“19571111”
},
{ {givenName “Susan”, initial “B”, familyName “Jones”}
dateOfBirth
“19590717”
}
}
}
7. BER Encoding


BER (Basic Encoding Rule)
TLV Encoding Structure
Type
Class
(7-8th bits)
Length
P/C
(6th bit)
P/C: Primitive/Construct
0/1
T: Tag
Value
Tag Number
(1-5th bits)
Class
Universal
Application
Context-specific
Private
8th bit
0
0
1
1
7th bit
0
1
0
1
TLV
INTEGER
Primitive:
T
L
V
SEQUENCE
Construct:
T
L
T
L
V
T
V
L
V
Universal Class Tag
Binary
00 0 00010
00 0 00100
00 0 00101
00 0 00110
00 1 10000
Hex
02
04
05
06
30
Tag
Universal
Universal
Universal
Universal
Universal
Tag Name
2
4
5
6
16
INTEGER
OCTET STRING
NULL
OBJECT IDENTIFIER
SEQUENCE / SEQUENCE OF
Page 127
Tag numbers  31
1000 0000
30 0A 1A 04 4A 61 6E 65 51 02 00 80
Example: SNMP Message
Tag
Message ::= SEQUENCE {
version INTEGER {
version-1(0)
},
community OCTET STRING,
data ANY
}
30
02
04
Example: SNMP Message
Type  30: SEQUENCE
Length  82 01 c0: 448 octets
82: 10000010
Type  30: SEQUENCE
Length  32: 50 octets
8. Macros
<macroname> MACRO ::=
BEGIN
TYPE NOTATION ::= <syntaxOfNewType>
VALUE NOTATION ::= <syntaxOfNewValue>
<auxiliaryAssignments>
END
Macro Example
OBJECT-TYPE MACRO ::= BEGIN
TYPE NOTATION ::=
"SYNTAX" type (TYPE ObjectSyntax)
“ACCESS" Access
"STATUS" Status
VALUE NOTATION ::= value (VALUE ObjectName)
Access ::= "read-only" | "read-write“ | "write-only
| "not-accessible"
Status ::= "mandatory” | "optional“
END
| "obsolete"
Object-Type Example
sysName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
ACCESS read-write
STATUS mandatory
::= { system 5 }
Marco Example 2
CAR MACRO::= BEGIN
TYPE NOTATION ::= Brand Engine CarType Year
VALUE NOTATION ::= value (VALUE OBJECT IDENTIFIER)
Brand ::= “BRAND” value (PrintableString)
Engine ::= “CC” Ccs
Ccs ::= Cc | Ccs”,” Cc
Cc ::= value (INTEGER (600..5000))
CarType ::= “STYLE” CType
CType ::= “Sedan” |
“Liftback” | “SUV” | “Other”
Year ::= “YEAR” value (INTEGER)
END
Camry CAR
BRAND Toyota
CC 2000, 2400, 3000
STYLE Sedan
YEAR 2006
::= {toyota 3}
Download