Advanced Network Management Prof. Chadi Assi assi@ciise.concordia.ca EV7.635 1 Text Books and References Network Management: Principles and Practice: Mani Subramanian, Addison Wesley, ISBN: 0-201-35742-9 SNMP, SNMPv2, SNMPv3 and RMON1 and 2: William Stallings, 3rd edition, Addison Wesley, ISBN: 0-201-48534-6 Network Management: A Practical Perspective Leinwand, A. and Fang K., Addison Wesley Essential SNMP Douglas Mauro and Kevin Schmidt, O’Reilly online version: http://www.unix.org.ua/orelly/networking_2ndEd/snmp/ Other RFCs and Research papers 2 Course Outline Network Management: Principles, Standards and Models. Computer Networks and the Internet Application, Transport and Network layer Network Management Protocols and Abstract Syntax Notation One (ASN.1). Simple Network Management Protocol (SNMP) Structure of Management Information (SMI), Management Information Base (MIB). SNMPv2 SNMPv3 Remote Monitoring (RMON), RMON 1 and 2. 3 Course Outline OSI Systems management, Telecommunications Management Network (TMN), and ATM Network Management. . Network Management Applications (Configuration, Performance, Fault and Security management). Distributed Management Framework (management by delegation, mobile agent based management, etc.) CORBA based management, web based management, JMX and DMTF. 4 Course Outline Marking Scheme: o o o o Midterm1 Midterm2 Project Assignments 35% 35% 25% 5% More info: www.ciise.concordia.ca/~assi/courses/inse7120.htm 5 Background Today’s “Information Infrastructure” (or simply the Internet) is increasingly growing o large number of interconnected heterogeneous sub-networks and a wide range of distributed applications (100s or 1000s of interacting hardware/software components) Other complex systems requiring monitoring, control jet airplane nuclear power plant Others In such a large network, many things can go wrong o therefore disabling the network or a portion of it and degrading performance to an unacceptable level! 6 Background During the old days, a network can be managed by using only human efforts! o In a small system, running few “pings” may help locating the problem o As the Internet becomes a large global infrastructure, automated network management tools are essential o Standardized tools that can be used across a broad spectrum of product types are also needed Therefore, a network management system (NMS) is a collection of tools for network monitoring and control o Just as an airplane cockpit allows a pilot to monitor, control, analyze, configure, etc. 7 Network Management Failure of Interface Card A network admin by monitoring and analyzing network traffic may detect problems in any interface card and replace it - e.g., increase in checksum errors in frames sent out by this interface; Host Monitoring A network admin periodically checks to see if all hosts are operational 8 Network Management Monitoring traffic/resource deployment By monitoring link utilization, a network admin may determine system bottleneck and provision higher bandwidth link instead, to avoid congestion 9 Network Management Rapid changes in routing tables If detected may prevent instabilities in routing and hence prevent a network from going down Intrusion detection Network admin requests to be notified when traffic is destined to/arrives from a suspicious source Detect the existence of a certain type of traffic (e.g., security attacks) 10 What is Network Management?* "Network management includes the deployment, integration and coordination of the hardware, software, and human elements to monitor, test, poll, configure, analyze, evaluate, and control the network and element resources to meet the real-time, operational performance, and Quality of Service requirements at a reasonable cost." *T.Saydam, T. Magendaz “From Networks and Network Management into Service and Service Management” Journal of Networks and System Management, Vol.4, No.4, Dec. 1996 11 What is Network Management? ISO (International Organization for Standardization) has created a network management model. 5 areas of network management are classified - Performance Management Fault Management Configuration Management Security Management Accounting Management This classification has gained broad acceptance by vendors of both standardized and proprietary NMS 12 Performance Management Goal: Quantify, measure, report, analyze, and control the performance of different network components (such as routers, hosts, as well as end to end abstractions, such as a path through the network) Two functional categories - Monitoring (ability to monitor and track activities on the network) - Controlling (ability to make adjustments to improve network performance). Measuring Performance - Throughput (whether reduced to unacceptable level!) - Response time (i.e. network delays) - Utilization - Error rates (identify bottlenecks) - Availability 13 Fault Management Goal: Log, detect, and respond to fault conditions in the network Immediate* handling of transient network failures (link, host, router hardware or software outages) Faults are to be distinguished from Errors - A fault is an abnormal condition and requires management attention to repair (e.g. link cut) - An Error is a single event! (e.g. single bit error on a line) *performance management takes longer term view in the face of varying traffic demands and occasional network device failures. 14 Illustrative scenario • A client application exchanges data over a TCP connection with a DB server • Distinct domains each administered by a different organization 15 Illustrative scenario Problem scenario A clock at an interface in WAN2 that supports T3 link loses SYNC 4 times a second for 0.25 ms intermittent noise causing loss of 0.1% of T3 capacity this small noise causes bit errors in a large number of packets routed over C-D Bit errors cause packet losses, either at routers (if IP header corrupted) or at destinations 16 Illustrative scenario performance of TCP connection degrades due to packet loss TCP sender interprets this as congestion and hence reduces its window TCP increases its window gradually until new packet loss However due to the noise, the TCP window will not increase DB transactions by client will last longer DB server performance will degrade due to records lock-out, causing frequent aborts for remote transactions 17 Configuration Management Goal: Allow a network manager to track which devices are on the network and the hardware and software configurations of these devices. Consists of the following steps: - Gather information about current network, maintain an up-to-date inventory of all network components - Use that data to modify the configuration of the network device (reconfiguration*) Reconfiguration of a network is often desired in response to performance evaluation or in support of network upgrade, fault recovery, or security checks. * 18 Security Management Goal: Control access to network resources according to well defined policy. Identifying sensitive information (e.g., network management information) and protecting it Security at different levels - Physical & Data Link Levels Encryption - Network Level packet filters - Application Level (host, user and key) authentication - Popular Level Firewalls & VPNs 19 Accounting Management Goal: Specify, log, and control user and device access to network resources …usage quotas, usage-based charging, the allocation of resource-access privileges… …Accounting reports should be generated periodically A network manager should track the use of network resources - A user may be abusing his access privilege and burdening the network at the expense of other users. (e.g., a user may be violating his service contract) - Planning for network growth 20 Infrastructure for Network Management definitions: managing entity agent data managing data entity network management protocol managed devices contain managed device managed objects whose data is gathered into a agent data Management Information Base (MIB) managed device agent data agent data managed device managed device 21